|
System Care Antivirus Hallo, meine Schwester hat seit gestern (bzw. schon länger) den System Care Antivirus auf ihrem PC. Sie benötigt diesen aber unbedingt. Könnt ihr ihr eventuell helfen? (heute könnte ich noch für sie einiges erledigen, morgen müsste sie dann selbst ran) Wie lang würde es denn in etwa oder mindestens dauern? (Ich weiß, dass dies recht viel Zeit in Anspruch nimmt). Und: Kann ich von ihrem PC aus schreiben und antworten über das Forum oder wird das schwierig?!? LG... |
währe eigendlich sinnvoller, wenn sie sich selbst angemeldet hätte, wird auf jeden fall länger als bis mmorgen dauern. Wennn man seinen PC doch so dringend braucht, warum hat man keine Backups? OK: währe günstig n Zweitsystem zu haben, das Betroffene muss in den abgesicherten Modus gestartet werden, die ersten Programme und Logs via usb stick kopiert auf das Betroffene Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code: activex
|
Also ich habe jetzt bei meiner Schwester das mit dem OTL durchgeführt (allerdings nicht mit den Befehlen, sondern einfach nur so einen Quikscan gemacht - sollte ich das wiederholen?) und GMER läuft gerade (aber ich glaube, das dauert länger, oder?) Allerdings im normalen und nicht im abgesicherten Modus - geht das trotzdem? Meine Schwester hat wohl keine Backups, weil sie sich genauso gut bzw. gar nicht mit PC usw. auskennt wie ich :-( Was ich komisch finde: Heute ging das Fenster mit dem "System Care Antivirus" gar nicht mehr auf - kann es sein, dass dieser sich nur "versteckt"? Allerdings hat auch ein Programm auf ihrem PC den Virus erkannt und fragt, ob die Einträge gelöscht werden sollen - das Programm heißt Microsoft System Essentials - würde dies vielleicht auch ausreichen? |
gmer abbrechen, bitte das machen was ich poste, danke wenn du im normalen Modus arbeiten kannst, ist das ok, dann musst du nicht in den abgesicherten. |
Puh, ok, dann war wohl die Arbeit umsonst... Also dann gehe ich mal wieder zu meiner Schwester und breche GMER ab... Und stelle also auch die Virenscanner, etc. wieder an?!? Und dann das, was du oben geschrieben hast? |
nein, während des scans von oben scanner auslassen bitte. Wenn es funde gibt, wenn du ihn später anstellst, bitte posten mit pfadangabe als Text |
Also Microsoft Security Essentials hat vorhin schon folgendes gefunden: Rogue:Win32/Winwebsec --> darunter stehen 3 Elemente, wo der System Care ANtivirus drin ist... Soll ich diese posten oder bringt dies nichts? Und soll auf jeden Fall jetzt das OTL machen wie oben beschrieben? |
otl ja, Elemente posten, ja. |
ALso hier die OTL:OTL Logfile: Code: OTL logfile created on: 23.05.2013 14:02:57 - Run 2Und hier die Elemente aus der Microsoft Security Essentials Meldung: folder:c:\dokumente und einstellungen\***\Startmenü\Programme\System Care Antivirus\ file:C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\E58CE4CD2E0520C40000E58BFF4827BD\E58CE4CD2E0520C40000E58BFF4827BD.exe file:c:\dokumente und einstellungen\***\Desktop\System Care Antivirus.lnk |
Hi, Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
|
Hier das Ergebnis von TDSSKiller: 14:53:13.0937 1700 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42 14:53:14.0062 1700 ============================================================ 14:53:14.0062 1700 Current date / time: 2013/05/23 14:53:14.0062 14:53:14.0062 1700 SystemInfo: 14:53:14.0062 1700 14:53:14.0062 1700 OS Version: 5.1.2600 ServicePack: 3.0 14:53:14.0062 1700 Product type: Workstation 14:53:14.0062 1700 ComputerName: JANINE 14:53:14.0062 1700 UserName: Janine Werner 14:53:14.0062 1700 Windows directory: C:\WINDOWS 14:53:14.0062 1700 System windows directory: C:\WINDOWS 14:53:14.0062 1700 Processor architecture: Intel x86 14:53:14.0062 1700 Number of processors: 1 14:53:14.0062 1700 Page size: 0x1000 14:53:14.0062 1700 Boot type: Normal boot 14:53:14.0062 1700 ============================================================ 14:53:16.0828 1700 Drive \Device\Harddisk0\DR0 - Size: 0x953C94000 (37.31 Gb), SectorSize: 0x200, Cylinders: 0x1306, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054 14:53:16.0937 1700 ============================================================ 14:53:16.0937 1700 \Device\Harddisk0\DR0: 14:53:16.0937 1700 MBR partitions: 14:53:16.0937 1700 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x36B1F33 14:53:16.0937 1700 ============================================================ 14:53:16.0968 1700 C: <-> \Device\Harddisk0\DR0\Partition1 14:53:16.0968 1700 ============================================================ 14:53:16.0968 1700 Initialize success 14:53:16.0968 1700 ============================================================ 14:55:23.0687 3572 ============================================================ 14:55:23.0687 3572 Scan started 