Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Infizierung mit My Security Shield (https://www.trojaner-board.de/118599-infizierung-my-security-shield.html)

Hypocrite666 05.07.2012 11:31
Infizierung mit My Security Shield
 
Hallo liebe Leute,

meine Freundin hat sich auf ihrem Laptop die My Security Shield Malware eingefangen.
Bin nach dieser Anleitung vorgegangen: http://www.trojaner-board.de/89160-m...entfernen.html
rkill, Anti-Malware und HostsXpert habe ich erfolgreich ausgeführt.
OTH habe ich nicht ausgeführt, weil ich es nicht runterladen konnte.
Danach habe ich dann noch OTL und gmer laufen lassen.

Es folgen die logs, gmer und extras.log sind angehängt:

Code:

Malwarebytes Anti-Malware (Test) 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.07.05.02

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
*** :: SIRHENRYJR [Administrator]

Schutz: Aktiviert

05.07.2012 09:12:56
mbam-log-2012-07-05 (09-12-56).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 305824
Laufzeit: 1 Stunde(n), 20 Minute(n), 56 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\xeermvd.exe (Trojan.LameShield) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
OTL Logfile:
Code:
OTL logfile created on: 05.07.2012 10:51:44 - Run 1
OTL by OldTimer - Version 3.2.53.1    Folder = E:\
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,99 Gb Total Physical Memory | 1,40 Gb Available Physical Memory | 70,28% Memory free
5,84 Gb Paging File | 5,25 Gb Available in Paging File | 89,88% Paging File free
Paging file location(s): C:\pagefile.sys 4092 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 74,53 Gb Total Space | 1,19 Gb Free Space | 1,59% Space Free | Partition Type: NTFS
Drive E: | 3,76 Gb Total Space | 3,74 Gb Free Space | 99,64% Space Free | Partition Type: FAT32
 
Computer Name: SIRHENRYJR | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.07.05 09:21:38 | 000,595,968 | ---- | M] (OldTimer Tools) -- E:\OTL.exe
PRC - [2012.05.08 20:15:48 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.08 20:15:46 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.05.08 20:15:46 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.05.08 20:15:46 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.01.18 14:02:04 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
PRC - [2011.02.18 16:37:16 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2009.03.30 17:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVC.EXE
PRC - [2009.03.30 17:28:36 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVCM.EXE
PRC - [2008.10.20 22:18:26 | 000,071,096 | ---- | M] () -- C:\Programme\CDBurnerXP\NMSAccessU.exe
PRC - [2008.04.14 14:00:00 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.03.04 14:46:16 | 000,999,424 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Wireless\Bin\ZCfgSvc.exe
PRC - [2008.03.04 14:41:50 | 001,101,824 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Wireless\Bin\iFrmewrk.exe
PRC - [2007.12.06 13:39:12 | 000,576,104 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2007.01.24 14:28:58 | 000,124,928 | ---- | M] (Hewlett-Packard Corporation) -- C:\WINDOWS\system32\accelerometerST.exe
PRC - [2007.01.04 19:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2006.12.04 16:13:16 | 000,292,384 | R--- | M] (Sierra Wireless Inc.) -- C:\Programme\HPQ\Shared\Sierra Wireless\Win32\Unicode\SWIHPWMI.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.05.08 20:15:48 | 000,398,288 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2010.08.10 01:01:06 | 000,067,872 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\zlib1.dll
MOD - [2009.02.27 16:41:26 | 000,311,296 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\pdfshell.DEU
MOD - [2008.10.20 22:18:26 | 000,071,096 | ---- | M] () -- C:\Programme\CDBurnerXP\NMSAccessU.exe
MOD - [2008.07.10 18:56:19 | 000,753,664 | ---- | M] () -- C:\WINDOWS\system32\bcm1xsup.dll
MOD - [2008.07.10 18:56:19 | 000,143,360 | ---- | M] () -- C:\WINDOWS\system32\preflib.dll
MOD - [2008.03.04 14:31:26 | 000,245,760 | ---- | M] () -- C:\Programme\Intel\Wireless\Bin\iWMSProv.dll
MOD - [2007.12.06 10:55:12 | 002,842,624 | ---- | M] () -- C:\WINDOWS\system32\btwicons.dll
MOD - [2007.12.06 10:52:44 | 000,040,960 | ---- | M] () -- C:\Programme\WIDCOMM\Bluetooth Software\BTKeyInd.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2012.07.04 23:21:45 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.05.08 20:15:48 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.08 20:15:46 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.07.20 06:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2011.02.18 16:37:16 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010.01.09 21:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2010.01.09 21:18:00 | 000,149,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2009.03.30 17:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2008.10.20 22:18:26 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Programme\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU)
SRV - [2007.01.04 19:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2006.12.04 16:13:16 | 000,292,384 | R--- | M] (Sierra Wireless Inc.) [Auto | Running] -- C:\Programme\HPQ\Shared\Sierra Wireless\Win32\Unicode\SWIHPWMI.exe -- (SWIHPWMI)
SRV - [2004.10.22 03:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - [2012.05.08 20:15:49 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.05.08 20:15:49 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012.04.04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.09.16 17:08:07 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2009.11.12 14:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009.10.08 17:55:33 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2008.04.28 20:22:10 | 000,009,344 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2008.03.13 03:25:36 | 002,530,176 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw4x32.sys -- (NETw4x32) Intel(R)
DRV - [2008.03.04 16:06:22 | 000,012,288 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2007.12.10 12:14:02 | 000,879,624 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2007.12.10 12:14:02 | 000,074,688 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2007.10.16 07:29:00 | 000,989,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2007.10.16 07:28:20 | 000,211,200 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2007.10.16 07:28:16 | 000,731,136 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2007.08.28 15:47:36 | 000,146,560 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atswpdrv.sys -- (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor)
DRV - [2007.07.12 11:41:52 | 000,045,056 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HECI.sys -- (HECI) Intel(R)
DRV - [2007.06.18 16:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2007.02.24 14:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007.01.24 03:13:26 | 000,036,608 | R--- | M] (Infineon Technologies AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ifxtpm.sys -- (IFXTPM)
DRV - [2006.12.20 01:08:00 | 000,047,616 | ---- | M] (RICOH Company, Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rismc32.sys -- (rismc32)
DRV - [2006.10.19 01:23:00 | 000,033,024 | R--- | M] (Hewlett Packard) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HP24X.sys -- (HP24X)
DRV - [2006.10.17 10:59:06 | 000,022,016 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2006.10.17 10:57:58 | 000,017,920 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\hpdskflt.sys -- (hpdskflt)
DRV - [2004.06.16 12:19:58 | 000,046,080 | ---- | M] (SMSC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smcirda.sys -- (SMCIRDA)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope = {03971127-8906-4745-9F08-5193CADF5B42}
IE - HKCU\..\SearchScopes\{03971127-8906-4745-9F08-5193CADF5B42}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={sear
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Programme\Picasa2\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Programme\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\stk\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.4: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\stk\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.07.04 23:21:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.06.17 19:51:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Components: C:\Programme\Mozilla Thunderbird\components [2012.04.12 17:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Plugins: C:\Programme\Mozilla Thunderbird\plugins
 
[2011.01.16 23:50:16 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Extensions
[2011.01.16 23:50:16 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012.05.02 22:33:12 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\an0339hp.default\extensions
[2012.06.17 19:51:40 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.06.17 19:51:41 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012.07.04 23:21:46 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2012.07.01 20:41:37 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.07.01 20:41:37 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.07.01 20:41:37 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.01 20:41:37 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.07.01 20:41:37 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.01 20:41:37 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2012.07.05 10:50:19 | 000,000,698 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\stk\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AccelerometerSysTrayApplet] C:\WINDOWS\system32\accelerometerST.exe (Hewlett-Packard Corporation)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [IntelWireless] C:\Programme\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Programme\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [WatchDog] C:\Programme\InterVideo\DVD Check\DVDCheck.exe (InterVideo Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\BTTray.lnk = C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\DVD Check.lnk = C:\Programme\InterVideo\DVD Check\DVDCheck.exe (InterVideo Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Senden an &Bluetooth-Gerät... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Senden an Bluetooth - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1224258872312 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - Explorer.exe ()
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.07.10 15:31:05 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.07.05 09:11:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Malwarebytes
[2012.07.05 09:11:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2012.07.05 09:11:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2012.07.05 09:11:37 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012.07.05 09:11:37 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2012.07.04 23:32:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Desktop\118___07
[2012.07.04 23:23:59 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\vlc
[2012.07.04 23:23:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\VideoLAN
[2012.06.19 20:56:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Desktop\Australien 2012
[2012.06.17 19:58:29 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Java
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.07.05 10:51:02 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\***\defogger_reenable
[2012.07.05 10:47:17 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.07.05 10:35:46 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.07.05 10:35:43 | 2138,361,856 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.05 09:11:40 | 000,000,756 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012.07.04 23:23:48 | 000,000,691 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\VLC media player.lnk
[2012.06.28 19:07:15 | 000,036,544 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Fauser, ***  Visa.pdf
[2012.06.24 20:34:20 | 005,243,159 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Leo_00682.JPG
[2012.06.17 19:50:52 | 000,474,316 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012.06.17 19:50:52 | 000,433,138 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.06.17 19:50:52 | 000,090,560 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012.06.17 19:50:52 | 000,068,094 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.06.16 13:25:51 | 000,148,400 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.06.15 21:04:42 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.07.05 10:51:02 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\***\defogger_reenable
[2012.07.05 09:11:40 | 000,000,756 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012.07.04 23:23:48 | 000,000,691 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\VLC media player.lnk
[2012.06.28 19:07:15 | 000,036,544 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Fauser, ***  Visa.pdf
[2012.06.24 20:34:18 | 005,243,159 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Leo_00682.JPG
[2012.02.14 23:28:29 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2008.07.11 20:08:44 | 000,043,008 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== LOP Check ==========
 
[2010.04.24 00:14:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Canneverbe Limited
[2012.05.20 12:06:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\elsterformular
[2008.07.10 15:45:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Infineon
[2010.11.27 13:49:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009.06.02 19:37:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2010.12.22 20:41:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Canneverbe Limited
[2010.08.14 18:27:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Dropbox
[2012.05.20 12:07:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\elsterformular
[2008.07.10 15:49:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Hewlett Packard
[2008.07.10 15:45:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Infineon
[2008.07.11 00:01:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\InterVideo
[2008.07.11 00:13:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Miranda
[2011.01.16 23:50:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Thunderbird
[2009.12.10 21:01:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Windows Desktop Search
[2010.06.05 19:21:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Windows Search
[2008.07.10 15:52:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\{881447B1-B258-42E0-8EF2-3B1C22143BE9}
 
========== Purity Check ==========
 
 

< End of report >
--- --- ---

markusg 05.07.2012 13:41
hi
für eine weitere analyse benötige ich mal folgendes.
C:\Dokumente und Einstellungen\name\Anwendungsdaten\Sun\Java\Deployment\cache

dort rechtsklick auf den ordner cache, diesen mit winrar oder einem anderen programm packen, und im upload channel hochladen bitte
Trojaner-Board Upload Channel
wenn erledigt, bitte melden

Hypocrite666 05.07.2012 13:53
ok, erledigt
toll, dass du dich so schnell drum kümmerst

markusg 05.07.2012 13:54
danke dir.
Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.
Downloade dir bitte Combofix von einem dieser Downloadspiegel

