| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Task's lassen ich nicht beendenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
31.12.2011, 00:35
| #16 |
 |  Task's lassen ich nicht beenden Hier de Log: Code:
ATTFilter 00:32:20.0258 5988 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
00:32:20.0469 5988 ============================================================
00:32:20.0469 5988 Current date / time: 2011/12/31 00:32:20.0469
00:32:20.0469 5988 SystemInfo:
00:32:20.0469 5988
00:32:20.0469 5988 OS Version: 6.0.6002 ServicePack: 2.0
00:32:20.0469 5988 Product type: Workstation
00:32:20.0469 5988 ComputerName: TITAN21
00:32:20.0470 5988 UserName: Jovan
00:32:20.0470 5988 Windows directory: C:\Windows
00:32:20.0470 5988 System windows directory: C:\Windows
00:32:20.0470 5988 Processor architecture: Intel x86
00:32:20.0470 5988 Number of processors: 2
00:32:20.0470 5988 Page size: 0x1000
00:32:20.0470 5988 Boot type: Normal boot
00:32:20.0470 5988 ============================================================
00:32:25.0923 5988 Initialize success
00:32:47.0412 5940 ============================================================
00:32:47.0412 5940 Scan started
00:32:47.0412 5940 Mode: Manual; SigCheck; TDLFS;
00:32:47.0412 5940 ============================================================
00:32:50.0773 5940 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
00:32:50.0931 5940 ACPI - ok
00:32:51.0360 5940 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
00:32:51.0558 5940 adp94xx - ok
00:32:51.0975 5940 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
00:32:52.0121 5940 adpahci - ok
00:32:52.0450 5940 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
00:32:52.0507 5940 adpu160m - ok
00:32:52.0887 5940 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
00:32:52.0911 5940 adpu320 - ok
00:32:53.0582 5940 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
00:32:53.0744 5940 AFD - ok
00:32:54.0172 5940 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
00:32:54.0208 5940 agp440 - ok
00:32:54.0536 5940 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
00:32:54.0590 5940 aic78xx - ok
00:32:55.0204 5940 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
00:32:55.0290 5940 aliide - ok
00:32:55.0688 5940 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
00:32:55.0743 5940 amdagp - ok
00:32:55.0929 5940 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
00:32:55.0973 5940 amdide - ok
00:32:56.0367 5940 amdiox86 (ff258424f0b2ef25eb98f04ee386e6e3) C:\Windows\system32\DRIVERS\amdiox86.sys
00:32:56.0456 5940 amdiox86 - ok
00:32:56.0821 5940 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
00:32:57.0080 5940 AmdK7 - ok
00:32:57.0332 5940 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
00:32:57.0532 5940 AmdK8 - ok
00:32:58.0129 5940 amdkmdag (ab70f110143892eb41aa46500aa5cf00) C:\Windows\system32\DRIVERS\atikmdag.sys
00:32:59.0099 5940 amdkmdag - ok
00:32:59.0339 5940 amdkmdap (32d68d05b871eed5572d0c2c764ea4ec) C:\Windows\system32\DRIVERS\atikmpag.sys
00:32:59.0528 5940 amdkmdap - ok
00:32:59.0722 5940 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
00:32:59.0771 5940 arc - ok
00:32:59.0943 5940 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
00:32:59.0990 5940 arcsas - ok
00:33:00.0139 5940 AsIO (2b4e66fac6503494a2c6f32bb6ab3826) C:\Windows\system32\drivers\AsIO.sys
00:33:00.0154 5940 AsIO - ok
00:33:00.0357 5940 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
00:33:00.0425 5940 AsyncMac - ok
00:33:00.0861 5940 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
00:33:00.0873 5940 atapi - ok
00:33:01.0046 5940 AtcL001 (55907c61656449ca8534c323d6eabc89) C:\Windows\system32\DRIVERS\l160x86.sys
00:33:01.0122 5940 AtcL001 - ok
00:33:01.0331 5940 AtiHDAudioService (c8f5273b12cfa5c0888263e34140cb8a) C:\Windows\system32\drivers\AtihdLH3.sys
00:33:01.0354 5940 AtiHDAudioService - ok
00:33:01.0520 5940 AtiHdmiService (5e1cbda7d52289579e25283549e99425) C:\Windows\system32\drivers\AtiHdmi.sys
00:33:01.0548 5940 AtiHdmiService - ok
00:33:01.0740 5940 avgntflt (7713e4eb0276702faa08e52a6e23f2a6) C:\Windows\system32\DRIVERS\avgntflt.sys
00:33:01.0777 5940 avgntflt - ok
00:33:02.0047 5940 avipbb (475fbb85956534720858ae72010c0a43) C:\Windows\system32\DRIVERS\avipbb.sys
00:33:02.0101 5940 avipbb - ok
00:33:02.0425 5940 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
00:33:02.0463 5940 avkmgr - ok
00:33:02.0870 5940 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
00:33:03.0002 5940 Beep - ok
00:33:03.0301 5940 blbdrive - ok
00:33:03.0544 5940 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
00:33:03.0642 5940 bowser - ok
00:33:03.0853 5940 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
00:33:04.0013 5940 BrFiltLo - ok
00:33:04.0378 5940 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
00:33:04.0450 5940 BrFiltUp - ok
00:33:04.0753 5940 Bridge (b1564976d98e91fc764d5dc28a0297da) C:\Windows\system32\DRIVERS\bridge.sys
00:33:04.0823 5940 Bridge - ok
00:33:04.0877 5940 BridgeMP (b1564976d98e91fc764d5dc28a0297da) C:\Windows\system32\DRIVERS\bridge.sys
00:33:04.0900 5940 BridgeMP - ok
00:33:05.0347 5940 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
00:33:05.0456 5940 Brserid - ok
00:33:05.0752 5940 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
00:33:05.0899 5940 BrSerWdm - ok
00:33:06.0236 5940 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
00:33:06.0364 5940 BrUsbMdm - ok
00:33:06.0768 5940 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
00:33:06.0878 5940 BrUsbSer - ok
00:33:07.0193 5940 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
00:33:07.0302 5940 BTHMODEM - ok
00:33:07.0545 5940 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
00:33:07.0611 5940 cdfs - ok
00:33:07.0777 5940 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
00:33:07.0842 5940 cdrom - ok
00:33:08.0187 5940 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
00:33:08.0279 5940 circlass - ok
00:33:08.0535 5940 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
00:33:08.0587 5940 CLFS - ok
00:33:08.0890 5940 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
00:33:08.0929 5940 cmdide - ok
00:33:09.0228 5940 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys
00:33:09.0258 5940 Compbatt - ok
00:33:09.0652 5940 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
00:33:09.0669 5940 crcdisk - ok
00:33:09.0919 5940 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
00:33:10.0008 5940 Crusoe - ok
00:33:10.0284 5940 CSC (9bdb2e89be8d0ef37b1f25c3d3fc192c) C:\Windows\system32\drivers\csc.sys
00:33:10.0419 5940 CSC - ok
00:33:10.0639 5940 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
00:33:10.0732 5940 DfsC - ok
00:33:11.0051 5940 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
00:33:11.0158 5940 disk - ok
00:33:11.0664 5940 Dokan (73b37188b998d9c51cf2016cad0848ac) C:\Windows\system32\drivers\dokan.sys
00:33:11.0723 5940 Dokan ( UnsignedFile.Multi.Generic ) - warning
00:33:11.0723 5940 Dokan - detected UnsignedFile.Multi.Generic (1)
00:33:12.0118 5940 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
00:33:12.0185 5940 drmkaud - ok
00:33:12.0434 5940 dtsoftbus01 (c0c7ceccb6c85994c2bc92d58e52d3f2) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
00:33:12.0451 5940 dtsoftbus01 - ok
00:33:12.0857 5940 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
00:33:13.0014 5940 DXGKrnl - ok
00:33:13.0308 5940 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
00:33:13.0414 5940 E1G60 - ok
00:33:13.0680 5940 EagleNT - ok
00:33:13.0996 5940 EagleXNt - ok
00:33:14.0158 5940 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
00:33:14.0199 5940 Ecache - ok
00:33:14.0397 5940 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
00:33:14.0469 5940 elxstor - ok
00:33:14.0718 5940 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
00:33:14.0825 5940 exfat - ok
00:33:15.0026 5940 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
00:33:15.0091 5940 fastfat - ok
00:33:15.0261 5940 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
00:33:15.0312 5940 fdc - ok
00:33:15.0526 5940 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
00:33:15.0557 5940 FileInfo - ok
00:33:15.0759 5940 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
00:33:15.0830 5940 Filetrace - ok
00:33:16.0019 5940 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
00:33:16.0095 5940 flpydisk - ok
00:33:16.0276 5940 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
00:33:16.0295 5940 FltMgr - ok
00:33:16.0610 5940 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
00:33:16.0664 5940 Fs_Rec - ok
00:33:16.0842 5940 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
00:33:16.0864 5940 gagp30kx - ok
00:33:17.0040 5940 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
00:33:17.0068 5940 GEARAspiWDM - ok
00:33:17.0264 5940 hamachi (833051c6c6c42117191935f734cfbd97) C:\Windows\system32\DRIVERS\hamachi.sys
00:33:17.0297 5940 hamachi - ok
00:33:17.0574 5940 hcmon (51fa91bb463b15fd8eacd5045c3f2fa6) C:\Windows\system32\drivers\hcmon.sys
00:33:17.0601 5940 hcmon - ok
00:33:17.0785 5940 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
00:33:17.0891 5940 HdAudAddService - ok
00:33:18.0063 5940 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
00:33:18.0133 5940 HDAudBus - ok
00:33:18.0309 5940 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
00:33:18.0383 5940 HidBth - ok
00:33:18.0700 5940 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
00:33:18.0799 5940 HidIr - ok
00:33:18.0967 5940 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
00:33:19.0040 5940 HidUsb - ok
00:33:19.0219 5940 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
00:33:19.0239 5940 HpCISSs - ok
00:33:19.0431 5940 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
00:33:19.0636 5940 HTTP - ok
00:33:19.0814 5940 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
00:33:19.0831 5940 i2omp - ok
00:33:20.0003 5940 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
00:33:20.0062 5940 i8042prt - ok
00:33:20.0235 5940 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
00:33:20.0271 5940 iaStorV - ok
00:33:20.0451 5940 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
00:33:20.0487 5940 iirsp - ok
00:33:20.0872 5940 IntcAzAudAddService (345ac48d17f5c2f2aa1ee50d34c3978b) C:\Windows\system32\drivers\RTKVHDA.sys
00:33:21.0444 5940 IntcAzAudAddService - ok
00:33:21.0773 5940 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
00:33:21.0812 5940 intelide - ok
00:33:22.0033 5940 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
00:33:22.0118 5940 intelppm - ok
00:33:22.0416 5940 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:33:22.0478 5940 IpFilterDriver - ok
00:33:22.0778 5940 IpInIp - ok
00:33:22.0928 5940 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
00:33:23.0022 5940 IPMIDRV - ok
00:33:23.0217 5940 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
00:33:23.0248 5940 IPNAT - ok
00:33:23.0433 5940 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
00:33:23.0507 5940 IRENUM - ok
00:33:23.0710 5940 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
00:33:23.0756 5940 isapnp - ok
00:33:24.0046 5940 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
00:33:24.0064 5940 iScsiPrt - ok
00:33:24.0233 5940 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
00:33:24.0271 5940 iteatapi - ok
00:33:24.0450 5940 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
00:33:24.0468 5940 iteraid - ok
00:33:24.0666 5940 jumi (ee894427ac0b2b2c2c8b32cb78357dae) C:\Windows\system32\DRIVERS\jumi.sys
00:33:24.0684 5940 jumi - ok
00:33:24.0896 5940 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
00:33:24.0929 5940 kbdclass - ok
00:33:25.0101 5940 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
00:33:25.0178 5940 kbdhid - ok
00:33:25.0311 5940 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
00:33:25.0392 5940 KSecDD - ok
00:33:25.0562 5940 KUSBusByTCP (632191f9aca2df8fb478c161f51a285a) C:\Windows\system32\Drivers\KUSBusByTCP.sys
00:33:25.0596 5940 KUSBusByTCP ( UnsignedFile.Multi.Generic ) - warning
00:33:25.0596 5940 KUSBusByTCP - detected UnsignedFile.Multi.Generic (1)
00:33:25.0824 5940 KUSBusByTCPMasterBus (32a74618edd493669b478595c2e54c62) C:\Windows\system32\Drivers\KUSBusByTCPMasterBus.sys
00:33:25.0861 5940 KUSBusByTCPMasterBus ( UnsignedFile.Multi.Generic ) - warning
00:33:25.0861 5940 KUSBusByTCPMasterBus - detected UnsignedFile.Multi.Generic (1)
00:33:26.0066 5940 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
00:33:26.0143 5940 lltdio - ok
00:33:26.0329 5940 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
00:33:26.0350 5940 LSI_FC - ok
00:33:26.0526 5940 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
00:33:26.0548 5940 LSI_SAS - ok
00:33:26.0738 5940 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
00:33:26.0822 5940 LSI_SCSI - ok
00:33:27.0137 5940 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
00:33:27.0208 5940 luafv - ok
00:33:27.0382 5940 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\Windows\system32\drivers\mbam.sys
00:33:27.0418 5940 MBAMProtector - ok
00:33:27.0599 5940 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
00:33:27.0619 5940 megasas - ok
00:33:27.0812 5940 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
00:33:27.0861 5940 Modem - ok
00:33:28.0022 5940 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
00:33:28.0072 5940 monitor - ok
00:33:28.0235 5940 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
00:33:28.0269 5940 mouclass - ok
00:33:28.0441 5940 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
00:33:28.0473 5940 mouhid - ok
00:33:28.0669 5940 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
00:33:28.0707 5940 MountMgr - ok
00:33:28.0856 5940 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
00:33:28.0878 5940 mpio - ok
00:33:29.0052 5940 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
00:33:29.0116 5940 mpsdrv - ok
00:33:29.0294 5940 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
00:33:29.0333 5940 Mraid35x - ok
00:33:29.0513 5940 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
00:33:29.0596 5940 MRxDAV - ok
00:33:29.0757 5940 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
00:33:29.0849 5940 mrxsmb - ok
00:33:30.0017 5940 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:33:30.0103 5940 mrxsmb10 - ok
00:33:30.0224 5940 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:33:30.0275 5940 mrxsmb20 - ok
00:33:30.0444 5940 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
00:33:30.0488 5940 msahci - ok
00:33:30.0685 5940 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
00:33:30.0743 5940 msdsm - ok
00:33:30.0980 5940 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
00:33:31.0064 5940 Msfs - ok
00:33:31.0316 5940 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
00:33:31.0341 5940 msisadrv - ok
00:33:31.0517 5940 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
00:33:31.0590 5940 MSKSSRV - ok
00:33:31.0811 5940 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
00:33:31.0892 5940 MSPCLOCK - ok
00:33:32.0299 5940 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
00:33:32.0354 5940 MSPQM - ok
00:33:32.0590 5940 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
00:33:32.0629 5940 MsRPC - ok
00:33:32.0830 5940 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
00:33:32.0840 5940 mssmbios - ok
00:33:33.0015 5940 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
00:33:33.0061 5940 MSTEE - ok
00:33:33.0228 5940 MTsensor (dcdaab8697a47894a554050ce18d0b56) C:\Windows\system32\DRIVERS\ASACPI.sys
00:33:33.0278 5940 MTsensor - ok
00:33:33.0446 5940 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
00:33:33.0475 5940 Mup - ok
00:33:33.0663 5940 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
00:33:33.0711 5940 NativeWifiP - ok
00:33:33.0917 5940 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
00:33:33.0969 5940 NDIS - ok
00:33:34.0140 5940 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
00:33:34.0194 5940 NdisTapi - ok
00:33:34.0359 5940 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
00:33:34.0432 5940 Ndisuio - ok
00:33:34.0621 5940 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
00:33:34.0693 5940 NdisWan - ok
00:33:34.0870 5940 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
00:33:34.0910 5940 NDProxy - ok
00:33:35.0087 5940 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
00:33:35.0156 5940 NetBIOS - ok
00:33:35.0376 5940 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
00:33:35.0464 5940 netbt - ok
00:33:35.0701 5940 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
00:33:35.0728 5940 nfrd960 - ok
00:33:35.0966 5940 NPF (b48dc6abcd3aeff8618350ccbdc6b09a) C:\Windows\system32\drivers\npf.sys
00:33:35.0986 5940 NPF - ok
00:33:36.0182 5940 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
00:33:36.0238 5940 Npfs - ok
00:33:36.0435 5940 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
00:33:36.0523 5940 nsiproxy - ok
00:33:36.0731 5940 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
00:33:36.0953 5940 Ntfs - ok
00:33:37.0140 5940 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
00:33:37.0254 5940 ntrigdigi - ok
00:33:37.0566 5940 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
00:33:37.0633 5940 Null - ok