14:55:23.0687 3572 Mode: Manual; SigCheck; TDLFS; 14:55:23.0687 3572 ============================================================ 14:55:30.0140 3572 ================ Scan system memory ======================== 14:55:30.0140 3572 System memory - ok 14:55:30.0156 3572 ================ Scan services ============================= 14:55:30.0343 3572 [ 7EEB488346FBFA3731276C3EE8A8FD9E ] AAV UpdateService C:\Programme\AAVUpdateManager\aavus.exe 14:55:30.0531 3572 AAV UpdateService - ok 14:55:30.0937 3572 Abiosdsk - ok 14:55:30.0953 3572 abp480n5 - ok 14:55:31.0078 3572 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys 14:55:34.0453 3572 ACPI - ok 14:55:34.0500 3572 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys 14:55:34.0718 3572 ACPIEC - ok 14:55:34.0875 3572 [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe 14:55:35.0000 3572 AdobeFlashPlayerUpdateSvc - ok 14:55:35.0015 3572 adpu160m - ok 14:55:35.0093 3572 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys 14:55:35.0296 3572 aec - ok 14:55:35.0390 3572 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys 14:55:35.0453 3572 AFD - ok 14:55:35.0468 3572 Aha154x - ok 14:55:35.0500 3572 aic78u2 - ok 14:55:35.0531 3572 aic78xx - ok 14:55:35.0578 3572 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll 14:55:35.0796 3572 Alerter - ok 14:55:35.0843 3572 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe 14:55:36.0062 3572 ALG - ok 14:55:36.0078 3572 AliIde - ok 14:55:36.0156 3572 [ 3A0DAFAC778236559C14C7203FB550EB ] AmdK7 C:\WINDOWS\system32\DRIVERS\amdk7.sys 14:55:36.0375 3572 AmdK7 - ok 14:55:36.0421 3572 amsint - ok 14:55:36.0453 3572 AppMgmt - ok 14:55:36.0468 3572 asc - ok 14:55:36.0500 3572 asc3350p - ok 14:55:36.0531 3572 asc3550 - ok 14:55:36.0593 3572 [ D880831279ED91F9A4190A2DB9539EA9 ] ASCTRM C:\WINDOWS\system32\drivers\ASCTRM.sys 14:55:36.0687 3572 ASCTRM ( UnsignedFile.Multi.Generic ) - warning 14:55:36.0687 3572 ASCTRM - detected UnsignedFile.Multi.Generic (1) 14:55:36.0890 3572 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe 14:55:36.0937 3572 aspnet_state - ok 14:55:37.0000 3572 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys 14:55:37.0203 3572 AsyncMac - ok 14:55:37.0281 3572 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys 14:55:37.0500 3572 atapi - ok 14:55:37.0531 3572 Atdisk - ok 14:55:37.0593 3572 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys 14:55:37.0796 3572 Atmarpc - ok 14:55:37.0875 3572 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll 14:55:38.0078 3572 AudioSrv - ok 14:55:38.0156 3572 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys 14:55:38.0375 3572 audstub - ok 14:55:38.0453 3572 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys 14:55:38.0734 3572 Beep - ok 14:55:38.0921 3572 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll 14:55:39.0218 3572 BITS - ok 14:55:39.0296 3572 [ B71549F23736ADF83A571061C47777FD ] Browser C:\WINDOWS\System32\browser.dll 14:55:39.0515 3572 Browser - ok 14:55:39.0562 3572 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys 14:55:39.0875 3572 cbidf2k - ok 14:55:39.0921 3572 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 14:55:40.0156 3572 CCDECODE - ok 14:55:40.0171 3572 cd20xrnt - ok 14:55:40.0234 3572 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys 14:55:40.0515 3572 Cdaudio - ok 14:55:40.0578 3572 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys 14:55:40.0781 3572 Cdfs - ok 14:55:40.0843 3572 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys 14:55:41.0046 3572 Cdrom - ok 14:55:41.0062 3572 Changer - ok 14:55:41.0140 3572 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe 14:55:41.0343 3572 CiSvc - ok 14:55:41.0421 3572 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe 14:55:41.0609 3572 ClipSrv - ok 14:55:41.0687 3572 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 14:55:41.0734 3572 clr_optimization_v2.0.50727_32 - ok 14:55:41.0765 3572 CmdIde - ok 14:55:41.0781 3572 COMSysApp - ok 14:55:41.0828 3572 Cpqarray - ok 14:55:41.0906 3572 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll 14:55:42.0109 3572 CryptSvc - ok 14:55:42.0796 3572 [ ED002F233AB7E89B3AD2D47DBD177014 ] ctxS51 C:\WINDOWS\system32\DRIVERS\ctxS51.sys 14:55:43.0421 3572 ctxS51 ( UnsignedFile.Multi.Generic ) - warning 14:55:43.0421 3572 ctxS51 - detected UnsignedFile.Multi.Generic (1) 14:55:43.0437 3572 dac2w2k - ok 14:55:43.0468 3572 dac960nt - ok 14:55:43.0656 3572 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 14:55:43.0828 3572 DcomLaunch - ok 14:55:43.0937 3572 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll 14:55:44.0140 3572 Dhcp - ok 14:55:44.0218 3572 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys 14:55:44.0406 3572 Disk - ok 14:55:44.0437 3572 