Windows Update Trojaner befall

Silvergrind · 22.06.2012, 15:55

Hallo Arne,

TDSS hat nochmal 20 Funde angezeigt.

Hier das TDSS-Log:

Code:

ATTFilter

19:58:02.0781 1980	TDSS rootkit removing tool 2.7.41.0 Jun 20 2012 20:53:32
19:58:02.0796 1980	============================================================
19:58:02.0796 1980	Current date / time: 2012/06/22 19:58:02.0796
19:58:02.0796 1980	SystemInfo:
19:58:02.0796 1980	
19:58:02.0796 1980	OS Version: 5.1.2600 ServicePack: 3.0
19:58:02.0796 1980	Product type: Workstation
19:58:02.0796 1980	ComputerName: ARNO
19:58:02.0796 1980	UserName: Arno
19:58:02.0796 1980	Windows directory: C:\WINDOWS
19:58:02.0796 1980	System windows directory: C:\WINDOWS
19:58:02.0796 1980	Processor architecture: Intel x86
19:58:02.0796 1980	Number of processors: 2
19:58:02.0796 1980	Page size: 0x1000
19:58:02.0796 1980	Boot type: Normal boot
19:58:02.0796 1980	============================================================
19:58:04.0484 1980	Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
19:58:04.0515 1980	Drive \Device\Harddisk4\DR9 - Size: 0x7A2EFE00 (1.91 Gb), SectorSize: 0x200, Cylinders: 0xF9, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:58:04.0515 1980	============================================================
19:58:04.0515 1980	\Device\Harddisk0\DR0:
19:58:04.0515 1980	MBR partitions:
19:58:04.0515 1980	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1BE3BA07
19:58:04.0546 1980	\Device\Harddisk0\DR0\Partition1: MBR, Type 0xB, StartLBA 0x1BE3BA85, BlocksNum 0x1388AFC
19:58:04.0546 1980	\Device\Harddisk4\DR9:
19:58:04.0546 1980	MBR partitions:
19:58:04.0546 1980	\Device\Harddisk4\DR9\Partition0: MBR, Type 0xE, StartLBA 0x1F, BlocksNum 0x3D1760
19:58:04.0546 1980	============================================================
19:58:04.0593 1980	C: <-> \Device\Harddisk0\DR0\Partition0
19:58:04.0593 1980	D: <-> \Device\Harddisk0\DR0\Partition1
19:58:04.0593 1980	============================================================
19:58:04.0593 1980	Initialize success
19:58:04.0593 1980	============================================================
19:58:19.0531 0188	============================================================
19:58:19.0531 0188	Scan started
19:58:19.0531 0188	Mode: Manual; SigCheck; TDLFS; 
19:58:19.0531 0188	============================================================
19:58:20.0609 0188	3xHybrid        (4393b673d29a0d118e9730b67ab7d959) C:\WINDOWS\system32\DRIVERS\3xHybrid.sys
19:58:21.0859 0188	3xHybrid - ok
19:58:21.0875 0188	Abiosdsk - ok
19:58:21.0875 0188	abp480n5 - ok
19:58:21.0937 0188	ACPI            (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:58:23.0078 0188	ACPI - ok
19:58:23.0109 0188	ACPIEC          (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
19:58:23.0281 0188	ACPIEC - ok
19:58:23.0375 0188	AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:58:23.0453 0188	AdobeFlashPlayerUpdateSvc - ok
19:58:23.0468 0188	adpu160m - ok
19:58:23.0484 0188	aec             (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
19:58:23.0703 0188	aec - ok
19:58:23.0750 0188	AFD             (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
19:58:23.0843 0188	AFD - ok
19:58:23.0937 0188	AgereSoftModem  (c41a5740468d0b9cb46e6390a0e15ce3) C:\WINDOWS\system32\DRIVERS\AGRSM.sys
19:58:24.0078 0188	AgereSoftModem - ok
19:58:24.0078 0188	Aha154x - ok
19:58:24.0093 0188	aic78u2 - ok
19:58:24.0109 0188	aic78xx - ok
19:58:24.0375 0188	ALCXWDM         (8bce7d9b7b56b75b5ea5028c1ffa50ab) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
19:58:24.0890 0188	ALCXWDM - ok
19:58:25.0031 0188	Alerter         (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll
19:58:25.0203 0188	Alerter - ok
19:58:25.0218 0188	ALG             (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe
19:58:25.0375 0188	ALG - ok
19:58:25.0375 0188	AliIde - ok
19:58:25.0390 0188	amsint - ok
19:58:25.0515 0188	AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Programme\Avira\AntiVir Desktop\sched.exe
19:58:25.0546 0188	AntiVirSchedulerService - ok
19:58:25.0593 0188	AntiVirService  (a489be6bb0aa1ff406b488b60542314b) C:\Programme\Avira\AntiVir Desktop\avguard.exe
19:58:25.0625 0188	AntiVirService - ok
19:58:25.0687 0188	AntiVirWebService (676894fa57b671fec5c3f05f8929e03b) C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE
19:58:25.0750 0188	AntiVirWebService - ok
19:58:25.0750 0188	AppMgmt - ok
19:58:25.0765 0188	asc - ok
19:58:25.0765 0188	asc3350p - ok
19:58:25.0781 0188	asc3550 - ok
19:58:25.0875 0188	aspnet_state    (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
19:58:25.0937 0188	aspnet_state - ok
19:58:25.0984 0188	AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:58:26.0140 0188	AsyncMac - ok
19:58:26.0156 0188	atapi           (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
19:58:26.0312 0188	atapi - ok
19:58:26.0312 0188	Atdisk - ok
19:58:26.0343 0188	Atmarpc         (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:58:26.0500 0188	Atmarpc - ok
19:58:26.0546 0188	AudioSrv        (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll
19:58:26.0718 0188	AudioSrv - ok
19:58:26.0750 0188	audstub         (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
19:58:26.0906 0188	audstub - ok