00:33:37.0830 5940 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
00:33:37.0877 5940 nvraid - ok
00:33:38.0062 5940 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
00:33:38.0101 5940 nvstor - ok
00:33:38.0269 5940 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
00:33:38.0291 5940 nv_agp - ok
00:33:38.0432 5940 NwlnkFlt - ok
00:33:38.0578 5940 NwlnkFwd - ok
00:33:38.0743 5940 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
00:33:38.0860 5940 ohci1394 - ok
00:33:39.0036 5940 Parport (8a79fdf04a73428597e2caf9d0d67850) C:\Windows\system32\DRIVERS\parport.sys
00:33:39.0110 5940 Parport - ok
00:33:39.0277 5940 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
00:33:39.0308 5940 partmgr - ok
00:33:39.0475 5940 Parvdm (6c580025c81caf3ae9e3617c22cad00e) C:\Windows\system32\DRIVERS\parvdm.sys
00:33:39.0539 5940 Parvdm - ok
00:33:39.0722 5940 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
00:33:39.0738 5940 pci - ok
00:33:39.0911 5940 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
00:33:39.0941 5940 pciide - ok
00:33:40.0103 5940 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
00:33:40.0131 5940 pcmcia - ok
00:33:40.0313 5940 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
00:33:40.0540 5940 PEAUTH - ok
00:33:40.0749 5940 pfc (f2b3785d7282bac66d4b644fc88749f0) C:\Windows\system32\drivers\pfc.sys
00:33:40.0800 5940 pfc ( UnsignedFile.Multi.Generic ) - warning
00:33:40.0800 5940 pfc - detected UnsignedFile.Multi.Generic (1)
00:33:41.0004 5940 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
00:33:41.0057 5940 PptpMiniport - ok
00:33:41.0230 5940 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
00:33:41.0328 5940 Processor - ok
00:33:41.0509 5940 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
00:33:41.0574 5940 PSched - ok
00:33:41.0751 5940 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\Windows\system32\Drivers\PxHelp20.sys
00:33:41.0770 5940 PxHelp20 - ok
00:33:41.0959 5940 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
00:33:42.0100 5940 ql2300 - ok
00:33:42.0272 5940 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
00:33:42.0325 5940 ql40xx - ok
00:33:42.0500 5940 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
00:33:42.0655 5940 QWAVEdrv - ok
00:33:42.0843 5940 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
00:33:42.0878 5940 RasAcd - ok
00:33:43.0080 5940 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
00:33:43.0160 5940 Rasl2tp - ok
00:33:43.0344 5940 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
00:33:43.0413 5940 RasPppoe - ok
00:33:43.0627 5940 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
00:33:43.0655 5940 RasSstp - ok
00:33:43.0866 5940 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
00:33:44.0110 5940 rdbss - ok
00:33:44.0399 5940 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
00:33:44.0471 5940 RDPCDD - ok
00:33:44.0718 5940 rdpdr (943b18305eae3935598a9b4a3d560b4c) C:\Windows\system32\DRIVERS\rdpdr.sys
00:33:44.0881 5940 rdpdr - ok
00:33:45.0122 5940 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
00:33:45.0185 5940 RDPENCDD - ok
00:33:45.0480 5940 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
00:33:45.0708 5940 RDPWD - ok
00:33:45.0968 5940 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
00:33:46.0022 5940 rspndr - ok
00:33:46.0195 5940 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
00:33:46.0217 5940 sbp2port - ok
00:33:46.0408 5940 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
00:33:46.0514 5940 secdrv - ok
00:33:46.0702 5940 Serenum (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys
00:33:46.0780 5940 Serenum - ok
00:33:46.0975 5940 Serial (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys
00:33:47.0039 5940 Serial - ok
00:33:47.0194 5940 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
00:33:47.0246 5940 sermouse - ok
00:33:47.0443 5940 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
00:33:47.0539 5940 sffdisk - ok
00:33:47.0710 5940 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
00:33:47.0812 5940 sffp_mmc - ok
00:33:48.0008 5940 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
00:33:48.0120 5940 sffp_sd - ok
00:33:48.0324 5940 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
00:33:48.0395 5940 sfloppy - ok
00:33:48.0615 5940 Si3114r5 (09889d435edc82435b18c7c311fe5721) C:\Windows\system32\drivers\si3114r5.sys
00:33:48.0631 5940 Si3114r5 - ok
00:33:48.0893 5940 SiFilter (46b92189fe4db53a09e3a0099aa3084c) C:\Windows\system32\drivers\siwinacc.sys
00:33:48.0945 5940 SiFilter - ok
00:33:49.0134 5940 SiRemFil (b688378d258d1ecce4768cdb55d48d92) C:\Windows\system32\drivers\siremfil.sys
00:33:49.0166 5940 SiRemFil - ok
00:33:49.0360 5940 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
00:33:49.0398 5940 sisagp - ok
00:33:49.0580 5940 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
00:33:49.0599 5940 SiSRaid2 - ok
00:33:49.0785 5940 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
00:33:49.0853 5940 SiSRaid4 - ok
00:33:50.0063 5940 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
00:33:50.0099 5940 Smb - ok
00:33:50.0271 5940 snpstd - ok
00:33:50.0451 5940 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
00:33:50.0477 5940 spldr - ok
00:33:50.0671 5940 sptd (8ea0fd60a5b047e0c734d51aace531c9) C:\Windows\System32\Drivers\sptd.sys
00:33:50.0671 5940 Suspicious file (NoAccess): C:\Windows\System32\Drivers\sptd.sys. md5: 8ea0fd60a5b047e0c734d51aace531c9
00:33:50.0694 5940 sptd ( LockedFile.Multi.Generic ) - warning
00:33:50.0695 5940 sptd - detected LockedFile.Multi.Generic (1)
00:33:50.0938 5940 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
00:33:51.0094 5940 srv - ok
00:33:51.0264 5940 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
00:33:51.0371 5940 srv2 - ok
00:33:51.0556 5940 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
00:33:51.0628 5940 srvnet - ok
00:33:51.0822 5940 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
00:33:51.0852 5940 ssmdrv - ok
00:33:52.0090 5940 StillCam (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys
00:33:52.0125 5940 StillCam - ok
00:33:52.0294 5940 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
00:33:52.0312 5940 swenum - ok
00:33:52.0496 5940 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
00:33:52.0536 5940 Symc8xx - ok
00:33:52.0718 5940 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
00:33:52.0745 5940 Sym_hi - ok
00:33:52.0940 5940 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
00:33:52.0959 5940 Sym_u3 - ok
00:33:53.0140 5940 tap0901 (98a1e6bc9f766b0b0a5bf00af847ef20) C:\Windows\system32\DRIVERS\tap0901.sys
00:33:53.0193 5940 tap0901 - ok
00:33:53.0379 5940 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
00:33:53.0505 5940 Tcpip - ok
00:33:53.0737 5940 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
00:33:53.0826 5940 Tcpip6 - ok
00:33:53.0990 5940 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
00:33:54.0066 5940 tcpipreg - ok
00:33:54.0248 5940 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
00:33:54.0303 5940 TDPIPE - ok
00:33:54.0476 5940 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
00:33:54.0539 5940 TDTCP - ok
00:33:54.0722 5940 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
00:33:54.0806 5940 tdx - ok
00:33:55.0020 5940 teamviewervpn (9101fffcfccd1a30e870a5b8a9091b10) C:\Windows\system32\DRIVERS\teamviewervpn.sys
00:33:55.0086 5940 teamviewervpn - ok
00:33:55.0252 5940 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
00:33:55.0277 5940 TermDD - ok
00:33:55.0482 5940 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
00:33:55.0550 5940 tssecsrv - ok
00:33:55.0779 5940 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
00:33:55.0864 5940 tunmp - ok
00:33:56.0032 5940 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
00:33:56.0050 5940 tunnel - ok
00:33:56.0242 5940 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
00:33:56.0290 5940 uagp35 - ok
00:33:56.0470 5940 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
00:33:56.0574 5940 udfs - ok
00:33:56.0794 5940 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
00:33:56.0815 5940 uliagpkx - ok
00:33:56.0984 5940 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
00:33:57.0048 5940 uliahci - ok
00:33:57.0186 5940 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
00:33:57.0237 5940 UlSata - ok
00:33:57.0417 5940 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
00:33:57.0442 5940 ulsata2 - ok
00:33:57.0618 5940 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
00:33:57.0716 5940 umbus - ok
00:33:57.0779 5940 UnlockerDriver5 (bb879dcfd22926efbeb3298129898cbb) e:\Programme\Unlocker\UnlockerDriver5.sys
00:33:57.0822 5940 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - warning
00:33:57.0823 5940 UnlockerDriver5 - detected UnsignedFile.Multi.Generic (1)
00:33:57.0996 5940 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
00:33:58.0066 5940 USBAAPL - ok
00:33:58.0241 5940 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
00:33:58.0314 5940 usbaudio - ok
00:33:58.0494 5940 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
00:33:58.0584 5940 usbccgp - ok
00:33:58.0767 5940 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
00:33:58.0896 5940 usbcir - ok
00:33:59.0071 5940 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
00:33:59.0122 5940 usbehci - ok
00:33:59.0294 5940 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
00:33:59.0386 5940 usbhub - ok
00:33:59.0549 5940 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
00:33:59.0581 5940 usbohci - ok
00:33:59.0751 5940 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
00:33:59.0826 5940 usbprint - ok
00:34:00.0009 5940 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:34:00.0032 5940 USBSTOR - ok
00:34:00.0217 5940 usbuhci (325dbbacb8a36af9988ccf40eac228cc) C:\Windows\system32\DRIVERS\usbuhci.sys
00:34:00.0288 5940 usbuhci - ok
00:34:00.0506 5940 VBoxDrv (103b23ec82c08fc4bdbc369552ffab2a) C:\Windows\system32\DRIVERS\VBoxDrv.sys
00:34:00.0599 5940 VBoxDrv - ok
00:34:00.0767 5940 VBoxNetAdp (226cd9e42be28a84ec56430fbb57224f) C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
00:34:00.0789 5940 VBoxNetAdp - ok
00:34:00.0949 5940 VBoxNetFlt (0a5d6512dcb14135a388d0e7e69e01bb) C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
00:34:00.0995 5940 VBoxNetFlt - ok
00:34:01.0253 5940 VBoxUSBMon (96a478edfb1fbf1fc663beb09b4175a8) C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
00:34:01.0349 5940 VBoxUSBMon - ok
00:34:01.0580 5940 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
00:34:01.0697 5940 vga - ok
00:34:01.0860 5940 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
00:34:01.0909 5940 VgaSave - ok
00:34:02.0082 5940 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
00:34:02.0103 5940 viaagp - ok
00:34:02.0286 5940 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
00:34:02.0363 5940 ViaC7 - ok
00:34:02.0561 5940 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
00:34:02.0581 5940 viaide - ok
00:34:02.0808 5940 vmci (6f5d703bf312cb6cda78948763cb1e0d) C:\Windows\system32\Drivers\vmci.sys
00:34:02.0843 5940 vmci - ok
00:34:03.0006 5940 vmkbd (27df4aece721961f9c9064a31790f2ea) C:\Windows\system32\drivers\VMkbd.sys
00:34:03.0022 5940 vmkbd - ok
00:34:03.0187 5940 vmm (817da66b1b889fad1dbf669e0e2f3228) C:\Windows\system32\Drivers\vmm.sys
00:34:03.0207 5940 vmm - ok
00:34:03.0370 5940 VMnetAdapter (e41704d8149992107b333cc7a52c07cc) C:\Windows\system32\DRIVERS\vmnetadapter.sys
00:34:03.0406 5940 VMnetAdapter - ok
00:34:03.0722 5940 VMnetBridge (462f2a31ea8b87a28962aca998df1869) C:\Windows\system32\DRIVERS\vmnetbridge.sys
00:34:03.0755 5940 VMnetBridge - ok
00:34:03.0925 5940 VMnetuserif (ea10f0c9333388d2ecc4068efb8c366d) C:\Windows\system32\drivers\vmnetuserif.sys
00:34:03.0950 5940 VMnetuserif - ok
00:34:04.0125 5940 VMparport (311e4d0703f53faf7e7a5b3a2641d4fa) C:\Windows\system32\Drivers\VMparport.sys
00:34:04.0162 5940 VMparport - ok
00:34:04.0379 5940 vmx86 (35dc7079a413484423750db5d40b8ea6) C:\Windows\system32\Drivers\vmx86.sys
00:34:04.0547 5940 vmx86 - ok
00:34:04.0704 5940 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
00:34:04.0725 5940 volmgr - ok
00:34:04.0907 5940 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
00:34:04.0987 5940 volmgrx - ok
00:34:05.0192 5940 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
00:34:05.0286 5940 volsnap - ok
00:34:05.0513 5940 VPCNetS2 (2abe8281db609d8bb1bd1b2f93800d5f) C:\Windows\system32\DRIVERS\VMNetSrv.sys
00:34:05.0534 5940 VPCNetS2 - ok
00:34:05.0713 5940 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
00:34:05.0734 5940 vsmraid - ok
00:34:05.0788 5940 vstor2-ws60 (98929c5c5314c4c048e2f60492c26723) E:\Programme\VMware\VMware Player\vstor2-ws60.sys
00:34:05.0825 5940 vstor2-ws60 - ok
00:34:06.0034 5940 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
00:34:06.0137 5940 WacomPen - ok
00:34:06.0404 5940 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
00:34:06.0556 5940 Wanarp - ok
00:34:06.0596 5940 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
00:34:06.0623 5940 Wanarpv6 - ok
00:34:06.0829 5940 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
00:34:06.0857 5940 Wd - ok
00:34:07.0053 5940 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
00:34:07.0140 5940 Wdf01000 - ok
00:34:07.0408 5940 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
00:34:07.0482 5940 WmiAcpi - ok
00:34:07.0668 5940 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
00:34:07.0737 5940 WpdUsb - ok
00:34:07.0953 5940 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
00:34:08.0023 5940 ws2ifsl - ok
00:34:08.0280 5940 WSDPrintDevice (4422ac5ed8d4c2f0db63e71d4c069dd7) C:\Windows\system32\DRIVERS\WSDPrint.sys
00:34:08.0329 5940 WSDPrintDevice - ok
00:34:08.0527 5940 WudfPf (13b5f255e90624a5ba0441d39cfb6be2) C:\Windows\system32\DRIVERS\WudfPf.sys
00:34:08.0594 5940 WudfPf - ok
00:34:08.0781 5940 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
00:34:08.0831 5940 WUDFRd - ok
00:34:08.0931 5940 XDva388 - ok
00:34:09.0009 5940 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
00:34:09.0067 5940 \Device\Harddisk0\DR0 - ok
00:34:09.0179 5940 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk2\DR2
00:34:09.0245 5940 \Device\Harddisk2\DR2 - ok
00:34:09.0265 5940 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk1\DR1
00:34:09.0307 5940 \Device\Harddisk1\DR1 ( TDSS File System ) - warning
00:34:09.0307 5940 \Device\Harddisk1\DR1 - detected TDSS File System (1)
00:34:09.0317 5940 MBR (0x1B8) (65e858a8a0293be11a920b0bc99d695e) \Device\Harddisk3\DR3
00:34:10.0150 5940 \Device\Harddisk3\DR3 - ok
00:34:10.0156 5940 Boot (0x1200) (b1e27aa018409de6bfd73f8afb883a65) \Device\Harddisk0\DR0\Partition0
00:34:10.0156 5940 \Device\Harddisk0\DR0\Partition0 - ok
00:34:10.0184 5940 Boot (0x1200) (f8f14c5cab9c47583f1d5ef92ce8e6b6) \Device\Harddisk0\DR0\Partition1
00:34:10.0185 5940 \Device\Harddisk0\DR0\Partition1 - ok
00:34:10.0191 5940 Boot (0x1200) (f109a278b35a02ec96b150cd4dffc89e) \Device\Harddisk2\DR2\Partition0
00:34:10.0191 5940 \Device\Harddisk2\DR2\Partition0 - ok
00:34:10.0213 5940 Boot (0x1200) (8f7140eaa4a9a5749fdd82db7baa8307) \Device\Harddisk1\DR1\Partition0
00:34:10.0213 5940 \Device\Harddisk1\DR1\Partition0 - ok
00:34:10.0223 5940 Boot (0x1200) (29da36f4271c988087019cd666b1936c) \Device\Harddisk3\DR3\Partition0
00:34:10.0224 5940 \Device\Harddisk3\DR3\Partition0 - ok
00:34:10.0224 5940 ============================================================
00:34:10.0224 5940 Scan finished
00:34:10.0224 5940 ============================================================
00:34:10.0244 4452 Detected object count: 7
00:34:10.0244 4452 Actual detected object count: 7
00:34:37.0035 4452 Dokan ( UnsignedFile.Multi.Generic ) - skipped by user
00:34:37.0035 4452 Dokan ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:34:37.0036 4452 KUSBusByTCP ( UnsignedFile.Multi.Generic ) - skipped by user
00:34:37.0036 4452 KUSBusByTCP ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:34:37.0039 4452 KUSBusByTCPMasterBus ( UnsignedFile.Multi.Generic ) - skipped by user
00:34:37.0039 4452 KUSBusByTCPMasterBus ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:34:37.0043 4452 pfc ( UnsignedFile.Multi.Generic ) - skipped by user
00:34:37.0043 4452 pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:34:37.0046 4452 sptd ( LockedFile.Multi.Generic ) - skipped by user
00:34:37.0046 4452 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
00:34:37.0050 4452 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - skipped by user
00:34:37.0050 4452 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:34:37.0053 4452 \Device\Harddisk1\DR1 ( TDSS File System ) - skipped by user
00:34:37.0054 4452 \Device\Harddisk1\DR1 ( TDSS File System ) - User select action: Skip
|
|
31.12.2011, 15:17
| #17 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Task's lassen ich nicht beenden Das TDSS File System bitte mit dem TDSS-Killer löschen lassen, starte Windows danach neu und mach ein neues Log mit diesem Tool. Poste es wieder mit CODE-Tags umschlossen.
__________________
__________________ |
|
31.12.2011, 15:32
| #18 |
| | Task's lassen ich nicht beenden also noch mal scannen, dann Funde entfernen und dann noch mal scannen??