dmadmin - ok 14:55:44.0750 3572 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys 14:55:45.0156 3572 dmboot - ok 14:55:45.0234 3572 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys 14:55:45.0453 3572 dmio - ok 14:55:45.0515 3572 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys 14:55:45.0734 3572 dmload - ok 14:55:45.0781 3572 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll 14:55:45.0968 3572 dmserver - ok 14:55:46.0015 3572 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys 14:55:46.0234 3572 DMusic - ok 14:55:46.0312 3572 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 14:55:46.0375 3572 Dnscache - ok 14:55:46.0468 3572 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll 14:55:46.0671 3572 Dot3svc - ok 14:55:46.0687 3572 dpti2o - ok 14:55:46.0750 3572 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys 14:55:46.0953 3572 drmkaud - ok 14:55:47.0000 3572 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll 14:55:47.0234 3572 EapHost - ok 14:55:47.0281 3572 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll 14:55:47.0484 3572 ERSvc - ok 14:55:47.0593 3572 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe 14:55:47.0687 3572 Eventlog - ok 14:55:47.0828 3572 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\System32\es.dll 14:55:47.0890 3572 EventSystem - ok 14:55:47.0953 3572 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys 14:55:48.0171 3572 Fastfat - ok 14:55:48.0281 3572 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll 14:55:48.0343 3572 FastUserSwitchingCompatibility - ok 14:55:48.0390 3572 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys 14:55:48.0609 3572 Fdc - ok 14:55:48.0687 3572 [ E9648254056BCE81A85380C0C3647DC4 ] FETNDIS C:\WINDOWS\system32\DRIVERS\fetnd5.sys 14:55:48.0953 3572 FETNDIS - ok 14:55:49.0015 3572 [ 29063004926B225C417E7147822F5866 ] FETNDISB C:\WINDOWS\system32\DRIVERS\fetnd5b.sys 14:55:49.0078 3572 FETNDISB - ok 14:55:49.0140 3572 [ A75DDC492D2D1D6558AD8003A4ADB73A ] FilterService C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys 14:55:49.0187 3572 FilterService - ok 14:55:49.0265 3572 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys 14:55:49.0484 3572 Fips - ok 14:55:49.0531 3572 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys 14:55:49.0718 3572 Flpydisk - ok 14:55:49.0796 3572 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys 14:55:50.0000 3572 FltMgr - ok 14:55:50.0125 3572 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe 14:55:50.0156 3572 FontCache3.0.0.0 - ok 14:55:50.0234 3572 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 14:55:50.0484 3572 Fs_Rec - ok 14:55:50.0562 3572 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys 14:55:50.0875 3572 Ftdisk - ok 14:55:50.0906 3572 [ 065639773D8B03F33577F6CDAEA21063 ] gameenum C:\WINDOWS\system32\DRIVERS\gameenum.sys 14:55:51.0078 3572 gameenum - ok 14:55:51.0140 3572 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys 14:55:51.0343 3572 Gpc - ok 14:55:51.0468 3572 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Programme\Google\Update\GoogleUpdate.exe 14:55:51.0531 3572 gupdate - ok 14:55:51.0593 3572 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe 14:55:51.0609 3572 gupdatem - ok 14:55:51.0750 3572 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe 14:55:51.0828 3572 gusvc - ok 14:55:51.0937 3572 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 14:55:52.0140 3572 helpsvc - ok 14:55:52.0171 3572 HidServ - ok 14:55:52.0234 3572 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys 14:55:52.0437 3572 HidUsb - ok 14:55:52.0546 3572 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll 14:55:52.0718 3572 hkmsvc - ok 14:55:52.0750 3572 hpn - ok 14:55:52.0859 3572 [ 532E3D11B7FC7A46C430847DB8656853 ] HRService C:\Programme\Haufe\iDesk\iDeskService\iDeskService.exe 14:55:52.0953 3572 HRService - ok 14:55:53.0093 3572 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys 14:55:53.0140 3572 HTTP - ok 14:55:53.0203 3572 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll 14:55:53.0390 3572 HTTPFilter - ok 14:55:53.0437 3572 i2omgmt - ok 14:55:53.0453 3572 i2omp - ok 14:55:53.0515 3572 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys 14:55:53.0687 3572 i8042prt - ok 14:55:53.0890 3572 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe 14:55:53.0953 3572 IDriverT ( UnsignedFile.Multi.Generic ) - warning 14:55:53.0953 3572 IDriverT - detected UnsignedFile.Multi.Generic (1) 14:55:54.0343 3572 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 14:55:54.0906 3572 idsvc - ok 14:55:54.0953 3572 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys 14:55:55.0109 3572 Imapi - ok 14:55:55.0250 3572 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\System32\imapi.exe 