Link 1
Link 2


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Hypocrite666 05.07.2012 14:21
[code]
Combofix Logfile:
Code:
ComboFix 12-07-05.02 - *** 05.07.2012  15:10:23.1.2 - x86
Microsoft Windows XP Professional  5.1.2600.3.1252.49.1031.18.2039.1382 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\***\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\AegisI5Installer.exe
.
.
(((((((((((((((((((((((  Dateien erstellt von 2012-06-05 bis 2012-07-05  ))))))))))))))))))))))))))))))
.
.
2012-07-05 12:50 . 2012-07-05 12:50        --------        d-----w-        c:\programme\7-Zip
2012-07-05 12:49 . 2012-07-05 12:49        56200        ----a-w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\{421CFB4C-EE7E-4898-93A1-94B7EC991CF7}\offreg.dll
2012-07-05 12:46 . 2012-07-05 12:46        29904        ----a-w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\{421CFB4C-EE7E-4898-93A1-94B7EC991CF7}\MpKsl3c7094b9.sys
2012-07-05 10:55 . 2012-05-30 18:41        6762896        ----a-w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\{421CFB4C-EE7E-4898-93A1-94B7EC991CF7}\mpengine.dll
2012-07-05 10:55 . 2012-01-31 12:44        237072        ------w-        c:\windows\system32\MpSigStub.exe
2012-07-05 10:48 . 2012-07-05 10:48        --------        d-----w-        c:\dokumente und einstellungen\***\Lokale Einstellungen\Anwendungsdaten\PCHealth
2012-07-05 10:48 . 2012-07-05 10:48        --------        d-----w-        c:\dokumente und einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\PCHealth
2012-07-05 10:48 . 2012-07-05 10:48        --------        d-----w-        c:\programme\Microsoft Security Client
2012-07-05 07:11 . 2012-07-05 07:11        --------        d-----w-        c:\dokumente und einstellungen\***\Anwendungsdaten\Malwarebytes
2012-07-05 07:11 . 2012-07-05 07:11        --------        d-----w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\Malwarebytes
2012-07-05 07:11 . 2012-07-05 07:11        --------        d-----w-        c:\programme\Malwarebytes' Anti-Malware
2012-07-05 07:11 . 2012-04-04 13:56        22344        ----a-w-        c:\windows\system32\drivers\mbam.sys
2012-07-04 21:23 . 2012-07-05 06:27        --------        d-----w-        c:\dokumente und einstellungen\***\Anwendungsdaten\vlc
2012-06-17 17:58 . 2012-06-17 17:58        --------        d-----w-        c:\programme\Gemeinsame Dateien\Java
2012-06-17 17:51 . 2012-06-17 17:51        73728        ----a-w-        c:\windows\system32\javacpl.cpl
2012-06-17 17:51 . 2012-06-17 17:51        476936        ----a-w-        c:\windows\system32\npdeployJava1.dll
2012-06-14 17:57 . 2012-05-11 14:40        521728        -c----w-        c:\windows\system32\dllcache\jsdbgui.dll
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-17 17:51 . 2010-06-04 12:45        472840        ----a-w-        c:\windows\system32\deployJava1.dll
2012-06-02 13:19 . 2008-07-10 13:29        329240        ----a-w-        c:\windows\system32\wucltui.dll
2012-06-02 13:19 . 2008-07-10 13:29        219160        ----a-w-        c:\windows\system32\wuaucpl.cpl
2012-06-02 13:19 . 2008-07-10 13:29        210968        ----a-w-        c:\windows\system32\wuweb.dll
2012-06-02 13:19 . 2007-07-30 17:20        15896        ----a-w-        c:\windows\system32\wuapi.dll.mui
2012-06-02 13:19 . 2007-07-30 17:18        18456        ----a-w-        c:\windows\system32\wuaueng.dll.mui
2012-06-02 13:19 . 2008-07-10 13:29        35864        ----a-w-        c:\windows\system32\wups.dll
2012-06-02 13:19 . 2008-07-10 13:29        53784        ----a-w-        c:\windows\system32\wuauclt.exe
2012-06-02 13:19 . 2008-04-14 12:00        97304        ----a-w-        c:\windows\system32\cdm.dll
2012-06-02 13:19 . 2007-07-30 17:20        15896        ----a-w-        c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 13:19 . 2007-07-30 17:19        45080        ----a-w-        c:\windows\system32\wups2.dll
2012-06-02 13:19 . 2007-07-30 17:18        23576        ----a-w-        c:\windows\system32\wucltui.dll.mui
2012-06-02 13:19 . 2008-07-10 13:29        577048        ----a-w-        c:\windows\system32\wuapi.dll
2012-06-02 13:19 . 2008-07-10 13:29        1933848        ----a-w-        c:\windows\system32\wuaueng.dll
2012-06-02 13:18 . 2008-10-17 15:54        275696        ----a-w-        c:\windows\system32\mucltui.dll
2012-06-02 13:18 . 2008-10-17 15:54        214256        ----a-w-        c:\windows\system32\muweb.dll
2012-06-02 13:18 . 2008-10-17 15:54        18160        ----a-w-        c:\windows\system32\mucltui.dll.mui
2012-05-31 13:22 . 2008-04-14 12:00        604160        ----a-w-        c:\windows\system32\crypt32.dll
2012-05-16 15:07 . 2008-04-14 12:00        916992        ----a-w-        c:\windows\system32\wininet.dll
2012-05-15 13:56 . 2008-04-14 12:00        1863296        ----a-w-        c:\windows\system32\win32k.sys
2012-05-11 14:40 . 2008-04-14 12:00        43520        ----a-w-        c:\windows\system32\licmgr10.dll
2012-05-11 14:40 . 2008-04-14 12:00        1469440        ------w-        c:\windows\system32\inetcpl.cpl
2012-05-11 11:38 . 2008-04-14 12:00        385024        ----a-w-        c:\windows\system32\html.iec
2012-05-05 03:14 . 2008-04-14 12:00        2150912        ----a-w-        c:\windows\system32\ntoskrnl.exe
2012-05-05 03:14 . 2008-04-14 07:30        2029056        ----a-w-        c:\windows\system32\ntkrnlpa.exe
2012-05-02 13:46 . 2008-07-10 13:27        139656        ----a-w-        c:\windows\system32\drivers\rdpwd.sys
2012-07-04 21:21 . 2012-07-01 18:41        85472        ----a-w-        c:\programme\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\atapi.sys
[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\drivers\atapi.sys
[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\ReinstallBackups\0017\DriverFiles\i386\atapi.sys
.
[-] 2008-04-14 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\asyncmac.sys
[-] 2008-04-14 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys
.
[-] 2008-04-14 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys
[-] 2008-04-14 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys
.
[-] 2008-04-14 . 1704D8C4C8807B889E43C649B478A452 . 25216 . . [5.1.2600.5512] . . c:\windows\system32\ReinstallBackups\0011\DriverFiles\i386\kbdclass.sys
[-] 2008-04-14 . 1704D8C4C8807B889E43C649B478A452 . 25216 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\kbdclass.sys
[-] 2008-04-14 . 1704D8C4C8807B889E43C649B478A452 . 25216 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys
.
[-] 2008-04-14 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ndis.sys
[-] 2008-04-14 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ndis.sys
.
[-] 2008-04-14 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ntfs.sys
[-] 2008-04-14 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ntfs.sys
.
[-] 2008-04-14 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\null.sys
[-] 2008-04-14 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys
.
[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[-] 2008-04-14 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
.
[-] 2008-04-14 . B42057F06BBB98B31876C0B3F2B54E33 . 77824 . . [5.1.2600.5512] . . c:\windows\system32\browser.dll
[-] 2008-04-14 . B42057F06BBB98B31876C0B3F2B54E33 . 77824 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\browser.dll
.
[-] 2008-04-14 . AFB8261B56CBA0D86AEB6DF682AF9785 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe
[-] 2008-04-14 . AFB8261B56CBA0D86AEB6DF682AF9785 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\lsass.exe
.
[-] 2008-04-14 . E6D88F1F6745BF00B57E7855A2AB696C . 198144 . . [5.1.2600.5512] . . c:\windows\system32\netman.dll
[-] 2008-04-14 . E6D88F1F6745BF00B57E7855A2AB696C . 198144 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\netman.dll
.
[-] 2008-04-14 12:00 . D0DE8A2EC95184E5193BB4B3112E29DF . 846848 . . [2001.12.4414.700] . . c:\windows\system32\comres.dll
[-] 2008-04-14 12:00 . D0DE8A2EC95184E5193BB4B3112E29DF . 846848 . . [2001.12.4414.700] . . c:\windows\system32\dllcache\comres.dll
.
[-] 2008-04-14 . D6F603772A789BB3228F310D650B8BD1 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll
[-] 2008-04-14 . D6F603772A789BB3228F310D650B8BD1 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\dllcache\qmgr.dll
.
[-] 2009-02-09 . D3D765E8455A961AE567B408F767D4F9 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll
[-] 2009-02-09 . 3127AFBF2C1ED0AB14A1BBB7AAECB85B . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll
[-] 2009-02-09 . 3127AFBF2C1ED0AB14A1BBB7AAECB85B . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll
[-] 2008-04-14 . E970C2296916BF4A2F958680016FE312 . 399360 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\rpcss.dll
.
[-] 2009-02-09 . A3EDBE9053889FB24AB22492472B39DC . 111104 . . [5.1.2600.5755] . . c:\windows\system32\services.exe
[-] 2009-02-09 . A3EDBE9053889FB24AB22492472B39DC . 111104 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe
[-] 2009-02-09 . F0A7D59AF279326528715B206669B86C . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[-] 2008-04-14 . 4BB6A83640F1D1792AD21CE767B621C6 . 109056 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\services.exe
.
[-] 2010-08-17 . 258DD5D4283FD9F9A7166BE9AE45CE73 . 58880 . . [5.1.2600.6024] . . c:\windows\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
[-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\spoolsv.exe
[-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\dllcache\spoolsv.exe
[-] 2008-04-14 . 39356A9CDB6753A6D13A4072A9F5A4BB . 57856 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB2347290$\spoolsv.exe
.
[-] 2008-04-14 . F09A527B422E25C478E38CAA0E44417A . 513024 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
[-] 2008-04-14 . F09A527B422E25C478E38CAA0E44417A . 513024 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\winlogon.exe
.
[-] 2008-04-14 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ipsec.sys
[-] 2008-04-14 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ipsec.sys
.
[-] 2010-08-23 . 1438703F3D9FFE111DA3869E4F3EEE73 . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2010-08-23 . 1438703F3D9FFE111DA3869E4F3EEE73 . 617472 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll
[-] 2010-08-23 . 2B6ADE29F8D00EEFA5FA2250CBE094AD . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
[-] 2008-04-14 . AD28671D1B83A386B070DC451A113C13 . 617472 . . [5.82] . . c:\windows\$NtUninstallKB2296011$\comctl32.dll
[-] 2008-04-14 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
[-] 2008-04-14 . 3C93CE6C6985C55952B7BE6673E9FD15 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
.
[-] 2008-04-14 . 611F824E5C703A5A899F84C5F1699E4D . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll
[-] 2008-04-14 . 611F824E5C703A5A899F84C5F1699E4D . 62464 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cryptsvc.dll
.
[-] 2008-07-07 20:26 . AF4F6B5739D18CA7972AB53E091CBC74 . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll
[-] 2008-07-07 20:26 . AF4F6B5739D18CA7972AB53E091CBC74 . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll
[-] 2008-07-07 20:23 . ADA7241C16F3F42C7F210539FAD5F3AA . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
[-] 2008-04-14 12:00 . 0F3EDAEE1EF97CF3DB2BE23A7289B78C . 246272 . . [2001.12.4414.701] . . c:\windows\$NtUninstallKB950974$\es.dll
.
[-] 2008-04-14 . F9954695D246B33A5BF105029A4C6AB6 . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll
[-] 2008-04-14 . F9954695D246B33A5BF105029A4C6AB6 . 110080 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\imm32.dll
.
[-] 2009-03-21 . B055C64AABC1A3E3DE57EC8025CAD283 . 1063424 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll
[-] 2009-03-21 . B055C64AABC1A3E3DE57EC8025CAD283 . 1063424 . . [5.1.2600.5781] . . c:\windows\system32\dllcache\kernel32.dll
[-] 2009-03-21 . 3EB703BFC2ED26A3D8ACB8626AB2C006 . 1065472 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[-] 2008-04-14 . 4C897C69754D88F496339B1A666907C1 . 1063424 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB959426$\kernel32.dll
.
[-] 2008-04-14 . 5543A9D4A1D0F9F84092482A9373A024 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll
[-] 2008-04-14 . 5543A9D4A1D0F9F84092482A9373A024 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\linkinfo.dll
.
[-] 2008-04-14 . F38F3C47BBFFD748C1359AB171C3A630 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll
[-] 2008-04-14 . F38F3C47BBFFD748C1359AB171C3A630 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\lpk.dll
.
[-] 2012-05-11 . 610AFC1D924512EEB7797ADD9E5F9455 . 6007808 . . [8.00.6001.19258] . . c:\windows\system32\mshtml.dll
[-] 2012-05-11 . 610AFC1D924512EEB7797ADD9E5F9455 . 6007808 . . [8.00.6001.19258] . . c:\windows\system32\dllcache\mshtml.dll
[-] 2012-05-11 . E3C9C5F75F06CECD02E0BE32E0BE7463 . 6009344 . . [8.00.6001.23345] . . c:\windows\$hf_mig$\KB2699988-IE8\SP3QFE\mshtml.dll
[-] 2012-03-01 . C34FC3162FE56D908A7285B5983D03FF . 5978624 . . [8.00.6001.19222] . . c:\windows\ie8updates\KB2699988-IE8\mshtml.dll
[-] 2012-03-01 . AFF12544647103F756962F43BF60C238 . 5980672 . . [8.00.6001.23318] . . c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\mshtml.dll
[-] 2011-12-17 . ED2A6223A232E6463E6168A0A7A6EA93 . 5979136 . . [8.00.6001.19190] . . c:\windows\ie8updates\KB2675157-IE8\mshtml.dll
[-] 2011-12-17 . 384D5CD1286CA3364EE2DAA991CF4726 . 5980160 . . [8.00.6001.23286] . . c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\mshtml.dll
[-] 2011-11-04 . 4823271E3A5F3A3D2229EACA01D849F1 . 5978112 . . [8.00.6001.19170] . . c:\windows\ie8updates\KB2647516-IE8\mshtml.dll
[-] 2011-11-04 . CD31B8FA968485999C4B02802D8C482C . 5978624 . . [8.00.6001.23266] . . c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\mshtml.dll
[-] 2011-10-03 . F591C3C571E547DDED6624EB3DCAB7C9 . 5971456 . . [8.00.6001.19154] . . c:\windows\ie8updates\KB2618444-IE8\mshtml.dll
[-] 2011-10-03 . CC43AB1B8E1C5244B7F354307A3C9A77 . 5972992 . . [8.00.6001.23250] . . c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\mshtml.dll
[-] 2011-07-25 . 9316AF4E14DC9C85A86A1A14A675F160 . 5969920 . . [8.00.6001.19120] . . c:\windows\ie8updates\KB2586448-IE8\mshtml.dll
[-] 2011-07-25 . 1D96C20A4B27E16481C3E774EFC87E09 . 5971456 . . [8.00.6001.23216] . . c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\mshtml.dll
[-] 2011-05-30 . 930A3ED33CD772EA8A2C4BB226A81CAF . 5964800 . . [8.00.6001.19088] . . c:\windows\ie8updates\KB2559049-IE8\mshtml.dll
[-] 2011-05-30 . F439589BF8C2B1B07DAED345CD2F710D . 5967360 . . [8.00.6001.23181] . . c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\mshtml.dll
[-] 2011-02-22 . 581142E0B30A2457893EDCF11479BB6C . 5964800 . . [8.00.6001.23141] . . c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\mshtml.dll
[-] 2011-02-22 . C37FC01CC7347AA073EA7AC3C70D7C7E . 5962240 . . [8.00.6001.19046] . . c:\windows\ie8updates\KB2530548-IE8\mshtml.dll
[-] 2010-12-20 . 10669CF45FBCA6774260726D6D62282C . 5961216 . . [8.00.6001.19019] . . c:\windows\ie8updates\KB2497640-IE8\mshtml.dll
[-] 2010-12-20 . BE8A4C7BFF06DC3BCCBCE689FAC751F7 . 5962240 . . [8.00.6001.23111] . . c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\mshtml.dll
[-] 2010-11-06 . 40627E7D2717A6DD38337A54FDA03F34 . 5960704 . . [8.00.6001.23091] . . c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\mshtml.dll
[-] 2010-11-06 . 3414295B9307D2EFE47EE89F5CC43125 . 5959168 . . [8.00.6001.18999] . . c:\windows\ie8updates\KB2482017-IE8\mshtml.dll
[-] 2010-09-10 . 2EE27CDF8C897B5ABE5D86D1C03F1066 . 5957120 . . [8.00.6001.18975] . . c:\windows\ie8updates\KB2416400-IE8\mshtml.dll
[-] 2010-09-10 . FC277C347BBAAE912A5B0748B3504483 . 5958656 . . [8.00.6001.23067] . . c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\mshtml.dll
[-] 2010-06-24 . 7CF74ED1A2C05369C67531E7855742CF . 5954560 . . [8.00.6001.23037] . . c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\mshtml.dll
.
[-] 2008-04-14 . C6A6E53A0C34EC87883137A6CB87AE5E . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll
[-] 2008-04-14 . C6A6E53A0C34EC87883137A6CB87AE5E . 343040 . . [7.0.2600.5512] . . c:\windows\system32\dllcache\msvcrt.dll
[-] 2008-04-14 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll
[-] 2008-04-14 . C536AAD8A71608FE33CD956214EDD366 . 343040 . . [7.0.2600.5512] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll
.
[-] 2008-06-20 . ACD8BD448A74F344D46FCAF21BAB92AF . 247296 . . [5.1.2600.5625] . . c:\windows\$NtUninstallKB2509553$\mswsock.dll
[-] 2008-06-20 . 4AA50627B01C0E9C6B4C6BD3AF648F12 . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\mswsock.dll
[-] 2008-06-20 . 4AA50627B01C0E9C6B4C6BD3AF648F12 . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
[-] 2008-06-20 . F1B67B6B0751AE0E6E964B02821206A3 . 247296 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll
[-] 2008-06-20 . F1B67B6B0751AE0E6E964B02821206A3 . 247296 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\mswsock.dll
[-] 2008-04-14 . F12B9D9A069331877D006CC81B4735F9 . 247296 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\mswsock.dll
.
[-] 2008-04-14 . 0098D35F91DEAB9C127360A877F2CF84 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\netlogon.dll
[-] 2008-04-14 . 0098D35F91DEAB9C127360A877F2CF84 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\netlogon.dll
.
[-] 2008-04-14 . C8C0BDABC966B6C24D337DF0A0A399E1 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll
[-] 2008-04-14 . C8C0BDABC966B6C24D337DF0A0A399E1 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\powrprof.dll
.
[-] 2008-04-14 . 5132443DF6FC3771A17AB4AE55DCBC28 . 187904 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll
[-] 2008-04-14 . 5132443DF6FC3771A17AB4AE55DCBC28 . 187904 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\scecli.dll
.
[-] 2008-04-14 . 44161A59DC33AC2EA9C95438ADFFFB7F . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll
[-] 2008-04-14 . 44161A59DC33AC2EA9C95438ADFFFB7F . 5120 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\sfc.dll
.
[-] 2008-04-14 . 4FBC75B74479C7A6F829E0CA19DF3366 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe
[-] 2008-04-14 . 4FBC75B74479C7A6F829E0CA19DF3366 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\svchost.exe
.
[-] 2008-04-14 . 05903CAC4B98908D55EA5774775B382E . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll
[-] 2008-04-14 . 05903CAC4B98908D55EA5774775B382E . 249856 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\tapisrv.dll
.
[-] 2008-04-14 . B0050CC5340E3A0760DD8B417FF7AEBD . 580096 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[-] 2008-04-14 . B0050CC5340E3A0760DD8B417FF7AEBD . 580096 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\user32.dll
.
[-] 2008-04-14 . 788F95312E26389D596C0FA55834E106 . 26624 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe
[-] 2008-04-14 . 788F95312E26389D596C0FA55834E106 . 26624 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\userinit.exe
.
[-] 2012-05-16 . CB1B69A4306EAE327DE46277CA3BA9C9 . 916992 . . [8.00.6001.19272] . . c:\windows\system32\wininet.dll
[-] 2012-05-16 . CB1B69A4306EAE327DE46277CA3BA9C9 . 916992 . . [8.00.6001.19272] . . c:\windows\system32\dllcache\wininet.dll
[-] 2012-05-16 . FA932FB2522C5B8436DF9D2290F56A98 . 920064 . . [8.00.6001.23359] . . c:\windows\$hf_mig$\KB2699988-IE8\SP3QFE\wininet.dll
[-] 2012-03-01 . 9C4ABC4869FB2EB0E6F38E27A536B325 . 916992 . . [8.00.6001.19222] . . c:\windows\ie8updates\KB2699988-IE8\wininet.dll
[-] 2012-03-01 . 4CF6DBF445D93CAB7986F8EB90F27DEC . 919552 . . [8.00.6001.23318] . . c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\wininet.dll
[-] 2011-12-17 . 4C4FA27D15C83B59B16CED7DED66E33D . 916992 . . [8.00.6001.19190] . . c:\windows\ie8updates\KB2675157-IE8\wininet.dll
[-] 2011-12-17 . 48F111BC456924B4F131E9FF11B4925E . 919552 . . [8.00.6001.23286] . . c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\wininet.dll
[-] 2011-11-04 . 0BB4286D73CE2CF106F21C7D38C9F85A . 916992 . . [8.00.6001.19165] . . c:\windows\ie8updates\KB2647516-IE8\wininet.dll
[-] 2011-11-04 . C87AFD199FB2BAA77BADC2974815A7A4 . 919552 . . [8.00.6001.23261] . . c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\wininet.dll
[-] 2011-08-22 . 5F841994DB0F2B3A3303F8E6ADFDB13E . 916480 . . [8.00.6001.19131] . . c:\windows\ie8updates\KB2618444-IE8\wininet.dll
[-] 2011-08-22 . 15F8399C03B9717AC8F5722649CB017D . 919552 . . [8.00.6001.23227] . . c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\wininet.dll
[-] 2011-06-23 . 0BF4985026EF2B7F22B91B3A4A56E222 . 916480 . . [8.00.6001.19098] . . c:\windows\ie8updates\KB2586448-IE8\wininet.dll
[-] 2011-06-23 . 11C398190972B60689CA0E61FEC75C42 . 919552 . . [8.00.6001.23192] . . c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\wininet.dll
[-] 2011-04-25 . 64F49D76DBEDDC28C676AF86A8613575 . 916480 . . [8.00.6001.19072] . . c:\windows\ie8updates\KB2559049-IE8\wininet.dll
[-] 2011-04-25 . 69E2C6E3430C34698F72E735646B346E . 919552 . . [8.00.6001.23165] . . c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\wininet.dll
[-] 2011-02-22 . 0E05446F197207A173E06A27C70A1DF7 . 919552 . . [8.00.6001.23139] . . c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\wininet.dll
[-] 2011-02-22 . A2B8733A4FB67717861CF97DB1F03053 . 916480 . . [8.00.6001.19044] . . c:\windows\ie8updates\KB2530548-IE8\wininet.dll
[-] 2010-12-20 . 4E6109D5651FAB2D9C7ACEBFA5E49076 . 916480 . . [8.00.6001.19019] . . c:\windows\ie8updates\KB2497640-IE8\wininet.dll
[-] 2010-12-20 . B5FF24B723725959D6AE0904F53F74BC . 919552 . . [8.00.6001.23111] . . c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\wininet.dll
[-] 2010-11-06 . 628696B409200762C12C5140C434CBFA . 919552 . . [8.00.6001.23084] . . c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\wininet.dll
[-] 2010-11-06 . 24BC8815BBD3BB53829E0141529E49FD . 916480 . . [8.00.6001.18992] . . c:\windows\ie8updates\KB2482017-IE8\wininet.dll
[-] 2010-09-10 . 41E62E6AA4D4C03322467FB0D2D29967 . 916480 . . [8.00.6001.18968] . . c:\windows\ie8updates\KB2416400-IE8\wininet.dll
[-] 2010-09-10 . 7B7028B726053782DD9B98B729515567 . 919552 . . [8.00.6001.23060] . . c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\wininet.dll
[-] 2010-06-24 . 1ACB8E6FAD2A8690CBB41D3229A2B27D . 919040 . . [8.00.6001.23037] . . c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\wininet.dll
[-] 2010-06-24 . 5AC0C1733D8C3DE781002F45A678E0FC . 916480 . . [8.00.6001.18939] . . c:\windows\ie8updates\KB2360131-IE8\wininet.dll
[-] 2010-05-06 . 12C5EEBBC10DB644B44131EE3ECBC430 . 916480 . . [8.00.6001.18923] . . c:\windows\ie8updates\KB2183461-IE8\wininet.dll
[-] 2010-05-06 . B5B9887088B8168D52CB28020CF05498 . 919040 . . [8.00.6001.23014] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\wininet.dll
[-] 2010-02-25 . 7857131DA01250E02BEE64F1163F6159 . 916480 . . [8.00.6001.18904] . . c:\windows\ie8updates\KB982381-IE8\wininet.dll
[-] 2010-02-25 . 3C41EB3A0EC8E2606B6C906993E11C29 . 919040 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\wininet.dll
[-] 2009-12-21 . F2A70583964128530B7E86B1A13023A7 . 916480 . . [8.00.6001.18876] . . c:\windows\ie8updates\KB980182-IE8\wininet.dll
[-] 2009-12-21 . 5E3A3EB3BC5849BE4D5FE2B5F1869783 . 916480 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\wininet.dll
[-] 2009-10-29 . A20B2C09CCE24D136F0519323A3F7072 . 832512 . . [7.00.6000.16945] . . c:\windows\ie8\wininet.dll
[-] 2009-10-29 . 3426FBE495D1825D5C09C84D1E9361C1 . 916480 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\wininet.dll
[-] 2009-10-29 . 3426FBE495D1825D5C09C84D1E9361C1 . 916480 . . [8.00.6001.18854] . . c:\windows\SoftwareDistribution\Download\85af8afe81c33bd591227dcad3f455c7\SP3GDR\wininet.dll
[-] 2009-10-29 . 9B5D0E4E82FFC178D82206D93D89C71C . 841216 . . [7.00.6000.21148] . . c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\wininet.dll
[-] 2009-10-29 . 0A4248E124C88EDD1E0A93AE93E4DB6A . 916480 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\wininet.dll
[-] 2009-10-29 . 0A4248E124C88EDD1E0A93AE93E4DB6A . 916480 . . [8.00.6001.22945] . . c:\windows\SoftwareDistribution\Download\85af8afe81c33bd591227dcad3f455c7\SP3QFE\wininet.dll