__________________ |
|
02.01.2012, 10:23
| #19 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Task's lassen ich nicht beenden Ja aber bitte nur das TDSS File System löschen!!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
02.01.2012, 17:51
| #20 |
| | Task's lassen ich nicht beendenCode:
ATTFilter 17:47:42.0511 4320 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
17:47:43.0660 4320 ============================================================
17:47:43.0661 4320 Current date / time: 2012/01/02 17:47:43.0660
17:47:43.0661 4320 SystemInfo:
17:47:43.0661 4320
17:47:43.0661 4320 OS Version: 6.0.6002 ServicePack: 2.0
17:47:43.0661 4320 Product type: Workstation
17:47:43.0661 4320 ComputerName: TITAN21
17:47:43.0661 4320 UserName: Jovan
17:47:43.0661 4320 Windows directory: C:\Windows
17:47:43.0661 4320 System windows directory: C:\Windows
17:47:43.0661 4320 Processor architecture: Intel x86
17:47:43.0661 4320 Number of processors: 2
17:47:43.0661 4320 Page size: 0x1000
17:47:43.0661 4320 Boot type: Normal boot
17:47:43.0661 4320 ============================================================
17:47:46.0358 4320 Initialize success
17:47:58.0459 3252 ============================================================
17:47:58.0459 3252 Scan started
17:47:58.0459 3252 Mode: Manual; SigCheck; TDLFS;
17:47:58.0459 3252 ============================================================
17:48:01.0337 3252 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
17:48:01.0529 3252 ACPI - ok
17:48:02.0171 3252 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
17:48:02.0406 3252 adp94xx - ok
17:48:03.0128 3252 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
17:48:03.0315 3252 adpahci - ok
17:48:03.0752 3252 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
17:48:03.0784 3252 adpu160m - ok
17:48:04.0323 3252 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
17:48:04.0365 3252 adpu320 - ok
17:48:05.0085 3252 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
17:48:05.0329 3252 AFD - ok
17:48:05.0599 3252 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
17:48:05.0724 3252 agp440 - ok
17:48:06.0130 3252 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
17:48:06.0188 3252 aic78xx - ok
17:48:06.0599 3252 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
17:48:06.0637 3252 aliide - ok
17:48:07.0157 3252 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
17:48:07.0186 3252 amdagp - ok
17:48:07.0673 3252 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
17:48:07.0688 3252 amdide - ok
17:48:08.0256 3252 amdiox86 (ff258424f0b2ef25eb98f04ee386e6e3) C:\Windows\system32\DRIVERS\amdiox86.sys
17:48:08.0385 3252 amdiox86 - ok
17:48:08.0872 3252 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
17:48:09.0157 3252 AmdK7 - ok
17:48:09.0479 3252 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
17:48:10.0001 3252 AmdK8 - ok
17:48:11.0330 3252 amdkmdag (ab70f110143892eb41aa46500aa5cf00) C:\Windows\system32\DRIVERS\atikmdag.sys
17:48:14.0778 3252 amdkmdag - ok
17:48:15.0525 3252 amdkmdap (32d68d05b871eed5572d0c2c764ea4ec) C:\Windows\system32\DRIVERS\atikmpag.sys
17:48:15.0970 3252 amdkmdap - ok
17:48:16.0573 3252 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
17:48:17.0804 3252 arc - ok
17:48:18.0591 3252 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
17:48:18.0653 3252 arcsas - ok
17:48:19.0369 3252 AsIO (2b4e66fac6503494a2c6f32bb6ab3826) C:\Windows\system32\drivers\AsIO.sys
17:48:19.0588 3252 AsIO - ok
17:48:19.0978 3252 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
17:48:20.0270 3252 AsyncMac - ok
17:48:21.0089 3252 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
17:48:21.0100 3252 atapi - ok
17:48:22.0230 3252 AtcL001 (55907c61656449ca8534c323d6eabc89) C:\Windows\system32\DRIVERS\l160x86.sys
17:48:22.0978 3252 AtcL001 - ok
17:48:23.0722 3252 AtiHDAudioService (c8f5273b12cfa5c0888263e34140cb8a) C:\Windows\system32\drivers\AtihdLH3.sys
17:48:23.0797 3252 AtiHDAudioService - ok
17:48:24.0617 3252 AtiHdmiService (5e1cbda7d52289579e25283549e99425) C:\Windows\system32\drivers\AtiHdmi.sys
17:48:25.0759 3252 AtiHdmiService - ok
17:48:26.0891 3252 avgntflt (7713e4eb0276702faa08e52a6e23f2a6) C:\Windows\system32\DRIVERS\avgntflt.sys
17:48:27.0037 3252 avgntflt - ok
17:48:28.0021 3252 avipbb (475fbb85956534720858ae72010c0a43) C:\Windows\system32\DRIVERS\avipbb.sys
17:48:28.0335 3252 avipbb - ok
17:48:29.0332 3252 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
17:48:29.0388 3252 avkmgr - ok
17:48:30.0152 3252 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
17:48:30.0358 3252 Beep - ok
17:48:31.0173 3252 blbdrive - ok
17:48:32.0156 3252 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
17:48:32.0219 3252 bowser - ok
17:48:32.0748 3252 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
17:48:34.0356 3252 BrFiltLo - ok
17:48:34.0679 3252 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
17:48:34.0759 3252 BrFiltUp - ok
17:48:35.0494 3252 Bridge (b1564976d98e91fc764d5dc28a0297da) C:\Windows\system32\DRIVERS\bridge.sys
17:48:35.0590 3252 Bridge - ok
17:48:35.0669 3252 BridgeMP (b1564976d98e91fc764d5dc28a0297da) C:\Windows\system32\DRIVERS\bridge.sys
17:48:35.0693 3252 BridgeMP - ok
17:48:36.0346 3252 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
17:48:36.0457 3252 Brserid - ok
17:48:36.0843 3252 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
17:48:37.0001 3252 BrSerWdm - ok
17:48:37.0410 3252 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
17:48:37.0578 3252 BrUsbMdm - ok
17:48:38.0059 3252 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
17:48:38.0438 3252 BrUsbSer - ok
17:48:38.0700 3252 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
17:48:38.0772 3252 BTHMODEM - ok
17:48:39.0451 3252 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
17:48:39.0793 3252 cdfs - ok
17:48:40.0432 3252 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
17:48:40.0548 3252 cdrom - ok
17:48:41.0249 3252 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
17:48:41.0424 3252 circlass - ok
17:48:41.0972 3252 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
17:48:42.0433 3252 CLFS - ok
17:48:42.0959 3252 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
17:48:43.0008 3252 cmdide - ok
17:48:43.0580 3252 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys
17:48:43.0659 3252 Compbatt - ok
17:48:44.0112 3252 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
17:48:44.0235 3252 crcdisk - ok
17:48:44.0787 3252 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
17:48:44.0899 3252 Crusoe - ok
17:48:45.0700 3252 CSC (9bdb2e89be8d0ef37b1f25c3d3fc192c) C:\Windows\system32\drivers\csc.sys
17:48:45.0927 3252 CSC - ok
17:48:46.0555 3252 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
17:48:46.0780 3252 DfsC - ok
17:48:47.0232 3252 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
17:48:47.0283 3252 disk - ok
17:48:47.0862 3252 Dokan (73b37188b998d9c51cf2016cad0848ac) C:\Windows\system32\drivers\dokan.sys
17:48:47.0914 3252 Dokan ( UnsignedFile.Multi.Generic ) - warning
17:48:47.0914 3252 Dokan - detected UnsignedFile.Multi.Generic (1)
17:48:48.0358 3252 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
17:48:48.0509 3252 drmkaud - ok
17:48:49.0073 3252 dtsoftbus01 (c0c7ceccb6c85994c2bc92d58e52d3f2) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
17:48:49.0089 3252 dtsoftbus01 - ok
17:48:50.0029 3252 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
17:48:50.0103 3252 DXGKrnl - ok
17:48:51.0004 3252 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
17:48:51.0141 3252 E1G60 - ok
17:48:51.0309 3252 EagleNT - ok
17:48:51.0708 3252 EagleXNt - ok
17:48:51.0987 3252 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
17:48:52.0059 3252 Ecache - ok
17:48:52.0717 3252 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
17:48:52.0779 3252 elxstor - ok
17:48:53.0320 3252 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
17:48:53.0410 3252 exfat - ok
17:48:54.0186 3252 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
17:48:54.0317 3252 fastfat - ok
17:48:54.0879 3252 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
17:48:54.0946 3252 fdc - ok
17:48:55.0351 3252 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
17:48:55.0422 3252 FileInfo - ok
17:48:55.0917 3252 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
17:48:55.0996 3252 Filetrace - ok
17:48:56.0376 3252 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
17:48:56.0511 3252 flpydisk - ok
17:48:57.0099 3252 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
17:48:57.0113 3252 FltMgr - ok
17:48:57.0408 3252 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
17:48:57.0470 3252 Fs_Rec - ok
17:48:58.0123 3252 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
17:48:58.0197 3252 gagp30kx - ok
17:48:58.0396 3252 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:48:58.0411 3252 GEARAspiWDM - ok
17:48:59.0060 3252 hamachi (833051c6c6c42117191935f734cfbd97) C:\Windows\system32\DRIVERS\hamachi.sys
17:48:59.0075 3252 hamachi - ok
17:48:59.0462 3252 hcmon (51fa91bb463b15fd8eacd5045c3f2fa6) C:\Windows\system32\drivers\hcmon.sys
17:48:59.0477 3252 hcmon - ok
17:49:00.0214 3252 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
17:49:00.0370 3252 HdAudAddService - ok
17:49:00.0958 3252 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
17:49:01.0178 3252 HDAudBus - ok
17:49:01.0411 3252 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
17:49:01.0485 3252 HidBth - ok
17:49:01.0911 3252 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
17:49:02.0013 3252 HidIr - ok
17:49:02.0378 3252 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
17:49:02.0485 3252 HidUsb - ok
17:49:02.0888 3252 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
17:49:03.0164 3252 HpCISSs - ok
17:49:03.0673 3252 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
17:49:04.0503 3252 HTTP - ok
17:49:05.0055 3252 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
17:49:05.0169 3252 i2omp - ok
17:49:05.0601 3252 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
17:49:05.0668 3252 i8042prt - ok
17:49:06.0266 3252 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
17:49:06.0297 3252 iaStorV - ok
17:49:06.0756 3252 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
17:49:06.0792 3252 iirsp - ok
17:49:07.0922 3252 IntcAzAudAddService (345ac48d17f5c2f2aa1ee50d34c3978b) C:\Windows\system32\drivers\RTKVHDA.sys
17:49:08.0612 3252 IntcAzAudAddService - ok
17:49:08.0885 3252 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
17:49:08.0920 3252 intelide - ok
17:49:09.0611 3252 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
17:49:09.0780 3252 intelppm - ok
17:49:10.0251 3252 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:49:10.0433 3252 IpFilterDriver - ok
17:49:10.0780 3252 IpInIp - ok
17:49:11.0072 3252 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
17:49:11.0157 3252 IPMIDRV - ok
17:49:11.0743 3252 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
17:49:11.0772 3252 IPNAT - ok
17:49:12.0600 3252 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
17:49:12.0705 3252 IRENUM - ok
17:49:13.0142 3252 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
17:49:13.0202 3252 isapnp - ok
17:49:13.0578 3252 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
17:49:13.0593 3252 iScsiPrt - ok
17:49:14.0048 3252 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
17:49:14.0108 3252 iteatapi - ok
17:49:14.0856 3252 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
17:49:14.0893 3252 iteraid - ok
17:49:15.0454 3252 jumi (ee894427ac0b2b2c2c8b32cb78357dae) C:\Windows\system32\DRIVERS\jumi.sys
17:49:15.0516 3252 jumi - ok
17:49:15.0926 3252 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
17:49:15.0959 3252 kbdclass - ok
17:49:16.0438 3252 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
17:49:16.0598 3252 kbdhid - ok
17:49:16.0898 3252 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
17:49:16.0954 3252 KSecDD - ok
17:49:17.0673 3252 KUSBusByTCP (632191f9aca2df8fb478c161f51a285a) C:\Windows\system32\Drivers\KUSBusByTCP.sys
17:49:17.0857 3252 KUSBusByTCP ( UnsignedFile.Multi.Generic ) - warning
17:49:17.0857 3252 KUSBusByTCP - detected UnsignedFile.Multi.Generic (1)
17:49:18.0326 3252 KUSBusByTCPMasterBus (32a74618edd493669b478595c2e54c62) C:\Windows\system32\Drivers\KUSBusByTCPMasterBus.sys
17:49:18.0463 3252 KUSBusByTCPMasterBus ( UnsignedFile.Multi.Generic ) - warning
17:49:18.0463 3252 KUSBusByTCPMasterBus - detected UnsignedFile.Multi.Generic (1)
17:49:19.0084 3252 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
17:49:19.0270 3252 lltdio - ok
17:49:19.0962 3252 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
17:49:19.0997 3252 LSI_FC - ok
17:49:20.0309 3252 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
17:49:20.0363 3252 LSI_SAS - ok
17:49:21.0053 3252 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
17:49:21.0223 3252 LSI_SCSI - ok
17:49:21.0726 3252 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
17:49:22.0006 3252 luafv - ok
17:49:22.0296 3252 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\Windows\system32\drivers\mbam.sys
17:49:22.0431 3252 MBAMProtector - ok
17:49:23.0013 3252 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
17:49:23.0110 3252 megasas - ok
17:49:23.0425 3252 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
17:49:23.0499 3252 Modem - ok
17:49:24.0259 3252 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
17:49:24.0311 3252 monitor - ok
17:49:25.0079 3252 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
17:49:25.0167 3252 mouclass - ok
17:49:25.0476 3252 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
17:49:25.0528 3252 mouhid - ok
17:49:26.0146 3252 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
17:49:26.0246 3252 MountMgr - ok
17:49:27.0023 3252 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
17:49:27.0116 3252 mpio - ok
17:49:28.0066 3252 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
17:49:28.0123 3252 mpsdrv - ok
17:49:28.0442 3252 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
17:49:28.0499 3252 Mraid35x - ok
17:49:29.0120 3252 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
17:49:29.0263 3252 MRxDAV - ok
17:49:29.0670 3252 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:49:30.0036 3252 mrxsmb - ok
17:49:30.0471 3252 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:49:30.0590 3252 mrxsmb10 - ok
17:49:30.0985 3252 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:49:31.0170 3252 mrxsmb20 - ok
17:49:31.0347 3252 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
17:49:31.0365 3252 msahci - ok
17:49:31.0555 3252 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
17:49:31.0610 3252 msdsm - ok
17:49:31.0924 3252 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
17:49:32.0132 3252 Msfs - ok
17:49:32.0336 3252 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
17:49:32.0370 3252 msisadrv - ok
17:49:32.0603 3252 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
17:49:32.0663 3252 MSKSSRV - ok
17:49:33.0329 3252 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
17:49:33.0474 3252 MSPCLOCK - ok
17:49:33.0734 3252 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
17:49:33.0890 3252 MSPQM - ok
17:49:34.0341 3252 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
17:49:34.0373 3252 MsRPC - ok
17:49:34.0540 3252 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
17:49:34.0553 3252 mssmbios - ok
17:49:34.0883 3252 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
17:49:35.0003 3252 MSTEE - ok
17:49:35.0371 3252 MTsensor (dcdaab8697a47894a554050ce18d0b56) C:\Windows\system32\DRIVERS\ASACPI.sys
17:49:35.0475 3252 MTsensor - ok
17:49:35.0729 3252 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
17:49:35.0790 3252 Mup - ok
17:49:36.0330 3252 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
17:49:36.0387 3252 NativeWifiP - ok
17:49:36.0683 3252 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
17:49:36.0721 3252 NDIS - ok
17:49:37.0106 3252 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
17:49:37.0196 3252 NdisTapi - ok
17:49:37.0492 3252 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
17:49:37.0575 3252 Ndisuio - ok
17:49:37.0787 3252 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
17:49:37.0900 3252 NdisWan - ok
17:49:38.0477 3252 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
17:49:38.0602 3252 NDProxy - ok
17:49:38.0960 3252 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
17:49:39.0295 3252 NetBIOS - ok
17:49:39.0889 3252 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
17:49:40.0079 3252 netbt - ok
17:49:40.0547 3252 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
17:49:40.0622 3252 nfrd960 - ok
17:49:40.0829 3252 NPF (b48dc6abcd3aeff8618350ccbdc6b09a) C:\Windows\system32\drivers\npf.sys
17:49:40.0880 3252 NPF - ok
17:49:41.0053 3252 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
17:49:41.0106 3252 Npfs - ok
17:49:41.0581 3252 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
17:49:41.0634 3252 nsiproxy - ok
17:49:41.0918 3252 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
17:49:42.0163 3252 Ntfs - ok
17:49:42.0627 3252 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
17:49:42.0713 3252 ntrigdigi - ok
17:49:42.0961 3252 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