14:55:55.0515 3572 ImapiService - ok 14:55:55.0531 3572 ini910u - ok 14:55:55.0578 3572 IntelIde - ok 14:55:55.0625 3572 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys 14:55:55.0796 3572 Ip6Fw - ok 14:55:55.0859 3572 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 14:55:56.0156 3572 IpFilterDriver - ok 14:55:56.0218 3572 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys 14:55:56.0390 3572 IpInIp - ok 14:55:56.0468 3572 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys 14:55:56.0656 3572 IpNat - ok 14:55:56.0718 3572 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys 14:55:56.0890 3572 IPSec - ok 14:55:56.0937 3572 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys 14:55:57.0125 3572 IRENUM - ok 14:55:57.0187 3572 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys 14:55:57.0375 3572 isapnp - ok 14:55:57.0703 3572 [ 999DB5F88C8E145CCA9D471E33227143 ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe 14:55:57.0796 3572 JavaQuickStarterService - ok 14:55:57.0843 3572 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys 14:55:58.0000 3572 Kbdclass - ok 14:55:58.0093 3572 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys 14:55:58.0265 3572 kmixer - ok 14:55:58.0343 3572 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys 14:55:58.0390 3572 KSecDD - ok 14:55:58.0500 3572 [ 2BBDCB79900990F0716DFCB714E72DE7 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll 14:55:58.0562 3572 lanmanserver - ok 14:55:58.0671 3572 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll 14:55:58.0718 3572 lanmanworkstation - ok 14:55:58.0734 3572 lbrtfdc - ok 14:55:58.0890 3572 [ 027D03D9D8AB95194A115A999E960AC0 ] LexBceS C:\WINDOWS\system32\LEXBCES.EXE 14:55:59.0078 3572 LexBceS - ok 14:55:59.0156 3572 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll 14:55:59.0343 3572 LmHosts - ok 14:55:59.0437 3572 [ 01F0E010ACB61472163E9D02D3FF531A ] lvpopflt C:\WINDOWS\system32\DRIVERS\lvpopflt.sys 14:55:59.0468 3572 lvpopflt - ok 14:55:59.0531 3572 [ C57C48FB9AE3EFB9848AF594E3123A63 ] LVPr2Mon C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys 14:55:59.0625 3572 LVPr2Mon - ok 14:55:59.0781 3572 [ 5C7B88695CE461D8BDA4FE0C0E57E71D ] LVPrcSrv C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe 14:55:59.0859 3572 LVPrcSrv - ok 14:56:00.0015 3572 [ 87ECCE893D8AEC5A9337B917742D339C ] LVRS C:\WINDOWS\system32\DRIVERS\lvrs.sys 14:56:00.0062 3572 LVRS - ok 14:56:02.0296 3572 [ 291F69B3DDA0F033D2490C5BA5179F7C ] LVUVC C:\WINDOWS\system32\DRIVERS\lvuvc.sys 14:56:04.0187 3572 LVUVC - ok 14:56:04.0234 3572 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll 14:56:04.0406 3572 Messenger - ok 14:56:04.0484 3572 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys 14:56:04.0750 3572 mnmdd - ok 14:56:04.0812 3572 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\System32\mnmsrvc.exe 14:56:05.0015 3572 mnmsrvc - ok 14:56:05.0046 3572 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys 14:56:05.0234 3572 Modem - ok 14:56:05.0296 3572 [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys 14:56:05.0578 3572 MODEMCSA - ok 14:56:05.0609 3572 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys 14:56:05.0781 3572 Mouclass - ok 14:56:05.0828 3572 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys 14:56:06.0078 3572 mouhid - ok 14:56:06.0156 3572 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys 14:56:06.0328 3572 MountMgr - ok 14:56:06.0421 3572 [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe 14:56:06.0484 3572 MozillaMaintenance - ok 14:56:06.0609 3572 [ CF105EE42E3F71E648CEBB3F666E1CF0 ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys 14:56:06.0640 3572 MpFilter - ok 14:56:06.0796 3572 [ A69630D039C38018689190234F866D77 ] MpKsl41851d04 c:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\{9AD6218E-97A2-4C01-BA76-189187703F41}\MpKsl41851d04.sys 14:56:06.0828 3572 MpKsl41851d04 - ok 14:56:06.0843 3572 mraid35x - ok 14:56:06.0937 3572 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys 14:56:07.0125 3572 MRxDAV - ok 14:56:07.0343 3572 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 14:56:07.0515 3572 MRxSmb - ok 14:56:07.0578 3572 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\System32\msdtc.exe 14:56:07.0765 3572 MSDTC - ok 14:56:07.0812 3572 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 14:56:07.0984 3572 Msfs - ok 14:56:08.0015 3572 MSIServer - ok 14:56:08.0062 3572 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys 14:56:08.0234 3572 MSKSSRV - ok 14:56:08.0328 3572 [ C1F19D2BACBEE9AB64D9AE69E9859AC0 ] MsMpSvc c:\Programme\Microsoft Security Client\MsMpEng.exe 14:56:08.0359 3572 MsMpSvc - ok 14:56:08.0437 3572 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys 14:56:08.0609 3572 