[-] 2009-08-29 . CB74316772D625807EF16F6701F2A25E . 832512 . . [7.00.6000.16915] . . c:\windows\ie7updates\KB976325-IE7\wininet.dll
[-] 2009-08-29 . BA0DE4DD7959D0638EAD5B400294C416 . 840704 . . [7.00.6000.21115] . . c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\wininet.dll
[-] 2009-06-29 . 93552887262FEE6DD5D98E452FCD495A . 828928 . . [7.00.6000.21073] . . c:\windows\$hf_mig$\KB972260-IE7\SP3QFE\wininet.dll
[-] 2009-06-29 . 90590032B6E9EF719F5E78FCD2AD2CBC . 827392 . . [7.00.6000.16876] . . c:\windows\ie7updates\KB974455-IE7\wininet.dll
[-] 2009-04-29 . B7E6D6663CB6BC05316FEB978217360D . 827392 . . [7.00.6000.16850] . . c:\windows\ie7updates\KB972260-IE7\wininet.dll
[-] 2009-04-29 . F5D59B0B453F8AF7ADC7AFB34D39C441 . 828928 . . [7.00.6000.21045] . . c:\windows\$hf_mig$\KB969897-IE7\SP3QFE\wininet.dll
[-] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB976325-IE8\wininet.dll
[-] 2009-03-03 . AF68C6F857EB438770E86FFEE013F04D . 828416 . . [7.00.6000.21020] . . c:\windows\$hf_mig$\KB963027-IE7\SP3QFE\wininet.dll
[-] 2009-03-03 . 9F434E15A82D1322FB6860E317783E57 . 826368 . . [7.00.6000.16827] . . c:\windows\ie7updates\KB969897-IE7\wininet.dll
[-] 2008-12-20 . 2B5AE9ACD86E1B8B86D62E153DE130AB . 827904 . . [7.00.6000.20978] . . c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\wininet.dll
[-] 2008-12-20 . C3D4047626F8CC8EC7DD7558FA5CC2E2 . 826368 . . [7.00.6000.16791] . . c:\windows\ie7updates\KB963027-IE7\wininet.dll
[-] 2008-10-16 . CBAAEBDFC6F9291D2D31E36FE1AD19AC . 826368 . . [7.00.6000.16762] . . c:\windows\ie7updates\KB961260-IE7\wininet.dll
[-] 2008-10-16 . 5A1F997EC096EF26F3A3880347F5F9D8 . 827904 . . [7.00.6000.20935] . . c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\wininet.dll
[-] 2008-08-26 . E1F83BCC84D6223965D35AB06B63BBEB . 827904 . . [7.00.6000.20900] . . c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\wininet.dll
[-] 2008-08-26 . B905F284F45675F3019413DFF055C666 . 826368 . . [7.00.6000.16735] . . c:\windows\ie7updates\KB958215-IE7\wininet.dll
[-] 2008-06-23 . 7B28D5C8C5C075037F864256E4044B83 . 826368 . . [7.00.6000.16705] . . c:\windows\ie7updates\KB956390-IE7\wininet.dll
[-] 2008-06-23 . 4F08E6D8C9DDA8ED4346A1857849ADB3 . 827904 . . [7.00.6000.20861] . . c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\wininet.dll
[-] 2008-04-23 . 751EFBEC900CC4E4B41DB6E522B67D41 . 827392 . . [7.00.6000.20815] . . c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\wininet.dll
[-] 2008-04-23 . A5795741E53F72C4A2736BC51007A5D5 . 826368 . . [7.00.6000.16674] . . c:\windows\ie7updates\KB953838-IE7\wininet.dll
[-] 2008-04-21 . 11D26D87E041000EA4C0128CD0010F7A . 671744 . . [6.00.2900.5583] . . c:\windows\ie7\wininet.dll
[-] 2008-04-21 . 645A4A4884EB5EB8453C01531FCBEC3A . 672256 . . [6.00.2900.5583] . . c:\windows\$hf_mig$\KB950759\SP3QFE\wininet.dll
[-] 2008-04-14 . B4AEE98A48917B274FACFB78BBE0BC84 . 671744 . . [6.00.2900.5512] . . c:\windows\$NtUninstallKB950759$\wininet.dll
[-] 2007-08-13 . A4A0FC92358F39538A6494C42EF99FE9 . 818688 . . [7.00.5730.13] . . c:\windows\ie7updates\KB950759-IE7\wininet.dll
.
[-] 2008-04-14 . 6A35E2D6F5F052C84EC2CEB296389439 . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll
[-] 2008-04-14 . 6A35E2D6F5F052C84EC2CEB296389439 . 82432 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ws2_32.dll
.
[-] 2008-04-14 . C7D8A0517CBF16B84F657DE87EBE9D4B . 19968 . . [5.1.2600.5512] . . c:\windows\system32\ws2help.dll
[-] 2008-04-14 . C7D8A0517CBF16B84F657DE87EBE9D4B . 19968 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ws2help.dll
.
[-] 2008-04-14 . 418045A93CD87A352098AB7DABE1B53E . 1036800 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 418045A93CD87A352098AB7DABE1B53E . 1036800 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\explorer.exe
.
[-] 2008-04-14 . AD9226BF3CED13636083BB9C76E9D2A2 . 153600 . . [5.1.2600.5512] . . c:\windows\regedit.exe
[-] 2008-04-14 . AD9226BF3CED13636083BB9C76E9D2A2 . 153600 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\regedit.exe
.
[-] 2011-11-01 . 6AD6619E7523E27B771569C26F408F0A . 1288704 . . [5.1.2600.6168] . . c:\windows\system32\ole32.dll
[-] 2011-11-01 . 6AD6619E7523E27B771569C26F408F0A . 1288704 . . [5.1.2600.6168] . . c:\windows\system32\dllcache\ole32.dll
[-] 2011-11-01 . D684C601EC79D9543D50EB2DB124FE78 . 1289216 . . [5.1.2600.6168] . . c:\windows\$hf_mig$\KB2624667\SP3QFE\ole32.dll
[-] 2010-07-16 . B28AF7976F2D8109C0DC2CF2460BEDC2 . 1288192 . . [5.1.2600.6010] . . c:\windows\$NtUninstallKB2624667$\ole32.dll
[-] 2010-07-16 . B3D7633CF83B09042A49810A7A72ADED . 1289216 . . [5.1.2600.6010] . . c:\windows\$hf_mig$\KB979687\SP3QFE\ole32.dll
[-] 2008-04-14 . E08D638BA3D3DD6DF6E31216AB66AE0B . 1287680 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB979687$\ole32.dll
.
[-] 2010-04-16 . 45954AFB7AE6E29B23C56B830C820A11 . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\usp10.dll
[-] 2010-04-16 . 45954AFB7AE6E29B23C56B830C820A11 . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\dllcache\usp10.dll
[-] 2010-04-16 . EB2AD9C7DADE6C63F5F933881BA2A430 . 406016 . . [1.0420.2600.5969] . . c:\windows\$hf_mig$\KB981322\SP3QFE\usp10.dll
[-] 2008-04-14 . 052F968390A85D37D5EE8BE3AB2A83A2 . 406016 . . [1.0420.2600.5512] . . c:\windows\$NtUninstallKB981322$\usp10.dll
.
[-] 2008-04-14 . 671ABB33C712B1585A5BF7ADD36AD96E . 4096 . . [5.3.2600.5512] . . c:\windows\system32\ksuser.dll
[-] 2008-04-14 . 671ABB33C712B1585A5BF7ADD36AD96E . 4096 . . [5.3.2600.5512] . . c:\windows\system32\dllcache\ksuser.dll
.
[-] 2008-04-14 . 01B4E6E990B6C5EA8856D96C7FD044B2 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
[-] 2008-04-14 . 01B4E6E990B6C5EA8856D96C7FD044B2 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ctfmon.exe
.
[-] 2009-07-27 . 2DB7D303C36DDD055215052F118E8E75 . 135680 . . [6.00.2900.5853] . . c:\windows\system32\shsvcs.dll
[-] 2009-07-27 . 2DB7D303C36DDD055215052F118E8E75 . 135680 . . [6.00.2900.5853] . . c:\windows\system32\dllcache\shsvcs.dll
[-] 2009-07-27 . 927666F4228E3FBBC3D1171581DC8BDC . 135680 . . [6.00.2900.5853] . . c:\windows\$hf_mig$\KB971029\SP3QFE\shsvcs.dll
[-] 2008-04-14 . 40602EBFBE06AA075C8E4560743F6883 . 135168 . . [6.00.2900.5512] . . c:\windows\$NtUninstallKB971029$\shsvcs.dll
.
[-] 2008-04-14 . FE77A85495065F3AD59C5C65B6C54182 . 171520 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[-] 2008-04-14 . FE77A85495065F3AD59C5C65B6C54182 . 171520 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\srsvc.dll
.
[-] 2008-04-14 . EDAFBE25FB6480CE68F688BA691890DC . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe
[-] 2008-04-14 . EDAFBE25FB6480CE68F688BA691890DC . 13824 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\wscntfy.exe
.
[-] 2008-04-14 . 0ADA34871A2E1CD2CAAFED1237A47750 . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll
[-] 2008-04-14 . 0ADA34871A2E1CD2CAAFED1237A47750 . 129024 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\xmlprov.dll
.
[-] 2008-04-14 . 04955AA695448C181B367D964AF158AA . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll
[-] 2008-04-14 . 04955AA695448C181B367D964AF158AA . 56320 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\eventlog.dll
.
[-] 2008-04-14 . E7EF7580241236552C7114FC71166CB6 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
[-] 2008-04-14 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ipsec.sys
[-] 2008-04-14 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ipsec.sys
.
[-] 2008-04-14 . E4CD1F3D84E1C2CA0B8CF7501E201593 . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll
[-] 2008-04-14 . E4CD1F3D84E1C2CA0B8CF7501E201593 . 59904 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\regsvc.dll
.
[-] 2008-04-14 . A050194A44D7FA8D7186ED2F4E8367AE . 193536 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll
[-] 2008-04-14 . A050194A44D7FA8D7186ED2F4E8367AE . 193536 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\schedsvc.dll
.
[-] 2008-04-14 . 4DF5B05DFAEC29E13E1ED6F6EE12C500 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll
[-] 2008-04-14 . 4DF5B05DFAEC29E13E1ED6F6EE12C500 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ssdpsrv.dll
.
[-] 2008-04-14 . B7DE02C863D8F5A005A7BF375375A6A4 . 297472 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll
[-] 2008-04-14 . B7DE02C863D8F5A005A7BF375375A6A4 . 297472 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\termsrv.dll
.
[-] 2008-04-14 . 0DAF0705D7B39C94E287913226688804 . 348672 . . [5.1.2600.5512] . . c:\windows\system32\hnetcfg.dll
[-] 2008-04-14 . 0DAF0705D7B39C94E287913226688804 . 348672 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\hnetcfg.dll
.
[-] 2008-04-14 . D45960BE52C3C610D361977057F98C54 . 175616 . . [5.1.2600.5512] . . c:\windows\system32\appmgmts.dll
[-] 2008-04-14 . D45960BE52C3C610D361977057F98C54 . 175616 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\appmgmts.dll
.
[-] 2008-04-14 . 9E1CA3160DAFB159CA14F83B1E317F75 . 12160 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys
.
[-] 2008-04-13 20:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\dllcache\aec.sys
[-] 2008-04-13 20:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys
.
[-] 2008-04-14 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ip6fw.sys
[-] 2008-04-14 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys
.
[-] 2010-09-18 07:18 . 4891FCDAE77486BFB56999AA217651FA . 953856 . . [4.1.6151] . . c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc40u.dll
[-] 2010-09-18 06:52 . 1614669828A32BCD06E1BE6F334BB888 . 953856 . . [4.1.6151] . . c:\windows\system32\mfc40u.dll
[-] 2010-09-18 06:52 . 1614669828A32BCD06E1BE6F334BB888 . 953856 . . [4.1.6151] . . c:\windows\system32\dllcache\mfc40u.dll
[-] 2008-04-14 12:00 . ACC19BA6876AF18768EE87931CAD14E2 . 927504 . . [4.1.0.61] . . c:\windows\$NtUninstallKB2387149$\mfc40u.dll
.
[-] 2008-04-14 . B7550A7107281D170CE85524B1488C98 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll
[-] 2008-04-14 . B7550A7107281D170CE85524B1488C98 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\msgsvc.dll
.
[-] 2008-04-14 12:00 . 6E18978B749F0696A774DE3F2CB142DD . 52736 . . [9.0.1.56] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll
[-] 2006-10-18 19:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll
[-] 2006-10-18 19:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\dllcache\mspmsnsv.dll
.
[-] 2012-05-05 . 0A7BFA15D9F9432DB882CD2A174E7F7F . 2071424 . . [5.1.2600.6223] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe
[-] 2012-05-05 . 0A7BFA15D9F9432DB882CD2A174E7F7F . 2071424 . . [5.1.2600.6223] . . c:\windows\system32\dllcache\ntkrnlpa.exe
[-] 2012-05-05 . BE4A6D3DB8E11A1B644B8675FE7D1A43 . 2029056 . . [5.1.2600.6223] . . c:\windows\system32\ntkrnlpa.exe
[-] 2012-05-05 . 339D9DA45F631C9D9D7132D9F6957943 . 2071424 . . [5.1.2600.6223] . . c:\windows\$hf_mig$\KB2707511\SP3QFE\ntkrnlpa.exe
[-] 2012-04-11 . 12E964E3514BC6ECD028A792F23E1976 . 2029056 . . [5.1.2600.6206] . . c:\windows\$NtUninstallKB2707511$\ntkrnlpa.exe
[-] 2012-04-11 . C3124524EDDDA49504AE558352440F65 . 2071424 . . [5.1.2600.6206] . . c:\windows\$hf_mig$\KB2676562\SP3QFE\ntkrnlpa.exe
[-] 2011-10-26 . 07FD1B85212CB29D3D75932B8C3FD210 . 2029568 . . [5.1.2600.6165] . . c:\windows\$NtUninstallKB2676562$\ntkrnlpa.exe
[-] 2011-10-26 . ADD968B4D4A095407FD5B915F89BA8B5 . 2071680 . . [5.1.2600.6165] . . c:\windows\$hf_mig$\KB2633171\SP3QFE\ntkrnlpa.exe
[-] 2010-12-09 . 7B1CA0A6C042E4B90A18B49ED73CBA76 . 2071680 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntkrnlpa.exe
[-] 2010-12-09 . 56371A8F18F7D9570A11B1C54D602A2A . 2029568 . . [5.1.2600.6055] . . c:\windows\$NtUninstallKB2633171$\ntkrnlpa.exe
[-] 2010-04-28 . 4EACA49489EB3C4A2E83C5546EB5884C . 2069248 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntkrnlpa.exe
[-] 2010-04-28 . 6D8D53C3EE866AB72AC73A68808E7371 . 2027008 . . [5.1.2600.5973] . . c:\windows\$NtUninstallKB2393802$\ntkrnlpa.exe
[-] 2010-02-16 . 1DFCBCFD1C9016C051BE6D7243459CCA . 2027008 . . [5.1.2600.5938] . . c:\windows\$NtUninstallKB981852$\ntkrnlpa.exe
[-] 2010-02-16 . CEE28C8C47E52F185F9F8F3A2E31880C . 2069248 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe
[-] 2009-12-09 . 2E72317A93EF61138E43DCF7CD423EDF . 2068480 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3QFE\ntkrnlpa.exe
[-] 2009-12-09 . 1143EBE276EA80A88942A21613078088 . 2026496 . . [5.1.2600.5913] . . c:\windows\$NtUninstallKB979683$\ntkrnlpa.exe
[-] 2009-08-04 . C50ED62BB5CDC5AD4F3985ED39C6AE87 . 2068480 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlpa.exe
[-] 2009-08-04 . 1FF1F43613BA7510A5A975ED034EB8E0 . 2026496 . . [5.1.2600.5857] . . c:\windows\$NtUninstallKB977165$\ntkrnlpa.exe
[-] 2009-02-09 . 43FBA8A9CBEEA36EA95AF77CD538200A . 2026496 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB971486$\ntkrnlpa.exe
[-] 2009-02-09 . 1F9DA92672B8B5720C5FB1E87D8F249F . 2068480 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
[-] 2008-08-14 . C789B5AEA9AB71C5BEF6DD568F744842 . 2068352 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe
[-] 2008-08-14 . 13334FAF18AB3B9083B8DD8A668B8BB6 . 2026496 . . [5.1.2600.5657] . . c:\windows\$NtUninstallKB956572$\ntkrnlpa.exe
[-] 2008-04-14 . FEFB3BDA35CF469809B0C89AB6833AFC . 2026496 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956841$\ntkrnlpa.exe
.
[-] 2008-04-14 12:00 . 56AF4064996FA5BAC9C449B1514B4770 . 438272 . . [5.1.2400.5512] . . c:\windows\system32\ntmssvc.dll
[-] 2008-04-14 12:00 . 56AF4064996FA5BAC9C449B1514B4770 . 438272 . . [5.1.2400.5512] . . c:\windows\system32\dllcache\ntmssvc.dll
.
[-] 2008-04-14 . 1DFD8975D8C89214B98D9387C1125B49 . 186880 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll
[-] 2008-04-14 . 1DFD8975D8C89214B98D9387C1125B49 . 186880 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\upnphost.dll
.
[-] 2008-04-14 . 9236E736EDB57BE7D1EF6274410E3BAC . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dsound.dll
[-] 2008-04-14 . 9236E736EDB57BE7D1EF6274410E3BAC . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dllcache\dsound.dll
.
[-] 2008-04-14 . 36969CF86E51EC8ED202B40F2FA80AA6 . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\d3d9.dll
[-] 2008-04-14 . 36969CF86E51EC8ED202B40F2FA80AA6 . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\dllcache\d3d9.dll
.
[-] 2008-04-14 . 4A37188B83B00DD9CFBA049687AD0DAF . 279552 . . [5.03.2600.5512] . . c:\windows\system32\ddraw.dll
[-] 2008-04-14 . 4A37188B83B00DD9CFBA049687AD0DAF . 279552 . . [5.03.2600.5512] . . c:\windows\system32\dllcache\ddraw.dll
.
[-] 2008-04-14 12:00 . 5D7F5A46975D2E59A6FECB6C231D200F . 84992 . . [5.1.2600.5512] . . c:\windows\system32\olepro32.dll
[-] 2008-04-14 12:00 . 5D7F5A46975D2E59A6FECB6C231D200F . 84992 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\olepro32.dll
.
[-] 2008-04-14 . C47FD93010649AC0D79022D9B69ADBE4 . 41984 . . [5.1.2600.5512] . . c:\windows\system32\perfctrs.dll
[-] 2008-04-14 . C47FD93010649AC0D79022D9B69ADBE4 . 41984 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\perfctrs.dll
.
[-] 2008-04-14 . F86000634319F71535BCE6B06995EE99 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\version.dll
[-] 2008-04-14 . F86000634319F71535BCE6B06995EE99 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\version.dll
.
[-] 2012-05-05 . 6005B4877E0E9AFB992615A0D5130D11 . 2194944 . . [5.1.2600.6223] . . c:\windows\Driver Cache\i386\ntoskrnl.exe
[-] 2012-05-05 . 6005B4877E0E9AFB992615A0D5130D11 . 2194944 . . [5.1.2600.6223] . . c:\windows\system32\dllcache\ntoskrnl.exe
[-] 2012-05-05 . 916B2FD262DDD2DD31EB5B80B5645516 . 2150912 . . [5.1.2600.6223] . . c:\windows\system32\ntoskrnl.exe
[-] 2012-05-05 . C11516E90F6D8C45329A070429392A04 . 2194944 . . [5.1.2600.6223] . . c:\windows\$hf_mig$\KB2707511\SP3QFE\ntoskrnl.exe
[-] 2012-04-11 . 1055CB3C62F7007EBD5ECB1E5CC8069E . 2150912 . . [5.1.2600.6206] . . c:\windows\$NtUninstallKB2707511$\ntoskrnl.exe
[-] 2012-04-11 . 35BEC26067274CCFE4BE16CA22E54557 . 2194944 . . [5.1.2600.6206] . . c:\windows\$hf_mig$\KB2676562\SP3QFE\ntoskrnl.exe
[-] 2011-10-26 . 63907C9E2D9EEA3ADA8263F0A8D79797 . 2151424 . . [5.1.2600.6165] . . c:\windows\$NtUninstallKB2676562$\ntoskrnl.exe
[-] 2011-10-26 . 43BA9F58FD87BBF57F958C06241F2C9C . 2195072 . . [5.1.2600.6165] . . c:\windows\$hf_mig$\KB2633171\SP3QFE\ntoskrnl.exe
[-] 2010-12-09 . 2A5A8BE47E1F8E55520FB4031E21D129 . 2195072 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntoskrnl.exe
[-] 2010-12-09 . DAC0BE266F11618A2B9A6EC4D1F255ED . 2151424 . . [5.1.2600.6055] . . c:\windows\$NtUninstallKB2633171$\ntoskrnl.exe
[-] 2010-04-28 . 490911C4B913989D4958543FED2C8F21 . 2148864 . . [5.1.2600.5973] . . c:\windows\$NtUninstallKB2393802$\ntoskrnl.exe
[-] 2010-04-28 . 6AF2E8CEB03F7CB3B8183359563DBB87 . 2192384 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntoskrnl.exe
[-] 2010-02-16 . E1BD0FAFF2C1D0A825CBA97DCF0DDDAE . 2148864 . . [5.1.2600.5938] . . c:\windows\$NtUninstallKB981852$\ntoskrnl.exe
[-] 2010-02-16 . 4456016C2FF1A8CCCAC8309C9B76E2F5 . 2192384 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe
[-] 2009-12-09 . A97847B2D30F4A299B35239D26BAD948 . 2191616 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3QFE\ntoskrnl.exe
[-] 2009-12-09 . D4128AA197DD8F3120FC80008AB66CF7 . 2147840 . . [5.1.2600.5913] . . c:\windows\$NtUninstallKB979683$\ntoskrnl.exe
[-] 2009-08-04 . 96D6882D49438D58B0DE0F7E8C8D241B . 2147840 . . [5.1.2600.5857] . . c:\windows\$NtUninstallKB977165$\ntoskrnl.exe
[-] 2009-08-04 . 4B86421F2D85D9A4ECB06885C40B8EEB . 2191616 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe
[-] 2009-02-10 . D3453310FC92736E674FFDC6E3F455B7 . 2191488 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[-] 2009-02-09 . 18D976FE984BDA3DAC8164B05D69205D . 2147840 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB971486$\ntoskrnl.exe
[-] 2008-08-14 . 59282EFE7147C011530E51FF92BA86AC . 2191488 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe
[-] 2008-08-14 . 5961DD3AEC44962A76F0D8D895C172F1 . 2147840 . . [5.1.2600.5657] . . c:\windows\$NtUninstallKB956572$\ntoskrnl.exe
[-] 2008-04-14 . 88077F757C6C793C33408D878B6E0F76 . 2147840 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956841$\ntoskrnl.exe
.
[-] 2008-04-14 . FE77A85495065F3AD59C5C65B6C54182 . 171520 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[-] 2008-04-14 . FE77A85495065F3AD59C5C65B6C54182 . 171520 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\srsvc.dll
.
[-] 2008-04-14 . 7B353059E665F8B7AD2BBEAEF597CF45 . 177152 . . [5.1.2600.5512] . . c:\windows\system32\w32time.dll
[-] 2008-04-14 . 7B353059E665F8B7AD2BBEAEF597CF45 . 177152 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\w32time.dll
.
[-] 2008-04-14 . BC2C5985611C5356B24AEB370953DED9 . 334336 . . [5.1.2600.5512] . . c:\windows\system32\wiaservc.dll
[-] 2008-04-14 . BC2C5985611C5356B24AEB370953DED9 . 334336 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\wiaservc.dll
.
[-] 2008-04-14 . 2CF969B9BF1EF069075DCDCE309FAAE1 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\midimap.dll
[-] 2008-04-14 . 2CF969B9BF1EF069075DCDCE309FAAE1 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\midimap.dll
.
[-] 2008-04-14 . 469FED8597896DB77B49384BE90E2E0A . 7680 . . [5.1.2600.5512] . . c:\windows\system32\rasadhlp.dll
[-] 2008-04-14 . 469FED8597896DB77B49384BE90E2E0A . 7680 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\rasadhlp.dll
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\programme\Synaptics\SynTP\SynTPEnh.exe" [2008-03-27 1040384]
"hpWirelessAssistant"="c:\programme\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-03-01 472776]
"WatchDog"="c:\programme\InterVideo\DVD Check\DVDCheck.exe" [2006-09-05 184320]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-12-20 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-12-20 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-12-20 137752]
"SoundMAXPnP"="c:\programme\Analog Devices\Core\smax4pnp.exe" [2007-01-05 872448]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2008-07-10 1871872]
"IntelZeroConfig"="c:\programme\Intel\Wireless\bin\ZCfgSvc.exe" [2008-03-04 999424]
"IntelWireless"="c:\programme\Intel\Wireless\Bin\ifrmewrk.exe" [2008-03-04 1101824]
"AccelerometerSysTrayApplet"="c:\windows\system32\AccelerometerSt.exe" [2007-01-24 124928]
"QlbCtrl.exe"="c:\programme\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-02-26 177456]
"HP Software Update"="c:\programme\Hp\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"QuickTime Task"="c:\programme\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\programme\iTunes\iTunesHelper.exe" [2011-03-07 421160]
"SunJavaUpdateSched"="c:\programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [2012-01-18 254696]
"Malwarebytes' Anti-Malware"="c:\programme\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
"MSC"="c:\programme\Microsoft Security Client\msseces.exe" [2012-03-26 931200]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\GEMEIN~1\MICROS~1\DW\dwtrig20.exe" [2010-12-20 519584]
.
c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\
BTTray.lnk - c:\programme\WIDCOMM\Bluetooth Software\BTTray.exe [2007-12-6 576104]
DVD Check.lnk - c:\programme\InterVideo\DVD Check\DVDCheck.exe [2008-7-10 184320]
Windows Search.lnk - c:\programme\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\programme\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programme\\Miranda IM\\miranda32.exe"=
"c:\\Programme\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Programme\\Bonjour\\mDNSResponder.exe"=
"c:\\Programme\\iTunes\\iTunes.exe"=
.
R1 MpKsl3c7094b9;MpKsl3c7094b9;c:\dokumente und einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\{421CFB4C-EE7E-4898-93A1-94B7EC991CF7}\MpKsl3c7094b9.sys [05.07.2012 14:46 29904]
R2 MBAMService;MBAMService;c:\programme\Malwarebytes' Anti-Malware\mbamservice.exe [05.07.2012 09:11 654408]
R2 SWIHPWMI;SWIHPWMI;c:\programme\HPQ\Shared\Sierra Wireless\Win32\Unicode\SWIHPWMI.exe [04.12.2006 16:13 292384]
R3 Com4QLBEx;Com4QLBEx;c:\programme\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [15.07.2008 21:57 193840]
R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [10.07.2008 15:45 36608]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [05.07.2012 09:11 22344]
R3 rismc32;RICOH Smart Card Reader;c:\windows\system32\drivers\rismc32.sys [10.07.2008 15:49 47616]
S3 HP24X;HP PC Card Smart Card Reader;c:\windows\system32\drivers\HP24X.sys [10.07.2008 15:48 33024]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\programme\Mozilla Maintenance Service\maintenanceservice.exe [07.05.2012 22:59 113120]
S3 osppsvc;Office Software Protection Platform;c:\programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [09.01.2010 21:37 4640000]
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - MPKSL3C7094B9
.
Inhalt des "geplante Tasks" Ordners
.
2012-03-29 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programme\Apple Software Update\SoftwareUpdate.exe [2008-04-11 10:34]
.
2012-07-05 c:\windows\Tasks\MpIdleTask.job
- c:\programme\Microsoft Security Client\MpCmdRun.exe [2012-03-26 15:03]
.
.
------- Zusätzlicher Suchlauf -------
.
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Senden an &Bluetooth-Gerät... - c:\programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Senden an Bluetooth - c:\programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm
FF - ProfilePath - c:\dokumente und einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\an0339hp.default\
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2012-07-05 15:14
Windows 5.1.2600 Service Pack 3 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'winlogon.exe'(960)
c:\windows\System32\BCMLogon.dll
c:\windows\system32\netprovcredman.dll
c:\windows\system32\igfxdev.dll
.
Zeit der Fertigstellung: 2012-07-05  15:18:10
ComboFix-quarantined-files.txt  2012-07-05 13:18
.
Vor Suchlauf: 9 Verzeichnis(se), 12.454.383.616 Bytes frei
Nach Suchlauf: 12 Verzeichnis(se), 12.950.458.368 Bytes frei
.
WindowsXP-KB310994-SP2-Pro-BootDisk-DEU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - EB04C0F70D0D8570DC24DEAA192C2024
--- --- ---

markusg 05.07.2012 14:23
hi
download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
- bei funden erst mal immer skip wählen, log posten

Hypocrite666 05.07.2012 14:31
Code:
15:28:38.0734 2688        TDSS rootkit removing tool 2.7.44.0 Jul  2 2012 20:01:08
15:28:38.0875 2688        ============================================================
15:28:38.0875 2688        Current date / time: 2012/07/05 15:28:38.0875
15:28:38.0875 2688        SystemInfo:
15:28:38.0875 2688       
15:28:38.0875 2688        OS Version: 5.1.2600 ServicePack: 3.0
15:28:38.0875 2688        Product type: Workstation
15:28:38.0875 2688        ComputerName: SIRHENRYJR
15:28:38.0875 2688        UserName: ***
15:28:38.0875 2688        Windows directory: C:\WINDOWS
15:28:38.0875 2688        System windows directory: C:\WINDOWS
15:28:38.0875 2688        Processor architecture: Intel x86
15:28:38.0875 2688        Number of processors: 2
15:28:38.0875 2688        Page size: 0x1000
15:28:38.0875 2688        Boot type: Normal boot
15:28:38.0875 2688        ============================================================
15:28:40.0671 2688        Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:28:40.0703 2688        ============================================================
15:28:40.0703 2688        \Device\Harddisk0\DR0:
15:28:40.0703 2688        MBR partitions:
15:28:40.0703 2688        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x950E800
15:28:40.0703 2688        ============================================================
15:28:40.0703 2688        C: <-> \Device\Harddisk0\DR0\Partition0
15:28:40.0703 2688        ============================================================
15:28:40.0703 2688        Initialize success
15:28:40.0703 2688        ============================================================
15:28:55.0656 3444        ============================================================
15:28:55.0656 3444        Scan started
15:28:55.0656 3444        Mode: Manual; SigCheck; TDLFS;
15:28:55.0656 3444        ============================================================
15:28:55.0906 3444        Abiosdsk - ok
15:28:55.0921 3444        abp480n5 - ok
15:28:55.0968 3444        Accelerometer  (ac24b66995aff48be6b2f8cc3ca843c7) C:\WINDOWS\system32\DRIVERS\Accelerometer.sys
15:28:56.0250 3444        Accelerometer ( UnsignedFile.Multi.Generic ) - warning
15:28:56.0250 3444        Accelerometer - detected UnsignedFile.Multi.Generic (1)
15:28:56.0312 3444        ACPI            (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
15:28:56.0359 3444        ACPI ( UnsignedFile.Multi.Generic ) - warning
15:28:56.0359 3444        ACPI - detected UnsignedFile.Multi.Generic (1)
15:28:56.0390 3444        ACPIEC          (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
15:28:56.0437 3444        ACPIEC ( UnsignedFile.Multi.Generic ) - warning
15:28:56.0437 3444        ACPIEC - detected UnsignedFile.Multi.Generic (1)
15:28:56.0500 3444        ADIHdAudAddService (4e12c97cbfe99be15d7680918f9899ec) C:\WINDOWS\system32\drivers\ADIHdAud.sys
15:28:56.0578 3444        ADIHdAudAddService ( UnsignedFile.Multi.Generic ) - warning
15:28:56.0578 3444        ADIHdAudAddService - detected UnsignedFile.Multi.Generic (1)
15:28:56.0578 3444        adpu160m - ok
15:28:56.0625 3444        AEAudio        (fff87a9b1ab36ee4b7bec98a4cb01b79) C:\WINDOWS\system32\drivers\AEAudio.sys
15:28:56.0734 3444        AEAudio ( UnsignedFile.Multi.Generic ) - warning
15:28:56.0734 3444        AEAudio - detected UnsignedFile.Multi.Generic (1)
15:28:56.0734 3444        aec            (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
15:28:56.0828 3444        aec ( UnsignedFile.Multi.Generic ) - warning
15:28:56.0828 3444        aec - detected UnsignedFile.Multi.Generic (1)
15:28:56.0859 3444        AegisP          (023867b6606fbabcdd52e089c4a507da) C:\WINDOWS\system32\DRIVERS\AegisP.sys
15:28:56.0921 3444        AegisP ( UnsignedFile.Multi.Generic ) - warning
15:28:56.0921 3444        AegisP - detected UnsignedFile.Multi.Generic (1)
15:28:56.0984 3444        AFD            (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
15:28:57.0031 3444        AFD ( UnsignedFile.Multi.Generic ) - warning
15:28:57.0031 3444        AFD - detected UnsignedFile.Multi.Generic (1)
15:28:57.0031 3444        Aha154x - ok
15:28:57.0046 3444        aic78u2 - ok
15:28:57.0046 3444        aic78xx - ok
15:28:57.0078 3444        Alerter        (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll
15:28:57.0140 3444        Alerter ( UnsignedFile.Multi.Generic ) - warning
15:28:57.0140 3444        Alerter - detected UnsignedFile.Multi.Generic (1)
15:28:57.0171 3444        ALG            (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe
15:28:57.0250 3444        ALG ( UnsignedFile.Multi.Generic ) - warning
15:28:57.0250 3444        ALG - detected UnsignedFile.Multi.Generic (1)
15:28:57.0250 3444        AliIde - ok
15:28:57.0250 3444        amsint - ok
15:28:57.0375 3444        Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:28:57.0437 3444        Apple Mobile Device - ok
15:28:57.0468 3444        AppMgmt        (d45960be52c3c610d361977057f98c54) C:\WINDOWS\System32\appmgmts.dll
15:28:57.0546 3444        AppMgmt ( UnsignedFile.Multi.Generic ) - warning
15:28:57.0546 3444        AppMgmt - detected UnsignedFile.Multi.Generic (1)
15:28:57.0562 3444        Arp1394        (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
15:28:57.0625 3444        Arp1394 ( UnsignedFile.Multi.Generic ) - warning
15:28:57.0625 3444        Arp1394 - detected UnsignedFile.Multi.Generic (1)
15:28:57.0625 3444        asc - ok
15:28:57.0625 3444        asc3350p - ok
15:28:57.0625 3444        asc3550 - ok
15:28:57.0734 3444        aspnet_state    (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
15:28:57.0765 3444        aspnet_state - ok
15:28:57.0812 3444        AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
15:28:57.0859 3444        AsyncMac ( UnsignedFile.Multi.Generic ) - warning
15:28:57.0859 3444        AsyncMac - detected UnsignedFile.Multi.Generic (1)
15:28:57.0906 3444        atapi          (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
15:28:57.0968 3444        atapi ( UnsignedFile.Multi.Generic ) - warning
15:28:57.0968 3444        atapi - detected UnsignedFile.Multi.Generic (1)
15:28:57.0968 3444        Atdisk - ok
15:28:58.0000 3444        Atmarpc        (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
15:28:58.0062 3444        Atmarpc ( UnsignedFile.Multi.Generic ) - warning
15:28:58.0062 3444        Atmarpc - detected UnsignedFile.Multi.Generic (1)
15:28:58.0109 3444        ATSWPDRV        (69e65a2ce11619f0c868967ca9540b80) C:\WINDOWS\system32\DRIVERS\ATSwpDrv.sys
15:28:58.0171 3444        ATSWPDRV - ok
15:28:58.0187 3444        AudioSrv        (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll
15:28:58.0281 3444        AudioSrv ( UnsignedFile.Multi.Generic ) - warning
15:28:58.0281 3444        AudioSrv - detected UnsignedFile.Multi.Generic (1)
15:28:58.0312 3444        audstub        (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
15:28:58.0375 3444        audstub ( UnsignedFile.Multi.Generic ) - warning
15:28:58.0375 3444        audstub - detected UnsignedFile.Multi.Generic (1)
15:28:58.0421 3444        Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
15:28:58.0531 3444        Beep ( UnsignedFile.Multi.Generic ) - warning
15:28:58.0531 3444        Beep - detected UnsignedFile.Multi.Generic (1)
15:28:58.0609 3444        BITS            (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll
15:28:58.0828 3444        BITS ( UnsignedFile.Multi.Generic ) - warning
15:28:58.0828 3444        BITS - detected UnsignedFile.Multi.Generic (1)
15:28:58.0921 3444        Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Programme\Bonjour\mDNSResponder.exe
15:28:58.0953 3444        Bonjour Service - ok
15:28:58.0984 3444        Browser        (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll
15:28:59.0093 3444        Browser ( UnsignedFile.Multi.Generic ) - warning
15:28:59.0093 3444        Browser - detected UnsignedFile.Multi.Generic (1)
15:28:59.0187 3444        BTKRNL          (ef5e0de0a7ca2977a9255f36f4d915ab) C:\WINDOWS\system32\DRIVERS\btkrnl.sys
15:28:59.0250 3444        BTKRNL - ok
15:28:59.0312 3444        btwdins        (dd9c025e98a45eb0bf33ba952d0726d8) C:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe
15:28:59.0359 3444        btwdins - ok
15:28:59.0375 3444        BTWUSB          (053dc5be74621b63bb48c2b86bafc7b0) C:\WINDOWS\system32\Drivers\btwusb.sys
15:28:59.0406 3444        BTWUSB - ok
15:28:59.0484 3444        catchme - ok
15:28:59.0515 3444        cbidf2k        (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
15:28:59.0671 3444        cbidf2k ( UnsignedFile.Multi.Generic ) - warning
15:28:59.0671 3444        cbidf2k - detected UnsignedFile.Multi.Generic (1)
15:28:59.0671 3444        cd20xrnt - ok
15:28:59.0703 3444        Cdaudio        (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
15:28:59.0812 3444        Cdaudio ( UnsignedFile.Multi.Generic ) - warning
15:28:59.0828 3444        Cdaudio - detected UnsignedFile.Multi.Generic (1)
15:28:59.0859 3444        Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
15:29:00.0015 3444        Cdfs ( UnsignedFile.Multi.Generic ) - warning
15:29:00.0015 3444        Cdfs - detected UnsignedFile.Multi.Generic (1)
15:29:00.0031 3444        Cdrom          (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
15:29:00.0093 3444        Cdrom ( UnsignedFile.Multi.Generic ) - warning
15:29:00.0093 3444        Cdrom - detected UnsignedFile.Multi.Generic (1)
15:29:00.0093 3444        Changer - ok
15:29:00.0125 3444        CiSvc          (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe
15:29:00.0171 3444        CiSvc ( UnsignedFile.Multi.Generic ) - warning
15:29:00.0171 3444        CiSvc - detected UnsignedFile.Multi.Generic (1)
15:29:00.0187 3444        ClipSrv        (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe
15:29:00.0234 3444        ClipSrv ( UnsignedFile.Multi.Generic ) - warning
15:29:00.0234 3444        ClipSrv - detected UnsignedFile.Multi.Generic (1)
15:29:00.0312 3444        clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:29:00.0406 3444        clr_optimization_v2.0.50727_32 - ok
15:29:00.0437 3444        CmBatt          (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
15:29:00.0484 3444        CmBatt ( UnsignedFile.Multi.Generic ) - warning
15:29:00.0484 3444        CmBatt - detected UnsignedFile.Multi.Generic (1)
15:29:00.0500 3444        CmdIde - ok
15:29:00.0578 3444        Com4QLBEx      (a94146208170d78906c93ee39cebdd9f) C:\Programme\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
15:29:00.0593 3444        Com4QLBEx - ok
15:29:00.0625 3444        Compbatt        (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
15:29:00.0671 3444        Compbatt ( UnsignedFile.Multi.Generic ) - warning
15:29:00.0671 3444        Compbatt - detected UnsignedFile.Multi.Generic (1)
15:29:00.0671 3444        COMSysApp - ok
15:29:00.0687 3444        Cpqarray - ok
15:29:00.0734 3444        CryptSvc        (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll
15:29:00.0796 3444        CryptSvc ( UnsignedFile.Multi.Generic ) - warning
15:29:00.0796 3444        CryptSvc - detected UnsignedFile.Multi.Generic (1)
15:29:00.0796 3444        dac2w2k - ok
15:29:00.0796 3444        dac960nt - ok
15:29:00.0859 3444        DcomLaunch      (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
15:29:00.0921 3444        DcomLaunch ( UnsignedFile.Multi.Generic ) - warning
15:29:00.0921 3444        DcomLaunch - detected UnsignedFile.Multi.Generic (1)
15:29:00.0937 3444        Dhcp            (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll
15:29:00.0968 3444        Dhcp ( UnsignedFile.Multi.Generic ) - warning
15:29:00.0968 3444        Dhcp - detected UnsignedFile.Multi.Generic (1)
15:29:00.0984 3444        Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
15:29:01.0031 3444        Disk ( UnsignedFile.Multi.Generic ) - warning
15:29:01.0031 3444        Disk - detected UnsignedFile.Multi.Generic (1)
15:29:01.0031 3444        dmadmin - ok
15:29:01.0093 3444        dmboot          (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
15:29:01.0171 3444        dmboot ( UnsignedFile.Multi.Generic ) - warning
15:29:01.0171 3444        dmboot - detected UnsignedFile.Multi.Generic (1)
15:29:01.0203 3444        dmio            (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
15:29:01.0281 3444        dmio ( UnsignedFile.Multi.Generic ) - warning
15:29:01.0281 3444        dmio - detected UnsignedFile.Multi.Generic (1)
15:29:01.0312 3444        dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
15:29:01.0343 3444        dmload ( UnsignedFile.Multi.Generic ) - warning
15:29:01.0343 3444        dmload - detected UnsignedFile.Multi.Generic (1)
15:29:01.0359 3444        dmserver        (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll
15:29:01.0390 3444        dmserver ( UnsignedFile.Multi.Generic ) - warning
15:29:01.0390 3444        dmserver - detected UnsignedFile.Multi.Generic (1)
15:29:01.0437 3444        DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
15:29:01.0484 3444        DMusic ( UnsignedFile.Multi.Generic ) - warning
15:29:01.0484 3444        DMusic - detected UnsignedFile.Multi.Generic (1)
15:29:01.0531 3444        Dnscache        (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll
15:29:01.0578 3444        Dnscache ( UnsignedFile.Multi.Generic ) - warning
15:29:01.0578 3444        Dnscache - detected UnsignedFile.Multi.Generic (1)
15:29:01.0609 3444        Dot3svc        (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll
15:29:01.0671 3444        Dot3svc ( UnsignedFile.Multi.Generic ) - warning
15:29:01.0671 3444        Dot3svc - detected UnsignedFile.Multi.Generic (1)
15:29:01.0671 3444        dpti2o - ok
15:29:01.0687 3444        drmkaud        (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
15:29:01.0718 3444        drmkaud ( UnsignedFile.Multi.Generic ) - warning
15:29:01.0718 3444        drmkaud - detected UnsignedFile.Multi.Generic (1)
15:29:01.0781 3444        e1express      (8942419786970adb32b05bb7950aee72) C:\WINDOWS\system32\DRIVERS\e1e5132.sys
15:29:01.0796 3444        e1express - ok
15:29:01.0828 3444        EapHost        (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll
15:29:01.0906 3444        EapHost ( UnsignedFile.Multi.Generic ) - warning
15:29:01.0906 3444        EapHost - detected UnsignedFile.Multi.Generic (1)
15:29:01.0921 3444        ERSvc          (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll
15:29:01.0953 3444        ERSvc ( UnsignedFile.Multi.Generic ) - warning
15:29:01.0953 3444        ERSvc - detected UnsignedFile.Multi.Generic (1)
15:29:02.0000 3444        Eventlog        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
15:29:02.0031 3444        Eventlog ( UnsignedFile.Multi.Generic ) - warning
15:29:02.0031 3444        Eventlog - detected UnsignedFile.Multi.Generic (1)
15:29:02.0078 3444        EventSystem    (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\system32\es.dll
15:29:02.0109 3444        EventSystem ( UnsignedFile.Multi.Generic ) - warning
15:29:02.0109 3444        EventSystem - detected UnsignedFile.Multi.Generic (1)
15:29:02.0265 3444        EvtEng          (a2ca7c9169f5781a261310dfadc52514) C:\Programme\Intel\Wireless\Bin\EvtEng.exe
15:29:02.0484 3444        EvtEng ( UnsignedFile.Multi.Generic ) - warning
15:29:02.0484 3444        EvtEng - detected UnsignedFile.Multi.Generic (1)
15:29:02.0546 3444        Fastfat        (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
15:29:02.0625 3444        Fastfat ( UnsignedFile.Multi.Generic ) - warning
15:29:02.0625 3444        Fastfat - detected UnsignedFile.Multi.Generic (1)
15:29:02.0671 3444        FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
15:29:02.0750 3444        FastUserSwitchingCompatibility ( UnsignedFile.Multi.Generic ) - warning
15:29:02.0750 3444        FastUserSwitchingCompatibility - detected UnsignedFile.Multi.Generic (1)
15:29:02.0765 3444        Fdc            (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
15:29:02.0859 3444        Fdc ( UnsignedFile.Multi.Generic ) - warning
15:29:02.0859 3444        Fdc - detected UnsignedFile.Multi.Generic (1)
15:29:02.0859 3444        Fips            (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
15:29:02.0921 3444        Fips ( UnsignedFile.Multi.Generic ) - warning
15:29:02.0921 3444        Fips - detected UnsignedFile.Multi.Generic (1)
15:29:02.0937 3444        Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
15:29:02.0968 3444        Flpydisk ( UnsignedFile.Multi.Generic ) - warning
15:29:02.0968 3444        Flpydisk - detected UnsignedFile.Multi.Generic (1)
15:29:03.0015 3444        FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
15:29:03.0078 3444        FltMgr ( UnsignedFile.Multi.Generic ) - warning
15:29:03.0078 3444        FltMgr - detected UnsignedFile.Multi.Generic (1)
15:29:03.0203 3444        FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
15:29:03.0218 3444        FontCache3.0.0.0 - ok
15:29:03.0234 3444        Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:29:03.0281 3444        Fs_Rec ( UnsignedFile.Multi.Generic ) - warning
15:29:03.0281 3444        Fs_Rec - detected UnsignedFile.Multi.Generic (1)
15:29:03.0296 3444        Ftdisk          (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
15:29:03.0343 3444        Ftdisk ( UnsignedFile.Multi.Generic ) - warning
15:29:03.0343 3444        Ftdisk - detected UnsignedFile.Multi.Generic (1)
15:29:03.0375 3444        GEARAspiWDM    (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
15:29:03.0390 3444        GEARAspiWDM - ok
15:29:03.0437 3444        Gpc            (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
15:29:03.0515 3444        Gpc ( UnsignedFile.Multi.Generic ) - warning
15:29:03.0515 3444        Gpc - detected UnsignedFile.Multi.Generic (1)
15:29:03.0609 3444        gusvc          (c1b577b2169900f4cf7190c39f085794) C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
15:29:03.0625 3444        gusvc - ok
15:29:03.0671 3444        HBtnKey        (407e41ddb2bfece109132aec296e0d98) C:\WINDOWS\system32\DRIVERS\cpqbttn.sys
15:29:03.0734 3444        HBtnKey ( UnsignedFile.Multi.Generic ) - warning
15:29:03.0734 3444        HBtnKey - detected UnsignedFile.Multi.Generic (1)
15:29:03.0781 3444        HDAudBus        (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
15:29:03.0859 3444        HDAudBus ( UnsignedFile.Multi.Generic ) - warning
15:29:03.0859 3444        HDAudBus - detected UnsignedFile.Multi.Generic (1)
15:29:03.0890 3444        HECI            (982da8edc8e2680ba8e39dc1ad54a04e) C:\WINDOWS\system32\DRIVERS\HECI.sys
15:29:04.0031 3444        HECI ( UnsignedFile.Multi.Generic ) - warning
15:29:04.0031 3444        HECI - detected UnsignedFile.Multi.Generic (1)
15:29:04.0093 3444        helpsvc        (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
15:29:04.0140 3444        helpsvc ( UnsignedFile.Multi.Generic ) - warning
15:29:04.0140 3444        helpsvc - detected UnsignedFile.Multi.Generic (1)
15:29:04.0171 3444        HidServ        (b35da85e60c0103f2e4104532da2f12b) C:\WINDOWS\System32\hidserv.dll
15:29:04.0218 3444        HidServ ( UnsignedFile.Multi.Generic ) - warning
15:29:04.0218 3444        HidServ - detected UnsignedFile.Multi.Generic (1)
15:29:04.0234 3444        hidusb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
15:29:04.0265 3444        hidusb ( UnsignedFile.Multi.Generic ) - warning
15:29:04.0265 3444        hidusb - detected UnsignedFile.Multi.Generic (1)
15:29:04.0296 3444        hkmsvc          (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll
15:29:04.0359 3444        hkmsvc ( UnsignedFile.Multi.Generic ) - warning
15:29:04.0359 3444        hkmsvc - detected UnsignedFile.Multi.Generic (1)
15:29:04.0375 3444        HP24X          (04ebefe45b300a4edee5a38dc2791291) C:\WINDOWS\system32\DRIVERS\HP24X.sys
15:29:04.0421 3444        HP24X ( UnsignedFile.Multi.Generic ) - warning
15:29:04.0421 3444        HP24X - detected UnsignedFile.Multi.Generic (1)
15:29:04.0453 3444        hpdskflt        (4f586a990238ab147099bc76c07c566e) C:\WINDOWS\system32\DRIVERS\hpdskflt.sys
15:29:04.0515 3444        hpdskflt ( UnsignedFile.Multi.Generic ) - warning
15:29:04.0515 3444        hpdskflt - detected UnsignedFile.Multi.Generic (1)
15:29:04.0515 3444        hpn - ok
15:29:04.0562 3444        HpqKbFiltr      (35956140e686d53bf676cf0c778880fc) C:\WINDOWS\system32\DRIVERS\HpqKbFiltr.sys
15:29:04.0593 3444        HpqKbFiltr ( UnsignedFile.Multi.Generic ) - warning
15:29:04.0593 3444        HpqKbFiltr - detected UnsignedFile.Multi.Generic (1)
15:29:04.0671 3444        hpqwmiex        (d50fdad1e57aa60f1973cfc77d905f0e) C:\Programme\Hewlett-Packard\Shared\hpqWmiEx.exe
15:29:04.0687 3444        hpqwmiex - ok
15:29:04.0750 3444        HSFHWAZL        (3c01c18b866488fb6cc4e7d5472986a0) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
15:29:04.0796 3444        HSFHWAZL ( UnsignedFile.Multi.Generic ) - warning
15:29:04.0796 3444        HSFHWAZL - detected UnsignedFile.Multi.Generic (1)
15:29:04.0859 3444        HSF_DPV        (0d7d34441e37e4a41b61cff0cbca1e3d) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
15:29:04.0937 3444        HSF_DPV ( UnsignedFile.Multi.Generic ) - warning
15:29:04.0937 3444        HSF_DPV - detected UnsignedFile.Multi.Generic (1)
15:29:05.0000 3444        HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
15:29:05.0031 3444        HTTP ( UnsignedFile.Multi.Generic ) - warning
15:29:05.0031 3444        HTTP - detected UnsignedFile.Multi.Generic (1)
15:29:05.0062 3444        HTTPFilter      (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll
15:29:05.0093 3444        HTTPFilter ( UnsignedFile.Multi.Generic ) - warning
15:29:05.0093 3444        HTTPFilter - detected UnsignedFile.Multi.Generic (1)
15:29:05.0109 3444        i2omgmt - ok
15:29:05.0109 3444        i2omp - ok
15:29:05.0140 3444        i8042prt        (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
15:29:05.0265 3444        i8042prt ( UnsignedFile.Multi.Generic ) - warning
15:29:05.0265 3444        i8042prt - detected UnsignedFile.Multi.Generic (1)
15:29:05.0781 3444        ialm            (42caa789a21014aa809a8ff59b3ccfd9) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
15:29:06.0296 3444        ialm ( UnsignedFile.Multi.Generic ) - warning
15:29:06.0296 3444        ialm - detected UnsignedFile.Multi.Generic (1)
15:29:06.0500 3444        iaStor          (e5a0034847537eaee3c00349d5c34c5f) C:\WINDOWS\system32\DRIVERS\iaStor.sys
15:29:06.0515 3444        iaStor - ok
15:29:06.0609 3444        IDriverT        (6f95324909b502e2651442c1548ab12f) C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe
15:29:06.0687 3444        IDriverT ( UnsignedFile.Multi.Generic ) - warning
15:29:06.0687 3444        IDriverT - detected UnsignedFile.Multi.Generic (1)
15:29:06.0875 3444        idsvc          (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:29:06.0953 3444        idsvc - ok
15:29:07.0000 3444        IFXTPM          (2cdf483f8fc2bf3f7b93e3bdd734cfbd) C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS
15:29:07.0109 3444        IFXTPM ( UnsignedFile.Multi.Generic ) - warning
15:29:07.0109 3444        IFXTPM - detected UnsignedFile.Multi.Generic (1)
15:29:07.0250 3444        igfx            (1b954f2bcb244596da704dc8c7729930) C:\WINDOWS\system32\DRIVERS\igdkmd32.sys
15:29:07.0468 3444        igfx ( UnsignedFile.Multi.Generic ) - warning
15:29:07.0468 3444        igfx - detected UnsignedFile.Multi.Generic (1)
15:29:07.0640 3444        Imapi          (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
15:29:07.0796 3444        Imapi ( UnsignedFile.Multi.Generic ) - warning
15:29:07.0796 3444        Imapi - detected UnsignedFile.Multi.Generic (1)
15:29:07.0828 3444        ImapiService    (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\system32\imapi.exe
15:29:08.0031 3444        ImapiService ( UnsignedFile.Multi.Generic ) - warning
15:29:08.0031 3444        ImapiService - detected UnsignedFile.Multi.Generic (1)
15:29:08.0031 3444        ini910u - ok
15:29:08.0046 3444        IntelIde - ok
15:29:08.0078 3444        intelppm        (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys
15:29:08.0125 3444        intelppm ( UnsignedFile.Multi.Generic ) - warning
15:29:08.0125 3444        intelppm - detected UnsignedFile.Multi.Generic (1)
15:29:08.0140 3444        Ip6Fw          (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
15:29:08.0203 3444        Ip6Fw ( UnsignedFile.Multi.Generic ) - warning
15:29:08.0203 3444        Ip6Fw - detected UnsignedFile.Multi.Generic (1)
15:29:08.0218 3444        IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:29:08.0281 3444        IpFilterDriver ( UnsignedFile.Multi.Generic ) - warning
15:29:08.0281 3444        IpFilterDriver - detected UnsignedFile.Multi.Generic (1)
15:29:08.0281 3444        IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
15:29:08.0328 3444        IpInIp ( UnsignedFile.Multi.Generic ) - warning
15:29:08.0328 3444        IpInIp - detected UnsignedFile.Multi.Generic (1)
15:29:08.0343 3444        IpNat          (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
15:29:08.0390 3444        IpNat ( UnsignedFile.Multi.Generic ) - warning
15:29:08.0390 3444        IpNat - detected UnsignedFile.Multi.Generic (1)
15:29:08.0515 3444        iPod Service    (9033d67b7112d23eded6789bacded128) C:\Programme\iPod\bin\iPodService.exe
15:29:08.0562 3444        iPod Service - ok
15:29:08.0593 3444        IPSec          (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
15:29:08.0671 3444        IPSec ( UnsignedFile.Multi.Generic ) - warning
15:29:08.0671 3444        IPSec - detected UnsignedFile.Multi.Generic (1)
15:29:08.0718 3444        irda            (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
15:29:08.0765 3444        irda ( UnsignedFile.Multi.Generic ) - warning
15:29:08.0765 3444        irda - detected UnsignedFile.Multi.Generic (1)
15:29:08.0812 3444        IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
15:29:08.0843 3444        IRENUM ( UnsignedFile.Multi.Generic ) - warning
15:29:08.0843 3444        IRENUM - detected UnsignedFile.Multi.Generic (1)
15:29:08.0859 3444        Irmon          (2efe1db1ec58a26b0c14bfda122e246f) C:\WINDOWS\System32\irmon.dll
15:29:08.0906 3444        Irmon ( UnsignedFile.Multi.Generic ) - warning
15:29:08.0906 3444        Irmon - detected UnsignedFile.Multi.Generic (1)
15:29:08.0953 3444        isapnp          (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
15:29:09.0078 3444        isapnp ( UnsignedFile.Multi.Generic ) - warning
15:29:09.0078 3444        isapnp - detected UnsignedFile.Multi.Generic (1)
15:29:09.0140 3444        IviRegMgr      (213822072085b5bbad9af30ab577d817) C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe
15:29:09.0156 3444        IviRegMgr - ok
15:29:09.0312 3444        JavaQuickStarterService (de5d05fd449798ef88cc34ad4b1e7f85) C:\Programme\Java\jre6\bin\jqs.exe
15:29:09.0343 3444        JavaQuickStarterService - ok
15:29:09.0375 3444        Kbdclass        (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
15:29:09.0484 3444        Kbdclass ( UnsignedFile.Multi.Generic ) - warning
15:29:09.0484 3444        Kbdclass - detected UnsignedFile.Multi.Generic (1)
15:29:09.0500 3444        kbdhid          (b6d6c117d771c98130497265f26d1882) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
15:29:09.0593 3444        kbdhid ( UnsignedFile.Multi.Generic ) - warning
15:29:09.0593 3444        kbdhid - detected UnsignedFile.Multi.Generic (1)
15:29:09.0640 3444        kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
15:29:09.0671 3444        kmixer ( UnsignedFile.Multi.Generic ) - warning
15:29:09.0671 3444        kmixer - detected UnsignedFile.Multi.Generic (1)
15:29:09.0734 3444        KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
15:29:09.0765 3444        KSecDD ( UnsignedFile.Multi.Generic ) - warning
15:29:09.0765 3444        KSecDD - detected UnsignedFile.Multi.Generic (1)
15:29:09.0812 3444        LanmanServer    (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll
15:29:09.0843 3444        LanmanServer ( UnsignedFile.Multi.Generic ) - warning
15:29:09.0843 3444        LanmanServer - detected UnsignedFile.Multi.Generic (1)
15:29:09.0890 3444        lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll
15:29:09.0921 3444        lanmanworkstation ( UnsignedFile.Multi.Generic ) - warning
15:29:09.0921 3444        lanmanworkstation - detected UnsignedFile.Multi.Generic (1)
15:29:09.0937 3444        lbrtfdc - ok
15:29:09.0968 3444        LmHosts        (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll
15:29:10.0031 3444        LmHosts ( UnsignedFile.Multi.Generic ) - warning
15:29:10.0031 3444        LmHosts - detected UnsignedFile.Multi.Generic (1)
15:29:10.0078 3444        MBAMProtector  (fb097bbc1a18f044bd17bd2fccf97865) C:\WINDOWS\system32\drivers\mbam.sys
15:29:10.0093 3444        MBAMProtector - ok
15:29:10.0218 3444        MBAMService    (ba400ed640bca1eae5c727ae17c10207) C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
15:29:10.0265 3444        MBAMService - ok
15:29:10.0312 3444        mdmxsdk        (0cea2d0d3fa284b85ed5b68365114f76) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
15:29:10.0484 3444        mdmxsdk ( UnsignedFile.Multi.Generic ) - warning
15:29:10.0484 3444        mdmxsdk - detected UnsignedFile.Multi.Generic (1)
15:29:10.0515 3444        Messenger      (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll
15:29:10.0640 3444        Messenger ( UnsignedFile.Multi.Generic ) - warning
15:29:10.0640 3444        Messenger - detected UnsignedFile.Multi.Generic (1)
15:29:10.0671 3444        mnmdd          (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
15:29:10.0718 3444        mnmdd ( UnsignedFile.Multi.Generic ) - warning
15:29:10.0718 3444        mnmdd - detected UnsignedFile.Multi.Generic (1)
15:29:10.0750 3444        mnmsrvc        (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\system32\mnmsrvc.exe
15:29:10.0812 3444        mnmsrvc ( UnsignedFile.Multi.Generic ) - warning
15:29:10.0812 3444        mnmsrvc - detected UnsignedFile.Multi.Generic (1)
15:29:10.0828 3444        Modem          (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
15:29:10.0890 3444        Modem ( UnsignedFile.Multi.Generic ) - warning
15:29:10.0890 3444        Modem - detected UnsignedFile.Multi.Generic (1)
15:29:10.0906 3444        Mouclass        (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
15:29:10.0968 3444        Mouclass ( UnsignedFile.Multi.Generic ) - warning
15:29:10.0968 3444        Mouclass - detected UnsignedFile.Multi.Generic (1)
15:29:11.0000 3444        mouhid          (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
15:29:11.0062 3444        mouhid ( UnsignedFile.Multi.Generic ) - warning
15:29:11.0062 3444        mouhid - detected UnsignedFile.Multi.Generic (1)
15:29:11.0078 3444        MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
15:29:11.0140 3444        MountMgr ( UnsignedFile.Multi.Generic ) - warning
15:29:11.0140 3444        MountMgr - detected UnsignedFile.Multi.Generic (1)
15:29:11.0187 3444        MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
15:29:11.0203 3444        MozillaMaintenance - ok
15:29:11.0250 3444        MpFilter        (d993bea500e7382dc4e760bf4f35efcb) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
15:29:11.0265 3444        MpFilter - ok
15:29:11.0406 3444        MpKsl9563daa1  (a69630d039c38018689190234f866d77) c:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\{D90B0717-816E-490D-8269-BBD0DBB21BB2}\MpKsl9563daa1.sys
15:29:11.0421 3444        MpKsl9563daa1 - ok
15:29:11.0421 3444        mraid35x - ok
15:29:11.0453 3444        MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
15:29:11.0515 3444        MRxDAV ( UnsignedFile.Multi.Generic ) - warning
15:29:11.0515 3444        MRxDAV - detected UnsignedFile.Multi.Generic (1)
15:29:11.0562 3444        MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:29:11.0625 3444        MRxSmb ( UnsignedFile.Multi.Generic ) - warning
15:29:11.0625 3444        MRxSmb - detected UnsignedFile.Multi.Generic (1)
15:29:11.0687 3444        MSDTC          (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\system32\msdtc.exe
15:29:11.0812 3444        MSDTC ( UnsignedFile.Multi.Generic ) - warning
15:29:11.0812 3444        MSDTC - detected UnsignedFile.Multi.Generic (1)
15:29:11.0828 3444        Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
15:29:12.0015 3444        Msfs ( UnsignedFile.Multi.Generic ) - warning
15:29:12.0015 3444        Msfs - detected UnsignedFile.Multi.Generic (1)
15:29:12.0015 3444        MSIServer - ok
15:29:12.0046 3444        MSKSSRV        (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:29:12.0109 3444        MSKSSRV ( UnsignedFile.Multi.Generic ) - warning
15:29:12.0109 3444        MSKSSRV - detected UnsignedFile.Multi.Generic (1)
15:29:12.0171 3444        MsMpSvc        (24516bf4e12a46cb67302e2cdcb8cddf) c:\Programme\Microsoft Security Client\MsMpEng.exe
15:29:12.0171 3444        MsMpSvc - ok
15:29:12.0203 3444        MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:29:12.0265 3444        MSPCLOCK ( UnsignedFile.Multi.Generic ) - warning
15:29:12.0265 3444        MSPCLOCK - detected UnsignedFile.Multi.Generic (1)
15:29:12.0281 3444        MSPQM          (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
15:29:12.0328 3444        MSPQM ( UnsignedFile.Multi.Generic ) - warning
15:29:12.0328 3444        MSPQM - detected UnsignedFile.Multi.Generic (1)
15:29:12.0359 3444        mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
15:29:12.0421 3444        mssmbios ( UnsignedFile.Multi.Generic ) - warning
15:29:12.0421 3444        mssmbios - detected UnsignedFile.Multi.Generic (1)
15:29:12.0468 3444        Mup            (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
15:29:12.0515 3444        Mup ( UnsignedFile.Multi.Generic ) - warning
15:29:12.0515 3444        Mup - detected UnsignedFile.Multi.Generic (1)
15:29:12.0562 3444        napagent        (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll
15:29:12.0703 3444        napagent ( UnsignedFile.Multi.Generic ) - warning
15:29:12.0703 3444        napagent - detected UnsignedFile.Multi.Generic (1)
15:29:12.0750 3444        NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
15:29:12.0843 3444        NDIS ( UnsignedFile.Multi.Generic ) - warning
15:29:12.0843 3444        NDIS - detected UnsignedFile.Multi.Generic (1)
15:29:12.0890 3444        NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:29:12.0937 3444        NdisTapi ( UnsignedFile.Multi.Generic ) - warning
15:29:12.0937 3444        NdisTapi - detected UnsignedFile.Multi.Generic (1)
15:29:12.0953 3444        Ndisuio        (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:29:13.0031 3444        Ndisuio ( UnsignedFile.Multi.Generic ) - warning
15:29:13.0031 3444        Ndisuio - detected UnsignedFile.Multi.Generic (1)
15:29:13.0031 3444        NdisWan        (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:29:13.0156 3444        NdisWan ( UnsignedFile.Multi.Generic ) - warning
15:29:13.0156 3444        NdisWan - detected UnsignedFile.Multi.Generic (1)
15:29:13.0203 3444        NDProxy        (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
15:29:13.0250 3444        NDProxy ( UnsignedFile.Multi.Generic ) - warning
15:29:13.0250 3444        NDProxy - detected UnsignedFile.Multi.Generic (1)
15:29:13.0296 3444        NetBIOS        (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
15:29:13.0375 3444        NetBIOS ( UnsignedFile.Multi.Generic ) - warning
15:29:13.0375 3444        NetBIOS - detected UnsignedFile.Multi.Generic (1)
15:29:13.0390 3444        NetBT          (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
15:29:13.0484 3444        NetBT ( UnsignedFile.Multi.Generic ) - warning
15:29:13.0484 3444        NetBT - detected UnsignedFile.Multi.Generic (1)
15:29:13.0515 3444        NetDDE          (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
15:29:13.0640 3444        NetDDE ( UnsignedFile.Multi.Generic ) - warning
15:29:13.0640 3444        NetDDE - detected UnsignedFile.Multi.Generic (1)
15:29:13.0656 3444        NetDDEdsdm      (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
15:29:13.0703 3444        NetDDEdsdm ( UnsignedFile.Multi.Generic ) - warning
15:29:13.0703 3444        NetDDEdsdm - detected UnsignedFile.Multi.Generic (1)
15:29:13.0734 3444        Netlogon        (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
15:29:13.0796 3444        Netlogon ( UnsignedFile.Multi.Generic ) - warning
15:29:13.0796 3444        Netlogon - detected UnsignedFile.Multi.Generic (1)
15:29:13.0828 3444        Netman          (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll
15:29:13.0890 3444        Netman ( UnsignedFile.Multi.Generic ) - warning
15:29:13.0890 3444        Netman - detected UnsignedFile.Multi.Generic (1)
15:29:14.0000 3444        NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:29:14.0015 3444        NetTcpPortSharing - ok
15:29:14.0187 3444        NETw4x32        (d57258165aba8162de8e29d71487fc4b) C:\WINDOWS\system32\DRIVERS\NETw4x32.sys
15:29:14.0437 3444        NETw4x32 ( UnsignedFile.Multi.Generic ) - warning
15:29:14.0437 3444        NETw4x32 - detected UnsignedFile.Multi.Generic (1)
15:29:14.0625 3444        NIC1394        (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
15:29:14.0812 3444        NIC1394 ( UnsignedFile.Multi.Generic ) - warning
15:29:14.0812 3444        NIC1394 - detected UnsignedFile.Multi.Generic (1)
15:29:14.0843 3444        Nla            (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll
15:29:14.0906 3444        Nla ( UnsignedFile.Multi.Generic ) - warning
15:29:14.0906 3444        Nla - detected UnsignedFile.Multi.Generic (1)
15:29:15.0000 3444        NMSAccessU      (fd306fbcce7adb1077b709742e7148e9) C:\Programme\CDBurnerXP\NMSAccessU.exe
15:29:15.0046 3444        NMSAccessU - ok
15:29:15.0062 3444        Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
15:29:15.0125 3444        Npfs ( UnsignedFile.Multi.Generic ) - warning
15:29:15.0125 3444        Npfs - detected UnsignedFile.Multi.Generic (1)
15:29:15.0156 3444        Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
15:29:15.0250 3444        Ntfs ( UnsignedFile.Multi.Generic ) - warning
15:29:15.0250 3444        Ntfs - detected UnsignedFile.Multi.Generic (1)
15:29:15.0281 3444        NtLmSsp        (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
15:29:15.0328 3444        NtLmSsp ( UnsignedFile.Multi.Generic ) - warning
15:29:15.0328 3444        NtLmSsp - detected UnsignedFile.Multi.Generic (1)
15:29:15.0375 3444        NtmsSvc        (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll
15:29:15.0500 3444        NtmsSvc ( UnsignedFile.Multi.Generic ) - warning
15:29:15.0500 3444        NtmsSvc - detected UnsignedFile.Multi.Generic (1)
15:29:15.0546 3444        Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
15:29:15.0609 3444        Null ( UnsignedFile.Multi.Generic ) - warning
15:29:15.0609 3444        Null - detected UnsignedFile.Multi.Generic (1)
15:29:15.0640 3444        NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
15:29:15.0703 3444        NwlnkFlt ( UnsignedFile.Multi.Generic ) - warning
15:29:15.0703 3444        NwlnkFlt - detected UnsignedFile.Multi.Generic (1)
15:29:15.0703 3444        NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
15:29:15.0796 3444        NwlnkFwd ( UnsignedFile.Multi.Generic ) - warning
15:29:15.0796 3444        NwlnkFwd - detected UnsignedFile.Multi.Generic (1)
15:29:15.0953 3444        odserv          (785f487a64950f3cb8e9f16253ba3b7b) C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE
15:29:15.0984 3444        odserv - ok
15:29:16.0015 3444        ohci1394        (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
15:29:16.0109 3444        ohci1394 ( UnsignedFile.Multi.Generic ) - warning
15:29:16.0109 3444        ohci1394 - detected UnsignedFile.Multi.Generic (1)
15:29:16.0156 3444        ose            (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
15:29:16.0171 3444        ose - ok
15:29:16.0500 3444        osppsvc        (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:29:17.0078 3444        osppsvc - ok
15:29:17.0281 3444        Parport        (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
15:29:17.0375 3444        Parport ( UnsignedFile.Multi.Generic ) - warning
15:29:17.0375 3444        Parport - detected UnsignedFile.Multi.Generic (1)
15:29:17.0390 3444        PartMgr        (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
15:29:17.0453 3444        PartMgr ( UnsignedFile.Multi.Generic ) - warning
15:29:17.0453 3444        PartMgr - detected UnsignedFile.Multi.Generic (1)
15:29:17.0484 3444        ParVdm          (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
15:29:17.0531 3444        ParVdm ( UnsignedFile.Multi.Generic ) - warning
15:29:17.0531 3444        ParVdm - detected UnsignedFile.Multi.Generic (1)
15:29:17.0578 3444        PCI            (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
15:29:17.0656 3444        PCI ( UnsignedFile.Multi.Generic ) - warning
15:29:17.0656 3444        PCI - detected UnsignedFile.Multi.Generic (1)
15:29:17.0656 3444        PCIDump - ok
15:29:17.0656 3444        PCIIde          (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
15:29:17.0703 3444        PCIIde ( UnsignedFile.Multi.Generic ) - warning
15:29:17.0703 3444        PCIIde - detected UnsignedFile.Multi.Generic (1)
15:29:17.0718 3444        Pcmcia          (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
15:29:17.0781 3444        Pcmcia ( UnsignedFile.Multi.Generic ) - warning
15:29:17.0781 3444        Pcmcia - detected UnsignedFile.Multi.Generic (1)
15:29:17.0781 3444        PDCOMP - ok
15:29:17.0781 3444        PDFRAME - ok
15:29:17.0796 3444        PDRELI - ok
15:29:17.0796 3444        PDRFRAME - ok
15:29:17.0796 3444        perc2 - ok
15:29:17.0796 3444        perc2hib - ok
15:29:17.0828 3444        PlugPlay        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
15:29:17.0875 3444        PlugPlay ( UnsignedFile.Multi.Generic ) - warning
15:29:17.0875 3444        PlugPlay - detected UnsignedFile.Multi.Generic (1)
15:29:17.0921 3444        PolicyAgent    (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
15:29:17.0953 3444        PolicyAgent ( UnsignedFile.Multi.Generic ) - warning
15:29:17.0953 3444        PolicyAgent - detected UnsignedFile.Multi.Generic (1)
15:29:18.0000 3444        PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
15:29:18.0078 3444        PptpMiniport ( UnsignedFile.Multi.Generic ) - warning
15:29:18.0078 3444        PptpMiniport - detected UnsignedFile.Multi.Generic (1)
15:29:18.0078 3444        ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
15:29:18.0125 3444        ProtectedStorage ( UnsignedFile.Multi.Generic ) - warning
15:29:18.0125 3444        ProtectedStorage - detected UnsignedFile.Multi.Generic (1)
15:29:18.0140 3444        PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
15:29:18.0218 3444        PSched ( UnsignedFile.Multi.Generic ) - warning
15:29:18.0218 3444        PSched - detected UnsignedFile.Multi.Generic (1)
15:29:18.0218 3444        Ptilink        (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
15:29:18.0281 3444        Ptilink ( UnsignedFile.Multi.Generic ) - warning
15:29:18.0281 3444        Ptilink - detected UnsignedFile.Multi.Generic (1)
15:29:18.0312 3444        PxHelp20        (49452bfcec22f36a7a9b9c2181bc3042) C:\WINDOWS\system32\Drivers\PxHelp20.sys
15:29:18.0312 3444        PxHelp20 - ok
15:29:18.0312 3444        ql1080 - ok
15:29:18.0328 3444        Ql10wnt - ok
15:29:18.0328 3444        ql12160 - ok
15:29:18.0328 3444        ql1240 - ok
15:29:18.0328 3444        ql1280 - ok
15:29:18.0343 3444        RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:29:18.0390 3444        RasAcd ( UnsignedFile.Multi.Generic ) - warning
15:29:18.0390 3444        RasAcd - detected UnsignedFile.Multi.Generic (1)
15:29:18.0406 3444        RasAuto        (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll
15:29:18.0484 3444        RasAuto ( UnsignedFile.Multi.Generic ) - warning
15:29:18.0484 3444        RasAuto - detected UnsignedFile.Multi.Generic (1)
15:29:18.0515 3444        Rasirda        (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
15:29:18.0578 3444        Rasirda ( UnsignedFile.Multi.Generic ) - warning
15:29:18.0578 3444        Rasirda - detected UnsignedFile.Multi.Generic (1)
15:29:18.0578 3444        Rasl2tp        (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
15:29:18.0656 3444        Rasl2tp ( UnsignedFile.Multi.Generic ) - warning
15:29:18.0656 3444        Rasl2tp - detected UnsignedFile.Multi.Generic (1)
15:29:18.0687 3444        RasMan          (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll
15:29:18.0750 3444        RasMan ( UnsignedFile.Multi.Generic ) - warning
15:29:18.0750 3444        RasMan - detected UnsignedFile.Multi.Generic (1)
15:29:18.0765 3444        RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:29:18.0843 3444        RasPppoe ( UnsignedFile.Multi.Generic ) - warning
15:29:18.0843 3444        RasPppoe - detected UnsignedFile.Multi.Generic (1)
15:29:18.0859 3444        Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
15:29:18.0921 3444        Raspti ( UnsignedFile.Multi.Generic ) - warning
15:29:18.0921 3444        Raspti - detected UnsignedFile.Multi.Generic (1)
15:29:18.0953 3444        Rdbss          (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:29:19.0000 3444        Rdbss ( UnsignedFile.Multi.Generic ) - warning
15:29:19.0000 3444        Rdbss - detected UnsignedFile.Multi.Generic (1)
15:29:19.0015 3444        RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
15:29:19.0062 3444        RDPCDD ( UnsignedFile.Multi.Generic ) - warning
15:29:19.0062 3444        RDPCDD - detected UnsignedFile.Multi.Generic (1)
15:29:19.0093 3444        rdpdr          (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
15:29:19.0140 3444        rdpdr ( UnsignedFile.Multi.Generic ) - warning
15:29:19.0140 3444        rdpdr - detected UnsignedFile.Multi.Generic (1)
15:29:19.0203 3444        RDPWD          (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
15:29:19.0250 3444        RDPWD ( UnsignedFile.Multi.Generic ) - warning
15:29:19.0250 3444        RDPWD - detected UnsignedFile.Multi.Generic (1)
15:29:19.0265 3444        RDSessMgr      (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe
15:29:19.0375 3444        RDSessMgr ( UnsignedFile.Multi.Generic ) - warning
15:29:19.0375 3444        RDSessMgr - detected UnsignedFile.Multi.Generic (1)
15:29:19.0390 3444        redbook        (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
15:29:19.0468 3444        redbook ( UnsignedFile.Multi.Generic ) - warning
15:29:19.0468 3444        redbook - detected UnsignedFile.Multi.Generic (1)
15:29:19.0593 3444        RegSrvc        (8477d7c3ee18513911547785a06eaf70) C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
15:29:19.0765 3444        RegSrvc ( UnsignedFile.Multi.Generic ) - warning
15:29:19.0765 3444        RegSrvc - detected UnsignedFile.Multi.Generic (1)
15:29:19.0812 3444        RemoteAccess    (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll
15:29:19.0890 3444        RemoteAccess ( UnsignedFile.Multi.Generic ) - warning
15:29:19.0890 3444        RemoteAccess - detected UnsignedFile.Multi.Generic (1)
15:29:19.0937 3444        RemoteRegistry  (e4cd1f3d84e1c2ca0b8cf7501e201593) C:\WINDOWS\system32\regsvc.dll
15:29:20.0000 3444        RemoteRegistry ( UnsignedFile.Multi.Generic ) - warning
15:29:20.0000 3444        RemoteRegistry - detected UnsignedFile.Multi.Generic (1)
15:29:20.0031 3444        rimmptsk        (355aac141b214bef1dbc1483afd9bd50) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
15:29:20.0093 3444        rimmptsk ( UnsignedFile.Multi.Generic ) - warning
15:29:20.0093 3444        rimmptsk - detected UnsignedFile.Multi.Generic (1)
15:29:20.0109 3444        rismc32        (7c21554942bef51cbd84fd7d4e62cb9a) C:\WINDOWS\system32\DRIVERS\rismc32.sys
15:29:20.0171 3444        rismc32 ( UnsignedFile.Multi.Generic ) - warning
15:29:20.0171 3444        rismc32 - detected UnsignedFile.Multi.Generic (1)
15:29:20.0187 3444        RpcLocator      (2a02e21867497df20b8fc95631395169) C:\WINDOWS\system32\locator.exe
15:29:20.0265 3444        RpcLocator ( UnsignedFile.Multi.Generic ) - warning
15:29:20.0265 3444        RpcLocator - detected UnsignedFile.Multi.Generic (1)
15:29:20.0312 3444        RpcSs          (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\System32\rpcss.dll
15:29:20.0359 3444        RpcSs ( UnsignedFile.Multi.Generic ) - warning
15:29:20.0359 3444        RpcSs - detected UnsignedFile.Multi.Generic (1)
15:29:20.0406 3444        RSVP            (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\system32\rsvp.exe
15:29:20.0500 3444        RSVP ( UnsignedFile.Multi.Generic ) - warning
15:29:20.0500 3444        RSVP - detected UnsignedFile.Multi.Generic (1)
15:29:20.0609 3444        S24EventMonitor (e087728d371709c1817ef6487f3e2e73) C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
15:29:21.0984 3444        S24EventMonitor ( UnsignedFile.Multi.Generic ) - warning
15:29:21.0984 3444        S24EventMonitor - detected UnsignedFile.Multi.Generic (1)
15:29:22.0031 3444        s24trans        (15f598ddaafae02102438f09d4d14461) C:\WINDOWS\system32\DRIVERS\s24trans.sys
15:29:22.0046 3444        s24trans ( UnsignedFile.Multi.Generic ) - warning
15:29:22.0046 3444        s24trans - detected UnsignedFile.Multi.Generic (1)
15:29:22.0093 3444        SamSs          (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
15:29:22.0109 3444        SamSs ( UnsignedFile.Multi.Generic ) - warning
15:29:22.0109 3444        SamSs - detected UnsignedFile.Multi.Generic (1)
15:29:22.0156 3444        SCardSvr        (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe
15:29:22.0218 3444        SCardSvr ( UnsignedFile.Multi.Generic ) - warning
15:29:22.0218 3444        SCardSvr - detected UnsignedFile.Multi.Generic (1)
15:29:22.0265 3444        Schedule        (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll
15:29:22.0296 3444        Schedule ( UnsignedFile.Multi.Generic ) - warning
15:29:22.0296 3444        Schedule - detected UnsignedFile.Multi.Generic (1)
15:29:22.0328 3444        sdbus          (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
15:29:22.0343 3444        sdbus ( UnsignedFile.Multi.Generic ) - warning
15:29:22.0343 3444        sdbus - detected UnsignedFile.Multi.Generic (1)
15:29:22.0375 3444        Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
15:29:22.0390 3444        Secdrv ( UnsignedFile.Multi.Generic ) - warning
15:29:22.0390 3444        Secdrv - detected UnsignedFile.Multi.Generic (1)
15:29:22.0421 3444        seclogon        (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll
15:29:22.0453 3444        seclogon ( UnsignedFile.Multi.Generic ) - warning
15:29:22.0453 3444        seclogon - detected UnsignedFile.Multi.Generic (1)
15:29:22.0468 3444        SENS            (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll
15:29:22.0500 3444        SENS ( UnsignedFile.Multi.Generic ) - warning
15:29:22.0500 3444        SENS - detected UnsignedFile.Multi.Generic (1)
15:29:22.0515 3444        Serenum        (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
15:29:22.0562 3444        Serenum ( UnsignedFile.Multi.Generic ) - warning
15:29:22.0562 3444        Serenum - detected UnsignedFile.Multi.Generic (1)
15:29:22.0593 3444        Serial          (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
15:29:22.0734 3444        Serial ( UnsignedFile.Multi.Generic ) - warning
15:29:22.0734 3444        Serial - detected UnsignedFile.Multi.Generic (1)
15:29:22.0750 3444        Sfloppy        (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
15:29:22.0796 3444        Sfloppy ( UnsignedFile.Multi.Generic ) - warning
15:29:22.0796 3444        Sfloppy - detected UnsignedFile.Multi.Generic (1)
15:29:22.0859 3444        SharedAccess    (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll
15:29:22.0937 3444        SharedAccess ( UnsignedFile.Multi.Generic ) - warning
15:29:22.0937 3444        SharedAccess - detected UnsignedFile.Multi.Generic (1)
15:29:22.0984 3444        ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
15:29:23.0015 3444        ShellHWDetection ( UnsignedFile.Multi.Generic ) - warning
15:29:23.0015 3444        ShellHWDetection - detected UnsignedFile.Multi.Generic (1)
15:29:23.0015 3444        Simbad - ok
15:29:23.0062 3444        SMCIRDA        (a8eb0aa07632a4c936ff6f8eda5bdead) C:\WINDOWS\system32\DRIVERS\smcirda.sys
15:29:23.0125 3444        SMCIRDA ( UnsignedFile.Multi.Generic ) - warning
15:29:23.0125 3444        SMCIRDA - detected UnsignedFile.Multi.Generic (1)
15:29:23.0125 3444        Sparrow - ok
15:29:23.0171 3444        splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
15:29:23.0218 3444        splitter ( UnsignedFile.Multi.Generic ) - warning
15:29:23.0218 3444        splitter - detected UnsignedFile.Multi.Generic (1)
15:29:23.0265 3444        Spooler        (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
15:29:23.0296 3444        Spooler ( UnsignedFile.Multi.Generic ) - warning
15:29:23.0296 3444        Spooler - detected UnsignedFile.Multi.Generic (1)
15:29:23.0343 3444        sr              (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
15:29:23.0421 3444        sr ( UnsignedFile.Multi.Generic ) - warning
15:29:23.0421 3444        sr - detected UnsignedFile.Multi.Generic (1)
15:29:23.0453 3444        srservice      (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\system32\srsvc.dll
15:29:23.0531 3444        srservice ( UnsignedFile.Multi.Generic ) - warning
15:29:23.0531 3444        srservice - detected UnsignedFile.Multi.Generic (1)
15:29:23.0578 3444        Srv            (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
15:29:23.0609 3444        Srv ( UnsignedFile.Multi.Generic ) - warning
15:29:23.0609 3444        Srv - detected UnsignedFile.Multi.Generic (1)
15:29:23.0656 3444        SSDPSRV        (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll
15:29:23.0718 3444        SSDPSRV ( UnsignedFile.Multi.Generic ) - warning
15:29:23.0718 3444        SSDPSRV - detected UnsignedFile.Multi.Generic (1)
15:29:23.0765 3444        ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
15:29:23.0781 3444        ssmdrv - ok
15:29:23.0812 3444        StarOpen        (f92254b0bcfcd10caac7bccc7cb7f467) C:\WINDOWS\system32\drivers\StarOpen.sys
15:29:23.0875 3444        StarOpen ( UnsignedFile.Multi.Generic ) - warning
15:29:23.0875 3444        StarOpen - detected UnsignedFile.Multi.Generic (1)
15:29:23.0921 3444        stisvc          (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll
15:29:24.0015 3444        stisvc ( UnsignedFile.Multi.Generic ) - warning
15:29:24.0015 3444        stisvc - detected UnsignedFile.Multi.Generic (1)
15:29:24.0062 3444        swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
15:29:24.0109 3444        swenum ( UnsignedFile.Multi.Generic ) - warning
15:29:24.0109 3444        swenum - detected UnsignedFile.Multi.Generic (1)
15:29:24.0218 3444        SWIHPWMI        (58c341d38cfa462489b735d89df6df12) C:\Programme\HPQ\Shared\Sierra Wireless\Win32\Unicode\SWIHPWMI.exe
15:29:24.0390 3444        SWIHPWMI - ok
15:29:24.0484 3444        swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
15:29:24.0546 3444        swmidi ( UnsignedFile.Multi.Generic ) - warning
15:29:24.0562 3444        swmidi - detected UnsignedFile.Multi.Generic (1)
15:29:24.0562 3444        SwPrv - ok
15:29:24.0562 3444        symc810 - ok
15:29:24.0562 3444        symc8xx - ok
15:29:24.0578 3444        sym_hi - ok
15:29:24.0578 3444        sym_u3 - ok
15:29:24.0640 3444        SynTP          (926e0bb4cac05d9a0c3b59dc16fe2f1c) C:\WINDOWS\system32\DRIVERS\SynTP.sys
15:29:24.0734 3444        SynTP ( UnsignedFile.Multi.Generic ) - warning
15:29:24.0734 3444        SynTP - detected UnsignedFile.Multi.Generic (1)
15:29:24.0765 3444        sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
15:29:24.0843 3444        sysaudio ( UnsignedFile.Multi.Generic ) - warning
15:29:24.0843 3444        sysaudio - detected UnsignedFile.Multi.Generic (1)
15:29:24.0890 3444        SysmonLog      (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe
15:29:25.0000 3444        SysmonLog ( UnsignedFile.Multi.Generic ) - warning
15:29:25.0000 3444        SysmonLog - detected UnsignedFile.Multi.Generic (1)
15:29:25.0046 3444        TapiSrv        (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll
15:29:25.0109 3444        TapiSrv ( UnsignedFile.Multi.Generic ) - warning
15:29:25.0109 3444        TapiSrv - detected UnsignedFile.Multi.Generic (1)
15:29:25.0171 3444        Tcpip          (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:29:25.0234 3444        Tcpip ( UnsignedFile.Multi.Generic ) - warning
15:29:25.0234 3444        Tcpip - detected UnsignedFile.Multi.Generic (1)
15:29:25.0250 3444        TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
15:29:25.0328 3444        TDPIPE ( UnsignedFile.Multi.Generic ) - warning
15:29:25.0328 3444        TDPIPE - detected UnsignedFile.Multi.Generic (1)
15:29:25.0343 3444        TDTCP          (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
15:29:25.0390 3444        TDTCP ( UnsignedFile.Multi.Generic ) - warning
15:29:25.0390 3444        TDTCP - detected UnsignedFile.Multi.Generic (1)
15:29:25.0421 3444        TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
15:29:25.0453 3444        TermDD ( UnsignedFile.Multi.Generic ) - warning
15:29:25.0453 3444        TermDD - detected UnsignedFile.Multi.Generic (1)
15:29:25.0484 3444        TermService    (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll
15:29:25.0578 3444        TermService ( UnsignedFile.Multi.Generic ) - warning
15:29:25.0578 3444        TermService - detected UnsignedFile.Multi.Generic (1)
15:29:25.0625 3444        Themes          (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
15:29:25.0656 3444        Themes ( UnsignedFile.Multi.Generic ) - warning
15:29:25.0656 3444        Themes - detected UnsignedFile.Multi.Generic (1)
15:29:25.0718 3444        TlntSvr        (03681a1ce77f51586903869a5ab1deab) C:\WINDOWS\system32\tlntsvr.exe
15:29:25.0812 3444        TlntSvr ( UnsignedFile.Multi.Generic ) - warning
15:29:25.0812 3444        TlntSvr - detected UnsignedFile.Multi.Generic (1)
15:29:25.0812 3444        TosIde - ok
15:29:25.0828 3444        TrkWks          (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll
15:29:25.0906 3444        TrkWks ( UnsignedFile.Multi.Generic ) - warning
15:29:25.0906 3444        TrkWks - detected UnsignedFile.Multi.Generic (1)
15:29:25.0953 3444        Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
15:29:26.0062 3444        Udfs ( UnsignedFile.Multi.Generic ) - warning
15:29:26.0062 3444        Udfs - detected UnsignedFile.Multi.Generic (1)
15:29:26.0062 3444        ultra - ok
15:29:26.0125 3444        Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
15:29:26.0218 3444        Update ( UnsignedFile.Multi.Generic ) - warning
15:29:26.0218 3444        Update - detected UnsignedFile.Multi.Generic (1)
15:29:26.0250 3444        upnphost        (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll
15:29:26.0328 3444        upnphost ( UnsignedFile.Multi.Generic ) - warning
15:29:26.0328 3444        upnphost - detected UnsignedFile.Multi.Generic (1)
15:29:26.0343 3444        UPS            (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe
15:29:26.0484 3444        UPS ( UnsignedFile.Multi.Generic ) - warning
15:29:26.0484 3444        UPS - detected UnsignedFile.Multi.Generic (1)
15:29:26.0531 3444        USBAAPL        (c1ca131f4e3ed63d6bc89a35ffad4cda) C:\WINDOWS\system32\Drivers\usbaapl.sys
15:29:26.0625 3444        USBAAPL ( UnsignedFile.Multi.Generic ) - warning
15:29:26.0625 3444        USBAAPL - detected UnsignedFile.Multi.Generic (1)
15:29:26.0656 3444        usbccgp        (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
15:29:26.0734 3444        usbccgp ( UnsignedFile.Multi.Generic ) - warning
15:29:26.0734 3444        usbccgp - detected UnsignedFile.Multi.Generic (1)
15:29:26.0796 3444        usbehci        (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
15:29:26.0890 3444        usbehci ( UnsignedFile.Multi.Generic ) - warning
15:29:26.0890 3444        usbehci - detected UnsignedFile.Multi.Generic (1)
15:29:26.0906 3444        usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
15:29:27.0015 3444        usbhub ( UnsignedFile.Multi.Generic ) - warning
15:29:27.0015 3444        usbhub - detected UnsignedFile.Multi.Generic (1)
15:29:27.0046 3444        USBSTOR        (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
15:29:27.0093 3444        USBSTOR ( UnsignedFile.Multi.Generic ) - warning
15:29:27.0093 3444        USBSTOR - detected UnsignedFile.Multi.Generic (1)
15:29:27.0109 3444        usbuhci        (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
15:29:27.0171 3444        usbuhci ( UnsignedFile.Multi.Generic ) - warning
15:29:27.0171 3444        usbuhci - detected UnsignedFile.Multi.Generic (1)
15:29:27.0203 3444        VgaSave        (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
15:29:27.0265 3444        VgaSave ( UnsignedFile.Multi.Generic ) - warning
15:29:27.0265 3444        VgaSave - detected UnsignedFile.Multi.Generic (1)
15:29:27.0265 3444        ViaIde - ok
15:29:27.0281 3444        VolSnap        (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
15:29:27.0375 3444        VolSnap ( UnsignedFile.Multi.Generic ) - warning
15:29:27.0375 3444        VolSnap - detected UnsignedFile.Multi.Generic (1)
15:29:27.0406 3444        VSS            (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe
15:29:27.0515 3444        VSS ( UnsignedFile.Multi.Generic ) - warning
15:29:27.0515 3444        VSS - detected UnsignedFile.Multi.Generic (1)
15:29:27.0546 3444        W32Time        (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\system32\w32time.dll
15:29:27.0625 3444        W32Time ( UnsignedFile.Multi.Generic ) - warning
15:29:27.0625 3444        W32Time - detected UnsignedFile.Multi.Generic (1)
15:29:27.0640 3444        Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:29:27.0734 3444        Wanarp ( UnsignedFile.Multi.Generic ) - warning
15:29:27.0734 3444        Wanarp - detected UnsignedFile.Multi.Generic (1)
15:29:27.0781 3444        Wdf01000        (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
15:29:27.0796 3444        Wdf01000 - ok
15:29:27.0812 3444        WDICA - ok
15:29:27.0843 3444        wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
15:29:27.0906 3444        wdmaud ( UnsignedFile.Multi.Generic ) - warning
15:29:27.0906 3444        wdmaud - detected UnsignedFile.Multi.Generic (1)
15:29:27.0953 3444        WebClient      (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll
15:29:28.0000 3444        WebClient ( UnsignedFile.Multi.Generic ) - warning
15:29:28.0000 3444        WebClient - detected UnsignedFile.Multi.Generic (1)
15:29:28.0078 3444        winachsf        (bb62e6fadcfe4096151103ac4b07f1ed) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
15:29:28.0156 3444        winachsf ( UnsignedFile.Multi.Generic ) - warning
15:29:28.0156 3444        winachsf - detected UnsignedFile.Multi.Generic (1)
15:29:28.0234 3444        winmgmt        (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll
15:29:28.0312 3444        winmgmt ( UnsignedFile.Multi.Generic ) - warning
15:29:28.0312 3444        winmgmt - detected UnsignedFile.Multi.Generic (1)
15:29:28.0484 3444        wlidsvc        (d9250b31b353ee3322c1cad411997e38) C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:29:28.0531 3444        wlidsvc - ok
15:29:28.0718 3444        wltrysvc - ok
15:29:28.0750 3444        WmdmPmSN        (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
15:29:28.0843 3444        WmdmPmSN ( UnsignedFile.Multi.Generic ) - warning
15:29:28.0843 3444        WmdmPmSN - detected UnsignedFile.Multi.Generic (1)
15:29:28.0937 3444        Wmi            (ffa4d901d46d07a5bab2d8307fbb51a6) C:\WINDOWS\System32\advapi32.dll
15:29:29.0046 3444        Wmi ( UnsignedFile.Multi.Generic ) - warning
15:29:29.0046 3444        Wmi - detected UnsignedFile.Multi.Generic (1)
15:29:29.0093 3444        WmiAcpi        (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
15:29:29.0187 3444        WmiAcpi ( UnsignedFile.Multi.Generic ) - warning
15:29:29.0187 3444        WmiAcpi - detected UnsignedFile.Multi.Generic (1)
15:29:29.0250 3444        WmiApSrv        (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\system32\wbem\wmiapsrv.exe
15:29:29.0406 3444        WmiApSrv ( UnsignedFile.Multi.Generic ) - warning
15:29:29.0406 3444        WmiApSrv - detected UnsignedFile.Multi.Generic (1)
15:29:29.0609 3444        WMPNetworkSvc  (bf05650bb7df5e9ebdd25974e22403bb) C:\Programme\Windows Media Player\WMPNetwk.exe
15:29:29.0921 3444        WMPNetworkSvc ( UnsignedFile.Multi.Generic ) - warning
15:29:29.0921 3444        WMPNetworkSvc - detected UnsignedFile.Multi.Generic (1)
15:29:29.0937 3444        WS2IFSL        (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
15:29:30.0031 3444        WS2IFSL ( UnsignedFile.Multi.Generic ) - warning
15:29:30.0031 3444        WS2IFSL - detected UnsignedFile.Multi.Generic (1)
15:29:30.0078 3444        wscsvc          (300b3e84faf1a5c1f791c159ba28035d) C:\WINDOWS\system32\wscsvc.dll
15:29:30.0203 3444        wscsvc ( UnsignedFile.Multi.Generic ) - warning
15:29:30.0203 3444        wscsvc - detected UnsignedFile.Multi.Generic (1)
15:29:30.0203 3444        WSearch - ok
15:29:30.0250 3444        wuauserv        (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll
15:29:30.0296 3444        wuauserv ( UnsignedFile.Multi.Generic ) - warning
15:29:30.0296 3444        wuauserv - detected UnsignedFile.Multi.Generic (1)
15:29:30.0328 3444        WudfPf          (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
15:29:30.0406 3444        WudfPf ( UnsignedFile.Multi.Generic ) - warning
15:29:30.0406 3444        WudfPf - detected UnsignedFile.Multi.Generic (1)
15:29:30.0421 3444        WudfRd          (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
15:29:30.0500 3444        WudfRd ( UnsignedFile.Multi.Generic ) - warning
15:29:30.0500 3444        WudfRd - detected UnsignedFile.Multi.Generic (1)
15:29:30.0515 3444        WudfSvc        (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
15:29:30.0593 3444        WudfSvc ( UnsignedFile.Multi.Generic ) - warning
15:29:30.0593 3444        WudfSvc - detected UnsignedFile.Multi.Generic (1)
15:29:30.0656 3444        WZCSVC          (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll
15:29:30.0703 3444        WZCSVC ( UnsignedFile.Multi.Generic ) - warning
15:29:30.0703 3444        WZCSVC - detected UnsignedFile.Multi.Generic (1)
15:29:30.0750 3444        xmlprov        (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll
15:29:30.0796 3444        xmlprov ( UnsignedFile.Multi.Generic ) - warning
15:29:30.0796 3444        xmlprov - detected UnsignedFile.Multi.Generic (1)
15:29:30.0828 3444        MBR (0x1B8)    (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
15:29:31.0296 3444        \Device\Harddisk0\DR0 - ok
15:29:31.0296 3444        Boot (0x1200)  (a17e03968a3336549421dae9bcf4d297) \Device\Harddisk0\DR0\Partition0
15:29:31.0296 3444        \Device\Harddisk0\DR0\Partition0 - ok
15:29:31.0296 3444        ============================================================
15:29:31.0296 3444        Scan finished
15:29:31.0296 3444        ============================================================
15:29:31.0406 3456        Detected object count: 234
15:29:31.0406 3456        Actual detected object count: 234
15:29:45.0234 3456        Accelerometer ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0234 3456        Accelerometer ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0234 3456        ACPI ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0234 3456        ACPI ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0234 3456        ACPIEC ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0234 3456        ACPIEC ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0234 3456        ADIHdAudAddService ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0234 3456        ADIHdAudAddService ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0234 3456        AEAudio ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0234 3456        AEAudio ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0234 3456        aec ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0234 3456        aec ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0234 3456        AegisP ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0234 3456        AegisP ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0234 3456        AFD ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0234 3456        AFD ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0250 3456        Alerter ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0250 3456        Alerter ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0250 3456        ALG ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0250 3456        ALG ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0250 3456        AppMgmt ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0250 3456        AppMgmt ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0250 3456        Arp1394 ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0250 3456        Arp1394 ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0250 3456        AsyncMac ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0250 3456        AsyncMac ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0250 3456        atapi ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0250 3456        atapi ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0250 3456        Atmarpc ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0250 3456        Atmarpc ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0250 3456        AudioSrv ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0250 3456        AudioSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0265 3456        audstub ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0265 3456        audstub ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0265 3456        Beep ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0265 3456        Beep ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0265 3456        BITS ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0265 3456        BITS ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0265 3456        Browser ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0265 3456        Browser ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0265 3456        cbidf2k ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0265 3456        cbidf2k ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0265 3456        Cdaudio ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0265 3456        Cdaudio ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0265 3456        Cdfs ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0265 3456        Cdfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0265 3456        Cdrom ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0265 3456        Cdrom ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0281 3456        CiSvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0281 3456        CiSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0281 3456        ClipSrv ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0281 3456        ClipSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0281 3456        CmBatt ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0281 3456        CmBatt ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0281 3456        Compbatt ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0281 3456        Compbatt ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0281 3456        CryptSvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0281 3456        CryptSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0281 3456        DcomLaunch ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0281 3456        DcomLaunch ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0281 3456        Dhcp ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0281 3456        Dhcp ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0281 3456        Disk ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0281 3456        Disk ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0296 3456        dmboot ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0296 3456        dmboot ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0296 3456        dmio ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0296 3456        dmio ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0296 3456        dmload ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0296 3456        dmload ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0296 3456        dmserver ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0296 3456        dmserver ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0296 3456        DMusic ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0296 3456        DMusic ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0296 3456        Dnscache ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0296 3456        Dnscache ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0296 3456        Dot3svc ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0296 3456        Dot3svc ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0296 3456        drmkaud ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0296 3456        drmkaud ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0312 3456        EapHost ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0312 3456        EapHost ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0312 3456        ERSvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0312 3456        ERSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0312 3456        Eventlog ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0312 3456        Eventlog ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0312 3456        EventSystem ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0312 3456        EventSystem ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0312 3456        EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0312 3456        EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0312 3456        Fastfat ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0312 3456        Fastfat ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0312 3456        FastUserSwitchingCompatibility ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0312 3456        FastUserSwitchingCompatibility ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0312 3456        Fdc ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0312 3456        Fdc ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0328 3456        Fips ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0328 3456        Fips ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0328 3456        Flpydisk ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0328 3456        Flpydisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0328 3456        FltMgr ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0328 3456        FltMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0328 3456        Fs_Rec ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0328 3456        Fs_Rec ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0328 3456        Ftdisk ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0328 3456        Ftdisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0328 3456        Gpc ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0328 3456        Gpc ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0328 3456        HBtnKey ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0328 3456        HBtnKey ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0343 3456        HDAudBus ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0343 3456        HDAudBus ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0343 3456        HECI ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0343 3456        HECI ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0343 3456        helpsvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0343 3456        helpsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0343 3456        HidServ ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0343 3456        HidServ ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0343 3456        hidusb ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0343 3456        hidusb ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0343 3456        hkmsvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0343 3456        hkmsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0343 3456        HP24X ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0343 3456        HP24X ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0359 3456        hpdskflt ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0359 3456        hpdskflt ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0359 3456        HpqKbFiltr ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0359 3456        HpqKbFiltr ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0359 3456        HSFHWAZL ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0359 3456        HSFHWAZL ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0359 3456        HSF_DPV ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0359 3456        HSF_DPV ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0359 3456        HTTP ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0359 3456        HTTP ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0359 3456        HTTPFilter ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0359 3456        HTTPFilter ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0375 3456        i8042prt ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0375 3456        i8042prt ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0375 3456        ialm ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0375 3456        ialm ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0375 3456        IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0375 3456        IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0375 3456        IFXTPM ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0375 3456        IFXTPM ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0375 3456        igfx ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0375 3456        igfx ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0375 3456        Imapi ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0375 3456        Imapi ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0375 3456        ImapiService ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0390 3456        ImapiService ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0390 3456        intelppm ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0390 3456        intelppm ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0390 3456        Ip6Fw ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0390 3456        Ip6Fw ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0390 3456        IpFilterDriver ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0390 3456        IpFilterDriver ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0390 3456        IpInIp ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0390 3456        IpInIp ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0390 3456        IpNat ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0390 3456        IpNat ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0390 3456        IPSec ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0390 3456        IPSec ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0406 3456        irda ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0406 3456        irda ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0406 3456        IRENUM ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0406 3456        IRENUM ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0406 3456        Irmon ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0406 3456        Irmon ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0406 3456        isapnp ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0406 3456        isapnp ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0406 3456        Kbdclass ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0406 3456        Kbdclass ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0406 3456        kbdhid ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0406 3456        kbdhid ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0421 3456        kmixer ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0421 3456        kmixer ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0421 3456        KSecDD ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0421 3456        KSecDD ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0421 3456        LanmanServer ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0421 3456        LanmanServer ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0421 3456        lanmanworkstation ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0421 3456        lanmanworkstation ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0421 3456        LmHosts ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0421 3456        LmHosts ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0421 3456        mdmxsdk ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0421 3456        mdmxsdk ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0421 3456        Messenger ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0421 3456        Messenger ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0421 3456        mnmdd ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0421 3456        mnmdd ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0437 3456        mnmsrvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0437 3456        mnmsrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0437 3456        Modem ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0437 3456        Modem ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0437 3456        Mouclass ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0437 3456        Mouclass ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0437 3456        mouhid ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0437 3456        mouhid ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0437 3456        MountMgr ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0437 3456        MountMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0437 3456        MRxDAV ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0437 3456        MRxDAV ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0437 3456        MRxSmb ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0437 3456        MRxSmb ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0437 3456        MSDTC ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0437 3456        MSDTC ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0437 3456        Msfs ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0437 3456        Msfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0437 3456        MSKSSRV ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0437 3456        MSKSSRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0437 3456        MSPCLOCK ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0437 3456        MSPCLOCK ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0437 3456        MSPQM ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0437 3456        MSPQM ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0437 3456        mssmbios ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0437 3456        mssmbios ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0437 3456        Mup ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0453 3456        Mup ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0453 3456        napagent ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0453 3456        napagent ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0453 3456        NDIS ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0453 3456        NDIS ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0453 3456        NdisTapi ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0453 3456        NdisTapi ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0453 3456        Ndisuio ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0453 3456        Ndisuio ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0453 3456        NdisWan ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0453 3456        NdisWan ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0453 3456        NDProxy ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0453 3456        NDProxy ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0453 3456        NetBIOS ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0453 3456        NetBIOS ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0453 3456        NetBT ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0453 3456        NetBT ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0453 3456        NetDDE ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0453 3456        NetDDE ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0453 3456        NetDDEdsdm ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0453 3456        NetDDEdsdm ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0453 3456        Netlogon ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0453 3456        Netlogon ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0453 3456        Netman ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0453 3456        Netman ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0453 3456        NETw4x32 ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0453 3456        NETw4x32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0453 3456        NIC1394 ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0453 3456        NIC1394 ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0453 3456        Nla ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0453 3456        Nla ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0468 3456        Npfs ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0468 3456        Npfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0468 3456        Ntfs ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0468 3456        Ntfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0468 3456        NtLmSsp ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0468 3456        NtLmSsp ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0468 3456        NtmsSvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0468 3456        NtmsSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0468 3456        Null ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0468 3456        Null ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0468 3456        NwlnkFlt ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0468 3456        NwlnkFlt ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0468 3456        NwlnkFwd ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0468 3456        NwlnkFwd ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0468 3456        ohci1394 ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0468 3456        ohci1394 ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0468 3456        Parport ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0468 3456        Parport ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0468 3456        PartMgr ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0468 3456        PartMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0468 3456        ParVdm ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0468 3456        ParVdm ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0468 3456        PCI ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0468 3456        PCI ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0468 3456        PCIIde ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0468 3456        PCIIde ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0468 3456        Pcmcia ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0468 3456        Pcmcia ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0468 3456        PlugPlay ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0468 3456        PlugPlay ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0468 3456        PolicyAgent ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0468 3456        PolicyAgent ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0468 3456        PptpMiniport ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0468 3456        PptpMiniport ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0468 3456        ProtectedStorage ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0468 3456        ProtectedStorage ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0484 3456        PSched ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0484 3456        PSched ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0484 3456        Ptilink ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0484 3456        Ptilink ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0484 3456        RasAcd ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0484 3456        RasAcd ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0484 3456        RasAuto ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0484 3456        RasAuto ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0484 3456        Rasirda ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0484 3456        Rasirda ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0484 3456        Rasl2tp ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0484 3456        Rasl2tp ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0484 3456        RasMan ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0484 3456        RasMan ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0484 3456        RasPppoe ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0484 3456        RasPppoe ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0484 3456        Raspti ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0484 3456        Raspti ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0484 3456        Rdbss ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0484 3456        Rdbss ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0484 3456        RDPCDD ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0484 3456        RDPCDD ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0484 3456        rdpdr ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0484 3456        rdpdr ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0484 3456        RDPWD ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0484 3456        RDPWD ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0484 3456        RDSessMgr ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0484 3456        RDSessMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0484 3456        redbook ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0484 3456        redbook ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0484 3456        RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0484 3456        RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0484 3456        RemoteAccess ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0484 3456        RemoteAccess ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0500 3456        RemoteRegistry ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0500 3456        RemoteRegistry ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0500 3456        rimmptsk ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0500 3456        rimmptsk ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0500 3456        rismc32 ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0500 3456        rismc32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0500 3456        RpcLocator ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0500 3456        RpcLocator ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0500 3456        RpcSs ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0500 3456        RpcSs ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0500 3456        RSVP ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0500 3456        RSVP ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0500 3456        S24EventMonitor ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0500 3456        S24EventMonitor ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0500 3456        s24trans ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0500 3456        s24trans ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0500 3456        SamSs ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0500 3456        SamSs ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0500 3456        SCardSvr ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0500 3456        SCardSvr ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0500 3456        Schedule ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0500 3456        Schedule ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0500 3456        sdbus ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0500 3456        sdbus ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0500 3456        Secdrv ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0500 3456        Secdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0500 3456        seclogon ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0500 3456        seclogon ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0500 3456        SENS ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0500 3456        SENS ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0500 3456        Serenum ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0500 3456        Serenum ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0500 3456        Serial ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0500 3456        Serial ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0500 3456        Sfloppy ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0500 3456        Sfloppy ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0515 3456        SharedAccess ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0515 3456        SharedAccess ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0515 3456        ShellHWDetection ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0515 3456        ShellHWDetection ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0515 3456        SMCIRDA ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0515 3456        SMCIRDA ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0515 3456        splitter ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0515 3456        splitter ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0515 3456        Spooler ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0515 3456        Spooler ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0515 3456        sr ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0515 3456        sr ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0515 3456        srservice ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0515 3456        srservice ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0515 3456        Srv ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0515 3456        Srv ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0515 3456        SSDPSRV ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0515 3456        SSDPSRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0515 3456        StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0515 3456        StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0515 3456        stisvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0515 3456        stisvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0515 3456        swenum ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0515 3456        swenum ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0515 3456        swmidi ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0515 3456        swmidi ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0515 3456        SynTP ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0515 3456        SynTP ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0515 3456        sysaudio ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0515 3456        sysaudio ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0515 3456        SysmonLog ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0515 3456        SysmonLog ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0515 3456        TapiSrv ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0515 3456        TapiSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0515 3456        Tcpip ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0515 3456        Tcpip ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0531 3456        TDPIPE ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0531 3456        TDPIPE ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0531 3456        TDTCP ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0531 3456        TDTCP ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0531 3456        TermDD ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0531 3456        TermDD ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0531 3456        TermService ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0531 3456        TermService ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0531 3456        Themes ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0531 3456        Themes ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0531 3456        TlntSvr ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0531 3456        TlntSvr ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0531 3456        TrkWks ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0531 3456        TrkWks ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0531 3456        Udfs ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0531 3456        Udfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0531 3456        Update ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0531 3456        Update ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0531 3456        upnphost ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0531 3456        upnphost ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0531 3456        UPS ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0531 3456        UPS ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0531 3456        USBAAPL ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0531 3456        USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0531 3456        usbccgp ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0531 3456        usbccgp ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0531 3456        usbehci ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0531 3456        usbehci ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0531 3456        usbhub ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0531 3456        usbhub ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0531 3456        USBSTOR ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0531 3456        USBSTOR ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0531 3456        usbuhci ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0531 3456        usbuhci ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0531 3456        VgaSave ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0531 3456        VgaSave ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0546 3456        VolSnap ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0546 3456        VolSnap ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0546 3456        VSS ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0546 3456        VSS ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0546 3456        W32Time ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0546 3456        W32Time ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0546 3456        Wanarp ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0546 3456        Wanarp ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0546 3456        wdmaud ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0546 3456        wdmaud ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0546 3456        WebClient ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0546 3456        WebClient ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0546 3456        winachsf ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0546 3456        winachsf ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0546 3456        winmgmt ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0546 3456        winmgmt ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0546 3456        WmdmPmSN ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0546 3456        WmdmPmSN ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0546 3456        Wmi ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0546 3456        Wmi ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0546 3456        WmiAcpi ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0546 3456        WmiAcpi ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0546 3456        WmiApSrv ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0546 3456        WmiApSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0546 3456        WMPNetworkSvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0546 3456        WMPNetworkSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0546 3456        WS2IFSL ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0546 3456        WS2IFSL ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0546 3456        wscsvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0546 3456        wscsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0546 3456        wuauserv ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0546 3456        wuauserv ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0546 3456        WudfPf ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0546 3456        WudfPf ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0546 3456        WudfRd ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0546 3456        WudfRd ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0562 3456        WudfSvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0562 3456        WudfSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0562 3456        WZCSVC ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0562 3456        WZCSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:45.0562 3456        xmlprov ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0562 3456        xmlprov ( UnsignedFile.Multi.Generic ) - User select action: Skip

Hypocrite666 06.07.2012 17:55
ist das soweit ok?

markusg 06.07.2012 18:59
hab auch noch einiges anderes zu tun.
in den foren regeln etc steht eindeutig etwas über die mögliche wartezeit.
lade den CCleaner standard:
CCleaner Download - CCleaner 3.20.1750
falls der CCleaner
bereits instaliert, überspringen.
instalieren, öffnen, extras, liste der instalierten programme, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.

Hypocrite666 07.07.2012 00:24
sorry, wollte dich nicht drängen
weil es vorher so schnell ging, dachte ich, mein letzter log-post wäre vielleicht untergegangen

Code:

7-Zip 9.20                05.07.2012 notwendig               
Adobe Flash Player 10 ActiveX        Adobe Systems Incorporated        04.07.2012                10.1.85.3 notwendig
Adobe Flash Player 10 Plugin        Adobe Systems Incorporated        04.07.2012                10.2.153.1 notwendig
Apple Application Support        Apple Inc.        08.04.2011        52,66MB        1.5.0 notwendig
Apple Mobile Device Support        Apple Inc.        08.04.2011        21,75MB        3.4.0.25 notwendig
Apple Software Update        Apple Inc.        13.09.2008        2,16MB        2.1.1.116 notwendig
AuthenTec Fingerprint Sensor Minimum Install        AuthenTec        10.07.2008        2,33MB        7.9 unnötig
Bonjour        Apple Inc.        27.11.2010        0,97MB        2.0.4.0 notwendig
Broadcom 802.11-WLAN-Adapter        Broadcom Corporation        10.07.2008                4.170.77.3 notwendig
Broadcom Wireless-Dienstprogramm        Broadcom Corporation        10.07.2008                4.170.77.3 notwendig
CCleaner        Piriform        22.06.2012                3.20 notwendig
CDBurnerXP        CDBurnerXP        22.12.2010                4.3.8.2474 notwendig
DivX Codec        DivX, Inc.        17.11.2008                6.8.5 notwendig
ElsterFormular        Landesfinanzdirektion Thüringen        20.05.2012                13.2.0.8623p notwendig
ElsterFormular 2008/2009        Steuerverwaltung des Bundes und der Länder        21.05.2009                10.0.0.0 notwendig
HP 3D DriveGuard                11.07.2008                1.00 A4 notwendig
HP Broadband Wireless Modules        Sierra Wireless Inc        10.07.2008        14,93MB        18.7.1.1348 notwendig
HP Doc Viewer        Hewlett-Packard        10.07.2008        0,50MB        1.01.0005 notwendig
HP Integrated Module with Bluetooth wireless technology        HP        10.07.2008        17,57MB        5.1.0.4800 notwendig
HP MULTIPLE WLAN INSTALLER for VISTA        Hewlett Packard        10.07.2008        22,55MB        6.0.0.3 notwendig
HP PCMCIA Smart Card Reader        HP        10.07.2008        3,23MB        1.01.0001 notwendig
HP Quick Launch Buttons 6.40 C2        Hewlett-Packard        15.07.2008                6.40 C2 notwendig
HP Update        Hewlett-Packard        18.09.2011        3,98MB        5.003.001.001 notwendig
HP User Guides 0058        Hewlett-Packard        10.07.2008        229,00MB        1.01.0000 notwendig
HP Wireless Assistant        Hewlett-Packard        10.07.2008        3,10MB        3.00 E1 notwendig
Intel(R) Graphics Media Accelerator Driver                10.07.2008 notwendig               
Intel(R) Management Engine Interface                11.07.2008 notwendig
Intel(R) Network Connections Drivers                05.07.2012 notwendig               
Intel(R) PROSet/Wireless Software        Intel Corporation        05.07.2012                11.5.0.0 notwendig
InterVideo DVD Check                10.07.2008 unnötig               
InterVideo WinDVD        InterVideo Inc.        10.07.2008                5.0-B11.1145 unnötig
iTunes        Apple Inc.        08.04.2011        142,00MB        10.2.1.1  notwendig
Java(TM) 6 Update 33        Oracle        17.06.2012        91,84MB        6.0.330 notwendig
Malwarebytes Anti-Malware Version 1.61.0.1400        Malwarebytes Corporation        05.07.2012                1.61.0.1400 notwendig
Microsoft .NET Framework 2.0 Language Pack - DEU        Microsoft Corporation        11.07.2008 notwendig               
Microsoft .NET Framework 2.0 Service Pack 2        Microsoft Corporation        15.06.2012        184,00MB        2.2.30729 notwendig
Microsoft .NET Framework 3.0 Service Pack 2        Microsoft Corporation        12.05.2012        239,00MB        3.2.30729 notwendig
Microsoft .NET Framework 3.5 SP1        Microsoft Corporation        12.05.2012 notwendig               
Microsoft Compression Client Pack 1.0 for Windows XP        Microsoft Corporation        11.07.2008                1 unbekannt
Microsoft Office File Validation Add-In        Microsoft Corporation        16.09.2011        7,92MB        14.0.5130.5003 unbekannt
Microsoft Office Home and Student 2007        Microsoft Corporation        12.05.2012                12.0.6612.1000 notwendig
Microsoft Office Live Add-in 1.4        Microsoft Corporation        10.12.2009        0,48MB        2.0.3008.0 unbekannt
Microsoft Office Professional 2010        Microsoft Corporation        17.10.2011                14.0.6029.1000 notwendig
Microsoft Security Essentials        Microsoft Corporation        05.07.2012                4.0.1526.0 notwendig
Microsoft Silverlight        Microsoft Corporation        14.05.2012        251,00MB        5.1.10411.0 notwendig
Microsoft User-Mode Driver Framework Feature Pack 1.0        Microsoft Corporation        11.07.2008 unbekannt               
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053        Microsoft Corporation        12.08.2009        0,11MB        8.0.50727.4053 notwendig
Microsoft Visual C++ 2005 Redistributable        Microsoft Corporation        18.06.2011        5,28MB        8.0.61001 notwendig
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148        Microsoft Corporation        10.12.2009        0,15MB        9.0.30729.4148 notwendig
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570        Microsoft Corporation        25.04.2011        10,20MB        9.0.30729.5570 notwendig
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729        Microsoft Corporation        16.05.2010        10,29MB        9.0.30729 notwendig
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17        Microsoft Corporation        10.12.2009        10,28MB        9.0.30729 notwendig
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148        Microsoft Corporation        04.06.2010        10,19MB        9.0.30729.4148 notwendig
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161        Microsoft Corporation        18.06.2011        10,20MB        9.0.30729.6161 notwendig
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219        Microsoft Corporation        18.03.2012        14,97MB        10.0.40219 notwendig
Microsoft-Basissmartcard-Kryptografiedienstanbieterpaket        Microsoft Corporation        10.12.2009 unbekannt               
Miranda IM 0.7.8                23.07.2008 unnötig               
Mozilla Firefox 13.0.1 (x86 de)        Mozilla        04.07.2012                13.0.1 notwendig
Mozilla Maintenance Service        Mozilla        05.07.2012                13.0.1 notwendig
Mozilla Thunderbird 12.0.1 (x86 de)        Mozilla        28.06.2012                12.0.1 notwendig
Picasa 3        Google, Inc.        30.07.2008                3.8 notwendig
QuickTime        Apple Inc.        08.04.2011        73,72MB        7.69.80.9 notwendig
RICOH R5C853 Driver WXP Ver.1.01.05                                1.01.05 notwendig
Security Update for Windows Search 4 - KB963093        Microsoft Corporation        13.12.2009 unbekannt               
Soft Data Fax Modem with SmartCP                11.07.2008 unbekannt               
SoundMAX        Analog Devices        10.07.2008                5.10.01.5220 notwendig
Synaptics Pointing Device Driver        Synaptics        11.07.2008                11.0.7.0 notwendig
VLC media player 2.0.2        VideoLAN        04.07.2012                2.0.2 notwendig
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray        Microsoft Corporation        14.08.2010                1.0 unbekannt
Windows Genuine Advantage Validation Tool (KB892130)        Microsoft Corporation        11.07.2008 notwendig
Windows Internet Explorer 8        Microsoft Corporation        10.12.2009                20090308.140743  notwendig
Windows Live ID-Anmelde-Assistent        Microsoft Corporation        10.12.2009        4,69MB        6.500.3146.0 unbekannt
Windows Media Format 11 runtime                11.07.2008 notwendig               
Windows Media Player 11                11.07.2008 notwendig               
Windows Search 4.0        Microsoft Corporation        10.12.2009                04.00.6001.503 notwendig

markusg 10.07.2012 23:36
deinstaliere:
Adobe Flash Player alle
Adobe - Adobe Flash Player installieren
neueste version laden
AuthenTec
InterVideo beide
Miranda
Windows Live

öffne ccleaner, analysieren, starten.
öffne otl, cleanup, pc startet neu, testen wie er läuft

Hypocrite666 11.07.2012 21:17
scheint soweit alles zu laufen.
ist jetzt noch was zu tun? ansonsten bedanke ich mich schonmal herzlich für deine hilfe.

markusg 14.07.2012 12:29
hi
pc absichern:
als antimalware programm würde ich emsisoft empfehlen.
diese haben für mich den besten schutz kostet aber etwas.
http://www.trojaner-board.de/103809-...i-malware.html
testversion:
Meine Antivirus-Empfehlung: Emsisoft Anti-Malware
insbesondere wenn du onlinebanking, einkäufe, sonstige zahlungsabwicklungen oder ähnlich wichtiges, wie zb berufliches machst, also sensible daten zu schützen sind, solltest du in sicherheitssoftware investieren.
vor dem aktivieren der lizenz die 30 tage testzeitraum ausnutzen.

kostenlos, aber eben nicht ganz so gut wäre avast zu empfehlen.
http://www.trojaner-board.de/110895-...antivirus.html

sag mir welches du nutzt, dann gebe ich konfigurationshinweise.
bitte dein bisheriges av deinstalieren
die folgende anleitung ist umfangreich, dass ist mir klar, sie sollte aber umgesetzt werden, da nur dann dein pc sicher ist. stelle so viele fragen wie nötig, ich arbeite gern alles mit dir durch!

http://www.trojaner-board.de/96344-a...-rechners.html
Starte bitte mit der Passage, Windows Vista und Windows 7
Bitte beginne damit, Windows Updates zu instalieren.
Am besten geht dies, wenn du über Start, Suchen gehst, und dort Windows Updates eingibst.
Prüfe unter "Einstellungen ändern" dass folgendes ausgewählt ist:
- Updates automatisch Instalieren,
- Täglich
- Uhrzeit wählen
- Bitte den gesammten rest anhaken, außer:
- detailierte benachichtungen anzeigen, wenn neue Microsoft software verfügbar ist.
Klicke jetzt die Schaltfläche "OK"
Klicke jetzt "nach Updates suchen".
Bitte instaliere zunächst wichtige Updates.
Es wird nötig sein, den PC zwischendurch neu zu starten. falls dies der Fall ist, musst du erneut über Start, Suchen, Windows Update aufrufen, auf Updates suchen klicken und die nächsten instalieren.
Mache das selbe bitte mit den optionalen Updates.
Bitte übernimm den rest so, wie es im Abschnitt windows 7 / Vista zu lesen ist.
aus dem Abschnitt xp, bitte den punkt "datenausführungsverhinderung, dep" übernehmen.
als browser rate ich dir zu chrome:
Installation von Google Chrome für mehrere Nutzerkonten - Google Chrome-Hilfe
anleitung lesen bitte
falls du nen andern nutzen willst, sags mir dann muss ich teile der nun folgenden anleitung


Sandboxie
Die devinition einer Sandbox ist hier nachzulesen:
Sandbox
Kurz gesagt, man kann Programme fast 100 %ig isuliert vom System ausführen.

Der Vorteil liegt klar auf der Hand, wenn über den Browser Schadcode eingeschläust wird, kann dieser nicht nach außen dringen.
Download Link:
Sandboxie Download - Sandboxie 3.72

anleitung:
http://www.trojaner-board.de/71542-a...sandboxie.html
ausführliche anleitung als pdf, auch abarbeiten:
Sandbox Einstellungen |

bitte folgende zusatz konfiguration machen:
sandboxie control öffnen, menü sandbox anklicken, defauldbox wählen.
dort klicke auf sandbox einstellungen.
beschrenkungen, bei programm start und internet zugriff schreibe:
chrome.exe
dann gehe auf anwendungen, webbrowser, chrome.
dort aktiviere alles außer gesammten profil ordner freigeben.
Wie du evtl. schon gesehen hast, kannst du einige Funktionen nicht nutzen.
Dies ist nur in der Vollversion nötig, zu deren Kauf ich dir rate.
Du kannst zb unter "Erzwungene Programmstarts" festlegen, dass alle Browser in der Sandbox starten.
Ansonsten musst du immer auf "Sandboxed webbrowser" klicken bzw Rechtsklick, in Sandboxie starten.
Eine lebenslange Lizenz kostet 30 €, und ist auf allen deinen PC's nutzbar.

Weiter mit:
Maßnahmen für ALLE Windows-Versionen
alles komplett durcharbeiten
anmerkung zu file hippo.
in den settings zusätzlich auswählen:
hide beta updates.
Run updateChecker when Windows starts

Backup Programm:
in meiner Anleitung ist bereits ein Backup Programm verlinkt, als Alternative bietet sich auch das Windows eigene Backup Programm an:
http://www.trojaner-board.de/82962-w...en-backup.html
Dies ist aber leider nur für Windows 7 Nutzer vernünftig nutzbar.
Alle Anderen sollten sich aber auf jeden fall auch ein Backup Programm instalieren, denn dies kann unter Umständen sehr wichtig sein, zum Beispiel, wenn die Festplatte einmal kaputt ist.

Zum Schluss, die allgemeinen sicherheitstipps beachten, wenn es dich betrifft, den Tipp zum Onlinebanking beachten und alle Passwörter ändern
bitte auch lesen, wie mache ich programme für alle sichtbar:
Programme für alle Konten nutzbar machen - PCtipp.ch - Praxis & Hilfe
surfe jetzt also nur noch im standard nutzer konto und dort in der sandbox.
wenn du die kostenlose version nutzt, dann mit klick auf sandboxed web browser, wenn du die bezahlversion hast, kannst du erzwungene programm starts festlegen, dann wird sandboxie immer gestartet wenn du nen browser aufrufst.
wenn du mit der maus über den browser fährst sollte der eingerahmt sein, dann bist du im sandboxed web browser


Alle Zeitangaben in WEZ +1. Es ist jetzt 05:00 Uhr.

Copyright ©2000-2024, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129