17:49:42.0999 3252 Null - ok
17:49:43.0183 3252 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
17:49:43.0227 3252 nvraid - ok
17:49:43.0731 3252 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
17:49:44.0009 3252 nvstor - ok
17:49:44.0188 3252 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
17:49:44.0230 3252 nv_agp - ok
17:49:44.0655 3252 NwlnkFlt - ok
17:49:44.0797 3252 NwlnkFwd - ok
17:49:44.0995 3252 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
17:49:45.0073 3252 ohci1394 - ok
17:49:45.0304 3252 Parport (8a79fdf04a73428597e2caf9d0d67850) C:\Windows\system32\DRIVERS\parport.sys
17:49:45.0514 3252 Parport - ok
17:49:45.0755 3252 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
17:49:45.0863 3252 partmgr - ok
17:49:46.0026 3252 Parvdm (6c580025c81caf3ae9e3617c22cad00e) C:\Windows\system32\DRIVERS\parvdm.sys
17:49:46.0092 3252 Parvdm - ok
17:49:46.0282 3252 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
17:49:46.0295 3252 pci - ok
17:49:46.0886 3252 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
17:49:46.0904 3252 pciide - ok
17:49:47.0087 3252 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
17:49:47.0112 3252 pcmcia - ok
17:49:47.0314 3252 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
17:49:48.0049 3252 PEAUTH - ok
17:49:48.0323 3252 pfc (f2b3785d7282bac66d4b644fc88749f0) C:\Windows\system32\drivers\pfc.sys
17:49:48.0366 3252 pfc ( UnsignedFile.Multi.Generic ) - warning
17:49:48.0366 3252 pfc - detected UnsignedFile.Multi.Generic (1)
17:49:49.0161 3252 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
17:49:49.0200 3252 PptpMiniport - ok
17:49:49.0411 3252 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
17:49:49.0481 3252 Processor - ok
17:49:50.0015 3252 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
17:49:50.0074 3252 PSched - ok
17:49:50.0315 3252 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\Windows\system32\Drivers\PxHelp20.sys
17:49:50.0335 3252 PxHelp20 - ok
17:49:50.0532 3252 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
17:49:51.0059 3252 ql2300 - ok
17:49:51.0234 3252 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
17:49:51.0286 3252 ql40xx - ok
17:49:51.0464 3252 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
17:49:51.0552 3252 QWAVEdrv - ok
17:49:51.0932 3252 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
17:49:51.0981 3252 RasAcd - ok
17:49:52.0201 3252 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:49:52.0310 3252 Rasl2tp - ok
17:49:52.0499 3252 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
17:49:52.0561 3252 RasPppoe - ok
17:49:52.0974 3252 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
17:49:53.0132 3252 RasSstp - ok
17:49:53.0341 3252 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
17:49:53.0429 3252 rdbss - ok
17:49:53.0595 3252 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:49:53.0667 3252 RDPCDD - ok
17:49:54.0138 3252 rdpdr (943b18305eae3935598a9b4a3d560b4c) C:\Windows\system32\DRIVERS\rdpdr.sys
17:49:54.0312 3252 rdpdr - ok
17:49:54.0494 3252 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
17:49:54.0567 3252 RDPENCDD - ok
17:49:54.0811 3252 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
17:49:55.0024 3252 RDPWD - ok
17:49:55.0323 3252 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
17:49:55.0426 3252 rspndr - ok
17:49:55.0600 3252 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
17:49:55.0643 3252 sbp2port - ok
17:49:56.0237 3252 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
17:49:56.0309 3252 secdrv - ok
17:49:56.0514 3252 Serenum (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys
17:49:56.0576 3252 Serenum - ok
17:49:56.0738 3252 Serial (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys
17:49:56.0807 3252 Serial - ok
17:49:57.0273 3252 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
17:49:57.0318 3252 sermouse - ok
17:49:57.0505 3252 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
17:49:57.0603 3252 sffdisk - ok
17:49:57.0798 3252 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
17:49:57.0907 3252 sffp_mmc - ok
17:49:58.0478 3252 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
17:49:58.0614 3252 sffp_sd - ok
17:49:59.0326 3252 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
17:49:59.0434 3252 sfloppy - ok
17:49:59.0634 3252 Si3114r5 (09889d435edc82435b18c7c311fe5721) C:\Windows\system32\drivers\si3114r5.sys
17:49:59.0653 3252 Si3114r5 - ok
17:49:59.0928 3252 SiFilter (46b92189fe4db53a09e3a0099aa3084c) C:\Windows\system32\drivers\siwinacc.sys
17:50:00.0069 3252 SiFilter - ok
17:50:00.0729 3252 SiRemFil (b688378d258d1ecce4768cdb55d48d92) C:\Windows\system32\drivers\siremfil.sys
17:50:00.0752 3252 SiRemFil - ok
17:50:01.0394 3252 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
17:50:01.0417 3252 sisagp - ok
17:50:01.0880 3252 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
17:50:01.0977 3252 SiSRaid2 - ok
17:50:02.0908 3252 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
17:50:02.0982 3252 SiSRaid4 - ok
17:50:03.0652 3252 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
17:50:03.0835 3252 Smb - ok
17:50:04.0569 3252 snpstd - ok
17:50:05.0287 3252 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
17:50:05.0437 3252 spldr - ok
17:50:06.0788 3252 sptd (8ea0fd60a5b047e0c734d51aace531c9) C:\Windows\System32\Drivers\sptd.sys
17:50:06.0788 3252 Suspicious file (NoAccess): C:\Windows\System32\Drivers\sptd.sys. md5: 8ea0fd60a5b047e0c734d51aace531c9
17:50:06.0978 3252 sptd ( LockedFile.Multi.Generic ) - warning
17:50:06.0978 3252 sptd - detected LockedFile.Multi.Generic (1)
17:50:07.0895 3252 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
17:50:08.0543 3252 srv - ok
17:50:09.0984 3252 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
17:50:10.0382 3252 srv2 - ok
17:50:11.0682 3252 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
17:50:11.0914 3252 srvnet - ok
17:50:12.0967 3252 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
17:50:13.0081 3252 ssmdrv - ok
17:50:13.0614 3252 StillCam (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys
17:50:13.0639 3252 StillCam - ok
17:50:14.0226 3252 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
17:50:14.0245 3252 swenum - ok
17:50:14.0485 3252 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
17:50:14.0537 3252 Symc8xx - ok
17:50:15.0130 3252 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
17:50:15.0176 3252 Sym_hi - ok
17:50:15.0362 3252 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
17:50:15.0381 3252 Sym_u3 - ok
17:50:15.0578 3252 tap0901 (98a1e6bc9f766b0b0a5bf00af847ef20) C:\Windows\system32\DRIVERS\tap0901.sys
17:50:15.0649 3252 tap0901 - ok
17:50:16.0209 3252 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
17:50:16.0416 3252 Tcpip - ok
17:50:16.0600 3252 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
17:50:16.0665 3252 Tcpip6 - ok
17:50:16.0986 3252 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
17:50:17.0153 3252 tcpipreg - ok
17:50:17.0336 3252 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
17:50:17.0368 3252 TDPIPE - ok
17:50:17.0547 3252 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
17:50:17.0618 3252 TDTCP - ok
17:50:17.0868 3252 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
17:50:18.0085 3252 tdx - ok
17:50:18.0490 3252 teamviewervpn (9101fffcfccd1a30e870a5b8a9091b10) C:\Windows\system32\DRIVERS\teamviewervpn.sys
17:50:18.0571 3252 teamviewervpn - ok
17:50:18.0739 3252 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
17:50:18.0773 3252 TermDD - ok
17:50:19.0393 3252 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:50:19.0469 3252 tssecsrv - ok
17:50:19.0632 3252 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
17:50:19.0709 3252 tunmp - ok
17:50:20.0126 3252 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
17:50:20.0163 3252 tunnel - ok
17:50:20.0419 3252 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
17:50:20.0463 3252 uagp35 - ok
17:50:20.0681 3252 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
17:50:20.0761 3252 udfs - ok
17:50:21.0178 3252 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
17:50:21.0401 3252 uliagpkx - ok
17:50:21.0618 3252 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
17:50:21.0682 3252 uliahci - ok
17:50:21.0954 3252 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
17:50:22.0000 3252 UlSata - ok
17:50:22.0510 3252 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
17:50:22.0545 3252 ulsata2 - ok
17:50:22.0751 3252 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
17:50:22.0830 3252 umbus - ok
17:50:22.0983 3252 UnlockerDriver5 (bb879dcfd22926efbeb3298129898cbb) e:\Programme\Unlocker\UnlockerDriver5.sys
17:50:23.0256 3252 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - warning
17:50:23.0256 3252 UnlockerDriver5 - detected UnsignedFile.Multi.Generic (1)
17:50:23.0737 3252 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
17:50:23.0832 3252 USBAAPL - ok
17:50:23.0999 3252 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
17:50:24.0072 3252 usbaudio - ok
17:50:24.0293 3252 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
17:50:24.0516 3252 usbccgp - ok
17:50:24.0791 3252 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
17:50:25.0042 3252 usbcir - ok
17:50:25.0200 3252 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
17:50:25.0254 3252 usbehci - ok
17:50:25.0817 3252 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
17:50:25.0883 3252 usbhub - ok
17:50:26.0055 3252 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
17:50:26.0080 3252 usbohci - ok
17:50:26.0242 3252 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
17:50:26.0291 3252 usbprint - ok
17:50:26.0896 3252 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:50:26.0935 3252 USBSTOR - ok
17:50:27.0115 3252 usbuhci (325dbbacb8a36af9988ccf40eac228cc) C:\Windows\system32\DRIVERS\usbuhci.sys
17:50:27.0224 3252 usbuhci - ok
17:50:27.0769 3252 VBoxDrv (103b23ec82c08fc4bdbc369552ffab2a) C:\Windows\system32\DRIVERS\VBoxDrv.sys
17:50:27.0850 3252 VBoxDrv - ok
17:50:28.0022 3252 VBoxNetAdp (226cd9e42be28a84ec56430fbb57224f) C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
17:50:28.0053 3252 VBoxNetAdp - ok
17:50:28.0221 3252 VBoxNetFlt (0a5d6512dcb14135a388d0e7e69e01bb) C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
17:50:28.0258 3252 VBoxNetFlt - ok
17:50:28.0591 3252 VBoxUSBMon (96a478edfb1fbf1fc663beb09b4175a8) C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
17:50:28.0722 3252 VBoxUSBMon - ok
17:50:29.0018 3252 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
17:50:29.0122 3252 vga - ok
17:50:29.0291 3252 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
17:50:29.0337 3252 VgaSave - ok
17:50:29.0869 3252 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
17:50:29.0888 3252 viaagp - ok
17:50:30.0065 3252 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
17:50:30.0178 3252 ViaC7 - ok
17:50:30.0373 3252 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
17:50:30.0411 3252 viaide - ok
17:50:31.0028 3252 vmci (6f5d703bf312cb6cda78948763cb1e0d) C:\Windows\system32\Drivers\vmci.sys
17:50:31.0063 3252 vmci - ok
17:50:31.0226 3252 vmkbd (27df4aece721961f9c9064a31790f2ea) C:\Windows\system32\drivers\VMkbd.sys
17:50:31.0241 3252 vmkbd - ok
17:50:31.0414 3252 vmm (817da66b1b889fad1dbf669e0e2f3228) C:\Windows\system32\Drivers\vmm.sys
17:50:31.0436 3252 vmm - ok
17:50:31.0732 3252 VMnetAdapter (e41704d8149992107b333cc7a52c07cc) C:\Windows\system32\DRIVERS\vmnetadapter.sys
17:50:31.0758 3252 VMnetAdapter - ok
17:50:32.0158 3252 VMnetBridge (462f2a31ea8b87a28962aca998df1869) C:\Windows\system32\DRIVERS\vmnetbridge.sys
17:50:32.0194 3252 VMnetBridge - ok
17:50:32.0362 3252 VMnetuserif (ea10f0c9333388d2ecc4068efb8c366d) C:\Windows\system32\drivers\vmnetuserif.sys
17:50:32.0392 3252 VMnetuserif - ok
17:50:32.0570 3252 VMparport (311e4d0703f53faf7e7a5b3a2641d4fa) C:\Windows\system32\Drivers\VMparport.sys
17:50:32.0606 3252 VMparport - ok
17:50:33.0058 3252 vmx86 (35dc7079a413484423750db5d40b8ea6) C:\Windows\system32\Drivers\vmx86.sys
17:50:33.0178 3252 vmx86 - ok
17:50:33.0332 3252 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
17:50:33.0352 3252 volmgr - ok
17:50:33.0535 3252 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
17:50:33.0598 3252 volmgrx - ok
17:50:34.0111 3252 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
17:50:34.0308 3252 volsnap - ok
17:50:34.0499 3252 VPCNetS2 (2abe8281db609d8bb1bd1b2f93800d5f) C:\Windows\system32\DRIVERS\VMNetSrv.sys
17:50:34.0518 3252 VPCNetS2 - ok
17:50:34.0707 3252 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
17:50:34.0795 3252 vsmraid - ok
17:50:34.0917 3252 vstor2-ws60 (98929c5c5314c4c048e2f60492c26723) E:\Programme\VMware\VMware Player\vstor2-ws60.sys
17:50:35.0002 3252 vstor2-ws60 - ok
17:50:35.0211 3252 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
17:50:35.0305 3252 WacomPen - ok
17:50:35.0490 3252 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
17:50:35.0549 3252 Wanarp - ok
17:50:35.0590 3252 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
17:50:35.0611 3252 Wanarpv6 - ok
17:50:36.0123 3252 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
17:50:36.0148 3252 Wd - ok
17:50:36.0339 3252 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
17:50:36.0457 3252 Wdf01000 - ok
17:50:36.0719 3252 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
17:50:36.0782 3252 WmiAcpi - ok
17:50:37.0194 3252 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
17:50:37.0239 3252 WpdUsb - ok
17:50:37.0409 3252 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
17:50:37.0481 3252 ws2ifsl - ok
17:50:37.0649 3252 WSDPrintDevice (4422ac5ed8d4c2f0db63e71d4c069dd7) C:\Windows\system32\DRIVERS\WSDPrint.sys
17:50:37.0687 3252 WSDPrintDevice - ok
17:50:38.0262 3252 WudfPf (13b5f255e90624a5ba0441d39cfb6be2) C:\Windows\system32\DRIVERS\WudfPf.sys
17:50:38.0338 3252 WudfPf - ok
17:50:38.0524 3252 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
17:50:38.0569 3252 WUDFRd - ok
17:50:38.0674 3252 XDva388 - ok
17:50:38.0742 3252 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
17:50:38.0809 3252 \Device\Harddisk0\DR0 - ok
17:50:38.0832 3252 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk2\DR2
17:50:38.0882 3252 \Device\Harddisk2\DR2 - ok
17:50:38.0925 3252 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk1\DR1
17:50:39.0266 3252 \Device\Harddisk1\DR1 - ok
17:50:39.0274 3252 MBR (0x1B8) (65e858a8a0293be11a920b0bc99d695e) \Device\Harddisk3\DR3
17:50:39.0843 3252 \Device\Harddisk3\DR3 - ok
17:50:39.0848 3252 Boot (0x1200) (b1e27aa018409de6bfd73f8afb883a65) \Device\Harddisk0\DR0\Partition0
17:50:39.0848 3252 \Device\Harddisk0\DR0\Partition0 - ok
17:50:39.0876 3252 Boot (0x1200) (f8f14c5cab9c47583f1d5ef92ce8e6b6) \Device\Harddisk0\DR0\Partition1
17:50:39.0877 3252 \Device\Harddisk0\DR0\Partition1 - ok
17:50:39.0881 3252 Boot (0x1200) (f109a278b35a02ec96b150cd4dffc89e) \Device\Harddisk2\DR2\Partition0
17:50:39.0884 3252 \Device\Harddisk2\DR2\Partition0 - ok
17:50:39.0931 3252 Boot (0x1200) (8f7140eaa4a9a5749fdd82db7baa8307) \Device\Harddisk1\DR1\Partition0
17:50:39.0946 3252 \Device\Harddisk1\DR1\Partition0 - ok
17:50:39.0955 3252 Boot (0x1200) (29da36f4271c988087019cd666b1936c) \Device\Harddisk3\DR3\Partition0
17:50:39.0956 3252 \Device\Harddisk3\DR3\Partition0 - ok
17:50:39.0956 3252 ============================================================
17:50:39.0956 3252 Scan finished
17:50:39.0956 3252 ============================================================
17:50:39.0979 5560 Detected object count: 6
17:50:39.0979 5560 Actual detected object count: 6
17:50:52.0271 5560 Dokan ( UnsignedFile.Multi.Generic ) - skipped by user
17:50:52.0271 5560 Dokan ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:50:52.0271 5560 KUSBusByTCP ( UnsignedFile.Multi.Generic ) - skipped by user
17:50:52.0271 5560 KUSBusByTCP ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:50:52.0271 5560 KUSBusByTCPMasterBus ( UnsignedFile.Multi.Generic ) - skipped by user
17:50:52.0271 5560 KUSBusByTCPMasterBus ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:50:52.0272 5560 pfc ( UnsignedFile.Multi.Generic ) - skipped by user
17:50:52.0272 5560 pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:50:52.0272 5560 sptd ( LockedFile.Multi.Generic ) - skipped by user
17:50:52.0272 5560 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
17:50:52.0272 5560 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - skipped by user
17:50:52.0272 5560 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
02.01.2012, 20:51
| #21 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Task's lassen ich nicht beenden Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ --> Task's lassen ich nicht beenden |
|
02.01.2012, 21:27
| #22 |
| | Task's lassen ich nicht beendenCode:
ATTFilter ComboFix 12-01-02.01 - Jovan 02.01.2012 21:05:05.1.2 - x86
Microsoft® Windows Vista™ Business 6.0.6002.2.1252.49.1031.18.2047.1096 [GMT 1:00]
ausgeführt von:: d:\benutzer\Jovan\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\IsUn0407.exe
c:\windows\system32\shsvcs.dll.vgorg
c:\windows\system32\themeui.dll.vgorg
c:\windows\system32\uxtheme.dll.vgorg
.
.
((((((((((((((((((((((( Dateien erstellt von 2011-12-02 bis 2012-01-02 ))))))))))))))))))))))))))))))
.
.
2012-01-02 20:17 . 2012-01-02 20:17 -------- d-----w- c:\users\Jovan\AppData\Local\temp
2012-01-02 16:45 . 2012-01-02 16:45 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{52BDA092-9A86-4AC2-9580-29A6C8ECA708}\offreg.dll
2012-01-01 12:34 . 2012-01-01 12:34 -------- d-----w- c:\users\Cyrill\AppData\Roaming\Imperium Romanum
2012-01-01 12:27 . 2012-01-01 12:27 -------- d-----w- c:\users\User\AppData\Roaming\Imperium Romanum
2011-12-30 16:45 . 2011-12-30 16:45 -------- d-----w- c:\program files\Skype
2011-12-30 16:45 . 2011-12-30 16:45 -------- d-----w- c:\programdata\Skype
2011-12-29 17:12 . 2011-12-29 17:12 -------- d-----w- c:\users\Jovan\AppData\Roaming\Malwarebytes
2011-12-29 17:12 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-12-28 19:44 . 2011-12-28 19:44 -------- d-----w- c:\program files\BillP Studios
2011-12-27 17:27 . 2011-12-27 17:27 -------- d-----w- c:\users\Cyrill\AppData\Local\Apple
2011-12-27 08:55 . 2012-01-01 15:38 -------- d-----w- c:\users\Cyrill\AppData\Roaming\Skype
2011-12-25 00:51 . 2011-12-25 00:51 -------- d-----w- c:\programdata\ATI
2011-12-25 00:51 . 2011-12-25 00:51 -------- d-----w- c:\program files\AMD APP
2011-12-22 19:15 . 2011-12-22 19:15 -------- d-----w- c:\users\Jovan\AppData\Local\Borland
2011-12-22 19:13 . 2011-12-30 23:23 -------- d-----w- c:\users\Jovan\.borland
2011-12-22 19:04 . 2011-12-22 19:12 -------- d-----w- c:\users\Jovan\AppData\Local\ApplicationHistory
2011-12-22 19:04 . 2011-12-22 19:04 -------- d-----w- c:\users\Jovan\AppData\Local\Microsoft Help
2011-12-22 19:01 . 2011-12-22 19:01 -------- d-----w- c:\program files\Microsoft Visual Studio .NET 2003
2011-12-22 19:01 . 2011-12-22 19:13 -------- d-----w- c:\programdata\Microsoft Help
2011-12-22 18:51 . 2011-12-22 18:51 -------- d-----w- c:\windows\system32\URTTEMP
2011-12-21 17:58 . 2011-12-19 13:11 158512 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2011-12-21 17:57 . 2011-12-19 13:11 91440 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2011-12-19 13:12 . 2011-12-19 13:12 104752 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2011-12-19 13:11 . 2011-12-19 13:11 116016 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys
2011-12-19 13:11 . 2011-12-19 13:11 135472 ----a-w- c:\windows\system32\VBoxNetFltNobj.dll
2011-12-16 17:23 . 2011-12-16 17:23 -------- d-----w- c:\users\Cyrill\AppData\Local\Warner Bros. Interactive Entertainment
2011-12-16 15:11 . 2011-12-16 15:11 -------- d-----w- c:\users\Cyrill\AppData\Roaming\WB Games
2011-12-11 13:58 . 2007-01-04 11:02 663552 ----a-w- c:\windows\system32\mgxoschk.dll
2011-12-10 22:37 . 2011-12-10 22:37 -------- d-----w- c:\users\Jovan\AppData\Local\Xara
2011-12-10 22:37 . 2011-12-10 22:37 -------- d-----w- c:\program files\Common Files\MAGIX Shared
2011-12-10 22:30 . 2011-12-10 22:30 -------- d-----w- c:\program files\MAGIX
2011-12-10 16:58 . 2011-12-10 22:25 -------- d-----w- c:\users\Jovan\AppData\Roaming\TS3Client
2011-12-09 16:47 . 2011-12-09 17:42 -------- d-----w- c:\users\Cyrill\AppData\Local\gtk-2.0
2011-12-09 16:44 . 2011-12-09 17:56 -------- d-----w- c:\users\Cyrill\.gimp-2.7
2011-12-09 16:44 . 2011-12-09 16:44 -------- d-----w- c:\users\Cyrill\AppData\Local\gegl-0.1
2011-12-06 16:09 . 2011-12-18 18:43 -------- d-----w- c:\users\Jovan\AppData\Local\gtk-2.0
2011-12-06 16:02 . 2009-08-24 21:08 28160 ----a-w- c:\windows\system32\DfSdkBt.exe
2011-12-06 16:02 . 2011-12-30 22:30 -------- d-----w- c:\users\Jovan\.gimp-2.7
2011-12-06 16:02 . 2011-12-06 16:02 -------- d-----w- c:\users\Jovan\AppData\Local\gegl-0.1
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-08 18:23 . 2011-10-18 19:26 134856 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-11-12 12:36 . 2011-05-30 15:35 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-10 03:44 . 2011-11-10 03:44 8913920 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2011-11-10 03:17 . 2011-11-10 03:17 159744 ----a-w- c:\windows\system32\atiapfxx.exe
2011-11-10 03:16 . 2010-05-05 02:19 774656 ----a-w- c:\windows\system32\aticfx32.dll
2011-11-10 03:12 . 2011-11-10 03:12 466944 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-11-10 03:11 . 2011-11-10 03:11 417792 ----a-w- c:\windows\system32\atieclxx.exe
2011-11-10 03:11 . 2011-11-10 03:11 176128 ----a-w- c:\windows\system32\atiesrxx.exe
2011-11-10 03:10 . 2011-11-10 03:10 163840 ----a-w- c:\windows\system32\atitmmxx.dll
2011-11-10 03:09 . 2011-11-10 03:09 360448 ----a-w- c:\windows\system32\atipdlxx.dll
2011-11-10 03:09 . 2011-11-10 03:09 278528 ----a-w- c:\windows\system32\Oemdspif.dll
2011-11-10 03:09 . 2011-11-10 03:09 20992 ----a-w- c:\windows\system32\atimuixx.dll
2011-11-10 03:09 . 2011-11-10 03:09 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2011-11-10 03:06 . 2011-11-10 03:06 6077952 ----a-w- c:\windows\system32\atidxx32.dll
2011-11-10 02:58 . 2011-11-10 02:58 18996224 ----a-w- c:\windows\system32\atioglxx.dll
2011-11-10 02:40 . 2011-11-10 02:40 1828864 ----a-w- c:\windows\system32\atiumdmv.dll
2011-11-10 02:34 . 2011-11-10 02:34 46080 ----a-w- c:\windows\system32\aticalrt.dll
2011-11-10 02:34 . 2011-11-10 02:34 44032 ----a-w- c:\windows\system32\aticalcl.dll
2011-11-10 02:33 . 2010-05-05 01:41 5852672 ----a-w- c:\windows\system32\atiumdag.dll
2011-11-10 02:29 . 2011-11-10 02:29 11300864 ----a-w- c:\windows\system32\aticaldd.dll
2011-11-10 02:29 . 2010-05-05 01:19 4200960 ----a-w- c:\windows\system32\atiumdva.dll
2011-11-10 02:18 . 2011-04-05 15:27 51200 ----a-w- c:\windows\system32\coinst.dll
2011-11-10 02:13 . 2011-11-10 02:13 348160 ----a-w- c:\windows\system32\atiadlxx.dll
2011-11-10 02:13 . 2011-11-10 02:13 14336 ----a-w- c:\windows\system32\atiglpxx.dll
2011-11-10 02:12 . 2011-11-10 02:12 32768 ----a-w- c:\windows\system32\atigktxx.dll
2011-11-10 02:12 . 2011-11-10 02:12 263680 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2011-11-10 02:11 . 2011-11-10 02:11 32256 ----a-w- c:\windows\system32\atiuxpag.dll
2011-11-10 02:11 . 2010-05-05 01:22 29184 ----a-w- c:\windows\system32\atiu9pag.dll
2011-11-10 02:11 . 2011-11-10 02:11 53760 ----a-w- c:\windows\system32\atimpc32.dll
2011-11-10 02:11 . 2011-11-10 02:11 53760 ----a-w- c:\windows\system32\amdpcom32.dll
2011-11-10 02:11 . 2010-05-05 01:21 37376 ----a-w- c:\windows\system32\atitmpxx.dll
2011-11-10 02:10 . 2011-11-10 02:10 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-11-09 21:39 . 2011-11-09 21:39 59904 ----a-w- c:\windows\system32\OpenVideo.dll
2011-11-09 21:39 . 2011-11-09 21:39 54784 ----a-w- c:\windows\system32\OVDecode.dll
2011-11-09 21:38 . 2011-11-09 21:38 14375936 ----a-w- c:\windows\system32\amdocl.dll
2011-11-09 21:37 . 2011-11-09 21:37 44032 ----a-w- c:\windows\system32\OpenCL.dll
2011-10-30 18:48 . 2011-04-05 15:30 319456 ----a-w- c:\windows\DIFxAPI.dll
2011-10-25 20:21 . 2011-10-25 20:21 56832 ----a-w- c:\windows\system32\OVDecoder.dll
2011-10-24 13:29 . 2011-10-24 13:29 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-10-24 13:29 . 2011-10-24 13:29 69632 ----a-w- c:\windows\system32\QuickTime.qts
2011-10-21 19:16 . 2011-10-21 19:16 1843200 ----a-w- c:\windows\system32\SlotMaximizerBe.dll
2011-10-21 19:15 . 2011-10-21 19:15 104448 ----a-w- c:\windows\system32\SlotMaximizerAg.dll
2011-10-18 18:53 . 2011-10-30 18:23 3546664 ----a-w- c:\windows\system32\drivers\RTKVHDA.sys
2011-10-18 17:10 . 2011-10-30 18:23 83048 ----a-w- c:\windows\system32\RtkCoInst.dll
2011-10-18 14:57 . 2011-10-30 18:23 58264 ----a-w- c:\windows\system32\TepeqAPO.dll
2011-10-18 12:47 . 2011-10-30 18:23 1329768 ----a-w- c:\windows\system32\RtkApoApi.dll
2011-10-18 10:05 . 2011-10-30 18:23 2276968 ----a-w- c:\windows\system32\RtkPgExt.dll
2011-10-17 17:40 . 2011-10-17 17:40 82960 ----a-w- c:\windows\system32\drivers\AtihdLH3.sys
2011-10-17 16:30 . 2011-10-30 18:23 4238440 ----a-w- c:\windows\system32\RtkAPO.dll
2011-10-14 12:43 . 2011-10-30 18:22 1873920 ----a-w- c:\windows\system32\RCoRes.dat
2011-10-11 13:00 . 2011-10-18 19:26 74640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-10-11 13:00 . 2011-10-18 19:26 36000 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2011-10-07 03:48 . 2011-11-18 14:33 6668624 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{52BDA092-9A86-4AC2-9580-29A6C8ECA708}\mpengine.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Jovan\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Jovan\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Jovan\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Jovan\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="e:\programme\RocketDock\RocketDock.exe" [2007-09-02 495616]
"BackgroundSwitcher"="e:\programme\John's Background Switcher\BackgroundSwitcher.exe" [2011-07-07 119104]
"MonitorSwitch"="e:\programme\MonitorSwitch\MonitorSwitch.exe" [2011-07-06 696320]
"ViGlance"="c:\program files\ViGlance\ViGlance.exe" [2011-10-21 446464]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"Skype"="c:\programme\Skype\Phone\Skype.exe" [2011-11-09 17049736]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-10-05 59240]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2011-10-17 11430504]
"avgnt"="e:\programme\Avira\AntiVir Desktop\avgnt.exe" [2011-10-11 258512]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"TrayServer"="e:\programme\MAGIX\Video_deluxe_MX_Premium_Download-Version\TrayServer_de.exe" [2008-08-07 90112]
"iTunesHelper"="e:\programme\iTunes\iTunesHelper.exe" [2011-12-08 421736]
"StartCCC"="e:\programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-11-09 343168]
"Malwarebytes' Anti-Malware"="e:\programme\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoFileAssociate"= 0 (0x0)
"NoResolveTrack"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\setup\disabledrunkeys]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-1708537768-1659004503-725345543-1009]
"EnableNotifications"=dword:00000001
"EnableNotificationsRef"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 DokanMounter;DokanMounter;c:\program files\Dokan\DokanLibrary\mounter.exe [2010-07-05 11776]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-10-12 136176]
R2 MySQL51;MySQL51;c:\program files\MySQL\MySQL Server 5.5\bin\mysqld --defaults-file=c:\program files\MySQL\MySQL Server 5.5\my.ini MySQL51 [x]
R3 DfSdkS;Defragmentation-Service;e:\programme\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe [2009-08-24 406016]
R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2011-04-26 2702848]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-10-12 136176]
R3 jumi;%Jumi%;c:\windows\system32\DRIVERS\jumi.sys [2010-06-03 13112]
R3 KUSBusByTCP;KUSBusByTCP;c:\windows\system32\Drivers\KUSBusByTCP.sys [2009-12-18 88064]
R3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-06-25 35088]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R3 WSDPrintDevice;WSD-Druckunterstützung durch UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2008-01-19 16896]
R3 XDva388;XDva388;c:\windows\system32\XDva388.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-10-11 36000]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2011-12-19 158512]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2011-12-19 91440]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-11-10 176128]
S2 AMD FUEL Service;AMD FUEL Service;e:\programme\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-11-09 291840]
S2 AntiVirSchedulerService;Avira Planer;e:\programme\Avira\AntiVir Desktop\sched.exe [2011-10-11 86224]
S2 Dokan;Dokan;c:\windows\system32\drivers\dokan.sys [2010-07-05 84992]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files\Common Files\MAGIX Services\Database\bin\FABS.exe [2011-05-24 1840128]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;e:\programme\LogMeIn Hamachi\hamachi-2.exe [2011-08-15 1361288]
S2 HP LaserJet Service;HP LaserJet Service;c:\program files\HP\HPLaserJetService\HPLaserJetService.exe [2010-04-12 142336]
S2 MBAMService;MBAMService;e:\programme\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-24 652872]
S2 TeamViewer6;TeamViewer 6;e:\programme\TeamViewer\Version6\TeamViewer_Service.exe [2011-08-17 2358656]
S2 vmci;VMware vmci;c:\windows\system32\Drivers\vmci.sys [2011-03-25 70768]
S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files\Common Files\VMware\USB\vmware-usbarbitrator.exe [2011-03-25 539248]
S3 amdiox86;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-11-10 8913920]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-11-10 263680]
S3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\DRIVERS\l160x86.sys [2008-11-12 46592]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdLH3.sys [2011-10-17 82960]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-08-20 232512]
S3 KUSBusByTCPMasterBus;Master Bus of Kernel USB Software Bus by TCP;c:\windows\system32\Drivers\KUSBusByTCPMasterBus.sys [2009-12-18 60672]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-12-10 20464]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys [2011-03-30 25088]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2011-12-19 104752]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2011-12-19 116016]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 46961904
*Deregistered* - 46961904
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
dot3svc REG_MULTI_SZ dot3svc
eapsvcs REG_MULTI_SZ eaphost
WudfServiceGroup REG_MULTI_SZ WUDFSvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Inhalt des "geplante Tasks" Ordners
.
2011-05-29 c:\windows\Tasks\AdobeAAMUpdater-1.0-TITAN21-Jovan.job
- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2011-05-11 00:25]
.
2012-01-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cc7ab8f1c7f6ed.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-12 18:47]
.
2012-01-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-12 18:47]
.
2011-08-29 c:\windows\Tasks\{20D6952E-68DE-4424-86A1-52A986B2CC2B}.job
- c:\progra~1\Skype\Phone\Skype.exe [2011-11-09 13:42]
.
2011-07-12 c:\windows\Tasks\{B668B532-98D5-494C-820D-87372AC7F773}.job
- c:\progra~1\Skype\Phone\Skype.exe [2011-11-09 13:42]
.
2011-06-11 c:\windows\Tasks\{CAF720F3-3F53-4E82-A427-E5CB36721989}.job
- c:\progra~1\Skype\Phone\Skype.exe [2011-11-09 13:42]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page =
IE: {{20CCCFEC-D26F-4ffe-996B-388B39C8CCCA} - {20CCCFEC-D26F-4ffe-996B-388B39C8CCCA} - c:\windows\system32\mscoree.DLL
LSP: e:\programme\VMware\VMware Player\vsocklib.dll
TCP: Interfaces\{D893A6ED-7C8B-4434-B976-A0975702250E}: NameServer = 192.168.178.1,192.168.16.101
FF - ProfilePath - c:\users\Jovan\AppData\Roaming\Mozilla\Firefox\Profiles\b2ukvcbi.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Google.de
FF - prefs.js: browser.startup.homepage - chrome://
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: network.prefetch-next - true
FF - user.js: layout.spellcheckDefault - 2
FF - user.js: browser.urlbar.autoFill - false
FF - user.js: browser.search.openintab - false
FF - user.js: browser.tabs.closeButtons - 1
FF - user.js: browser.tabs.opentabfor.middleclick - true
FF - user.js: browser.tabs.tabMinWidth - 100
FF - user.js: browser.urlbar.hideGoButton - true
.
.
------- Dateityp-Verknüpfung -------
.
.scr=SageThumbsImage.scr
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKCU-Run-DU Meter - e:\programme\DU Meter\DUMeter.exe
HKLM-Run-WinPatrol - c:\programme\BillP Studios\WinPatrol\winpatrol.exe
AddRemove-69083DC58646DE46A09847A522A1CC487F918039 - c:\progra~1\DIFX\270581~1\dpinst32.exe
AddRemove-9722CA1E8F72F362E93CBEC75A707FDABFC8D880 - c:\progra~1\DIFX\270581~1\dpinst32.exe
AddRemove-EAX Unified - c:\program files\Creative\EAX Unified\Uninst.isu
AddRemove-Memento Mori_is1 - d:\games\Memento Mori\unins000.exe
AddRemove-Mozilla Firefox 4.0 (x86 de) - c:\program files\Mozilla Firefox 4.0\uninstall\helper.exe
AddRemove-No23 Recorder - c:\programdata\Caphyon\Advanced Installer\{6DED41BC-C9EF-4330-B4E5-46CB2C5C6E2D}\No23 Recorder.exe
AddRemove-No23Live - c:\programdata\Caphyon\Advanced Installer\{6A1482E0-7119-4A66-BBF1-FFD95A6BA16C}\No23Live.exe
AddRemove-NVIDIA Drivers - c:\program files\NVIDIA Corporation\Uninstall\nvuninst.exe
AddRemove-S4Uninst - c:\windows\IsUn0407.exe
AddRemove-UnZip-5.51_is1 - e:\programme\MinGW\uninstall\unins001.exe
AddRemove-ViSploreBeta1 - c:\progra~1\ViSplore\KillMe.exe
AddRemove-Wget-1.11.4-1_is1 - e:\programme\MinGW\uninstall\unins000.exe
AddRemove-xSIMS_NRaas_MasterController - d:\benutzer\Jovan\Electronic Arts\Die Sims 3\Mods\xSIMS_UnInstaller_for_NRaas_MasterController.exe
AddRemove-Mozilla Firefox 4.0.1 (x86 de) - c:\program files\Mozilla Firefox 4.0\uninstall\helper.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2012-01-02 21:17
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\MySQL51]
"ImagePath"="\"c:\program files\MySQL\MySQL Server 5.5\bin\mysqld\" --defaults-file=\"c:\program files\MySQL\MySQL Server 5.5\my.ini\" MySQL51"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1708537768-1659004503-725345543-1009\Software\SecuROM\License information*]
"datasecu"=hex:4e,02,fb,03,b7,83,48,b4,91,d8,67,01,d4,95,79,c5,a4,e4,cd,3f,d7,
86,b0,42,3a,ee,91,df,86,4e,2d,24,39,84,70,f2,22,f9,d7,78,91,c4,cd,69,5c,cf,\
"rkeysecu"=hex:c4,b1,33,40,0f,ad,de,9b,22,45,e3,64,83,36,1d,d8
.
Zeit der Fertigstellung: 2012-01-02 21:22:21
ComboFix-quarantined-files.txt 2012-01-02 20:22
.
Vor Suchlauf: 6 Verzeichnis(se), 18.496.614.400 Bytes frei
Nach Suchlauf: 10 Verzeichnis(se), 23.893.360.640 Bytes frei
.
- - End Of File - - FB17FB127CCB843722251C200C987C93
|
|
02.01.2012, 22:07
| #23 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Task's lassen ich nicht beenden Combofix - Scripten 1. Starte das Notepad (Start / Ausführen / notepad[Enter]) 2. Jetzt füge mit copy/paste den ganzen Inhalt der untenstehenden Codebox in das Notepad Fenster ein. Code:
ATTFilter File::
c:\windows\system32\XDva388.sys
Driver::
XDva388
4. Deaktivere den Guard Deines Antivirenprogramms und eine eventuell vorhandene Software Firewall. (Auch Guards von Ad-, Spyware Programmen und den Tea Timer (wenn vorhanden) !) 5. Dann ziehe die CFScript.txt auf die cofi.exe, so wie es im unteren Bild zu sehen ist. Damit wird Combofix neu gestartet.  6. Nach dem Neustart (es wird gefragt ob Du neustarten willst), poste bitte die folgenden Log Dateien: Combofix.txt Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
02.01.2012, 23:08
| #24 |
| | Task's lassen ich nicht beendenCode:
ATTFilter ComboFix 12-01-02.01 - Jovan 02.01.2012 22:36:27.2.2 - x86
Microsoft® Windows Vista™ Business 6.0.6002.2.1252.49.1031.18.2047.1215 [GMT 1:00]
ausgeführt von:: d:\benutzer\Jovan\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: d:\benutzer\Jovan\Desktop\CFScript.txt
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\system32\XDva388.sys"
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_XDVA388
-------\Service_XDva388
.
.
((((((((((((((((((((((( Dateien erstellt von 2011-12-02 bis 2012-01-02 ))))))))))))))))))))))))))))))
.
.