MSPCLOCK - ok 14:56:08.0640 3572 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys 14:56:08.0812 3572 MSPQM - ok 14:56:08.0843 3572 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys 14:56:09.0015 3572 mssmbios - ok 14:56:09.0062 3572 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys 14:56:09.0234 3572 MSTEE - ok 14:56:09.0296 3572 [ CA3E22598F411199ADC2DFEE76CD0AE0 ] ms_mpu401 C:\WINDOWS\system32\drivers\msmpu401.sys 14:56:09.0578 3572 ms_mpu401 - ok 14:56:09.0671 3572 [ C53775780148884AC87C455489A0C070 ] Mtlmnt5 C:\WINDOWS\system32\DRIVERS\Mtlmnt5.sys 14:56:09.0828 3572 Mtlmnt5 - ok 14:56:10.0296 3572 [ 54886A652BF5685192141DF304E923FD ] Mtlstrm C:\WINDOWS\system32\DRIVERS\Mtlstrm.sys 14:56:10.0765 3572 Mtlstrm - ok 14:56:10.0859 3572 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys 14:56:10.0906 3572 Mup - ok 14:56:10.0984 3572 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 14:56:11.0171 3572 NABTSFEC - ok 14:56:11.0328 3572 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll 14:56:11.0562 3572 napagent - ok 14:56:11.0656 3572 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys 14:56:11.0828 3572 NDIS - ok 14:56:11.0859 3572 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys 14:56:12.0046 3572 NdisIP - ok 14:56:12.0093 3572 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 14:56:12.0125 3572 NdisTapi - ok 14:56:12.0187 3572 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys 14:56:12.0343 3572 Ndisuio - ok 14:56:12.0390 3572 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys 14:56:12.0593 3572 NdisWan - ok 14:56:12.0656 3572 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys 14:56:12.0718 3572 NDProxy - ok 14:56:12.0765 3572 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys 14:56:12.0921 3572 NetBIOS - ok 14:56:13.0015 3572 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 14:56:13.0187 3572 NetBT - ok 14:56:13.0281 3572 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe 14:56:13.0531 3572 NetDDE - ok 14:56:13.0578 3572 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe 14:56:13.0750 3572 NetDDEdsdm - ok 14:56:13.0812 3572 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\System32\lsass.exe 14:56:13.0984 3572 Netlogon - ok 14:56:14.0109 3572 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll 14:56:14.0281 3572 Netman - ok 14:56:14.0390 3572 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 14:56:14.0468 3572 NetTcpPortSharing - ok 14:56:14.0593 3572 [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla C:\WINDOWS\System32\mswsock.dll 14:56:14.0625 3572 Nla - ok 14:56:14.0671 3572 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 14:56:14.0828 3572 Npfs - ok 14:56:15.0078 3572 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys 14:56:15.0343 3572 Ntfs - ok 14:56:15.0390 3572 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\System32\lsass.exe 14:56:15.0546 3572 NtLmSsp - ok 14:56:15.0734 3572 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll 14:56:15.0984 3572 NtmsSvc - ok 14:56:16.0093 3572 [ 576B34CEAE5B7E5D9FD2775E93B3DB53 ] NtMtlFax C:\WINDOWS\system32\DRIVERS\NtMtlFax.sys 14:56:16.0250 3572 NtMtlFax - ok 14:56:16.0312 3572 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys 14:56:16.0593 3572 Null - ok 14:56:16.0656 3572 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 14:56:16.0906 3572 NwlnkFlt - ok 14:56:16.0937 3572 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 14:56:17.0203 3572 NwlnkFwd - ok 14:56:17.0250 3572 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys 14:56:17.0421 3572 Parport - ok 14:56:17.0484 3572 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys 14:56:17.0656 3572 PartMgr - ok 14:56:17.0718 3572 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys 14:56:17.0953 3572 ParVdm - ok 14:56:18.0015 3572 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys 14:56:18.0187 3572 PCI - ok 14:56:18.0203 3572 PCIDump - ok 14:56:18.0218 3572 PCIIde - ok 14:56:18.0296 3572 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys 14:56:18.0515 3572 Pcmcia - ok 14:56:18.0531 3572 PDCOMP - ok 14:56:18.0562 3572 PDFRAME - ok 14:56:18.0578 3572 PDRELI - ok 14:56:18.0609 3572 PDRFRAME - ok 14:56:18.0640 3572 perc2 - ok 14:56:18.0671 3572 perc2hib - ok 14:56:18.0796 3572 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe 14:56:18.0859 3572 PlugPlay - ok 14:56:18.0890 3572 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\System32\lsass.exe 14:56:19.0046 3572 PolicyAgent - ok 14:56:19.0125 3572 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys 14:56:19.0296 3572 PptpMiniport - ok 14:56:19.0328 3572 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe 14:56:19.0500 3572 ProtectedStorage - ok 14:56:19.0562 3572 