19:58:26.0906 0188	avgntflt        (d5541f0afb767e85fc412fc609d96a74) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
19:58:26.0953 0188	avgntflt - ok
19:58:26.0984 0188	avipbb          (7d967a682d4694df7fa57d63a2db01fe) C:\WINDOWS\system32\DRIVERS\avipbb.sys
19:58:27.0015 0188	avipbb - ok
19:58:27.0015 0188	avkmgr          (53e56450da16a1a7f0d002f511113f67) C:\WINDOWS\system32\DRIVERS\avkmgr.sys
19:58:27.0046 0188	avkmgr - ok
19:58:27.0093 0188	AVMWAN          (c997af59c54d69232fb7bbea4dad86e2) C:\WINDOWS\system32\DRIVERS\avmwan.sys
19:58:27.0250 0188	AVMWAN - ok
19:58:27.0312 0188	Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
19:58:27.0484 0188	Beep - ok
19:58:27.0531 0188	BITS            (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll
19:58:27.0718 0188	BITS - ok
19:58:27.0750 0188	Browser         (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll
19:58:27.0937 0188	Browser - ok
19:58:27.0968 0188	cbidf2k         (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
19:58:28.0156 0188	cbidf2k - ok
19:58:28.0187 0188	CCDECODE        (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
19:58:28.0343 0188	CCDECODE - ok
19:58:28.0359 0188	cd20xrnt - ok
19:58:28.0406 0188	Cdaudio         (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
19:58:28.0578 0188	Cdaudio - ok
19:58:28.0640 0188	Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
19:58:28.0796 0188	Cdfs - ok
19:58:28.0828 0188	Cdrom           (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:58:29.0000 0188	Cdrom - ok
19:58:29.0000 0188	Changer - ok
19:58:29.0031 0188	CiSvc           (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe
19:58:29.0187 0188	CiSvc - ok
19:58:29.0359 0188	CLCapSvc        (7b4a70857bc32b4159d8e36fa6b5454c) C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
19:58:29.0390 0188	CLCapSvc ( UnsignedFile.Multi.Generic ) - warning
19:58:29.0390 0188	CLCapSvc - detected UnsignedFile.Multi.Generic (1)
19:58:29.0421 0188	ClipSrv         (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe
19:58:29.0578 0188	ClipSrv - ok
19:58:29.0703 0188	clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:58:29.0828 0188	clr_optimization_v2.0.50727_32 - ok
19:58:29.0859 0188	CLSched         (3f6e2012ae0e1dde594572f9d91baca5) C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
19:58:29.0906 0188	CLSched ( UnsignedFile.Multi.Generic ) - warning
19:58:29.0906 0188	CLSched - detected UnsignedFile.Multi.Generic (1)
19:58:29.0921 0188	CmdIde - ok
19:58:29.0937 0188	COMSysApp - ok
19:58:29.0953 0188	Cpqarray - ok
19:58:30.0000 0188	crlscsi         (e08ac114b931dacafbdd9d5e0b93815c) C:\WINDOWS\system32\drivers\crlscsi.sys
19:58:30.0015 0188	crlscsi ( UnsignedFile.Multi.Generic ) - warning
19:58:30.0015 0188	crlscsi - detected UnsignedFile.Multi.Generic (1)
19:58:30.0062 0188	CryptSvc        (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll
19:58:30.0203 0188	CryptSvc - ok
19:58:30.0265 0188	CyberLink Media Library Service (1cfdcb99812c62e19c47896a5857d342) C:\Programme\Home Cinema\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
19:58:30.0375 0188	CyberLink Media Library Service ( UnsignedFile.Multi.Generic ) - warning
19:58:30.0375 0188	CyberLink Media Library Service - detected UnsignedFile.Multi.Generic (1)
19:58:30.0375 0188	dac2w2k - ok
19:58:30.0390 0188	dac960nt - ok
19:58:30.0468 0188	DcomLaunch      (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
19:58:30.0546 0188	DcomLaunch - ok
19:58:30.0656 0188	de_serv         (7303765bbea3f9a8faaae43beb62bfd6) C:\PROGRAMME\FRITZ!\de_serv.exe
19:58:30.0750 0188	de_serv ( UnsignedFile.Multi.Generic ) - warning
19:58:30.0750 0188	de_serv - detected UnsignedFile.Multi.Generic (1)
19:58:30.0781 0188	Dhcp            (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll
19:58:30.0937 0188	Dhcp - ok
19:58:30.0953 0188	Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
19:58:31.0109 0188	Disk - ok
19:58:31.0109 0188	dmadmin - ok
19:58:31.0171 0188	dmboot          (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
19:58:31.0375 0188	dmboot - ok
19:58:31.0390 0188	dmio            (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
19:58:31.0546 0188	dmio - ok
19:58:31.0593 0188	dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
19:58:31.0750 0188	dmload - ok
19:58:31.0781 0188	dmserver        (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll
19:58:31.0937 0188	dmserver - ok
19:58:31.0984 0188	DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
19:58:32.0125 0188	DMusic - ok
19:58:32.0171 0188	Dnscache        (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll
19:58:32.0328 0188	Dnscache - ok
19:58:32.0375 0188	Dot3svc         (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll
19:58:32.0578 0188	Dot3svc - ok
19:58:32.0578 0188	dpti2o - ok
19:58:32.0609 0188	drmkaud         (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
19:58:32.0765 0188	drmkaud - ok
19:58:32.0796 0188	EapHost         (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll
19:58:32.0968 0188	EapHost - ok
19:58:33.0000 0188	EL90XBC         (6e883bf518296a40959131c2304af714) C:\WINDOWS\system32\DRIVERS\el90xbc5.sys
19:58:33.0171 0188	EL90XBC - ok
19:58:33.0218 0188	ERSvc           (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll
19:58:33.0359 0188	ERSvc - ok
19:58:33.0406 0188	Eventlog        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
19:58:33.0437 0188	Eventlog - ok
19:58:33.0484 0188	EventSystem     (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\system32\es.dll
19:58:33.0562 0188	EventSystem - ok
19:58:33.0593 0188	Fastfat         (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
19:58:33.0781 0188	Fastfat - ok
19:58:33.0828 0188	FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
19:58:33.0953 0188	FastUserSwitchingCompatibility - ok
19:58:34.0000 0188	Fax             (08b8b302af0d1b3b8543429bbac8f21f) C:\WINDOWS\system32\fxssvc.exe
19:58:34.0171 0188	Fax - ok
19:58:34.0203 0188	Fdc             (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
19:58:34.0343 0188	Fdc - ok
19:58:34.0359 0188	Fips            (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
19:58:34.0515 0188	Fips - ok
19:58:34.0531 0188	Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
19:58:34.0687 0188	Flpydisk - ok
19:58:34.0718 0188	FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
19:58:34.0875 0188	FltMgr - ok
19:58:35.0000 0188	FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
19:58:35.0015 0188	FontCache3.0.0.0 - ok
19:58:35.0078 0188	fpcibase        (45b5129aeae91ea096a9bbebff99e098) C:\WINDOWS\system32\DRIVERS\fpcibase.sys
19:58:35.0296 0188	fpcibase - ok
19:58:35.0312 0188	Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:58:35.0484 0188	Fs_Rec - ok
19:58:35.0500 0188	Ftdisk          (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:58:35.0671 0188	Ftdisk - ok
19:58:35.0765 0188	getPlusHelper   (fd7e9aba274df75e08320420b8e9a1d5) C:\Programme\NOS\bin\getPlus_Helper.dll
19:58:35.0781 0188	getPlusHelper - ok
19:58:35.0828 0188	Gpc             (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:58:35.0968 0188	Gpc - ok
19:58:36.0062 0188	gupdate         (8f0de4fef8201e306f9938b0905ac96a) C:\Programme\Google\Update\GoogleUpdate.exe
19:58:36.0078 0188	gupdate - ok
19:58:36.0078 0188	gupdatem        (8f0de4fef8201e306f9938b0905ac96a) C:\Programme\Google\Update\GoogleUpdate.exe
19:58:36.0093 0188	gupdatem - ok
19:58:36.0140 0188	gusvc           (cc839e8d766cc31a7710c9f38cf3e375) C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
19:58:36.0187 0188	gusvc - ok
19:58:36.0265 0188	helpsvc         (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
19:58:36.0406 0188	helpsvc - ok
19:58:36.0406 0188	HidServ - ok
19:58:36.0453 0188	HidUsb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:58:36.0593 0188	HidUsb - ok
19:58:36.0625 0188	hkmsvc          (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll
19:58:36.0765 0188	hkmsvc - ok
19:58:36.0781 0188	hpn - ok
19:58:36.0828 0188	HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
19:58:36.0906 0188	HTTP - ok
19:58:36.0953 0188	HTTPFilter      (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll
19:58:37.0093 0188	HTTPFilter - ok
19:58:37.0093 0188	i2omgmt - ok
19:58:37.0109 0188	i2omp - ok
19:58:37.0125 0188	i8042prt        (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:58:37.0281 0188	i8042prt - ok
19:58:37.0343 0188	IDriverT        (1cf03c69b49acb70c722df92755c0c8c) C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
19:58:37.0375 0188	IDriverT ( UnsignedFile.Multi.Generic ) - warning
19:58:37.0375 0188	IDriverT - detected UnsignedFile.Multi.Generic (1)
19:58:37.0671 0188	idsvc           (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:58:37.0875 0188	idsvc - ok
19:58:37.0953 0188	Imapi           (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
19:58:38.0093 0188	Imapi - ok
19:58:38.0140 0188	ImapiService    (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\system32\imapi.exe
19:58:38.0312 0188	ImapiService - ok
19:58:38.0328 0188	ini910u - ok
19:58:38.0343 0188	IntelIde - ok
19:58:38.0390 0188	intelppm        (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys
19:58:38.0546 0188	intelppm - ok
19:58:38.0562 0188	Ip6Fw           (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
19:58:38.0718 0188	Ip6Fw - ok
19:58:38.0734 0188	IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:58:38.0921 0188	IpFilterDriver - ok
19:58:38.0921 0188	IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:58:39.0093 0188	IpInIp - ok
19:58:39.0109 0188	IpNat           (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:58:39.0328 0188	IpNat - ok
19:58:39.0359 0188	IPSec           (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:58:39.0500 0188	IPSec - ok
19:58:39.0531 0188	IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
19:58:39.0687 0188	IRENUM - ok
19:58:39.0718 0188	isapnp          (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:58:39.0859 0188	isapnp - ok
19:58:39.0890 0188	Kbdclass        (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:58:40.0031 0188	Kbdclass - ok
19:58:40.0062 0188	kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
19:58:40.0234 0188	kmixer - ok
19:58:40.0265 0188	KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
19:58:40.0406 0188	KSecDD - ok
19:58:40.0421 0188	L8042Kbd        (d1968dea7baff4a917858c384339cec8) C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys
19:58:40.0453 0188	L8042Kbd - ok
19:58:40.0468 0188	L8042mou        (37fcb1aba2d8cd90c35ba1d7d9c73d7c) C:\WINDOWS\system32\DRIVERS\L8042mou.Sys
19:58:40.0500 0188	L8042mou ( UnsignedFile.Multi.Generic ) - warning
19:58:40.0500 0188	L8042mou - detected UnsignedFile.Multi.Generic (1)
19:58:40.0546 0188	lanmanserver    (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll
19:58:40.0593 0188	lanmanserver - ok
19:58:40.0656 0188	lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll
19:58:40.0734 0188	lanmanworkstation - ok
19:58:40.0750 0188	lbrtfdc - ok
19:58:40.0843 0188	LBTServ         (a0f7dc0080e4f97dc97de08b699e231b) C:\Programme\Gemeinsame Dateien\Logitech\Bluetooth\LBTServ.exe
19:58:40.0890 0188	LBTServ - ok
19:58:40.0921 0188	LHidFilt        (24e0ddb99aeccf86bb37702611761459) C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
19:58:40.0937 0188	LHidFilt - ok
19:58:40.0968 0188	LHidKe          (87e9742c445b88de00d2421f1b1f06ea) C:\WINDOWS\system32\DRIVERS\LHidKE.Sys
19:58:41.0015 0188	LHidKe ( UnsignedFile.Multi.Generic ) - warning
19:58:41.0015 0188	LHidKe - detected UnsignedFile.Multi.Generic (1)
19:58:41.0031 0188	LHidUsbK        (6d3730e50f5dc7ae22843a0fa6176d41) C:\WINDOWS\system32\Drivers\LHidUsbK.Sys
19:58:41.0046 0188	LHidUsbK ( UnsignedFile.Multi.Generic ) - warning
19:58:41.0046 0188	LHidUsbK - detected UnsignedFile.Multi.Generic (1)
19:58:41.0109 0188	LightScribeService (5712dcbe52d68865cca91ae04807b755) C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
19:58:41.0125 0188	LightScribeService ( UnsignedFile.Multi.Generic ) - warning
19:58:41.0125 0188	LightScribeService - detected UnsignedFile.Multi.Generic (1)
19:58:41.0171 0188	LmHosts         (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll
19:58:41.0312 0188	LmHosts - ok
19:58:41.0343 0188	LMouFilt        (d58b330d318361a66a9fe60d7c9b4951) C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
19:58:41.0375 0188	LMouFilt - ok
19:58:41.0375 0188	LMouKE          (749fdf0fd33071cbf0658cc2b94d4df5) C:\WINDOWS\system32\DRIVERS\LMouKE.Sys
19:58:41.0421 0188	LMouKE ( UnsignedFile.Multi.Generic ) - warning
19:58:41.0421 0188	LMouKE - detected UnsignedFile.Multi.Generic (1)
19:58:41.0468 0188	LUsbFilt        (144011d14bd35f4e36136ae057b1aadd) C:\WINDOWS\system32\Drivers\LUsbFilt.Sys
19:58:41.0484 0188	LUsbFilt - ok
19:58:41.0531 0188	MACNDIS5        (e949d673842858d458f7e6bcd46a2a5d) C:\PROGRA~1\GEMEIN~1\MARMIK~1\MACNDIS5.SYS
19:58:41.0546 0188	MACNDIS5 ( UnsignedFile.Multi.Generic ) - warning
19:58:41.0546 0188	MACNDIS5 - detected UnsignedFile.Multi.Generic (1)
19:58:41.0593 0188	MBAMProtector   (fb097bbc1a18f044bd17bd2fccf97865) C:\WINDOWS\system32\drivers\mbam.sys
19:58:41.0609 0188	MBAMProtector - ok
19:58:41.0625 0188	MBAMService - ok
19:58:41.0671 0188	MDM             (11f714f85530a2bd134074dc30e99fca) C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
19:58:41.0718 0188	MDM - ok
19:58:41.0750 0188	Messenger       (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll
19:58:41.0921 0188	Messenger - ok
19:58:41.0937 0188	MIINPazX        (5e5024d9e2351db2563b30912b4c4146) C:\PROGRA~1\GEMEIN~1\MARMIK~1\MInfraIS\MIINPazX.SYS
19:58:41.0968 0188	MIINPazX ( UnsignedFile.Multi.Generic ) - warning
19:58:41.0968 0188	MIINPazX - detected UnsignedFile.Multi.Generic (1)
19:58:42.0015 0188	mnmdd           (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
19:58:42.0203 0188	mnmdd - ok
19:58:42.0250 0188	mnmsrvc         (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\system32\mnmsrvc.exe
19:58:42.0406 0188	mnmsrvc - ok
19:58:42.0437 0188	Modem           (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
19:58:42.0593 0188	Modem - ok
19:58:42.0625 0188	Mouclass        (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:58:42.0765 0188	Mouclass - ok
19:58:42.0781 0188	mouhid          (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
19:58:42.0937 0188	mouhid - ok
19:58:42.0968 0188	MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
19:58:43.0125 0188	MountMgr - ok
19:58:43.0171 0188	MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
19:58:43.0203 0188	MozillaMaintenance - ok
19:58:43.0218 0188	MPE             (c0f8e0c2c3c0437cf37c6781896dc3ec) C:\WINDOWS\system32\DRIVERS\MPE.sys
19:58:43.0375 0188	MPE - ok
19:58:43.0390 0188	mraid35x - ok
19:58:43.0406 0188	MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:58:43.0562 0188	MRxDAV - ok
19:58:43.0625 0188	MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:58:43.0781 0188	MRxSmb - ok
19:58:43.0812 0188	MSDTC           (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\system32\msdtc.exe
19:58:43.0984 0188	MSDTC - ok
19:58:44.0000 0188	Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
19:58:44.0156 0188	Msfs - ok
19:58:44.0156 0188	MSIServer - ok
19:58:44.0187 0188	MSKSSRV         (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:58:44.0343 0188	MSKSSRV - ok
19:58:44.0375 0188	MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:58:44.0515 0188	MSPCLOCK - ok
19:58:44.0531 0188	MSPQM           (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
19:58:44.0687 0188	MSPQM - ok
19:58:44.0718 0188	mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:58:44.0875 0188	mssmbios - ok
19:58:44.0890 0188	MSTEE           (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
19:58:45.0031 0188	MSTEE - ok
19:58:45.0078 0188	Mup             (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
19:58:45.0109 0188	Mup - ok
19:58:45.0156 0188	MZCCntrl        (5f9ba398f88fc8928ea6dbd5d144cfca) C:\Programme\Gemeinsame Dateien\Marmiko Shared\MZCCntrl.exe
19:58:45.0171 0188	MZCCntrl ( UnsignedFile.Multi.Generic ) - warning
19:58:45.0171 0188	MZCCntrl - detected UnsignedFile.Multi.Generic (1)
19:58:45.0203 0188	NABTSFEC        (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
19:58:45.0343 0188	NABTSFEC - ok
19:58:45.0390 0188	napagent        (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll
19:58:45.0593 0188	napagent - ok
19:58:45.0625 0188	NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
19:58:45.0781 0188	NDIS - ok
19:58:45.0812 0188	NdisIP          (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
19:58:45.0984 0188	NdisIP - ok
19:58:46.0000 0188	NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:58:46.0046 0188	NdisTapi - ok
19:58:46.0078 0188	Ndisuio         (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:58:46.0218 0188	Ndisuio - ok
19:58:46.0250 0188	NdisWan         (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:58:46.0390 0188	NdisWan - ok
19:58:46.0406 0188	NDProxy         (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
19:58:46.0484 0188	NDProxy - ok
19:58:46.0484 0188	NetBIOS         (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
19:58:46.0640 0188	NetBIOS - ok
19:58:46.0671 0188	NetBT           (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
19:58:46.0875 0188	NetBT - ok
19:58:46.0921 0188	NetDDE          (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
19:58:47.0078 0188	NetDDE - ok
19:58:47.0078 0188	NetDDEdsdm      (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
19:58:47.0218 0188	NetDDEdsdm - ok
19:58:47.0265 0188	NETFRITZ        (c861ebd89e7a3dfb852a0404c5b32777) C:\WINDOWS\system32\DRIVERS\NETFRITZ.SYS
19:58:47.0328 0188	NETFRITZ ( UnsignedFile.Multi.Generic ) - warning
19:58:47.0328 0188	NETFRITZ - detected UnsignedFile.Multi.Generic (1)
19:58:47.0375 0188	Netlogon        (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
19:58:47.0515 0188	Netlogon - ok
19:58:47.0578 0188	Netman          (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll
19:58:47.0718 0188	Netman - ok
19:58:47.0828 0188	NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:58:47.0906 0188	NetTcpPortSharing - ok
19:58:47.0953 0188	Nla             (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll
19:58:48.0000 0188	Nla - ok
19:58:48.0015 0188	nm              (1e421a6bcf2203cc61b821ada9de878b) C:\WINDOWS\system32\DRIVERS\NMnt.sys
19:58:48.0187 0188	nm - ok
19:58:48.0218 0188	Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
19:58:48.0343 0188	Npfs - ok
19:58:48.0390 0188	Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
19:58:48.0578 0188	Ntfs - ok
19:58:48.0578 0188	NtLmSsp         (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
19:58:48.0718 0188	NtLmSsp - ok
19:58:48.0765 0188	NtmsSvc         (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll
19:58:48.0984 0188	NtmsSvc - ok
19:58:49.0031 0188	Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
19:58:49.0187 0188	Null - ok
19:58:49.0218 0188	NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:58:49.0390 0188	NwlnkFlt - ok
19:58:49.0406 0188	NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:58:49.0562 0188	NwlnkFwd - ok
19:58:49.0640 0188	ose             (7a56cf3e3f12e8af599963b16f50fb6a) C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
19:58:49.0671 0188	ose - ok
19:58:49.0703 0188	Parport         (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
19:58:49.0859 0188	Parport - ok
19:58:49.0859 0188	PartMgr         (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
19:58:50.0015 0188	PartMgr - ok
19:58:50.0046 0188	ParVdm          (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
19:58:50.0203 0188	ParVdm - ok
19:58:50.0234 0188	PCI             (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
19:58:50.0390 0188	PCI - ok
19:58:50.0390 0188	PCIDump - ok
19:58:50.0421 0188	PCIIde          (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
19:58:50.0609 0188	PCIIde - ok
19:58:50.0640 0188	Pcmcia          (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
19:58:50.0781 0188	Pcmcia - ok
19:58:50.0796 0188	PDCOMP - ok
19:58:50.0812 0188	PDFRAME - ok
19:58:50.0812 0188	PDRELI - ok
19:58:50.0828 0188	PDRFRAME - ok
19:58:50.0843 0188	perc2 - ok
19:58:50.0843 0188	perc2hib - ok
19:58:50.0906 0188	PlugPlay        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
19:58:50.0921 0188	PlugPlay - ok
19:58:50.0921 0188	PolicyAgent     (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
19:58:51.0062 0188	PolicyAgent - ok
19:58:51.0093 0188	PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:58:51.0250 0188	PptpMiniport - ok
19:58:51.0250 0188	ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
19:58:51.0390 0188	ProtectedStorage - ok
19:58:51.0421 0188	Ptilink         (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:58:51.0578 0188	Ptilink - ok
19:58:51.0609 0188	PxHelp20        (db3b30c3a4cdcf07e164c14584d9d0f2) C:\WINDOWS\system32\Drivers\PxHelp20.sys
19:58:51.0640 0188	PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
19:58:51.0640 0188	PxHelp20 - detected UnsignedFile.Multi.Generic (1)
19:58:51.0640 0188	ql1080 - ok
19:58:51.0656 0188	Ql10wnt - ok
19:58:51.0656 0188	ql12160 - ok
19:58:51.0671 0188	ql1240 - ok
19:58:51.0687 0188	ql1280 - ok
19:58:51.0703 0188	RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:58:51.0875 0188	RasAcd - ok
19:58:51.0906 0188	RasAuto         (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll
19:58:52.0078 0188	RasAuto - ok
19:58:52.0093 0188	Rasl2tp         (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:58:52.0234 0188	Rasl2tp - ok
19:58:52.0281 0188	RasMan          (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll
19:58:52.0468 0188	RasMan - ok
19:58:52.0468 0188	RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:58:52.0625 0188	RasPppoe - ok
19:58:52.0640 0188	Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
19:58:52.0812 0188	Raspti - ok
19:58:52.0843 0188	Rdbss           (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:58:53.0015 0188	Rdbss - ok
19:58:53.0046 0188	RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:58:53.0203 0188	RDPCDD - ok
19:58:53.0265 0188	RDPWD           (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
19:58:53.0375 0188	RDPWD - ok
19:58:53.0406 0188	RDSessMgr       (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe
19:58:53.0609 0188	RDSessMgr - ok
19:58:53.0640 0188	redbook         (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
19:58:53.0812 0188	redbook - ok
19:58:53.0843 0188	RemoteAccess    (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll
19:58:54.0015 0188	RemoteAccess - ok
19:58:54.0125 0188	RichVideo       (bd517c7fb119997effbe39d5e4b37b05) C:\Programme\CyberLink\Shared Files\RichVideo.exe
19:58:54.0140 0188	RichVideo ( UnsignedFile.Multi.Generic ) - warning
19:58:54.0140 0188	RichVideo - detected UnsignedFile.Multi.Generic (1)
19:58:54.0156 0188	RpcLocator      (2a02e21867497df20b8fc95631395169) C:\WINDOWS\system32\locator.exe
19:58:54.0328 0188	RpcLocator - ok
19:58:54.0375 0188	RpcSs           (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
19:58:54.0421 0188	RpcSs - ok
19:58:54.0453 0188	RSVP            (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\system32\rsvp.exe
19:58:54.0640 0188	RSVP - ok
19:58:54.0687 0188	RTL8023xp       (8e34400ffc7d647946d9c820678775af) C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
19:58:54.0781 0188	RTL8023xp - ok
19:58:54.0812 0188	rtl8139         (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
19:58:54.0953 0188	rtl8139 - ok
19:58:54.0968 0188	SamSs           (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
19:58:55.0109 0188	SamSs - ok
19:58:55.0140 0188	SCardSvr        (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe
19:58:55.0281 0188	SCardSvr - ok
19:58:55.0328 0188	Schedule        (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll
19:58:55.0515 0188	Schedule - ok
19:58:55.0546 0188	Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:58:55.0687 0188	Secdrv - ok
19:58:55.0734 0188	seclogon        (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll
19:58:55.0875 0188	seclogon - ok
19:58:55.0906 0188	SENS            (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll
19:58:56.0062 0188	SENS - ok
19:58:56.0093 0188	serenum         (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
19:58:56.0234 0188	serenum - ok
19:58:56.0265 0188	Serial          (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
19:58:56.0437 0188	Serial - ok
19:58:56.0500 0188	SFC4            (eea80070b7ca0596ddf59160fb4ec5a8) C:\WINDOWS\system32\drivers\SFC4.sys
19:58:56.0515 0188	SFC4 ( UnsignedFile.Multi.Generic ) - warning
19:58:56.0515 0188	SFC4 - detected UnsignedFile.Multi.Generic (1)
19:58:56.0531 0188	Sfloppy         (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
19:58:56.0687 0188	Sfloppy - ok
19:58:56.0718 0188	SharedAccess    (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll
19:58:56.0875 0188	SharedAccess - ok
19:58:56.0921 0188	ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
19:58:56.0953 0188	ShellHWDetection - ok
19:58:56.0953 0188	Simbad - ok
19:58:56.0984 0188	SLIP            (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
19:58:57.0140 0188	SLIP - ok
19:58:57.0140 0188	Sparrow - ok
19:58:57.0187 0188	splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
19:58:57.0375 0188	splitter - ok
19:58:57.0406 0188	Spooler         (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
19:58:57.0484 0188	Spooler - ok
19:58:57.0500 0188	sr              (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
19:58:57.0656 0188	sr - ok
19:58:57.0703 0188	srservice       (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\system32\srsvc.dll
19:58:57.0843 0188	srservice - ok
19:58:57.0890 0188	Srv             (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
19:58:57.0937 0188	Srv - ok
19:58:57.0984 0188	SSDPSRV         (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll
19:58:58.0156 0188	SSDPSRV - ok
19:58:58.0203 0188	ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
19:58:58.0218 0188	ssmdrv - ok
19:58:58.0281 0188	stisvc          (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll
19:58:58.0484 0188	stisvc - ok
19:58:58.0500 0188	streamip        (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
19:58:58.0656 0188	streamip - ok
19:58:58.0687 0188	swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
19:58:58.0828 0188	swenum - ok
19:58:58.0843 0188	swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
19:58:58.0984 0188	swmidi - ok
19:58:59.0000 0188	SwPrv - ok
19:58:59.0015 0188	symc810 - ok
19:58:59.0015 0188	symc8xx - ok
19:58:59.0031 0188	sym_hi - ok
19:58:59.0046 0188	sym_u3 - ok
19:58:59.0093 0188	sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
19:58:59.0265 0188	sysaudio - ok
19:58:59.0281 0188	SysmonLog       (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe
19:58:59.0484 0188	SysmonLog - ok
19:58:59.0515 0188	TapiSrv         (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll
19:58:59.0703 0188	TapiSrv - ok
19:58:59.0750 0188	Tcpip           (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:58:59.0859 0188	Tcpip - ok
19:58:59.0890 0188	TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
19:59:00.0031 0188	TDPIPE - ok
19:59:00.0046 0188	TDTCP           (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
19:59:00.0203 0188	TDTCP - ok
19:59:00.0218 0188	TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
19:59:00.0359 0188	TermDD - ok
19:59:00.0390 0188	TermService     (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll
19:59:00.0578 0188	TermService - ok
19:59:00.0640 0188	Themes          (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
19:59:00.0656 0188	Themes - ok
19:59:00.0703 0188	TOMCATWAN       (c335f39e015dd579e1bc4bb23bfa9875) C:\WINDOWS\system32\DRIVERS\TOMCAT.SYS
19:59:00.0718 0188	TOMCATWAN ( UnsignedFile.Multi.Generic ) - warning
19:59:00.0718 0188	TOMCATWAN - detected UnsignedFile.Multi.Generic (1)
19:59:00.0734 0188	TosIde - ok
19:59:00.0750 0188	TrkWks          (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll
19:59:00.0921 0188	TrkWks - ok
19:59:00.0968 0188	uagp35          (d85938f272d1bcf3db3a31fc0a048928) C:\WINDOWS\system32\DRIVERS\uagp35.sys
19:59:01.0125 0188	uagp35 - ok
19:59:01.0140 0188	Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
19:59:01.0328 0188	Udfs - ok
19:59:01.0328 0188	ultra - ok
19:59:01.0359 0188	Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
19:59:01.0531 0188	Update - ok
19:59:01.0562 0188	upnphost        (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll
19:59:01.0703 0188	upnphost - ok
19:59:01.0734 0188	UPS             (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe
19:59:01.0875 0188	UPS - ok
19:59:01.0890 0188	usbccgp         (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:59:02.0046 0188	usbccgp - ok
19:59:02.0093 0188	usbehci         (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:59:02.0234 0188	usbehci - ok
19:59:02.0250 0188	usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:59:02.0406 0188	usbhub - ok
19:59:02.0453 0188	usbscan         (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
19:59:02.0609 0188	usbscan - ok
19:59:02.0625 0188	usbstor         (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:59:02.0765 0188	usbstor - ok
19:59:02.0812 0188	usbuhci         (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
19:59:02.0953 0188	usbuhci - ok
19:59:02.0984 0188	usbvideo        (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
19:59:03.0171 0188	usbvideo - ok
19:59:03.0203 0188	VgaSave         (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
19:59:03.0359 0188	VgaSave - ok
19:59:03.0406 0188	viagfx          (5dbffb9a41da40c8d77c5cdeb98a55b8) C:\WINDOWS\system32\DRIVERS\vtmini.sys
19:59:03.0484 0188	viagfx - ok
19:59:03.0500 0188	ViaIde          (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
19:59:03.0656 0188	ViaIde - ok
19:59:03.0656 0188	VolSnap         (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
19:59:03.0812 0188	VolSnap - ok
19:59:03.0875 0188	VSS             (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe
19:59:04.0046 0188	VSS - ok
19:59:04.0078 0188	W32Time         (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\system32\w32time.dll
19:59:04.0265 0188	W32Time - ok
19:59:04.0296 0188	Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:59:04.0437 0188	Wanarp - ok
19:59:04.0453 0188	wanatw - ok
19:59:04.0515 0188	Wdf01000        (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
19:59:04.0578 0188	Wdf01000 - ok
19:59:04.0578 0188	WDICA - ok
19:59:04.0640 0188	wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
19:59:04.0781 0188	wdmaud - ok
19:59:04.0812 0188	WebClient       (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll
19:59:05.0000 0188	WebClient - ok
19:59:05.0078 0188	winmgmt         (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll
19:59:05.0234 0188	winmgmt - ok
19:59:05.0281 0188	WmdmPmSN        (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
19:59:05.0390 0188	WmdmPmSN - ok
19:59:05.0421 0188	WmiApSrv        (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\system32\wbem\wmiapsrv.exe
19:59:05.0625 0188	WmiApSrv - ok
19:59:05.0781 0188	WMPNetworkSvc   (bf05650bb7df5e9ebdd25974e22403bb) C:\Programme\Windows Media Player\WMPNetwk.exe
19:59:05.0875 0188	WMPNetworkSvc - ok
19:59:05.0906 0188	wscsvc          (300b3e84faf1a5c1f791c159ba28035d) C:\WINDOWS\system32\wscsvc.dll
19:59:06.0093 0188	wscsvc - ok
19:59:06.0140 0188	WSTCODEC        (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
19:59:06.0281 0188	WSTCODEC - ok
19:59:06.0312 0188	wuauserv        (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll
19:59:06.0437 0188	wuauserv - ok
19:59:06.0468 0188	WudfPf          (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
19:59:06.0593 0188	WudfPf - ok
19:59:06.0625 0188	WudfRd          (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
19:59:06.0734 0188	WudfRd - ok
19:59:06.0750 0188	WudfSvc         (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
19:59:06.0812 0188	WudfSvc - ok
19:59:06.0875 0188	WZCSVC          (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll
19:59:07.0109 0188	WZCSVC - ok
19:59:07.0156 0188	x10nets         (5a0c788c5bc5f2c993cb60940adcf95e) C:\PROGRA~1\COMMON~2\X10\Common\x10nets.exe
19:59:07.0171 0188	x10nets ( UnsignedFile.Multi.Generic ) - warning
19:59:07.0171 0188	x10nets - detected UnsignedFile.Multi.Generic (1)
19:59:07.0203 0188	xmlprov         (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll
19:59:07.0375 0188	xmlprov - ok
19:59:07.0406 0188	MBR (0x1B8)     (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
19:59:07.0890 0188	\Device\Harddisk0\DR0 - ok
19:59:07.0890 0188	MBR (0x1B8)     (671b81004fdd1588fa9ed1331c9ceca9) \Device\Harddisk4\DR9
19:59:15.0265 0188	\Device\Harddisk4\DR9 - ok
19:59:15.0265 0188	Boot (0x1200)   (830c9ae1949ea5a9a37c4d9886a0442b) \Device\Harddisk0\DR0\Partition0
19:59:15.0265 0188	\Device\Harddisk0\DR0\Partition0 - ok
19:59:15.0296 0188	Boot (0x1200)   (ee1f1b48e25f325faeaebc77f32389ee) \Device\Harddisk0\DR0\Partition1
19:59:15.0296 0188	\Device\Harddisk0\DR0\Partition1 - ok
19:59:15.0296 0188	Boot (0x1200)   (a25736d687d551de70703fe8bf978780) \Device\Harddisk4\DR9\Partition0
19:59:15.0296 0188	\Device\Harddisk4\DR9\Partition0 - ok
19:59:15.0296 0188	============================================================
19:59:15.0296 0188	Scan finished
19:59:15.0296 0188	============================================================
19:59:15.0421 0184	Detected object count: 20
19:59:15.0421 0184	Actual detected object count: 20
20:00:22.0421 0184	CLCapSvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:00:22.0421 0184	CLCapSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:00:22.0421 0184	CLSched ( UnsignedFile.Multi.Generic ) - skipped by user
20:00:22.0421 0184	CLSched ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:00:22.0421 0184	crlscsi ( UnsignedFile.Multi.Generic ) - skipped by user
20:00:22.0421 0184	crlscsi ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:00:22.0421 0184	CyberLink Media Library Service ( UnsignedFile.Multi.Generic ) - skipped by user
20:00:22.0421 0184	CyberLink Media Library Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:00:22.0437 0184	de_serv ( UnsignedFile.Multi.Generic ) - skipped by user
20:00:22.0437 0184	de_serv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:00:22.0437 0184	IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
20:00:22.0437 0184	IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:00:22.0437 0184	L8042mou ( UnsignedFile.Multi.Generic ) - skipped by user
20:00:22.0437 0184	L8042mou ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:00:22.0437 0184	LHidKe ( UnsignedFile.Multi.Generic ) - skipped by user
20:00:22.0437 0184	LHidKe ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:00:22.0437 0184	LHidUsbK ( UnsignedFile.Multi.Generic ) - skipped by user
20:00:22.0437 0184	LHidUsbK ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:00:22.0453 0184	LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
20:00:22.0453 0184	LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:00:22.0453 0184	LMouKE ( UnsignedFile.Multi.Generic ) - skipped by user
20:00:22.0453 0184	LMouKE ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:00:22.0453 0184	MACNDIS5 ( UnsignedFile.Multi.Generic ) - skipped by user
20:00:22.0453 0184	MACNDIS5 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:00:22.0453 0184	MIINPazX ( UnsignedFile.Multi.Generic ) - skipped by user
20:00:22.0453 0184	MIINPazX ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:00:22.0468 0184	MZCCntrl ( UnsignedFile.Multi.Generic ) - skipped by user
20:00:22.0468 0184	MZCCntrl ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:00:22.0468 0184	NETFRITZ ( UnsignedFile.Multi.Generic ) - skipped by user
20:00:22.0468 0184	NETFRITZ ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:00:22.0468 0184	PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
20:00:22.0468 0184	PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:00:22.0468 0184	RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
20:00:22.0468 0184	RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:00:22.0468 0184	SFC4 ( UnsignedFile.Multi.Generic ) - skipped by user
20:00:22.0468 0184	SFC4 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:00:22.0484 0184	TOMCATWAN ( UnsignedFile.Multi.Generic ) - skipped by user
20:00:22.0484 0184	TOMCATWAN ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:00:22.0484 0184	x10nets ( UnsignedFile.Multi.Generic ) - skipped by user
20:00:22.0484 0184	x10nets ( UnsignedFile.Multi.Generic ) - User select action: Skip

Danke für deine Unterstützung,
Silvergrind

Windows Update Trojaner befall

Log-Analyse und Auswertung: Windows Update Trojaner befall

Windows Update Trojaner befall

Ähnliche Themen: Windows Update Trojaner befall