2012-01-02 21:54 . 2012-01-02 21:54 0 ---ha-w- c:\users\Jovan\AppData\Local\BITC89C.tmp
2012-01-02 21:54 . 2012-01-02 21:54 0 ---ha-w- c:\users\Jovan\AppData\Local\BITC570.tmp
2012-01-02 21:51 . 2012-01-02 21:51 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{52BDA092-9A86-4AC2-9580-29A6C8ECA708}\offreg.dll
2012-01-02 21:47 . 2012-01-02 21:47 -------- d-----w- c:\users\User\AppData\Local\temp
2012-01-02 21:47 . 2012-01-02 21:47 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-02 21:47 . 2012-01-02 21:47 -------- d-----w- c:\users\Cyrill\AppData\Local\temp
2012-01-02 21:47 . 2012-01-02 21:47 -------- d-----w- c:\dokumente und einstellungen\NetworkService.NT-AUTORITÄT\Lokale Einstellungen\Anwendungsdaten\temp ERROR(0x00000005)
2012-01-02 21:47 . 2012-01-02 21:47 -------- d-----w- c:\dokumente und einstellungen\LocalService.NT-AUTORITÄT\Lokale Einstellungen\Anwendungsdaten\temp ERROR(0x00000005)
2012-01-02 21:47 . 2012-01-02 21:47 -------- d-----w- c:\dokumente und einstellungen\Default User.WINDOWS\Lokale Einstellungen\Anwendungsdaten\temp ERROR(0x00000005)
2012-01-02 20:22 . 2012-01-02 21:53 -------- d-----w- c:\users\Jovan\AppData\Local\temp
2012-01-01 12:34 . 2012-01-01 12:34 -------- d-----w- c:\users\Cyrill\AppData\Roaming\Imperium Romanum
2012-01-01 12:27 . 2012-01-01 12:27 -------- d-----w- c:\users\User\AppData\Roaming\Imperium Romanum
2011-12-30 16:45 . 2011-12-30 16:45 -------- d-----w- c:\program files\Skype
2011-12-30 16:45 . 2011-12-30 16:45 -------- d-----w- c:\programdata\Skype
2011-12-29 17:12 . 2011-12-29 17:12 -------- d-----w- c:\users\Jovan\AppData\Roaming\Malwarebytes
2011-12-29 17:12 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-12-28 19:44 . 2011-12-28 19:44 -------- d-----w- c:\program files\BillP Studios
2011-12-27 17:27 . 2011-12-27 17:27 -------- d-----w- c:\users\Cyrill\AppData\Local\Apple
2011-12-27 08:55 . 2012-01-01 15:38 -------- d-----w- c:\users\Cyrill\AppData\Roaming\Skype
2011-12-25 00:51 . 2011-12-25 00:51 -------- d-----w- c:\programdata\ATI
2011-12-25 00:51 . 2011-12-25 00:51 -------- d-----w- c:\program files\AMD APP
2011-12-22 19:15 . 2011-12-22 19:15 -------- d-----w- c:\users\Jovan\AppData\Local\Borland
2011-12-22 19:13 . 2011-12-30 23:23 -------- d-----w- c:\users\Jovan\.borland
2011-12-22 19:04 . 2011-12-22 19:12 -------- d-----w- c:\users\Jovan\AppData\Local\ApplicationHistory
2011-12-22 19:04 . 2011-12-22 19:04 -------- d-----w- c:\users\Jovan\AppData\Local\Microsoft Help
2011-12-22 19:01 . 2011-12-22 19:01 -------- d-----w- c:\program files\Microsoft Visual Studio .NET 2003
2011-12-22 19:01 . 2011-12-22 19:13 -------- d-----w- c:\programdata\Microsoft Help
2011-12-21 17:58 . 2011-12-19 13:11 158512 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2011-12-21 17:57 . 2011-12-19 13:11 91440 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2011-12-19 13:12 . 2011-12-19 13:12 104752 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2011-12-19 13:11 . 2011-12-19 13:11 116016 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys
2011-12-16 17:23 . 2011-12-16 17:23 -------- d-----w- c:\users\Cyrill\AppData\Local\Warner Bros. Interactive Entertainment
2011-12-16 15:11 . 2011-12-16 15:11 -------- d-----w- c:\users\Cyrill\AppData\Roaming\WB Games
2011-12-11 13:58 . 2007-01-04 11:02 663552 ----a-w- c:\windows\system32\mgxoschk.dll
2011-12-10 22:37 . 2011-12-10 22:37 -------- d-----w- c:\users\Jovan\AppData\Local\Xara
2011-12-10 22:37 . 2011-12-10 22:37 -------- d-----w- c:\program files\Common Files\MAGIX Shared
2011-12-10 22:30 . 2011-12-10 22:30 -------- d-----w- c:\program files\MAGIX
2011-12-10 16:58 . 2011-12-10 22:25 -------- d-----w- c:\users\Jovan\AppData\Roaming\TS3Client
2011-12-09 16:47 . 2011-12-09 17:42 -------- d-----w- c:\users\Cyrill\AppData\Local\gtk-2.0
2011-12-09 16:44 . 2011-12-09 17:56 -------- d-----w- c:\users\Cyrill\.gimp-2.7
2011-12-09 16:44 . 2011-12-09 16:44 -------- d-----w- c:\users\Cyrill\AppData\Local\gegl-0.1
2011-12-06 16:09 . 2011-12-18 18:43 -------- d-----w- c:\users\Jovan\AppData\Local\gtk-2.0
2011-12-06 16:02 . 2009-08-24 21:08 28160 ----a-w- c:\windows\system32\DfSdkBt.exe
2011-12-06 16:02 . 2011-12-30 22:30 -------- d-----w- c:\users\Jovan\.gimp-2.7
2011-12-06 16:02 . 2011-12-06 16:02 -------- d-----w- c:\users\Jovan\AppData\Local\gegl-0.1
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-19 13:11 . 2011-12-19 13:11 135472 ----a-w- c:\windows\system32\VBoxNetFltNobj.dll
2011-12-08 18:23 . 2011-10-18 19:26 134856 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-11-12 12:36 . 2011-05-30 15:35 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-10 03:44 . 2011-11-10 03:44 8913920 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2011-11-10 03:17 . 2011-11-10 03:17 159744 ----a-w- c:\windows\system32\atiapfxx.exe
2011-11-10 03:16 . 2010-05-05 02:19 774656 ----a-w- c:\windows\system32\aticfx32.dll
2011-11-10 03:12 . 2011-11-10 03:12 466944 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-11-10 03:11 . 2011-11-10 03:11 417792 ----a-w- c:\windows\system32\atieclxx.exe
2011-11-10 03:11 . 2011-11-10 03:11 176128 ----a-w- c:\windows\system32\atiesrxx.exe
2011-11-10 03:10 . 2011-11-10 03:10 163840 ----a-w- c:\windows\system32\atitmmxx.dll
2011-11-10 03:09 . 2011-11-10 03:09 360448 ----a-w- c:\windows\system32\atipdlxx.dll
2011-11-10 03:09 . 2011-11-10 03:09 278528 ----a-w- c:\windows\system32\Oemdspif.dll
2011-11-10 03:09 . 2011-11-10 03:09 20992 ----a-w- c:\windows\system32\atimuixx.dll
2011-11-10 03:09 . 2011-11-10 03:09 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2011-11-10 03:06 . 2011-11-10 03:06 6077952 ----a-w- c:\windows\system32\atidxx32.dll
2011-11-10 02:58 . 2011-11-10 02:58 18996224 ----a-w- c:\windows\system32\atioglxx.dll
2011-11-10 02:40 . 2011-11-10 02:40 1828864 ----a-w- c:\windows\system32\atiumdmv.dll
2011-11-10 02:34 . 2011-11-10 02:34 46080 ----a-w- c:\windows\system32\aticalrt.dll
2011-11-10 02:34 . 2011-11-10 02:34 44032 ----a-w- c:\windows\system32\aticalcl.dll
2011-11-10 02:33 . 2010-05-05 01:41 5852672 ----a-w- c:\windows\system32\atiumdag.dll
2011-11-10 02:29 . 2011-11-10 02:29 11300864 ----a-w- c:\windows\system32\aticaldd.dll
2011-11-10 02:29 . 2010-05-05 01:19 4200960 ----a-w- c:\windows\system32\atiumdva.dll
2011-11-10 02:18 . 2011-04-05 15:27 51200 ----a-w- c:\windows\system32\coinst.dll
2011-11-10 02:13 . 2011-11-10 02:13 348160 ----a-w- c:\windows\system32\atiadlxx.dll
2011-11-10 02:13 . 2011-11-10 02:13 14336 ----a-w- c:\windows\system32\atiglpxx.dll
2011-11-10 02:12 . 2011-11-10 02:12 32768 ----a-w- c:\windows\system32\atigktxx.dll
2011-11-10 02:12 . 2011-11-10 02:12 263680 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2011-11-10 02:11 . 2011-11-10 02:11 32256 ----a-w- c:\windows\system32\atiuxpag.dll
2011-11-10 02:11 . 2010-05-05 01:22 29184 ----a-w- c:\windows\system32\atiu9pag.dll
2011-11-10 02:11 . 2011-11-10 02:11 53760 ----a-w- c:\windows\system32\atimpc32.dll
2011-11-10 02:11 . 2011-11-10 02:11 53760 ----a-w- c:\windows\system32\amdpcom32.dll
2011-11-10 02:11 . 2010-05-05 01:21 37376 ----a-w- c:\windows\system32\atitmpxx.dll
2011-11-10 02:10 . 2011-11-10 02:10 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-11-09 21:39 . 2011-11-09 21:39 59904 ----a-w- c:\windows\system32\OpenVideo.dll
2011-11-09 21:39 . 2011-11-09 21:39 54784 ----a-w- c:\windows\system32\OVDecode.dll
2011-11-09 21:38 . 2011-11-09 21:38 14375936 ----a-w- c:\windows\system32\amdocl.dll
2011-11-09 21:37 . 2011-11-09 21:37 44032 ----a-w- c:\windows\system32\OpenCL.dll
2011-10-30 18:48 . 2011-04-05 15:30 319456 ----a-w- c:\windows\DIFxAPI.dll
2011-10-25 20:21 . 2011-10-25 20:21 56832 ----a-w- c:\windows\system32\OVDecoder.dll
2011-10-24 13:29 . 2011-10-24 13:29 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-10-24 13:29 . 2011-10-24 13:29 69632 ----a-w- c:\windows\system32\QuickTime.qts
2011-10-21 19:16 . 2011-10-21 19:16 1843200 ----a-w- c:\windows\system32\SlotMaximizerBe.dll
2011-10-21 19:15 . 2011-10-21 19:15 104448 ----a-w- c:\windows\system32\SlotMaximizerAg.dll
2011-10-18 18:53 . 2011-10-30 18:23 3546664 ----a-w- c:\windows\system32\drivers\RTKVHDA.sys
2011-10-18 17:10 . 2011-10-30 18:23 83048 ----a-w- c:\windows\system32\RtkCoInst.dll
2011-10-18 14:57 . 2011-10-30 18:23 58264 ----a-w- c:\windows\system32\TepeqAPO.dll
2011-10-18 12:47 . 2011-10-30 18:23 1329768 ----a-w- c:\windows\system32\RtkApoApi.dll
2011-10-18 10:05 . 2011-10-30 18:23 2276968 ----a-w- c:\windows\system32\RtkPgExt.dll
2011-10-17 17:40 . 2011-10-17 17:40 82960 ----a-w- c:\windows\system32\drivers\AtihdLH3.sys
2011-10-17 16:30 . 2011-10-30 18:23 4238440 ----a-w- c:\windows\system32\RtkAPO.dll
2011-10-14 12:43 . 2011-10-30 18:22 1873920 ----a-w- c:\windows\system32\RCoRes.dat
2011-10-11 13:00 . 2011-10-18 19:26 74640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-10-11 13:00 . 2011-10-18 19:26 36000 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2011-10-07 03:48 . 2011-11-18 14:33 6668624 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{52BDA092-9A86-4AC2-9580-29A6C8ECA708}\mpengine.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Jovan\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Jovan\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Jovan\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Jovan\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="e:\programme\RocketDock\RocketDock.exe" [2007-09-02 495616]
"BackgroundSwitcher"="e:\programme\John's Background Switcher\BackgroundSwitcher.exe" [2011-07-07 119104]
"MonitorSwitch"="e:\programme\MonitorSwitch\MonitorSwitch.exe" [2011-07-06 696320]
"ViGlance"="c:\program files\ViGlance\ViGlance.exe" [2011-10-21 446464]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"Skype"="c:\programme\Skype\Phone\Skype.exe" [2011-11-09 17049736]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-10-05 59240]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2011-10-17 11430504]
"avgnt"="e:\programme\Avira\AntiVir Desktop\avgnt.exe" [2011-10-11 258512]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"TrayServer"="e:\programme\MAGIX\Video_deluxe_MX_Premium_Download-Version\TrayServer_de.exe" [2008-08-07 90112]
"iTunesHelper"="e:\programme\iTunes\iTunesHelper.exe" [2011-12-08 421736]
"StartCCC"="e:\programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-11-09 343168]
"Malwarebytes' Anti-Malware"="e:\programme\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoFileAssociate"= 0 (0x0)
"NoResolveTrack"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\setup\disabledrunkeys]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-1708537768-1659004503-725345543-1009]
"EnableNotifications"=dword:00000001
"EnableNotificationsRef"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-10-12 136176]
R2 MySQL51;MySQL51;c:\program files\MySQL\MySQL Server 5.5\bin\mysqld --defaults-file=c:\program files\MySQL\MySQL Server 5.5\my.ini MySQL51 [x]
R3 DfSdkS;Defragmentation-Service;e:\programme\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe [2009-08-24 406016]
R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2011-04-26 2702848]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-10-12 136176]
R3 jumi;%Jumi%;c:\windows\system32\DRIVERS\jumi.sys [2010-06-03 13112]
R3 KUSBusByTCP;KUSBusByTCP;c:\windows\system32\Drivers\KUSBusByTCP.sys [2009-12-18 88064]
R3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-06-25 35088]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R3 WSDPrintDevice;WSD-Druckunterstützung durch UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2008-01-19 16896]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-10-11 36000]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2011-12-19 158512]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2011-12-19 91440]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-11-10 176128]
S2 AMD FUEL Service;AMD FUEL Service;e:\programme\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-11-09 291840]
S2 AntiVirSchedulerService;Avira Planer;e:\programme\Avira\AntiVir Desktop\sched.exe [2011-10-11 86224]
S2 Dokan;Dokan;c:\windows\system32\drivers\dokan.sys [2010-07-05 84992]
S2 DokanMounter;DokanMounter;c:\program files\Dokan\DokanLibrary\mounter.exe [2010-07-05 11776]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files\Common Files\MAGIX Services\Database\bin\FABS.exe [2011-05-24 1840128]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;e:\programme\LogMeIn Hamachi\hamachi-2.exe [2011-08-15 1361288]
S2 HP LaserJet Service;HP LaserJet Service;c:\program files\HP\HPLaserJetService\HPLaserJetService.exe [2010-04-12 142336]
S2 MBAMService;MBAMService;e:\programme\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-24 652872]
S2 TeamViewer6;TeamViewer 6;e:\programme\TeamViewer\Version6\TeamViewer_Service.exe [2011-08-17 2358656]
S2 vmci;VMware vmci;c:\windows\system32\Drivers\vmci.sys [2011-03-25 70768]
S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files\Common Files\VMware\USB\vmware-usbarbitrator.exe [2011-03-25 539248]
S3 amdiox86;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-11-10 8913920]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-11-10 263680]
S3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\DRIVERS\l160x86.sys [2008-11-12 46592]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdLH3.sys [2011-10-17 82960]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-08-20 232512]
S3 KUSBusByTCPMasterBus;Master Bus of Kernel USB Software Bus by TCP;c:\windows\system32\Drivers\KUSBusByTCPMasterBus.sys [2009-12-18 60672]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-12-10 20464]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys [2011-03-30 25088]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2011-12-19 104752]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2011-12-19 116016]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
dot3svc REG_MULTI_SZ dot3svc
eapsvcs REG_MULTI_SZ eaphost
WudfServiceGroup REG_MULTI_SZ WUDFSvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Inhalt des "geplante Tasks" Ordners
.
2011-05-29 c:\windows\Tasks\AdobeAAMUpdater-1.0-TITAN21-Jovan.job
- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2011-05-11 00:25]
.
2012-01-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cc7ab8f1c7f6ed.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-12 18:47]
.
2012-01-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-12 18:47]
.
2011-08-29 c:\windows\Tasks\{20D6952E-68DE-4424-86A1-52A986B2CC2B}.job
- c:\progra~1\Skype\Phone\Skype.exe [2011-11-09 13:42]
.
2011-07-12 c:\windows\Tasks\{B668B532-98D5-494C-820D-87372AC7F773}.job
- c:\progra~1\Skype\Phone\Skype.exe [2011-11-09 13:42]
.
2011-06-11 c:\windows\Tasks\{CAF720F3-3F53-4E82-A427-E5CB36721989}.job
- c:\progra~1\Skype\Phone\Skype.exe [2011-11-09 13:42]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page =
IE: {{20CCCFEC-D26F-4ffe-996B-388B39C8CCCA} - {20CCCFEC-D26F-4ffe-996B-388B39C8CCCA} - c:\windows\system32\mscoree.DLL
LSP: e:\programme\VMware\VMware Player\vsocklib.dll
TCP: Interfaces\{D893A6ED-7C8B-4434-B976-A0975702250E}: NameServer = 192.168.178.1,192.168.16.101
FF - ProfilePath - c:\users\Jovan\AppData\Roaming\Mozilla\Firefox\Profiles\b2ukvcbi.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Google.de
FF - prefs.js: browser.startup.homepage - chrome://
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: network.prefetch-next - true
FF - user.js: layout.spellcheckDefault - 2
FF - user.js: browser.urlbar.autoFill - false
FF - user.js: browser.search.openintab - false
FF - user.js: browser.tabs.closeButtons - 1
FF - user.js: browser.tabs.opentabfor.middleclick - true
FF - user.js: browser.tabs.tabMinWidth - 100
FF - user.js: browser.urlbar.hideGoButton - true
.
.
**************************************************************************
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien:
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\MySQL51]
"ImagePath"="\"c:\program files\MySQL\MySQL Server 5.5\bin\mysqld\" --defaults-file=\"c:\program files\MySQL\MySQL Server 5.5\my.ini\" MySQL51"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1708537768-1659004503-725345543-1009\Software\SecuROM\License information*]
"datasecu"=hex:4e,02,fb,03,b7,83,48,b4,91,d8,67,01,d4,95,79,c5,a4,e4,cd,3f,d7,
86,b0,42,3a,ee,91,df,86,4e,2d,24,39,84,70,f2,22,f9,d7,78,91,c4,cd,69,5c,cf,\
"rkeysecu"=hex:c4,b1,33,40,0f,ad,de,9b,22,45,e3,64,83,36,1d,d8
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(2728)
c:\users\Jovan\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
j:\virtualpc\VPCShExH.DLL
.
------------------------ Weitere laufende Prozesse ------------------------
.
e:\programme\Avira\AntiVir Desktop\avguard.exe
e:\programme\Avira\AntiVir Desktop\avshadow.exe
c:\windows\system32\atieclxx.exe
c:\program files\Google\Update\1.3.21.79\GoogleCrashHandler.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\windows\system32\vmnat.exe
c:\windows\system32\vmnetdhcp.exe
e:\programme\VMware\VMware Player\vmware-authd.exe
c:\windows\system32\conime.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\Taskmgr.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-01-02 23:05:31 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-01-02 22:03
ComboFix2.txt 2012-01-02 20:22
.
Vor Suchlauf: 9 Verzeichnis(se), 23.804.411.904 Bytes frei
Nach Suchlauf: 10 Verzeichnis(se), 23.766.806.528 Bytes frei
.
- - End Of File - - 0BEA4053344FB4EF30F7BD9E1B34E5D4
|
|
02.01.2012, 23:10
| #25 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Task's lassen ich nicht beenden Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
03.01.2012, 01:10
| #26 |
| | Task's lassen ich nicht beenden GMER: Code:
ATTFilter GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-01-03 01:09:36
Windows 6.0.6002 Service Pack 2 Harddisk1\DR1 -> \Device\Ide\IdeDeviceP2T0L0-2 ST380215A rev.3.AAD
Running: whwo3pd5.exe; Driver: C:\Users\Jovan\AppData\Local\Temp\awldipow.sys
---- System - GMER 1.0.15 ----
SSDT 897F2076 ZwCreateSection
SSDT 897F2080 ZwRequestWaitReplyPort
SSDT 897F207B ZwSetContextThread
SSDT 897F2085 ZwSetSecurityObject
SSDT 897F208A ZwSystemDebugControl
SSDT 897F2017 ZwTerminateProcess
INT 0x52 ? 86996CB8
INT 0x62 ? 84C4BCB8
INT 0x72 ? 84C4CCB8
INT 0x82 ? 84C4CCB8
INT 0x92 ? 84C4CCB8
INT 0x93 ? 86996CB8
INT 0xA3 ? 86996CB8
INT 0xB3 ? 86996CB8
---- Kernel code sections - GMER 1.0.15 ----
.text ntkrnlpa.exe!KeSetEvent + 215 82ABB998 4 Bytes [76, 20, 7F, 89] {JBE 0x22; JG 0xffffffffffffff8d}
.text ntkrnlpa.exe!KeSetEvent + 539 82ABBCBC 4 Bytes [80, 20, 7F, 89]
.text ntkrnlpa.exe!KeSetEvent + 56D 82ABBCF0 4 Bytes [7B, 20, 7F, 89] {JNP 0x22; JG 0xffffffffffffff8d}
.text ntkrnlpa.exe!KeSetEvent + 5D1 82ABBD54 4 Bytes [85, 20, 7F, 89] {TEST [EAX], ESP; JG 0xffffffffffffff8d}
.text ntkrnlpa.exe!KeSetEvent + 619 82ABBD9C 4 Bytes [8A, 20, 7F, 89] {MOV AH, [EAX]; JG 0xffffffffffffff8d}
.text ...
.text sptd.sys 80602000 32 Bytes [C0, CE, DC, 82, 06, 61, DD, ...]
.text sptd.sys 80602024 104 Bytes [EA, D3, A4, 82, 41, CB, AF, ...]
.text sptd.sys 8060208D 103 Bytes [81, A5, 82, 81, CB, AB, 82, ...]
.text sptd.sys 806020F5 23 Bytes [48, A5, 82, F0, E2, A2, 82, ...]
.text sptd.sys 8060210D 191 Bytes [4A, A5, 82, 1C, 03, AC, 82, ...]
.text ...
.sptd2 C:\Windows\System32\Drivers\sptd.sys entry point in ".sptd2" section [0x806AC9E3]
? C:\Windows\System32\Drivers\sptd.sys Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
.text C:\Windows\system32\DRIVERS\atikmdag.sys section is writeable [0x8EE04000, 0x3BEEC5, 0xE8000020]
.text USBPORT.SYS!DllUnload 8F7E941B 5 Bytes JMP 869961C8
---- User code sections - GMER 1.0.15 ----
.text E:\Programme\Aurora\plugin-container.exe[3012] USER32.dll!SetWindowLongA 7628E7CD 5 Bytes JMP 5F260E8D E:\Programme\Aurora\xul.dll (Mozilla Foundation)
.text E:\Programme\Aurora\plugin-container.exe[3012] USER32.dll!SetWindowLongW 762913B4 5 Bytes JMP 5F260E1F E:\Programme\Aurora\xul.dll (Mozilla Foundation)
.text E:\Programme\Aurora\plugin-container.exe[3012] USER32.dll!GetWindowInfo 7629428E 5 Bytes JMP 5F02AA81 E:\Programme\Aurora\xul.dll (Mozilla Foundation)
.text E:\Programme\Aurora\plugin-container.exe[3012] USER32.dll!TrackPopupMenu 762A14F3 5 Bytes JMP 5F02B03E E:\Programme\Aurora\xul.dll (Mozilla Foundation)
.text E:\Programme\Aurora\firefox.exe[4372] ntdll.dll!LdrLoadDll 777893A8 5 Bytes JMP 5EEB6640 E:\Programme\Aurora\xul.dll (Mozilla Foundation)
.text E:\Programme\Aurora\firefox.exe[4372] kernel32.dll!MapViewOfFile 775768F0 5 Bytes JMP 5F0EB536 E:\Programme\Aurora\xul.dll (Mozilla Foundation)
.text E:\Programme\Aurora\firefox.exe[4372] kernel32.dll!VirtualAlloc 7757AD55 5 Bytes JMP 5F0EB55D E:\Programme\Aurora\xul.dll (Mozilla Foundation)
.text E:\Programme\Aurora\firefox.exe[4372] GDI32.dll!CreateDIBSection 778E7461 5 Bytes JMP 5F0EB4C0 E:\Programme\Aurora\xul.dll (Mozilla Foundation)
---- Kernel IAT/EAT - GMER 1.0.15 ----
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortUchar] [80603EEE] \SystemRoot\System32\Drivers\sptd.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortUlong] [8060420E] \SystemRoot\System32\Drivers\sptd.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUchar] [8060370C] \SystemRoot\System32\Drivers\sptd.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortBufferUshort] [806040CC] \SystemRoot\System32\Drivers\sptd.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUshort] [80603832] \SystemRoot\System32\Drivers\sptd.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortBufferUshort] [806038F0] \SystemRoot\System32\Drivers\sptd.sys
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\Windows\Explorer.EXE[2776] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [74207817] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2776] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [7425A86D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2776] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [7420BB22] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2776] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [741FF695] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2776] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [742075E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2776] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [741FE7CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2776] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [74238395] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2776] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [7420DA60] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2776] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [741FFFFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2776] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [741FFF61] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2776] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [741F71CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2776] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [7428CAE2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2776] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [7422C8D8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2776] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [741FD968] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2776] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [741F6853] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2776] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [741F687E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2776] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [74202AD1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs 84C541E8
AttachedDevice \FileSystem\Ntfs \Ntfs siwinacc.sys (Windows Accelerator Driver/Silicon Image, Inc.)
Device \FileSystem\fastfat \FatCdrom 872321E8
Device \Driver\netbt \Device\NetBT_Tcpip_{DD323DD6-5A13-4785-AC8E-E8EF90402433} 86FD3430
Device \Driver\netbt \Device\NetBT_Tcpip_{A6B29388-BD01-4EA9-BC68-30DB9FDE7B17} 86FD3430
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application@Sources WSH?WMIAdapter?WMI.NET Provider Extension?WmdmPmSN?WinMgmt?Winlogon?Windows Product Activation?Windows 3.1 Migration?WebClient?VSSetup?VSS?VBRuntime?Userinit?Userenv?System.ServiceModel.Install 3.0.0.0?System.ServiceModel 4.0.0.0?System.ServiceModel 3.0.0.0?System.Runtime.Serialization 4.0.0.0?System.Runtime.Serialization 3.0.0.0?System.IO.Log 4.0.0.0?System.IO.Log 3.0.0.0?System.IdentityModel 4.0.0.0?System.IdentityModel 3.0.0.0?SysmonLog?Starter?SpoolerCtrs?Software Restriction Policies?Software Installation?ServiceModel Audit 4.0.0.0?ServiceModel Audit 3.0.0.0?SecurityCenter?SclgNtfy?SceSrv?SceCli?safrslv?SAFrdms?RPC?Remote Assistance?PerfProc?PerfOS?PerfNet?Perfmon?Perflib?PerfDisk?Perfctrs?Offline Files?Oakley?ntbackup?MSSQLSERVER/MSDE?MSSHA?MsiInstaller?MSDTC Client?MSDTC?mnmsrvc?Microsoft.Transactions.Bridge 4.0.0.0?Microsoft.Transactions.Bridge 3.0.0.0?Microsoft WSE 3.0?Microsoft H.323 Telephony Service Provider?Microsoft (R) Visual C# 2005 Compiler?LoadPerf?KOCH Protect?JavaQuickStarterService?idsvc
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 E:\Programme\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet004\Services\Eventlog\Application@Sources WSH?WMIAdapter?WMI.NET Provider Extension?WmdmPmSN?WinMgmt?Winlogon?Windows Product Activation?Windows 3.1 Migration?WebClient?VSSetup?VSS?VBRuntime?Userinit?Userenv?System.ServiceModel.Install 3.0.0.0?System.ServiceModel 4.0.0.0?System.ServiceModel 3.0.0.0?System.Runtime.Serialization 4.0.0.0?System.Runtime.Serialization 3.0.0.0?System.IO.Log 4.0.0.0?System.IO.Log 3.0.0.0?System.IdentityModel 4.0.0.0?System.IdentityModel 3.0.0.0?SysmonLog?Starter?SpoolerCtrs?Software Restriction Policies?Software Installation?ServiceModel Audit 4.0.0.0?ServiceModel Audit 3.0.0.0?SecurityCenter?SclgNtfy?SceSrv?SceCli?safrslv?SAFrdms?RPC?Remote Assistance?PerfProc?PerfOS?PerfNet?Perfmon?Perflib?PerfDisk?Perfctrs?Offline Files?Oakley?ntbackup?MSSQLSERVER/MSDE?MSSHA?MsiInstaller?MSDTC Client?MSDTC?mnmsrvc?Microsoft.Transactions.Bridge 4.0.0.0?Microsoft.Transactions.Bridge 3.0.0.0?Microsoft WSE 3.0?Microsoft H.323 Telephony Service Provider?Microsoft (R) Visual C# 2005 Compiler?LoadPerf?KOCH Protect?JavaQuickStarterService?idsvc
Reg HKLM\SOFTWARE\Microsoft\Windows Search\CatalogNames\Windows\SystemIndex@pkm:catalog:LastCatalogCrawlId 454
Reg HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex@CheckPointNumber 1
Reg HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\Crawls\455
Reg HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\Crawls\455@CrawlType 2
Reg HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\Crawls\455@InProgress 1
Reg HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\Crawls\455@DoneAddingCrawlSeeds 1
Reg HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\Crawls\455@LogName C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Crwl455.gthr
Reg HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\Crawls\455@CheckPoint 0x82 0x00 0x00 0x00 ...
Reg HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\Crawls\455@IsCatalogLevel 0
Reg HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\Crawls\455@LogStartAddId 2
Reg HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\Crawls\455@SuccessfulTransactions 0
Reg HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\Crawls\455@ErrorTransactions 0
Reg HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\Crawls\455@WarningTransactions 0
Reg HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\Crawls\455@ExcludedTransactions 0
Reg HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\Crawls\455@RetryTransactions 0
Reg HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\Crawls\455@KilobytesCrawled 0
Reg HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\Crawls\455@Modified 0
Reg HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\Crawls\455@UnvisitedItems 0
Reg HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\Crawls\455@ForcedFullCrawl 0
Reg HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\StartPages\2@CrawlNumberInProgress 455
---- EOF - GMER 1.0.15 ----
|
|
04.01.2012, 23:44
| #27 |
| | Task's lassen ich nicht beenden OSAM: Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 23:43:02 on 04.01.2012 OS: Windows Vista Business Edition Service Pack 2 (Build 6002), 32-bit Default Browser: Mozilla Corporation Aurora 11.0a2 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Control Panel Objects] -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "Avira AntiVir Personal" - ? - C:\PROGRA~1\Avira\ANTIVI~1\avconfig.cpl (File not found) "QuickTime" - "Apple Inc." - C:\Program Files\QuickTime\QTSystem\QuickTime.cpl "SageThumbs Shell Extension" - "CherubicSoft" - E:\Programme\SageThumbs\32\SageThumbs.dll [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "%Jumi%" (jumi) - "Windows (R) Win 7 DDK provider" - C:\Windows\System32\DRIVERS\jumi.sys "AsIO" (AsIO) - ? - C:\Windows\System32\drivers\AsIO.sys (File found, but it contains no detailed information) "avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys "avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys "avkmgr" (avkmgr) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avkmgr.sys "catchme" (catchme) - ? - C:\ComboFix\catchme.sys (File not found) "Dokan" (Dokan) - "Windows (R) Win 7 DDK provider" - C:\Windows\system32\drivers\dokan.sys "EagleNT" (EagleNT) - ? - C:\Windows\system32\drivers\EagleNT.sys (File not found) "EagleXNt" (EagleXNt) - ? - C:\Windows\system32\drivers\EagleXNt.sys (File not found) "GEAR ASPI Filter Driver" (GEARAspiWDM) - "GEAR Software Inc." - C:\Windows\System32\DRIVERS\GEARAspiWDM.sys "Hamachi Network Interface" (hamachi) - "LogMeIn, Inc." - C:\Windows\System32\DRIVERS\hamachi.sys "IP in IP Tunnel Driver" (IpInIp) - ? - C:\Windows\System32\DRIVERS\ipinip.sys (File not found) "IPX Traffic Filter Driver" (NwlnkFlt) - ? - C:\Windows\System32\DRIVERS\nwlnkflt.sys (File not found) "IPX Traffic Forwarder Driver" (NwlnkFwd) - ? - C:\Windows\System32\DRIVERS\nwlnkfwd.sys (File not found) "KUSBusByTCP" (KUSBusByTCP) - "Windows (R) Codename Longhorn DDK provider" - C:\Windows\System32\Drivers\KUSBusByTCP.sys "Master Bus of Kernel USB Software Bus by TCP" (KUSBusByTCPMasterBus) - "Windows (R) Codename Longhorn DDK provider" - C:\Windows\System32\Drivers\KUSBusByTCPMasterBus.sys "MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys "NetGroup Packet Filter Driver" (NPF) - "CACE Technologies, Inc." - C:\Windows\System32\drivers\npf.sys "Padus ASPI Shell" (pfc) - "Padus, Inc." - C:\Windows\System32\drivers\pfc.sys "PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\Windows\System32\Drivers\PxHelp20.sys "sptd" (sptd) - ? - C:\Windows\System32\Drivers\sptd.sys (File not found) "ssmdrv" (ssmdrv) - "Avira GmbH" - C:\Windows\System32\DRIVERS\ssmdrv.sys "Trust Webcam 14823" (snpstd) - ? - C:\Windows\System32\DRIVERS\snpstd.sys (File not found) "Virtual Machine Monitor" (vmm) - "Microsoft Corporation" - C:\Windows\system32\Drivers\vmm.sys "VMware hcmon" (hcmon) - "VMware, Inc." - C:\Windows\system32\drivers\hcmon.sys "VMware kbd" (vmkbd) - "VMware, Inc." - C:\Windows\system32\drivers\VMkbd.sys "VMware Network Application Interface" (VMnetuserif) - "VMware, Inc." - C:\Windows\system32\drivers\vmnetuserif.sys "VMware vmci" (vmci) - "VMware, Inc." - C:\Windows\system32\Drivers\vmci.sys "VMware VMparport" (VMparport) - "VMware, Inc." - C:\Windows\system32\Drivers\VMparport.sys "VMware vmx86" (vmx86) - "VMware, Inc." - C:\Windows\system32\Drivers\vmx86.sys "Vstor2 WS60 Virtual Storage Driver" (vstor2-ws60) - "VMware, Inc." - E:\Programme\VMware\VMware Player\vstor2-ws60.sys [Explorer] -----( HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )----- {2C7339CF-2B09-4501-B3F3-F3508C9228ED} "Themes Setup" - "Microsoft Corporation" - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - "The Document Foundation" - E:\Programme\LibreOffice 3\Basis\program\shlxthdl\shlxthdl.dll -----( HKLM\Software\Classes\Protocols\Handler )----- {314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll {0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? - (File not found | COM-object registry key not found) {1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? - (File not found | COM-object registry key not found) {34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? - (File not found | COM-object registry key not found) {0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? - (File not found | COM-object registry key not found) {42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" - ? - deskpan.dll (File not found) {41E300E0-78B6-11ce-849B-444553540000} "Display Effects CPL Extension" - "Microsoft Corporation" - C:\Windows\system32\themeui.dll {872A9397-E0D6-4e28-B64D-52B8D0A7EA35} "DisplayCplExt Class" - "Advanced Micro Devices, Inc." - E:\Programme\ATI Technologies\ATI.ACE\Core-Static\atiamaxx.dll {2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? - (File not found | COM-object registry key not found) {FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? - (File not found | COM-object registry key not found) {B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - E:\Programme\iTunes\iTunesMiniPlayer.dll {AE424E85-F6DF-4910-A6A9-438797986431} "LibreOffice Property Handler" - "The Document Foundation" - E:\Programme\LibreOffice 3\Basis\program\shlxthdl\propertyhdl.dll {00020d75-0000-0000-c000-000000000046} "lnkfile" - ? - (File not found | COM-object registry key not found) {4A34B3E3-F50E-4FF6-8979-7E4176466FF2} "SageThumbs Shell Extension" - "CherubicSoft" - E:\Programme\SageThumbs\32\SageThumbs.dll {C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? - (File not found | COM-object registry key not found) {E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? - (File not found | COM-object registry key not found) {45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira Operations GmbH & Co. KG" - E:\Programme\Avira\AntiVir Desktop\shlext.dll {5E2121EE-0300-11D4-8D3B-444553540000} "SimpleShlExt Class" - "Advanced Micro Devices, Inc." - E:\Programme\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} "UnlockerShellExtension" - ? - e:\Programme\Unlocker\UnlockerCOM.dll (File found, but it contains no detailed information) {8932AEFE-9DB6-4f43-AFB2-5682F55E773A} "VPCHostCopyHook" - "Microsoft Corporation" - J:\VirtualPC\VPCShExH.DLL {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? - (File not found | COM-object registry key not found) {B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Program Files\WinRAR\rarext.dll {06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} "Java Plug-in 1.6.0_22" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_29" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} "Java Plug-in 1.6.0_29" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_29" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_29.