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys 14:56:19.0734 3572 PSched - ok 14:56:19.0812 3572 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys 14:56:20.0093 3572 Ptilink - ok 14:56:20.0171 3572 [ 1962166E0CEB740704F30FA55AD3D509 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys 14:56:20.0187 3572 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning 14:56:20.0187 3572 PxHelp20 - detected UnsignedFile.Multi.Generic (1) 14:56:20.0218 3572 ql1080 - ok 14:56:20.0234 3572 Ql10wnt - ok 14:56:20.0265 3572 ql12160 - ok 14:56:20.0296 3572 ql1240 - ok 14:56:20.0312 3572 ql1280 - ok 14:56:20.0375 3572 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 14:56:20.0656 3572 RasAcd - ok 14:56:20.0750 3572 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll 14:56:20.0921 3572 RasAuto - ok 14:56:20.0968 3572 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 14:56:21.0140 3572 Rasl2tp - ok 14:56:21.0250 3572 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll 14:56:21.0453 3572 RasMan - ok 14:56:21.0515 3572 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys 14:56:21.0703 3572 RasPppoe - ok 14:56:21.0750 3572 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys 14:56:22.0015 3572 Raspti - ok 14:56:22.0093 3572 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 14:56:22.0281 3572 Rdbss - ok 14:56:22.0312 3572 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 14:56:22.0562 3572 RDPCDD - ok 14:56:22.0671 3572 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys 14:56:22.0750 3572 RDPWD - ok 14:56:22.0843 3572 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe 14:56:23.0062 3572 RDSessMgr - ok 14:56:23.0125 3572 [ E9AAA0092D74A9D371659C4C38882E12 ] RecAgent C:\WINDOWS\system32\DRIVERS\RecAgent.sys 14:56:23.0281 3572 RecAgent - ok 14:56:23.0359 3572 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys 14:56:23.0546 3572 redbook - ok 14:56:23.0625 3572 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 14:56:23.0812 3572 RemoteAccess - ok 14:56:23.0875 3572 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\System32\locator.exe 14:56:24.0078 3572 RpcLocator - ok 14:56:24.0218 3572 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs C:\WINDOWS\system32\rpcss.dll 14:56:24.0375 3572 RpcSs - ok 14:56:24.0484 3572 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\System32\rsvp.exe 14:56:24.0828 3572 RSVP - ok 14:56:24.0953 3572 [ 5AC35AE969A729227522E972885E3AA7 ] S3Psddr C:\WINDOWS\system32\DRIVERS\s3gnbm.sys 14:56:25.0015 3572 S3Psddr - ok 14:56:25.0062 3572 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe 14:56:25.0218 3572 SamSs - ok 14:56:25.0312 3572 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe 14:56:25.0531 3572 SCardSvr - ok 14:56:25.0640 3572 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll 14:56:25.0828 3572 Schedule - ok 14:56:25.0921 3572 [ 531EBC57DB331C8500C042D9F8A6AEF2 ] se45bus C:\WINDOWS\system32\DRIVERS\se45bus.sys 14:56:26.0156 3572 se45bus - ok 14:56:26.0203 3572 [ 148E7E813681D3A0A05F09826080CC2B ] se45mdfl C:\WINDOWS\system32\DRIVERS\se45mdfl.sys 14:56:26.0250 3572 se45mdfl - ok 14:56:26.0343 3572 [ B4CE022564D0D3FD7B0E5459AA12AA72 ] se45mdm C:\WINDOWS\system32\DRIVERS\se45mdm.sys 14:56:26.0375 3572 se45mdm - ok 14:56:26.0468 3572 [ 6D04EA9C049EBD78D64ADE447DE3F7EB ] se45mgmt C:\WINDOWS\system32\DRIVERS\se45mgmt.sys 14:56:26.0500 3572 se45mgmt - ok 14:56:26.0562 3572 [ FDC74BEAA13A801FAC574BC7AF1450C4 ] se45nd5 C:\WINDOWS\system32\DRIVERS\se45nd5.sys 14:56:26.0609 3572 se45nd5 - ok 14:56:26.0687 3572 [ 5E003693822460D37516D9A262DE9E11 ] se45obex C:\WINDOWS\system32\DRIVERS\se45obex.sys 14:56:26.0734 3572 se45obex - ok 14:56:26.0796 3572 [ FC7021ADB632200DA591A55A35A78ACC ] se45unic C:\WINDOWS\system32\DRIVERS\se45unic.sys 14:56:26.0828 3572 se45unic - ok 14:56:26.0875 3572 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys 14:56:27.0046 3572 Secdrv - ok 14:56:27.0093 3572 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll 14:56:27.0281 3572 seclogon - ok 14:56:27.0328 3572 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll 14:56:27.0546 3572 SENS - ok 14:56:27.0609 3572 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys 14:56:27.0781 3572 serenum - ok 14:56:27.0828 3572 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys 14:56:28.0015 3572 Serial - ok 14:56:28.0078 3572 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys 14:56:28.0250 3572 Sfloppy - ok 14:56:28.0406 3572 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll 14:56:28.0671 3572 SharedAccess - ok 14:56:28.0750 3572 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 14:56:28.0781 3572 ShellHWDetection - ok 14:56:28.0812 3572 Simbad - ok 14:56:28.0937 3572 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Programme\Skype\Updater\Updater.exe 