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab {D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object" - "Adobe Systems, Inc." - C:\Windows\system32\Macromed\Flash\Flash10t.ocx / hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {20CCCFEC-D26F-4ffe-996B-388B39C8CCCA} "ClsidExtension" - ? - (File not found | COM-object registry key not found) "Exec" - "Microsoft Corporation" - C:\Windows\Network Diagnostic\xpnetdiag.exe -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll [Logon] -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "BackgroundSwitcher" - "johnsadventures.com" - "E:\Programme\John's Background Switcher\BackgroundSwitcher.exe" "MonitorSwitch" - "www.goldgingko.com" - E:\Programme\MonitorSwitch\MonitorSwitch.exe /m "RocketDock" - ? - "E:\Programme\RocketDock\RocketDock.exe" (File found, but it contains no detailed information) "Skype" - "Skype Technologies S.A." - "C:\Programme\Skype\Phone\Skype.exe" /minimized "ViGlance" - "Lee-Soft.com, Lee Matthew Chantrey" - C:\Program Files\ViGlance\ViGlance.exe -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "AppleSyncNotifier" - "Apple Inc." - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe "APSDaemon" - "Apple Inc." - "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" "avgnt" - "Avira Operations GmbH & Co. KG" - "E:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min "iTunesHelper" - "Apple Inc." - "E:\Programme\iTunes\iTunesHelper.exe" "Malwarebytes' Anti-Malware" - "Malwarebytes Corporation" - "E:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray "StartCCC" - "Advanced Micro Devices, Inc." - "E:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe" "TrayServer" - "MAGIX AG" - E:\Programme\MAGIX\Video_deluxe_MX_Premium_Download-Version\TrayServer_de.exe [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "HP Fax Port" - "Hewlett-Packard Company" - C:\Windows\system32\hppfaxprintermon5.dll "HP Standard TCP/IP Port" - "Hewlett Packard" - C:\Windows\system32\HpTcpMon.dll "PDFCreator" - ? - C:\Windows\system32\pdfcmnnt.dll (File found, but it contains no detailed information) [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "@%SystemRoot%\System32\shsvcs.dll,-12288" (ShellHWDetection) - "Microsoft Corporation" - C:\Windows\System32\shsvcs.dll "@%SystemRoot%\System32\shsvcs.dll,-8192" (Themes) - "Microsoft Corporation" - C:\Windows\system32\shsvcs.dll "@C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100" (WPFFontCache_v0400) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe "Adobe Acrobat Update Service" (AdobeARMservice) - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe "AMD FUEL Service" (AMD FUEL Service) - "Advanced Micro Devices, Inc." - E:\Programme\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe "Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe "Avira Echtzeit Scanner" (AntiVirService) - "Avira Operations GmbH & Co. KG" - E:\Programme\Avira\AntiVir Desktop\avguard.exe "Avira Planer" (AntiVirSchedulerService) - "Avira Operations GmbH & Co. KG" - E:\Programme\Avira\AntiVir Desktop\sched.exe "Defragmentation-Service" (DfSdkS) - "mst software GmbH, Germany" - E:\Programme\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe "Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Program Files\Bonjour\mDNSResponder.exe "DokanMounter" (DokanMounter) - ? - C:\Program Files\Dokan\DokanLibrary\mounter.exe (File found, but it contains no detailed information) "FABS - Helping agent for MAGIX media database" (Fabs) - "MAGIX AG" - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe "Firebird Server - MAGIX Instance" (FirebirdServerMAGIXInstance) - "MAGIX®" - C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe "Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "HP LaserJet Service" (HP LaserJet Service) - "HP" - C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe "InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe "iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Program Files\iPod\bin\iPodService.exe "LogMeIn Hamachi Tunneling Engine" (Hamachi2Svc) - "LogMeIn Inc." - E:\Programme\LogMeIn Hamachi\hamachi-2.exe "Machine Debug Manager" (MDM) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe "MBAMService" (MBAMService) - "Malwarebytes Corporation" - E:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "MySQL51" (MySQL51) - ? - C:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld.exe "Net Driver HPZ12" (Net Driver HPZ12) - "Hewlett-Packard" - C:\Windows\system32\HPZinw12.dll "Pml Driver HPZ12" (Pml Driver HPZ12) - "Hewlett-Packard" - C:\Windows\system32\HPZipm12.dll "Remote Packet Capture Protocol v.0 (experimental)" (rpcapd) - "CACE Technologies, Inc." - C:\Program Files\WinPcap\rpcapd.exe "Steam Client Service" (Steam Client Service) - "Valve Corporation" - C:\Program Files\Common Files\Steam\SteamService.exe "TeamViewer 6" (TeamViewer6) - "TeamViewer GmbH" - E:\Programme\TeamViewer\Version6\TeamViewer_Service.exe "VMware Agent Service" (ufad-ws60) - "VMware, Inc." - E:\Programme\VMware\VMware Player\vmware-ufad.exe "VMware Authorization Service" (VMAuthdService) - "VMware, Inc." - E:\Programme\VMware\VMware Player\vmware-authd.exe "VMware DHCP Service" (VMnetDHCP) - "VMware, Inc." - C:\Windows\system32\vmnetdhcp.exe "VMware NAT Service" (VMware NAT Service) - "VMware, Inc." - C:\Windows\system32\vmnat.exe "VMware USB Arbitration Service" (VMUSBArbService) - "VMware, Inc." - C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "mdnsNSP" - "Apple Inc." - C:\Program Files\Bonjour\mdnsNSP.dll -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries )----- "VMCI sockets DGRAM" - "VMware, Inc." - E:\Programme\VMware\VMware Player\vsocklib.dll "VMCI sockets STREAM" - "VMware, Inc." - E:\Programme\VMware\VMware Player\vsocklib.dll ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru |
|
05.01.2012, 10:26
| #28 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Task's lassen ich nicht beendenZitat:
Kommt aswMBR auch noch?`
__________________ Logfiles bitte immer in CODE-Tags posten |
|
05.01.2012, 21:30
| #29 |
| | Task's lassen ich nicht beenden aswMBR: Code:
ATTFilter aswMBR version 0.9.9.1156 Copyright(c) 2011 AVAST Software
Run date: 2012-01-04 23:46:30
-----------------------------
23:46:30.539 OS Version: Windows 6.0.6002 Service Pack 2
23:46:30.539 Number of processors: 2 586 0x6B02
23:46:30.540 ComputerName: TITAN21 UserName: Jovan
23:47:13.191 Initialize success
23:51:07.106 AVAST engine defs: 12010401
23:51:15.772 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
23:51:15.784 Disk 0 Vendor: SAMSUNG_HD103SJ 1AJ10001 Size: 953869MB BusType: 3
23:51:15.788 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP2T0L0-2
23:51:15.792 Disk 1 Vendor: ST380215A 3.AAD Size: 76319MB BusType: 3
23:51:15.796 Disk 2 \Device\Harddisk2\DR2 -> \Device\Ide\IdeDeviceP1T0L0-1
23:51:15.800 Disk 2 Vendor: WDC_WD1200JD-00HBC0 08.02D08 Size: 114473MB BusType: 3
23:51:15.830 Disk 1 MBR read successfully
23:51:15.845 Disk 1 MBR scan
23:51:15.884 Disk 1 Windows VISTA default MBR code
23:51:15.902 Disk 1 Partition 1 80 (A) 07 HPFS/NTFS NTFS 76317 MB offset 63
23:51:15.912 Disk 1 scanning sectors +156298752
23:51:16.063 Disk 1 scanning C:\Windows\system32\drivers
23:51:35.895 Service scanning
23:51:37.333 Service sptd C:\Windows\System32\Drivers\sptd.sys **LOCKED** 32
23:51:38.082 Modules scanning
23:52:22.748 Disk 1 trace - called modules:
23:52:22.765 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll >>UNKNOWN [0x84c531e8]<<
23:52:22.779 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0x86166410]
23:52:22.787 3 CLASSPNP.SYS[88da88b3] -> nt!IofCallDriver -> [0x8562ded8]
23:52:22.794 5 acpi.sys[807266bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-2[0x85645030]
23:52:22.817 \Driver\atapi[0x8560f960] -> IRP_MJ_CREATE -> 0x84c531e8
23:52:23.808 AVAST engine scan C:\Windows
23:52:31.260 AVAST engine scan C:\Windows\system32
23:57:01.439 AVAST engine scan C:\Windows\system32\drivers
23:57:24.751 AVAST engine scan C:\Users\Jovan
00:08:38.876 AVAST engine scan C:\ProgramData
00:17:19.751 Scan finished successfully
00:17:43.617 Disk 1 MBR has been saved successfully to "D:\Benutzer\Jovan\Desktop\MBR.dat"
00:17:43.624 The log file has been saved successfully to "D:\Benutzer\Jovan\Desktop\aswMBR.txt"
|
|
05.01.2012, 21:34
| #30 |
| | Task's lassen ich nicht beenden Hier noch mal der neue OSAM Log: Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 21:34:18 on 05.01.2012 OS: Windows Vista Business Edition Service Pack 2 (Build 6002), 32-bit Default Browser: Mozilla Corporation Aurora 11.0a2 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Control Panel Objects] -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "Avira AntiVir Personal" - ? - C:\PROGRA~1\Avira\ANTIVI~1\avconfig.cpl (File not found) "QuickTime" - "Apple Inc." - C:\Program Files\QuickTime\QTSystem\QuickTime.cpl "SageThumbs Shell Extension" - "CherubicSoft" - E:\Programme\SageThumbs\32\SageThumbs.dll [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "%Jumi%" (jumi) - "Windows (R) Win 7 DDK provider" - C:\Windows\System32\DRIVERS\jumi.sys "AsIO" (AsIO) - ? - C:\Windows\System32\drivers\AsIO.sys (File found, but it contains no detailed information) "avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys "avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys "avkmgr" (avkmgr) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avkmgr.sys "catchme" (catchme) - ? - C:\ComboFix\catchme.sys (File not found) "Dokan" (Dokan) - "Windows (R) Win 7 DDK provider" - C:\Windows\system32\drivers\dokan.sys "GEAR ASPI Filter Driver" (GEARAspiWDM) - "GEAR Software Inc." - C:\Windows\System32\DRIVERS\GEARAspiWDM.sys "Hamachi Network Interface" (hamachi) - "LogMeIn, Inc." - C:\Windows\System32\DRIVERS\hamachi.sys "IP in IP Tunnel Driver" (IpInIp) - ? - C:\Windows\System32\DRIVERS\ipinip.sys (File not found) "IPX Traffic Filter Driver" (NwlnkFlt) - ? - C:\Windows\System32\DRIVERS\nwlnkflt.sys (File not found) "IPX Traffic Forwarder Driver" (NwlnkFwd) - ? - C:\Windows\System32\DRIVERS\nwlnkfwd.sys (File not found) "KUSBusByTCP" (KUSBusByTCP) - "Windows (R) Codename Longhorn DDK provider" - C:\Windows\System32\Drivers\KUSBusByTCP.sys "Master Bus of Kernel USB Software Bus by TCP" (KUSBusByTCPMasterBus) - "Windows (R) Codename Longhorn DDK provider" - C:\Windows\System32\Drivers\KUSBusByTCPMasterBus.sys "MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys "NetGroup Packet Filter Driver" (NPF) - "CACE Technologies, Inc." - C:\Windows\System32\drivers\npf.sys "Padus ASPI Shell" (pfc) - "Padus, Inc." - C:\Windows\System32\drivers\pfc.sys "PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\Windows\System32\Drivers\PxHelp20.sys "sptd" (sptd) - ? - C:\Windows\System32\Drivers\sptd.sys (File not found) "ssmdrv" (ssmdrv) - "Avira GmbH" - C:\Windows\System32\DRIVERS\ssmdrv.sys "Trust Webcam 14823" (snpstd) - ? - C:\Windows\System32\DRIVERS\snpstd.sys (File not found) "Virtual Machine Monitor" (vmm) - "Microsoft Corporation" - C:\Windows\system32\Drivers\vmm.sys "VMware hcmon" (hcmon) - "VMware, Inc." - C:\Windows\system32\drivers\hcmon.sys "VMware kbd" (vmkbd) - "VMware, Inc." - C:\Windows\system32\drivers\VMkbd.sys "VMware Network Application Interface" (VMnetuserif) - "VMware, Inc." - C:\Windows\system32\drivers\vmnetuserif.sys "VMware vmci" (vmci) - "VMware, Inc." - C:\Windows\system32\Drivers\vmci.sys "VMware VMparport" (VMparport) - "VMware, Inc." - C:\Windows\system32\Drivers\VMparport.sys "VMware vmx86" (vmx86) - "VMware, Inc." - C:\Windows\system32\Drivers\vmx86.sys "Vstor2 WS60 Virtual Storage Driver" (vstor2-ws60) - "VMware, Inc." - E:\Programme\VMware\VMware Player\vstor2-ws60.sys [Explorer] -----( HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )----- {2C7339CF-2B09-4501-B3F3-F3508C9228ED} "Themes Setup" - "Microsoft Corporation" - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - "The Document Foundation" - E:\Programme\LibreOffice 3\Basis\program\shlxthdl\shlxthdl.dll -----( HKLM\Software\Classes\Protocols\Handler )----- {314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll {0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? - (File not found | COM-object registry key not found) {1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? - (File not found | COM-object registry key not found) {34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? - (File not found | COM-object registry key not found) {0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? - (File not found | COM-object registry key not found) {42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" - ? - deskpan.dll (File not found) {41E300E0-78B6-11ce-849B-444553540000} "Display Effects CPL Extension" - "Microsoft Corporation" - C:\Windows\system32\themeui.dll {872A9397-E0D6-4e28-B64D-52B8D0A7EA35} "DisplayCplExt Class" - "Advanced Micro Devices, Inc." - E:\Programme\ATI Technologies\ATI.ACE\Core-Static\atiamaxx.dll {2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? - (File not found | COM-object registry key not found) {FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? - (File not found | COM-object registry key not found) {B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - E:\Programme\iTunes\iTunesMiniPlayer.dll {AE424E85-F6DF-4910-A6A9-438797986431} "LibreOffice Property Handler" - "The Document Foundation" - E:\Programme\LibreOffice 3\Basis\program\shlxthdl\propertyhdl.dll {00020d75-0000-0000-c000-000000000046} "lnkfile" - ? - (File not found | COM-object registry key not found) {4A34B3E3-F50E-4FF6-8979-7E4176466FF2} "SageThumbs Shell Extension" - "CherubicSoft" - E:\Programme\SageThumbs\32\SageThumbs.dll {C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? - (File not found | COM-object registry key not found) {E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? - (File not found | COM-object registry key not found) {45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira Operations GmbH & Co. KG" - E:\Programme\Avira\AntiVir Desktop\shlext.dll {5E2121EE-0300-11D4-8D3B-444553540000} "SimpleShlExt Class" - "Advanced Micro Devices, Inc." - E:\Programme\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} "UnlockerShellExtension" - ? - e:\Programme\Unlocker\UnlockerCOM.dll (File found, but it contains no detailed information) {8932AEFE-9DB6-4f43-AFB2-5682F55E773A} "VPCHostCopyHook" - "Microsoft Corporation" - J:\VirtualPC\VPCShExH.DLL {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? - (File not found | COM-object registry key not found) {B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Program Files\WinRAR\rarext.dll {06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} "Java Plug-in 1.6.0_22" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_29" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} "Java Plug-in 1.6.0_29" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_29" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_29.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab {D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object" - "Adobe Systems, Inc." - C:\Windows\system32\Macromed\Flash\Flash10t.ocx / hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {20CCCFEC-D26F-4ffe-996B-388B39C8CCCA} "ClsidExtension" - ? - (File not found | COM-object registry key not found) "Exec" - "Microsoft Corporation" - C:\Windows\Network Diagnostic\xpnetdiag.exe -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll [Logon] -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "BackgroundSwitcher" - "johnsadventures.com" - "E:\Programme\John's Background Switcher\BackgroundSwitcher.exe" "MonitorSwitch" - "www.goldgingko.com" - E:\Programme\MonitorSwitch\MonitorSwitch.exe /m "RocketDock" - ? - "E:\Programme\RocketDock\RocketDock.exe" (File found, but it contains no detailed information) "Skype" - "Skype Technologies S.A." - "C:\Programme\Skype\Phone\Skype.exe" /minimized "ViGlance" - "Lee-Soft.com, Lee Matthew Chantrey" - C:\Program Files\ViGlance\ViGlance.exe -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "AppleSyncNotifier" - "Apple Inc." - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe "APSDaemon" - "Apple Inc." - "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" "avgnt" - "Avira Operations GmbH & Co. KG" - "E:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min "iTunesHelper" - "Apple Inc." - "E:\Programme\iTunes\iTunesHelper.exe" "Malwarebytes' Anti-Malware" - "Malwarebytes Corporation" - "E:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray "StartCCC" - "Advanced Micro Devices, Inc." - "E:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe" "TrayServer" - "MAGIX AG" - E:\Programme\MAGIX\Video_deluxe_MX_Premium_Download-Version\TrayServer_de.exe [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "HP Fax Port" - "Hewlett-Packard Company" - C:\Windows\system32\hppfaxprintermon5.dll "HP Standard TCP/IP Port" - "Hewlett Packard" - C:\Windows\system32\HpTcpMon.dll "PDFCreator" - ? - C:\Windows\system32\pdfcmnnt.dll (File found, but it contains no detailed information) [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "@%SystemRoot%\System32\shsvcs.dll,-12288" (ShellHWDetection) - "Microsoft Corporation" - C:\Windows\System32\shsvcs.dll "@%SystemRoot%\System32\shsvcs.dll,-8192" (Themes) - "Microsoft Corporation" - C:\Windows\system32\shsvcs.dll "@C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100" (WPFFontCache_v0400) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe "Adobe Acrobat Update Service" (AdobeARMservice) - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe "AMD FUEL Service" (AMD FUEL Service) - "Advanced Micro Devices, Inc." - E:\Programme\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe "Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe "Avira Echtzeit Scanner" (AntiVirService) - "Avira Operations GmbH & Co. KG" - E:\Programme\Avira\AntiVir Desktop\avguard.exe "Avira Planer" (AntiVirSchedulerService) - "Avira Operations GmbH & Co. KG" - E:\Programme\Avira\AntiVir Desktop\sched.exe "Defragmentation-Service" (DfSdkS) - "mst software GmbH, Germany" - E:\Programme\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe "Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Program Files\Bonjour\mDNSResponder.exe "DokanMounter" (DokanMounter) - ? - C:\Program Files\Dokan\DokanLibrary\mounter.exe (File found, but it contains no detailed information) "FABS - Helping agent for MAGIX media database" (Fabs) - "MAGIX AG" - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe "Firebird Server - MAGIX Instance" (FirebirdServerMAGIXInstance) - "MAGIX®" - C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe "Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "HP LaserJet Service" (HP LaserJet Service) - "HP" - C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe "InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe "iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Program Files\iPod\bin\iPodService.exe "LogMeIn Hamachi Tunneling Engine" (Hamachi2Svc) - "LogMeIn Inc." - E:\Programme\LogMeIn Hamachi\hamachi-2.exe "Machine Debug Manager" (MDM) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe "MBAMService" (MBAMService) - "Malwarebytes Corporation" - E:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "MySQL51" (MySQL51) - ? - C:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld.exe "Net Driver HPZ12" (Net Driver HPZ12) - "Hewlett-Packard" - C:\Windows\system32\HPZinw12.dll "Pml Driver HPZ12" (Pml Driver HPZ12) - "Hewlett-Packard" - C:\Windows\system32\HPZipm12.dll "Remote Packet Capture Protocol v.0 (experimental)" (rpcapd) - "CACE Technologies, Inc." - C:\Program Files\WinPcap\rpcapd.exe "Steam Client Service" (Steam Client Service) - "Valve Corporation" - C:\Program Files\Common Files\Steam\SteamService.exe "TeamViewer 6" (TeamViewer6) - "TeamViewer GmbH" - E:\Programme\TeamViewer\Version6\TeamViewer_Service.exe "VMware Agent Service" (ufad-ws60) - "VMware, Inc." - E:\Programme\VMware\VMware Player\vmware-ufad.exe "VMware Authorization Service" (VMAuthdService) - "VMware, Inc." - E:\Programme\VMware\VMware Player\vmware-authd.exe "VMware DHCP Service" (VMnetDHCP) - "VMware, Inc." - C:\Windows\system32\vmnetdhcp.exe "VMware NAT Service" (VMware NAT Service) - "VMware, Inc." - C:\Windows\system32\vmnat.exe "VMware USB Arbitration Service" (VMUSBArbService) - "VMware, Inc." - C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "mdnsNSP" - "Apple Inc." - C:\Program Files\Bonjour\mdnsNSP.dll -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries )----- "VMCI sockets DGRAM" - "VMware, Inc." - E:\Programme\VMware\VMware Player\vsocklib.dll "VMCI sockets STREAM" - "VMware, Inc." - E:\Programme\VMware\VMware Player\vsocklib.dll ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru |
|
| Themen zu Task's lassen ich nicht beenden |
| amd, antivir, arbeitsspeicher, avira, avira antivir, beenden, browser, einfach, erhalte, flash update, funktioniert, nichts, opera, personal, programme, prozessor, schließen, service, system, taskmanager, update, virus, vista, windows, windows vista |
Linear-Darstellung