14:56:29.0000 3572 SkypeUpdate - ok 14:56:29.0062 3572 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys 14:56:29.0218 3572 SLIP - ok 14:56:29.0406 3572 [ 2C1779C0FEB1F4A6033600305EBA623A ] Slntamr C:\WINDOWS\system32\DRIVERS\slntamr.sys 14:56:29.0625 3572 Slntamr - ok 14:56:29.0703 3572 [ F9B8E30E82EE95CF3E1D3E495599B99C ] SlNtHal C:\WINDOWS\system32\DRIVERS\Slnthal.sys 14:56:29.0859 3572 SlNtHal - ok 14:56:29.0906 3572 [ DB56BB2C55723815CF549D7FC50CFCEB ] SlWdmSup C:\WINDOWS\system32\DRIVERS\SlWdmSup.sys 14:56:30.0093 3572 SlWdmSup - ok 14:56:30.0109 3572 smserial - ok 14:56:30.0218 3572 [ A1ECEEAA5C5E74B2499EB51D38185B84 ] SONYPVU1 C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS 14:56:30.0515 3572 SONYPVU1 - ok 14:56:30.0546 3572 Sparrow - ok 14:56:30.0593 3572 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys 14:56:30.0750 3572 splitter - ok 14:56:30.0812 3572 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe 14:56:30.0875 3572 Spooler - ok 14:56:30.0921 3572 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys 14:56:31.0093 3572 sr - ok 14:56:31.0187 3572 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\System32\srsvc.dll 14:56:31.0359 3572 srservice - ok 14:56:31.0531 3572 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys 14:56:31.0671 3572 Srv - ok 14:56:31.0750 3572 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 14:56:31.0921 3572 SSDPSRV - ok 14:56:31.0984 3572 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys 14:56:32.0000 3572 ssmdrv - ok 14:56:32.0171 3572 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll 14:56:32.0406 3572 stisvc - ok 14:56:32.0500 3572 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys 14:56:32.0656 3572 streamip - ok 14:56:32.0718 3572 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys 14:56:32.0890 3572 swenum - ok 14:56:32.0968 3572 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys 14:56:33.0125 3572 swmidi - ok 14:56:33.0156 3572 SwPrv - ok 14:56:33.0187 3572 symc810 - ok 14:56:33.0218 3572 symc8xx - ok 14:56:33.0234 3572 sym_hi - ok 14:56:33.0265 3572 sym_u3 - ok 14:56:33.0343 3572 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys 14:56:33.0562 3572 sysaudio - ok 14:56:33.0640 3572 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe 14:56:33.0843 3572 SysmonLog - ok 14:56:34.0000 3572 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 14:56:34.0171 3572 TapiSrv - ok 14:56:34.0343 3572 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys 14:56:34.0484 3572 Tcpip - ok 14:56:34.0546 3572 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys 14:56:34.0703 3572 TDPIPE - ok 14:56:34.0765 3572 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys 14:56:34.0953 3572 TDTCP - ok 14:56:35.0015 3572 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys 14:56:35.0203 3572 TermDD - ok 14:56:35.0359 3572 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll 14:56:35.0562 3572 TermService - ok 14:56:35.0656 3572 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll 14:56:35.0671 3572 Themes - ok 14:56:35.0687 3572 TosIde - ok 14:56:35.0765 3572 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll 14:56:35.0953 3572 TrkWks - ok 14:56:36.0046 3572 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys 14:56:36.0218 3572 Udfs - ok 14:56:36.0250 3572 UIUSys - ok 14:56:36.0265 3572 ultra - ok 14:56:36.0468 3572 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys 14:56:36.0734 3572 Update - ok 14:56:36.0859 3572 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll 14:56:37.0015 3572 upnphost - ok 14:56:37.0078 3572 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe 14:56:37.0265 3572 UPS - ok 14:56:37.0343 3572 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys 14:56:37.0546 3572 usbaudio - ok 14:56:37.0625 3572 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys 14:56:37.0796 3572 usbccgp - ok 14:56:37.0859 3572 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys 14:56:38.0031 3572 usbehci - ok 14:56:38.0093 3572 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys 14:56:38.0281 3572 usbhub - ok 14:56:38.0343 3572 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys 14:56:38.0531 3572 usbprint - ok 14:56:38.0593 3572 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys 14:56:38.0765 3572 usbscan - ok 14:56:38.0812 3572 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 14:56:39.0000 3572 USBSTOR - ok 14:56:39.0046 3572 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys 14:56:39.0218 3572 usbuhci - ok 14:56:39.0265 3572 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys 14:56:39.0421 3572 VgaSave - ok 14:56:39.0500 3572 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys 14:56:39.0687 3572 viaagp - ok 14:56:39.0734 3572 [ 4B039BBD037B01F5DB5A144C837F283A ] viaagp1 C:\WINDOWS\system32\DRIVERS\viaagp1.sys 14:56:39.0781 3572 viaagp1 - ok 14:56:39.0843 3572 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys 14:56:40.0031 3572 ViaIde - ok 14:56:40.0093 3572 [ 6B6A0F4B569452ED1E87525C12395F42 ] VIAudio C:\WINDOWS\system32\drivers\viaudio.sys 14:56:40.0171 3572 VIAudio - ok 14:56:40.0234 3572 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys 14:56:40.0390 3572 VolSnap - ok 14:56:40.0578 3572 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe 14:56:40.0859 3572 VSS - ok 14:56:40.0953 3572 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\System32\w32time.dll 14:56:41.0125 3572 W32Time - ok 14:56:41.0203 3572 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys 14:56:41.0359 3572 Wanarp - ok 14:56:41.0390 3572 wanatw - ok 14:56:41.0406 3572 WDICA - ok 14:56:41.0484 3572 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys 14:56:41.0656 3572 wdmaud - ok 14:56:41.0718 3572 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll 14:56:41.0890 3572 WebClient - ok 14:56:42.0046 3572 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll 14:56:42.0265 3572 winmgmt - ok 14:56:42.0359 3572 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll 14:56:42.0437 3572 WmdmPmSN - ok 14:56:42.0625 3572 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\System32\wbem\wmiapsrv.exe 14:56:42.0828 3572 WmiApSrv - ok 14:56:43.0234 3572 [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc C:\Programme\Windows Media Player\WMPNetwk.exe 14:56:43.0796 3572 WMPNetworkSvc - ok 14:56:43.0890 3572 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINDOWS\system32\wscsvc.dll 14:56:44.0046 3572 wscsvc - ok 14:56:44.0109 3572 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 14:56:44.0296 3572 WSTCODEC - ok 14:56:44.0343 3572 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll 14:56:44.0515 3572 wuauserv - ok 14:56:44.0578 3572 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys 14:56:44.0640 3572 WudfPf - ok 14:56:44.0703 3572 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys 14:56:44.0734 3572 WudfRd - ok 14:56:44.0796 3572 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll 14:56:44.0843 3572 WudfSvc - ok 14:56:45.0109 3572 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll 14:56:45.0359 3572 WZCSVC - ok 14:56:45.0453 3572 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll 14:56:45.0656 3572 xmlprov - ok 14:56:45.0687 3572 ================ Scan global =============================== 14:56:45.0765 3572 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll 14:56:45.0906 3572 [ E62178BC21EAC63A3B9A2DBD46C1B505 ] C:\WINDOWS\system32\winsrv.dll 14:56:46.0093 3572 [ E62178BC21EAC63A3B9A2DBD46C1B505 ] C:\WINDOWS\system32\winsrv.dll 14:56:46.0171 3572 [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe 14:56:46.0187 3572 [Global] - ok 14:56:46.0203 3572 ================ Scan MBR ================================== 14:56:46.0234 3572 [ D70E003772426DE74EB7664C570343CB ] \Device\Harddisk0\DR0 14:56:46.0687 3572 \Device\Harddisk0\DR0 - ok 14:56:46.0687 3572 ================ Scan VBR ================================== 14:56:46.0718 3572 [ A311F7FB62095BD5F55A92D2EE6EAF0F ] \Device\Harddisk0\DR0\Partition1 14:56:46.0718 3572 \Device\Harddisk0\DR0\Partition1 - ok 14:56:46.0734 3572 ============================================================ 14:56:46.0734 3572 Scan finished 14:56:46.0734 3572 ============================================================ 14:56:46.0875 0408 Detected object count: 4 14:56:46.0875 0408 Actual detected object count: 4 14:56:57.0421 0408 ASCTRM ( UnsignedFile.Multi.Generic ) - skipped by user 14:56:57.0421 0408 ASCTRM ( UnsignedFile.Multi.Generic ) - User select action: Skip 14:56:57.0421 0408 ctxS51 ( UnsignedFile.Multi.Generic ) - skipped by user 14:56:57.0421 0408 ctxS51 ( UnsignedFile.Multi.Generic ) - User select action: Skip 14:56:57.0437 0408 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user 14:56:57.0437 0408 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 14:56:57.0437 0408 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user 14:56:57.0437 0408 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip |
Hi, Scan mit Combofix
|
Wie mache ich das denn mit den "Code-Tags"? |
kopiers einfach rein, das passt schon ich poste dir auch die codes noch, da schreibst du es einfach dazwischen Code: |
Was meinst du mit "dazwischen" schreiben? Combofix zeigt mir an, dass Anvira noch an ist - aber wie schalte ich das aus? Ich finde hier auf dem PC das Programm gar nicht bzw. keinen Ausschalt-Button :-( |
| Alle Zeitangaben in WEZ +1. Es ist jetzt 20:02 Uhr. |
Copyright ©2000-2025, Trojaner-Board
WARNUNG an die MITLESER: