| |
| |||||||
Log-Analyse und Auswertung: Infizierte Registrierungswerte Hijack.ControlPanelStyleWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
11.07.2012, 14:19
| #31 |
 |  Infizierte Registrierungswerte Hijack.ControlPanelStyle Ja, das ist mein Rechner in der Uni. Gibt es da Probleme. Wir haben leider keine Virenspezialisten. |
|
11.07.2012, 14:46
| #32 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Infizierte Registrierungswerte Hijack.ControlPanelStyle Was heißt "dein" Rechner, ist es dein eigener Rechner oder Eigentum der Uni und du arbeitest an diesem Rechner nur?
__________________
__________________ |
|
11.07.2012, 14:52
| #33 |
| | Infizierte Registrierungswerte Hijack.ControlPanelStyle der Rechner ist Eigentum der Uni.
__________________ |
|
11.07.2012, 14:58
| #34 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Infizierte Registrierungswerte Hijack.ControlPanelStyle Sry genau das dachte ich mir. Das verhält sich wie ein Büro-PC Mag sein, das ihr in der Uni keinen Virenspezi habt, aber da dieser Rechner der Uni gehört muss es einen administrativ Verantwortlichen für diesen Rechner geben, der dir bei diesem Problem weiterhelfen muss Ist mir sowieso unbegreiflich, dass jmd an festen Uni-Rechnern Adminrechte bekommt Siehe => http://www.trojaner-board.de/108422-...-anfragen.html Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
11.07.2012, 15:25
| #35 |
| | Infizierte Registrierungswerte Hijack.ControlPanelStyle naja, die Uni ist zwar kein Gewerbe sondern Dienst an der Oeffentlichkeit, sie macht in jedem Falle kein Gewinn. Mehr kann ich dazu nicht sagen. |
|
11.07.2012, 21:49
| #36 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Infizierte Registrierungswerte Hijack.ControlPanelStyle Naja ich würde hier schon eine Ausnahme machen, so ist das ja nicht, weil in unserem Strang ja nun wirklich nicht von Uni-Rechnern die Rede ist Aber dennoch finde ich das schon etwas merkwürdig, bei einer Uni sollte man schon erwarten dürfen, dass es dort Admins gibt die sich auch für die Rechner im Uni-Netz verantwortlich fühlen! Und auch tatsächlich dafür zuständig sind und dann auch bei Problemen/Fragen verfügbar sind und handeln! Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - user.js - File not found
[2011.01.31 14:02:31 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Profile\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\l3srtxij.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
O4 - HKLM..\Run: [] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-515967899-492894223-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.05.29 16:21:50 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ --> Infizierte Registrierungswerte Hijack.ControlPanelStyle |
|
12.07.2012, 08:36
| #37 |
| | Infizierte Registrierungswerte Hijack.ControlPanelStyle das habe ich jetzt auch unter Befolgung Deiner Hinweise gemacht. Die Nutzernamen ersetze ich durch xxx: All processes killed ========== OTL ========== Prefs.js: "Ask.com" removed from browser.search.defaultengine Prefs.js: "Ask.com" removed from browser.search.defaultenginename Prefs.js: "Ask.com" removed from browser.search.order.1 Prefs.js: true removed from browser.search.useDBForOrder C:\Profile\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\l3srtxij.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\defaults\preferences folder moved successfully. C:\Profile\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\l3srtxij.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\defaults folder moved successfully. C:\Profile\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\l3srtxij.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\chrome folder moved successfully. C:\Profile\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\l3srtxij.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} folder moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\HonorAutoRunSetting deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableStatusMessages deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\VerboseStatus deleted successfully. Registry value HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully. Registry value HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun not found. Registry value HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully. Registry value HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully. Registry value HKEY_USERS\S-1-5-21-515967899-492894223-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully! C:\AUTOEXEC.BAT moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: Administrator ->Temp folder emptied: 210481140 bytes ->Temporary Internet Files folder emptied: 6517016 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 63470995 bytes ->Flash cache emptied: 795 bytes User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: xxx ->Temp folder emptied: 599383239 bytes ->Temporary Internet Files folder emptied: 7044989 bytes ->Java cache emptied: 2419591 bytes ->FireFox cache emptied: 58214590 bytes ->Flash cache emptied: 11912 bytes User: xxx ->Temp folder emptied: 4153384 bytes ->Temporary Internet Files folder emptied: 8502736 bytes ->FireFox cache emptied: 12271427 bytes User: xxx ->Temp folder emptied: 91672715 bytes ->Temporary Internet Files folder emptied: 12744405 bytes ->Java cache emptied: 1522498 bytes ->FireFox cache emptied: 35311829 bytes ->Flash cache emptied: 1535537 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: xxx ->Temp folder emptied: 21719393 bytes ->Temporary Internet Files folder emptied: 3937255 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 46307141 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33237 bytes User: xxx ->Temp folder emptied: 587497 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: xxx ->Temp folder emptied: 667325 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->FireFox cache emptied: 44650233 bytes ->Flash cache emptied: 456 bytes User: xxx ->Temp folder emptied: 962183 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 47600070 bytes ->Flash cache emptied: 456 bytes User: xxx ->Temp folder emptied: 588347 bytes ->Temporary Internet Files folder emptied: 44668029 bytes ->Java cache emptied: 284967 bytes ->FireFox cache emptied: 2928589 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 2134333 bytes %systemroot%\System32 .tmp files removed: 2951 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 9375488 bytes RecycleBin emptied: 1374624 bytes Total Files Cleaned = 1.281,00 mb [EMPTYFLASH] User: Administrator ->Flash cache emptied: 0 bytes User: All Users User: Default User User: xxx ->Flash cache emptied: 0 bytes User: xxx User: xxx ->Flash cache emptied: 0 bytes User: LocalService User: xxx User: NetworkService User: xxx User: xxx ->Flash cache emptied: 0 bytes User: xxx ->Flash cache emptied: 0 bytes User: xxx Total Flash Files Cleaned = 0,00 mb C:\WINDOWS\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.53.1 log created on 07122012_092132 Files\Folders moved on Reboot... PendingFileRenameOperations files... Registry entries deleted on Reboot... |
|
12.07.2012, 10:53
| #38 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Infizierte Registrierungswerte Hijack.ControlPanelStyle Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
12.07.2012, 11:50
| #39 |
| | Infizierte Registrierungswerte Hijack.ControlPanelStyle ok, hab ich unter Beachtung Deiner Hinweise ausgefuehrt: Code:
ATTFilter 12:43:00.0114 2388 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35
12:43:00.0332 2388 ============================================================
12:43:00.0332 2388 Current date / time: 2012/07/12 12:43:00.0332
12:43:00.0332 2388 SystemInfo:
12:43:00.0332 2388
12:43:00.0332 2388 OS Version: 5.1.2600 ServicePack: 3.0
12:43:00.0332 2388 Product type: Workstation
12:43:00.0332 2388 ComputerName: THEO99
12:43:00.0332 2388 UserName: Administrator
12:43:00.0332 2388 Windows directory: C:\WINDOWS
12:43:00.0332 2388 System windows directory: C:\WINDOWS
12:43:00.0332 2388 Processor architecture: Intel x86
12:43:00.0332 2388 Number of processors: 2
12:43:00.0332 2388 Page size: 0x1000
12:43:00.0332 2388 Boot type: Normal boot
12:43:00.0332 2388 ============================================================
12:43:01.0301 2388 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
12:43:01.0317 2388 ============================================================
12:43:01.0317 2388 \Device\Harddisk0\DR0:
12:43:01.0317 2388 MBR partitions:
12:43:01.0317 2388 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C0681
12:43:01.0317 2388 ============================================================
12:43:01.0332 2388 C: <-> \Device\Harddisk0\DR0\Partition0
12:43:01.0332 2388 ============================================================
12:43:01.0332 2388 Initialize success
12:43:01.0332 2388 ============================================================
12:44:16.0937 2932 ============================================================
12:44:16.0937 2932 Scan started
12:44:16.0937 2932 Mode: Manual; SigCheck; TDLFS;
12:44:16.0937 2932 ============================================================
12:44:18.0109 2932 Abiosdsk - ok
12:44:18.0109 2932 abp480n5 - ok
12:44:18.0156 2932 ACPI (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
12:44:19.0078 2932 ACPI - ok
12:44:19.0109 2932 ACPIEC (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
12:44:19.0234 2932 ACPIEC - ok
12:44:19.0234 2932 adpu160m - ok
12:44:19.0265 2932 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
12:44:19.0390 2932 aec - ok
12:44:19.0421 2932 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
12:44:19.0484 2932 AFD - ok
12:44:19.0484 2932 Aha154x - ok
12:44:19.0500 2932 aic78u2 - ok
12:44:19.0500 2932 aic78xx - ok
12:44:19.0531 2932 Alerter (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll
12:44:19.0656 2932 Alerter - ok
12:44:19.0687 2932 ALG (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe
12:44:19.0750 2932 ALG - ok
12:44:19.0765 2932 AliIde - ok
12:44:19.0796 2932 AmdK8 (58be3c2f1aa041ea56f7305a6463035c) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
12:44:19.0812 2932 AmdK8 ( UnsignedFile.Multi.Generic ) - warning
12:44:19.0812 2932 AmdK8 - detected UnsignedFile.Multi.Generic (1)
12:44:19.0812 2932 amsint - ok
12:44:19.0843 2932 AppMgmt (d45960be52c3c610d361977057f98c54) C:\WINDOWS\System32\appmgmts.dll
12:44:19.0921 2932 AppMgmt - ok
12:44:19.0921 2932 asc - ok
12:44:19.0921 2932 asc3350p - ok
12:44:19.0937 2932 asc3550 - ok
12:44:20.0203 2932 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
12:44:20.0234 2932 aspnet_state - ok
12:44:20.0250 2932 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:44:20.0375 2932 AsyncMac - ok
12:44:20.0390 2932 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
12:44:20.0531 2932 atapi - ok
12:44:20.0531 2932 Atdisk - ok
12:44:20.0625 2932 Ati HotKey Poller (5ceda44447a28db469de28afc0950650) C:\WINDOWS\system32\Ati2evxx.exe
12:44:20.0640 2932 Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - warning
12:44:20.0640 2932 Ati HotKey Poller - detected UnsignedFile.Multi.Generic (1)
12:44:20.0718 2932 ATI Smart (737371583e0173f963d74435be3e96d2) C:\WINDOWS\system32\ati2sgag.exe
12:44:20.0765 2932 ATI Smart ( UnsignedFile.Multi.Generic ) - warning
12:44:20.0765 2932 ATI Smart - detected UnsignedFile.Multi.Generic (1)
12:44:20.0984 2932 ati2mtag (b63516824da0d8b9ad136e6e044a795f) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
12:44:21.0156 2932 ati2mtag ( UnsignedFile.Multi.Generic ) - warning
12:44:21.0156 2932 ati2mtag - detected UnsignedFile.Multi.Generic (1)
12:44:22.0265 2932 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
12:44:22.0390 2932 Atmarpc - ok
12:44:22.0437 2932 AudioSrv (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll
12:44:22.0578 2932 AudioSrv - ok
12:44:22.0609 2932 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
12:44:22.0734 2932 audstub - ok
12:44:22.0749 2932 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
12:44:22.0890 2932 Beep - ok
12:44:22.0921 2932 BITS (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll
12:44:23.0062 2932 BITS - ok
12:44:23.0077 2932 Browser (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll
12:44:23.0249 2932 Browser - ok
12:44:23.0281 2932 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
12:44:23.0406 2932 cbidf2k - ok
12:44:23.0421 2932 cd20xrnt - ok
12:44:23.0421 2932 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
12:44:23.0562 2932 Cdaudio - ok
12:44:23.0577 2932 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
12:44:23.0718 2932 Cdfs - ok
12:44:23.0734 2932 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
12:44:23.0890 2932 Cdrom - ok
12:44:23.0890 2932 Changer - ok
12:44:23.0906 2932 CiSvc (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe
12:44:24.0062 2932 CiSvc - ok
12:44:24.0077 2932 ClipSrv (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe
12:44:24.0202 2932 ClipSrv - ok
12:44:24.0484 2932 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:44:24.0515 2932 clr_optimization_v2.0.50727_32 - ok
12:44:24.0702 2932 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:44:24.0718 2932 clr_optimization_v4.0.30319_32 - ok
12:44:24.0718 2932 CmdIde - ok
12:44:24.0734 2932 COMSysApp - ok
12:44:24.0734 2932 Cpqarray - ok
12:44:24.0796 2932 CryptSvc (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll
12:44:24.0937 2932 CryptSvc - ok
12:44:24.0937 2932 dac2w2k - ok
12:44:24.0952 2932 dac960nt - ok
12:44:24.0999 2932 DcomLaunch (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
12:44:25.0046 2932 DcomLaunch - ok
12:44:25.0077 2932 Dhcp (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll
12:44:25.0218 2932 Dhcp - ok
12:44:25.0249 2932 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
12:44:25.0405 2932 Disk - ok
12:44:25.0421 2932 dmadmin - ok
12:44:25.0484 2932 dmboot (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
12:44:25.0640 2932 dmboot - ok
12:44:25.0655 2932 dmio (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
12:44:25.0796 2932 dmio - ok
12:44:25.0812 2932 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
12:44:25.0937 2932 dmload - ok
12:44:25.0968 2932 dmserver (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll
12:44:26.0109 2932 dmserver - ok
12:44:26.0140 2932 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
12:44:26.0280 2932 DMusic - ok
12:44:26.0327 2932 Dnscache (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll
12:44:26.0405 2932 Dnscache - ok
12:44:26.0437 2932 Dot3svc (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll
12:44:26.0577 2932 Dot3svc - ok
12:44:26.0765 2932 Dot4 (3e4b043f8bc6be1d4820cc6c9c500306) C:\WINDOWS\system32\DRIVERS\Dot4.sys
12:44:26.0968 2932 Dot4 - ok
12:44:26.0999 2932 Dot4Print (77ce63a8a34ae23d9fe4c7896d1debe7) C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
12:44:27.0140 2932 Dot4Print - ok
12:44:27.0140 2932 dpti2o - ok
12:44:27.0155 2932 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
12:44:27.0296 2932 drmkaud - ok
12:44:27.0327 2932 EapHost (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll
12:44:27.0452 2932 EapHost - ok
12:44:27.0483 2932 ERSvc (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll
12:44:27.0624 2932 ERSvc - ok
12:44:27.0655 2932 Eventlog (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
12:44:27.0687 2932 Eventlog - ok
12:44:27.0718 2932 EventSystem (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\system32\es.dll
12:44:27.0765 2932 EventSystem - ok
12:44:27.0796 2932 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
12:44:27.0921 2932 Fastfat - ok
12:44:27.0952 2932 FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
12:44:27.0999 2932 FastUserSwitchingCompatibility - ok
12:44:28.0015 2932 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
12:44:28.0140 2932 Fdc - ok
12:44:28.0155 2932 Fips (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
12:44:28.0312 2932 Fips - ok
12:44:28.0343 2932 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
12:44:28.0468 2932 Flpydisk - ok
12:44:28.0499 2932 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
12:44:28.0640 2932 FltMgr - ok
12:44:28.0765 2932 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
12:44:28.0780 2932 FontCache3.0.0.0 - ok
12:44:28.0812 2932 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:44:28.0937 2932 Fs_Rec - ok
12:44:28.0952 2932 Ftdisk (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
12:44:29.0077 2932 Ftdisk - ok
12:44:29.0077 2932 GMSIPCI - ok
12:44:29.0108 2932 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
12:44:29.0265 2932 Gpc - ok
12:44:29.0296 2932 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
12:44:29.0437 2932 HDAudBus - ok
12:44:29.0483 2932 helpsvc (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
12:44:29.0624 2932 helpsvc - ok
12:44:29.0655 2932 HidServ (b35da85e60c0103f2e4104532da2f12b) C:\WINDOWS\System32\hidserv.dll
12:44:29.0796 2932 HidServ - ok
12:44:29.0796 2932 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
12:44:29.0936 2932 HidUsb - ok
12:44:29.0968 2932 hkmsvc (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll
12:44:30.0093 2932 hkmsvc - ok
12:44:30.0108 2932 hpn - ok
12:44:30.0140 2932 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
12:44:30.0186 2932 HTTP - ok
12:44:30.0218 2932 HTTPFilter (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll
12:44:30.0343 2932 HTTPFilter - ok
12:44:30.0343 2932 i2omgmt - ok
12:44:30.0343 2932 i2omp - ok
12:44:30.0374 2932 i8042prt (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
12:44:30.0530 2932 i8042prt - ok
12:44:30.0640 2932 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:44:30.0702 2932 idsvc - ok
12:44:30.0702 2932 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
12:44:30.0843 2932 Imapi - ok
12:44:30.0874 2932 ImapiService (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\system32\imapi.exe
12:44:30.0999 2932 ImapiService - ok
12:44:31.0046 2932 InCDfs (7bfc3eda22190c0fe8c2ca19e5379da5) C:\WINDOWS\system32\drivers\InCDFs.sys
12:44:31.0061 2932 InCDfs - ok
12:44:31.0093 2932 InCDPass (fc4dbf18a4eb0d2fe3171471a3d0f9a8) C:\WINDOWS\system32\drivers\InCDPass.sys
12:44:31.0108 2932 InCDPass - ok
12:44:31.0124 2932 InCDrec (f8e7c551def07fdc12ca5cc7ae5d975b) C:\WINDOWS\system32\drivers\InCDrec.sys
12:44:31.0124 2932 InCDrec - ok
12:44:31.0155 2932 incdrm (31a5a3809249a326eb0ef58d563a9654) C:\WINDOWS\system32\drivers\InCDRm.sys
12:44:31.0155 2932 incdrm - ok
12:44:31.0327 2932 InCDsrv (c773d093d5c18765e71c7992aee051a2) C:\Programme\Nero\Nero 7\InCD\InCDsrv.exe
12:44:31.0405 2932 InCDsrv - ok
12:44:32.0483 2932 ini910u - ok
12:44:32.0780 2932 IntcAzAudAddService (613a2b00da1d4a80de1ec8cfb52c0d89) C:\WINDOWS\system32\drivers\RtkHDAud.sys
12:44:32.0983 2932 IntcAzAudAddService ( UnsignedFile.Multi.Generic ) - warning
12:44:32.0983 2932 IntcAzAudAddService - detected UnsignedFile.Multi.Generic (1)
12:44:34.0092 2932 IntelIde - ok
12:44:34.0124 2932 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
12:44:34.0264 2932 Ip6Fw - ok
12:44:34.0280 2932 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:44:34.0421 2932 IpFilterDriver - ok
12:44:34.0452 2932 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
12:44:34.0592 2932 IpInIp - ok
12:44:34.0608 2932 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
12:44:34.0733 2932 IpNat - ok
12:44:34.0764 2932 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
12:44:34.0905 2932 IPSec - ok
12:44:34.0921 2932 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
12:44:34.0967 2932 irda - ok
12:44:34.0983 2932 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
12:44:35.0061 2932 IRENUM - ok
12:44:35.0077 2932 Irmon (2efe1db1ec58a26b0c14bfda122e246f) C:\WINDOWS\System32\irmon.dll
12:44:35.0139 2932 Irmon - ok
12:44:35.0186 2932 irsir (0501f0b9ab08425f8c0eacbdcc04aa32) C:\WINDOWS\system32\DRIVERS\irsir.sys
12:44:35.0249 2932 irsir - ok
12:44:35.0264 2932 isapnp (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
12:44:35.0389 2932 isapnp - ok
12:44:35.0546 2932 JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Programme\Java\jre6\bin\jqs.exe
12:44:35.0577 2932 JavaQuickStarterService - ok
12:44:35.0592 2932 Kbdclass (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
12:44:35.0733 2932 Kbdclass - ok
12:44:35.0764 2932 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
12:44:35.0905 2932 kmixer - ok
12:44:35.0936 2932 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
12:44:35.0983 2932 KSecDD - ok
12:44:36.0014 2932 lanmanserver (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll
12:44:36.0061 2932 lanmanserver - ok
12:44:36.0108 2932 lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll
12:44:36.0155 2932 lanmanworkstation - ok
12:44:36.0155 2932 lbrtfdc - ok
12:44:36.0186 2932 LmHosts (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll
12:44:36.0342 2932 LmHosts - ok
12:44:36.0467 2932 McAfeeFramework (062d80f13d762f7bc2f38430d60f5048) C:\Programme\McAfee\Common Framework\FrameworkService.exe
12:44:36.0483 2932 McAfeeFramework - ok
12:44:36.0577 2932 McShield (c7a9f5343373f389de64c625c5f93d96) C:\Programme\Common\McAfee\SystemCore\\mcshield.exe
12:44:36.0608 2932 McShield - ok
12:44:36.0670 2932 McTaskManager (b15bb3aef59158b4e1dda5328c842713) C:\Programme\McAfee\VirusScan Enterprise\vstskmgr.exe
12:44:36.0686 2932 McTaskManager - ok
12:44:36.0764 2932 MDM (11f714f85530a2bd134074dc30e99fca) C:\Programme\Common\Microsoft Shared\VS7DEBUG\MDM.EXE
12:44:36.0795 2932 MDM - ok
12:44:36.0827 2932 Messenger (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll
12:44:36.0967 2932 Messenger - ok
12:44:36.0999 2932 mfeapfk (fca77f9c5d9f19992ae02538181236a6) C:\WINDOWS\system32\drivers\mfeapfk.sys
12:44:37.0014 2932 mfeapfk - ok
12:44:37.0045 2932 mfeavfk (ed6c0825f98bcfa05ee10db9d9ca8391) C:\WINDOWS\system32\drivers\mfeavfk.sys
12:44:37.0061 2932 mfeavfk - ok
12:44:37.0061 2932 mfeavfk01 - ok
12:44:37.0077 2932 mfebopk (4957d3b3f35f583a2b11eacb651bff9f) C:\WINDOWS\system32\drivers\mfebopk.sys
12:44:37.0092 2932 mfebopk - ok
12:44:37.0139 2932 mfehidk (37800fbb68d88e3c3e49bb9c97233e87) C:\WINDOWS\system32\drivers\mfehidk.sys
12:44:37.0170 2932 mfehidk - ok
12:44:37.0186 2932 mferkdet (47c91e229b129047f0138011ddf9f92f) C:\WINDOWS\system32\drivers\mferkdet.sys
12:44:37.0202 2932 mferkdet - ok
12:44:37.0249 2932 mferkdk - ok
12:44:37.0280 2932 mfetdi2k (09aaf8e41a1e965fea21700ce69c408c) C:\WINDOWS\system32\drivers\mfetdi2k.sys
12:44:37.0295 2932 mfetdi2k - ok
12:44:37.0311 2932 mfevtp (9f09caa8dc12fc1626f82a5c212f6f9c) C:\WINDOWS\system32\mfevtps.exe
12:44:37.0327 2932 mfevtp - ok
12:44:37.0358 2932 Modem (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
12:44:37.0514 2932 Modem - ok
12:44:37.0530 2932 Mouclass (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
12:44:37.0670 2932 Mouclass - ok
12:44:37.0702 2932 mouhid (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
12:44:37.0858 2932 mouhid - ok
12:44:37.0858 2932 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
12:44:38.0014 2932 MountMgr - ok
12:44:38.0045 2932 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
12:44:38.0092 2932 MozillaMaintenance - ok
12:44:38.0092 2932 mraid35x - ok
12:44:38.0108 2932 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
12:44:38.0264 2932 MRxDAV - ok
12:44:38.0327 2932 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:44:38.0389 2932 MRxSmb - ok
12:44:38.0420 2932 MSDTC (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\system32\msdtc.exe
12:44:38.0577 2932 MSDTC - ok
12:44:38.0592 2932 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
12:44:38.0717 2932 Msfs - ok
12:44:38.0717 2932 MSIServer - ok
12:44:38.0748 2932 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:44:38.0889 2932 MSKSSRV - ok
12:44:38.0905 2932 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:44:39.0030 2932 MSPCLOCK - ok
12:44:39.0045 2932 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
12:44:39.0186 2932 MSPQM - ok
12:44:39.0217 2932 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
12:44:39.0342 2932 mssmbios - ok
12:44:39.0389 2932 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
12:44:39.0420 2932 Mup - ok
12:44:39.0452 2932 napagent (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll
12:44:39.0577 2932 napagent - ok
12:44:39.0686 2932 NBService (6d8fcdd5bb3b676ef58fa234073492c6) C:\Programme\Nero\Nero 7\Nero BackItUp\NBService.exe
12:44:39.0717 2932 NBService - ok
12:44:39.0748 2932 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
12:44:39.0889 2932 NDIS - ok
12:44:39.0905 2932 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:44:39.0967 2932 NdisTapi - ok
12:44:39.0983 2932 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:44:40.0108 2932 Ndisuio - ok
12:44:40.0123 2932 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:44:40.0280 2932 NdisWan - ok
12:44:40.0311 2932 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
12:44:40.0373 2932 NDProxy - ok
12:44:40.0389 2932 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
12:44:40.0498 2932 NetBIOS - ok
12:44:40.0514 2932 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
12:44:40.0655 2932 NetBT - ok
12:44:40.0686 2932 NetDDE (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
12:44:40.0842 2932 NetDDE - ok
12:44:40.0842 2932 NetDDEdsdm (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
12:44:40.0967 2932 NetDDEdsdm - ok
12:44:40.0983 2932 Netlogon (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
12:44:41.0108 2932 Netlogon - ok
12:44:41.0139 2932 Netman (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll
12:44:41.0264 2932 Netman - ok
12:44:41.0405 2932 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:44:41.0420 2932 NetTcpPortSharing - ok
12:44:41.0467 2932 Nla (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll
12:44:41.0498 2932 Nla - ok
12:44:41.0655 2932 NMIndexingService (e584d6668e6a3923ff32e026a5ed2a03) C:\Programme\Common\Ahead\Lib\NMIndexingService.exe
12:44:41.0670 2932 NMIndexingService - ok
12:44:41.0701 2932 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
12:44:41.0795 2932 Npfs - ok
12:44:41.0858 2932 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
12:44:42.0045 2932 Ntfs - ok
12:44:42.0061 2932 NtLmSsp (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
12:44:42.0170 2932 NtLmSsp - ok
12:44:42.0233 2932 NtmsSvc (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll
12:44:42.0358 2932 NtmsSvc - ok
12:44:42.0389 2932 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
12:44:42.0514 2932 Null - ok
12:44:42.0545 2932 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
12:44:42.0670 2932 NwlnkFlt - ok
12:44:42.0670 2932 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
12:44:42.0795 2932 NwlnkFwd - ok
12:44:42.0967 2932 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Programme\Common\Microsoft Shared\OFFICE12\ODSERV.EXE
12:44:42.0998 2932 odserv - ok
12:44:43.0045 2932 ose (5a432a042dae460abe7199b758e8606c) C:\Programme\Common\Microsoft Shared\Source Engine\OSE.EXE
12:44:43.0217 2932 ose - ok
12:44:43.0248 2932 Parport (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
12:44:43.0404 2932 Parport - ok
12:44:43.0436 2932 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
12:44:43.0545 2932 PartMgr - ok
12:44:43.0592 2932 ParVdm (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
12:44:43.0701 2932 ParVdm - ok
12:44:43.0764 2932 PCI (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
12:44:43.0889 2932 PCI - ok
12:44:43.0889 2932 PCIDump - ok
12:44:43.0920 2932 PCIIde (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
12:44:44.0045 2932 PCIIde - ok
12:44:44.0076 2932 Pcmcia (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
12:44:44.0186 2932 Pcmcia - ok
12:44:44.0186 2932 PDCOMP - ok
12:44:44.0201 2932 PDFRAME - ok
12:44:44.0201 2932 PDRELI - ok
12:44:44.0217 2932 PDRFRAME - ok
12:44:44.0217 2932 perc2 - ok
12:44:44.0217 2932 perc2hib - ok
12:44:44.0264 2932 PlugPlay (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
12:44:44.0311 2932 PlugPlay - ok
12:44:44.0326 2932 PolicyAgent (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
12:44:44.0451 2932 PolicyAgent - ok
12:44:44.0483 2932 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:44:44.0608 2932 PptpMiniport - ok
12:44:44.0623 2932 Processor (2cb55427c58679f49ad600fccba76360) C:\WINDOWS\system32\DRIVERS\processr.sys
12:44:44.0764 2932 Processor - ok
12:44:44.0764 2932 ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
12:44:44.0889 2932 ProtectedStorage - ok
12:44:44.0904 2932 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
12:44:45.0029 2932 PSched - ok
12:44:45.0061 2932 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
12:44:45.0170 2932 Ptilink - ok
12:44:45.0170 2932 ql1080 - ok
12:44:45.0186 2932 Ql10wnt - ok
12:44:45.0186 2932 ql12160 - ok
12:44:45.0186 2932 ql1240 - ok
12:44:45.0201 2932 ql1280 - ok
12:44:45.0201 2932 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:44:45.0357 2932 RasAcd - ok
12:44:45.0373 2932 RasAuto (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll
12:44:45.0482 2932 RasAuto - ok
12:44:45.0514 2932 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
12:44:45.0561 2932 Rasirda - ok
12:44:45.0576 2932 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:44:45.0717 2932 Rasl2tp - ok
12:44:45.0764 2932 RasMan (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll
12:44:45.0873 2932 RasMan - ok
12:44:45.0889 2932 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:44:46.0014 2932 RasPppoe - ok
12:44:46.0029 2932 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
12:44:46.0170 2932 Raspti - ok
12:44:46.0201 2932 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:44:46.0326 2932 Rdbss - ok
12:44:46.0326 2932 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
12:44:46.0451 2932 RDPCDD - ok
12:44:46.0482 2932 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
12:44:46.0592 2932 rdpdr - ok
12:44:46.0639 2932 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
12:44:46.0701 2932 RDPWD - ok
12:44:46.0732 2932 RDSessMgr (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe
12:44:46.0857 2932 RDSessMgr - ok
12:44:46.0889 2932 redbook (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
12:44:47.0045 2932 redbook - ok
12:44:47.0076 2932 RemoteAccess (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll
12:44:47.0185 2932 RemoteAccess - ok
12:44:47.0232 2932 RemoteRegistry (e4cd1f3d84e1c2ca0b8cf7501e201593) C:\WINDOWS\system32\regsvc.dll
12:44:47.0357 2932 RemoteRegistry - ok
12:44:47.0498 2932 RichVideo (bd517c7fb119997effbe39d5e4b37b05) C:\Programme\CyberLink\Shared Files\RichVideo.exe
12:44:47.0498 2932 RichVideo ( UnsignedFile.Multi.Generic ) - warning
12:44:47.0498 2932 RichVideo - detected UnsignedFile.Multi.Generic (1)
12:44:47.0529 2932 RpcLocator (2a02e21867497df20b8fc95631395169) C:\WINDOWS\system32\locator.exe
12:44:47.0654 2932 RpcLocator - ok
12:44:47.0701 2932 RpcSs (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
12:44:47.0732 2932 RpcSs - ok
12:44:47.0764 2932 RSVP (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\system32\rsvp.exe
12:44:47.0873 2932 RSVP - ok
12:44:47.0920 2932 RTLE8023xp (36ada62330c31ad314e4a26b815fc485) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
12:44:47.0951 2932 RTLE8023xp - ok
12:44:47.0982 2932 SamSs (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
12:44:48.0107 2932 SamSs - ok
12:44:48.0123 2932 SCardSvr (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe
12:44:48.0279 2932 SCardSvr - ok
12:44:48.0310 2932 Schedule (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll
12:44:48.0451 2932 Schedule - ok
12:44:48.0482 2932 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
12:44:48.0529 2932 Secdrv - ok
12:44:48.0545 2932 seclogon (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll
12:44:48.0670 2932 seclogon - ok
12:44:48.0701 2932 SENS (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll
12:44:48.0842 2932 SENS - ok
12:44:48.0857 2932 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
12:44:48.0982 2932 serenum - ok
12:44:48.0998 2932 Serial (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
12:44:49.0123 2932 Serial - ok
12:44:49.0154 2932 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
12:44:49.0279 2932 Sfloppy - ok
12:44:49.0326 2932 SharedAccess (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll
12:44:49.0467 2932 SharedAccess - ok
12:44:49.0498 2932 ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
12:44:49.0529 2932 ShellHWDetection - ok
12:44:49.0529 2932 Simbad - ok
12:44:49.0545 2932 Sparrow - ok
12:44:49.0560 2932 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
12:44:49.0685 2932 splitter - ok
12:44:49.0717 2932 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
12:44:49.0748 2932 Spooler - ok
12:44:49.0763 2932 sr (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
12:44:49.0826 2932 sr - ok
12:44:49.0857 2932 srservice (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\system32\srsvc.dll
12:44:49.0920 2932 srservice - ok
12:44:49.0951 2932 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
12:44:50.0013 2932 Srv - ok
12:44:50.0029 2932 SSDPSRV (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll
12:44:50.0092 2932 SSDPSRV - ok
12:44:50.0123 2932 stisvc (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll
12:44:50.0248 2932 stisvc - ok
12:44:50.0263 2932 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
12:44:50.0420 2932 swenum - ok
12:44:50.0435 2932 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
12:44:50.0545 2932 swmidi - ok
12:44:50.0545 2932 SwPrv - ok
12:44:50.0560 2932 symc810 - ok
12:44:50.0560 2932 symc8xx - ok
12:44:50.0560 2932 sym_hi - ok
12:44:50.0576 2932 sym_u3 - ok
12:44:50.0592 2932 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
12:44:50.0732 2932 sysaudio - ok
12:44:50.0748 2932 SysmonLog (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe
12:44:50.0857 2932 SysmonLog - ok
12:44:50.0888 2932 TapiSrv (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll
12:44:51.0013 2932 TapiSrv - ok
12:44:51.0060 2932 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:44:51.0107 2932 Tcpip - ok
12:44:51.0123 2932 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
12:44:51.0279 2932 TDPIPE - ok
12:44:51.0295 2932 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
12:44:51.0435 2932 TDTCP - ok
12:44:51.0451 2932 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
12:44:51.0576 2932 TermDD - ok
12:44:51.0623 2932 TermService (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll
12:44:51.0748 2932 TermService - ok
12:44:51.0795 2932 Themes (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
12:44:51.0810 2932 Themes - ok
12:44:51.0826 2932 TlntSvr (03681a1ce77f51586903869a5ab1deab) C:\WINDOWS\system32\tlntsvr.exe
12:44:51.0904 2932 TlntSvr - ok
12:44:51.0904 2932 TosIde - ok
12:44:51.0935 2932 TrkWks (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll
12:44:52.0060 2932 TrkWks - ok
12:44:52.0091 2932 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
12:44:52.0216 2932 Udfs - ok
12:44:52.0232 2932 ultra - ok
12:44:52.0279 2932 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
12:44:52.0420 2932 Update - ok
12:44:52.0451 2932 upnphost (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll
12:44:52.0513 2932 upnphost - ok
12:44:52.0529 2932 UPS (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe
12:44:52.0623 2932 UPS - ok
12:44:52.0654 2932 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
12:44:52.0763 2932 usbccgp - ok
12:44:52.0779 2932 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
12:44:52.0888 2932 usbehci - ok
12:44:52.0920 2932 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
12:44:53.0045 2932 usbhub - ok
12:44:53.0060 2932 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
12:44:53.0185 2932 usbohci - ok
12:44:53.0216 2932 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
12:44:53.0326 2932 usbprint - ok
12:44:53.0357 2932 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
12:44:53.0466 2932 usbscan - ok
12:44:53.0498 2932 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
12:44:53.0607 2932 usbstor - ok
12:44:53.0623 2932 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
12:44:53.0763 2932 VgaSave - ok
12:44:53.0763 2932 ViaIde - ok
12:44:53.0794 2932 VolSnap (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
12:44:53.0919 2932 VolSnap - ok
12:44:53.0966 2932 VSS (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe
12:44:54.0029 2932 VSS - ok
12:44:54.0060 2932 W32Time (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\system32\w32time.dll
12:44:54.0169 2932 W32Time - ok
12:44:54.0185 2932 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:44:54.0326 2932 Wanarp - ok
12:44:54.0326 2932 WDICA - ok
12:44:54.0341 2932 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
12:44:54.0451 2932 wdmaud - ok
12:44:54.0482 2932 WebClient (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll
12:44:54.0607 2932 WebClient - ok
12:44:54.0716 2932 winmgmt (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll
12:44:54.0857 2932 winmgmt - ok
12:44:54.0935 2932 WinRM (f10075c2ec96d2eb118012e78ece2fc2) C:\WINDOWS\system32\WsmSvc.dll
12:44:55.0029 2932 WinRM - ok
12:44:55.0060 2932 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
12:44:55.0107 2932 WmdmPmSN - ok
12:44:55.0169 2932 Wmi (ffa4d901d46d07a5bab2d8307fbb51a6) C:\WINDOWS\System32\advapi32.dll
12:44:55.0216 2932 Wmi - ok
12:44:55.0326 2932 WmiApSrv (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\system32\wbem\wmiapsrv.exe
12:44:55.0466 2932 WmiApSrv - ok
12:44:55.0607 2932 WMPNetworkSvc (bf05650bb7df5e9ebdd25974e22403bb) C:\Programme\Windows Media Player\WMPNetwk.exe
12:44:55.0669 2932 WMPNetworkSvc - ok
12:44:55.0997 2932 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
12:44:56.0029 2932 WPFFontCache_v0400 - ok
12:44:56.0763 2932 wscsvc (300b3e84faf1a5c1f791c159ba28035d) C:\WINDOWS\system32\wscsvc.dll
12:44:56.0872 2932 wscsvc - ok
12:44:56.0888 2932 wuauserv (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll
12:44:57.0044 2932 wuauserv - ok
12:44:57.0169 2932 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
12:44:57.0216 2932 WudfPf - ok
12:44:57.0263 2932 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
12:44:57.0279 2932 WudfRd - ok
12:44:57.0294 2932 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
12:44:57.0326 2932 WudfSvc - ok
12:44:57.0372 2932 WZCSVC (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll
12:44:57.0497 2932 WZCSVC - ok
12:44:57.0529 2932 xmlprov (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll
12:44:57.0669 2932 xmlprov - ok
12:44:57.0685 2932 MBR (0x1B8) (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
12:44:58.0122 2932 \Device\Harddisk0\DR0 - ok
12:44:58.0122 2932 Boot (0x1200) (0d1cf8d85f4616114d6c44e72b6bb271) \Device\Harddisk0\DR0\Partition0
12:44:58.0138 2932 \Device\Harddisk0\DR0\Partition0 - ok
12:44:58.0138 2932 ============================================================
12:44:58.0138 2932 Scan finished
12:44:58.0138 2932 ============================================================
12:44:58.0247 1456 Detected object count: 6
12:44:58.0247 1456 Actual detected object count: 6
|
|
12.07.2012, 14:41
| #40 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Infizierte Registrierungswerte Hijack.ControlPanelStyle Log ist unvollständig! Die untere Zusammenfassung fehlt
__________________ Logfiles bitte immer in CODE-Tags posten |
|
12.07.2012, 14:50
| #41 |
| | Infizierte Registrierungswerte Hijack.ControlPanelStyle hm, jetzt: Code:
ATTFilter 12:43:00.0114 2388 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35
12:43:00.0332 2388 ============================================================
12:43:00.0332 2388 Current date / time: 2012/07/12 12:43:00.0332
12:43:00.0332 2388 SystemInfo:
12:43:00.0332 2388
12:43:00.0332 2388 OS Version: 5.1.2600 ServicePack: 3.0
12:43:00.0332 2388 Product type: Workstation
12:43:00.0332 2388 ComputerName: THEO99
12:43:00.0332 2388 UserName: Administrator
12:43:00.0332 2388 Windows directory: C:\WINDOWS
12:43:00.0332 2388 System windows directory: C:\WINDOWS
12:43:00.0332 2388 Processor architecture: Intel x86
12:43:00.0332 2388 Number of processors: 2
12:43:00.0332 2388 Page size: 0x1000
12:43:00.0332 2388 Boot type: Normal boot
12:43:00.0332 2388 ============================================================
12:43:01.0301 2388 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
12:43:01.0317 2388 ============================================================
12:43:01.0317 2388 \Device\Harddisk0\DR0:
12:43:01.0317 2388 MBR partitions:
12:43:01.0317 2388 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C0681
12:43:01.0317 2388 ============================================================
12:43:01.0332 2388 C: <-> \Device\Harddisk0\DR0\Partition0
12:43:01.0332 2388 ============================================================
12:43:01.0332 2388 Initialize success
12:43:01.0332 2388 ============================================================
12:44:16.0937 2932 ============================================================
12:44:16.0937 2932 Scan started
12:44:16.0937 2932 Mode: Manual; SigCheck; TDLFS;
12:44:16.0937 2932 ============================================================
12:44:18.0109 2932 Abiosdsk - ok
12:44:18.0109 2932 abp480n5 - ok
12:44:18.0156 2932 ACPI (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
12:44:19.0078 2932 ACPI - ok
12:44:19.0109 2932 ACPIEC (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
12:44:19.0234 2932 ACPIEC - ok
12:44:19.0234 2932 adpu160m - ok
12:44:19.0265 2932 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
12:44:19.0390 2932 aec - ok
12:44:19.0421 2932 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
12:44:19.0484 2932 AFD - ok
12:44:19.0484 2932 Aha154x - ok
12:44:19.0500 2932 aic78u2 - ok
12:44:19.0500 2932 aic78xx - ok
12:44:19.0531 2932 Alerter (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll
12:44:19.0656 2932 Alerter - ok
12:44:19.0687 2932 ALG (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe
12:44:19.0750 2932 ALG - ok
12:44:19.0765 2932 AliIde - ok
12:44:19.0796 2932 AmdK8 (58be3c2f1aa041ea56f7305a6463035c) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
12:44:19.0812 2932 AmdK8 ( UnsignedFile.Multi.Generic ) - warning
12:44:19.0812 2932 AmdK8 - detected UnsignedFile.Multi.Generic (1)
12:44:19.0812 2932 amsint - ok
12:44:19.0843 2932 AppMgmt (d45960be52c3c610d361977057f98c54) C:\WINDOWS\System32\appmgmts.dll
12:44:19.0921 2932 AppMgmt - ok
12:44:19.0921 2932 asc - ok
12:44:19.0921 2932 asc3350p - ok
12:44:19.0937 2932 asc3550 - ok
12:44:20.0203 2932 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
12:44:20.0234 2932 aspnet_state - ok
12:44:20.0250 2932 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:44:20.0375 2932 AsyncMac - ok
12:44:20.0390 2932 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
12:44:20.0531 2932 atapi - ok
12:44:20.0531 2932 Atdisk - ok
12:44:20.0625 2932 Ati HotKey Poller (5ceda44447a28db469de28afc0950650) C:\WINDOWS\system32\Ati2evxx.exe
12:44:20.0640 2932 Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - warning
12:44:20.0640 2932 Ati HotKey Poller - detected UnsignedFile.Multi.Generic (1)
12:44:20.0718 2932 ATI Smart (737371583e0173f963d74435be3e96d2) C:\WINDOWS\system32\ati2sgag.exe
12:44:20.0765 2932 ATI Smart ( UnsignedFile.Multi.Generic ) - warning
12:44:20.0765 2932 ATI Smart - detected UnsignedFile.Multi.Generic (1)
12:44:20.0984 2932 ati2mtag (b63516824da0d8b9ad136e6e044a795f) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
12:44:21.0156 2932 ati2mtag ( UnsignedFile.Multi.Generic ) - warning
12:44:21.0156 2932 ati2mtag - detected UnsignedFile.Multi.Generic (1)
12:44:22.0265 2932 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
12:44:22.0390 2932 Atmarpc - ok
12:44:22.0437 2932 AudioSrv (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll
12:44:22.0578 2932 AudioSrv - ok
12:44:22.0609 2932 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
12:44:22.0734 2932 audstub - ok
12:44:22.0749 2932 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
12:44:22.0890 2932 Beep - ok
12:44:22.0921 2932 BITS (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll
12:44:23.0062 2932 BITS - ok
12:44:23.0077 2932 Browser (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll
12:44:23.0249 2932 Browser - ok
12:44:23.0281 2932 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
12:44:23.0406 2932 cbidf2k - ok
12:44:23.0421 2932 cd20xrnt - ok
12:44:23.0421 2932 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
12:44:23.0562 2932 Cdaudio - ok
12:44:23.0577 2932 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
12:44:23.0718 2932 Cdfs - ok
12:44:23.0734 2932 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
12:44:23.0890 2932 Cdrom - ok
12:44:23.0890 2932 Changer - ok
12:44:23.0906 2932 CiSvc (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe
12:44:24.0062 2932 CiSvc - ok
12:44:24.0077 2932 ClipSrv (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe
12:44:24.0202 2932 ClipSrv - ok
12:44:24.0484 2932 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:44:24.0515 2932 clr_optimization_v2.0.50727_32 - ok
12:44:24.0702 2932 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:44:24.0718 2932 clr_optimization_v4.0.30319_32 - ok
12:44:24.0718 2932 CmdIde - ok
12:44:24.0734 2932 COMSysApp - ok
12:44:24.0734 2932 Cpqarray - ok
12:44:24.0796 2932 CryptSvc (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll
12:44:24.0937 2932 CryptSvc - ok
12:44:24.0937 2932 dac2w2k - ok
12:44:24.0952 2932 dac960nt - ok
12:44:24.0999 2932 DcomLaunch (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
12:44:25.0046 2932 DcomLaunch - ok
12:44:25.0077 2932 Dhcp (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll
12:44:25.0218 2932 Dhcp - ok
12:44:25.0249 2932 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
12:44:25.0405 2932 Disk - ok
12:44:25.0421 2932 dmadmin - ok
12:44:25.0484 2932 dmboot (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
12:44:25.0640 2932 dmboot - ok
12:44:25.0655 2932 dmio (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
12:44:25.0796 2932 dmio - ok
12:44:25.0812 2932 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
12:44:25.0937 2932 dmload - ok
12:44:25.0968 2932 dmserver (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll
12:44:26.0109 2932 dmserver - ok
12:44:26.0140 2932 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
12:44:26.0280 2932 DMusic - ok
12:44:26.0327 2932 Dnscache (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll
12:44:26.0405 2932 Dnscache - ok
12:44:26.0437 2932 Dot3svc (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll
12:44:26.0577 2932 Dot3svc - ok
12:44:26.0765 2932 Dot4 (3e4b043f8bc6be1d4820cc6c9c500306) C:\WINDOWS\system32\DRIVERS\Dot4.sys
12:44:26.0968 2932 Dot4 - ok
12:44:26.0999 2932 Dot4Print (77ce63a8a34ae23d9fe4c7896d1debe7) C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
12:44:27.0140 2932 Dot4Print - ok
12:44:27.0140 2932 dpti2o - ok
12:44:27.0155 2932 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
12:44:27.0296 2932 drmkaud - ok
12:44:27.0327 2932 EapHost (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll
12:44:27.0452 2932 EapHost - ok
12:44:27.0483 2932 ERSvc (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll
12:44:27.0624 2932 ERSvc - ok
12:44:27.0655 2932 Eventlog (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
12:44:27.0687 2932 Eventlog - ok
12:44:27.0718 2932 EventSystem (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\system32\es.dll
12:44:27.0765 2932 EventSystem - ok
12:44:27.0796 2932 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
12:44:27.0921 2932 Fastfat - ok
12:44:27.0952 2932 FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
12:44:27.0999 2932 FastUserSwitchingCompatibility - ok
12:44:28.0015 2932 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
12:44:28.0140 2932 Fdc - ok
12:44:28.0155 2932 Fips (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
12:44:28.0312 2932 Fips - ok
12:44:28.0343 2932 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
12:44:28.0468 2932 Flpydisk - ok
12:44:28.0499 2932 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
12:44:28.0640 2932 FltMgr - ok
12:44:28.0765 2932 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
12:44:28.0780 2932 FontCache3.0.0.0 - ok
12:44:28.0812 2932 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:44:28.0937 2932 Fs_Rec - ok
12:44:28.0952 2932 Ftdisk (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
12:44:29.0077 2932 Ftdisk - ok
12:44:29.0077 2932 GMSIPCI - ok
12:44:29.0108 2932 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
12:44:29.0265 2932 Gpc - ok
12:44:29.0296 2932 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
12:44:29.0437 2932 HDAudBus - ok
12:44:29.0483 2932 helpsvc (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
12:44:29.0624 2932 helpsvc - ok
12:44:29.0655 2932 HidServ (b35da85e60c0103f2e4104532da2f12b) C:\WINDOWS\System32\hidserv.dll
12:44:29.0796 2932 HidServ - ok
12:44:29.0796 2932 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
12:44:29.0936 2932 HidUsb - ok
12:44:29.0968 2932 hkmsvc (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll
12:44:30.0093 2932 hkmsvc - ok
12:44:30.0108 2932 hpn - ok
12:44:30.0140 2932 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
12:44:30.0186 2932 HTTP - ok
12:44:30.0218 2932 HTTPFilter (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll
12:44:30.0343 2932 HTTPFilter - ok
12:44:30.0343 2932 i2omgmt - ok
12:44:30.0343 2932 i2omp - ok
12:44:30.0374 2932 i8042prt (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
12:44:30.0530 2932 i8042prt - ok
12:44:30.0640 2932 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:44:30.0702 2932 idsvc - ok
12:44:30.0702 2932 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
12:44:30.0843 2932 Imapi - ok
12:44:30.0874 2932 ImapiService (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\system32\imapi.exe
12:44:30.0999 2932 ImapiService - ok
12:44:31.0046 2932 InCDfs (7bfc3eda22190c0fe8c2ca19e5379da5) C:\WINDOWS\system32\drivers\InCDFs.sys
12:44:31.0061 2932 InCDfs - ok
12:44:31.0093 2932 InCDPass (fc4dbf18a4eb0d2fe3171471a3d0f9a8) C:\WINDOWS\system32\drivers\InCDPass.sys
12:44:31.0108 2932 InCDPass - ok
12:44:31.0124 2932 InCDrec (f8e7c551def07fdc12ca5cc7ae5d975b) C:\WINDOWS\system32\drivers\InCDrec.sys
12:44:31.0124 2932 InCDrec - ok
12:44:31.0155 2932 incdrm (31a5a3809249a326eb0ef58d563a9654) C:\WINDOWS\system32\drivers\InCDRm.sys
12:44:31.0155 2932 incdrm - ok
12:44:31.0327 2932 InCDsrv (c773d093d5c18765e71c7992aee051a2) C:\Programme\Nero\Nero 7\InCD\InCDsrv.exe
12:44:31.0405 2932 InCDsrv - ok
12:44:32.0483 2932 ini910u - ok
12:44:32.0780 2932 IntcAzAudAddService (613a2b00da1d4a80de1ec8cfb52c0d89) C:\WINDOWS\system32\drivers\RtkHDAud.sys
12:44:32.0983 2932 IntcAzAudAddService ( UnsignedFile.Multi.Generic ) - warning
12:44:32.0983 2932 IntcAzAudAddService - detected UnsignedFile.Multi.Generic (1)
12:44:34.0092 2932 IntelIde - ok
12:44:34.0124 2932 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
12:44:34.0264 2932 Ip6Fw - ok
12:44:34.0280 2932 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:44:34.0421 2932 IpFilterDriver - ok
12:44:34.0452 2932 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
12:44:34.0592 2932 IpInIp - ok
12:44:34.0608 2932 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
12:44:34.0733 2932 IpNat - ok
12:44:34.0764 2932 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
12:44:34.0905 2932 IPSec - ok
12:44:34.0921 2932 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
12:44:34.0967 2932 irda - ok
12:44:34.0983 2932 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
12:44:35.0061 2932 IRENUM - ok
12:44:35.0077 2932 Irmon (2efe1db1ec58a26b0c14bfda122e246f) C:\WINDOWS\System32\irmon.dll
12:44:35.0139 2932 Irmon - ok
12:44:35.0186 2932 irsir (0501f0b9ab08425f8c0eacbdcc04aa32) C:\WINDOWS\system32\DRIVERS\irsir.sys
12:44:35.0249 2932 irsir - ok
12:44:35.0264 2932 isapnp (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
12:44:35.0389 2932 isapnp - ok
12:44:35.0546 2932 JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Programme\Java\jre6\bin\jqs.exe
12:44:35.0577 2932 JavaQuickStarterService - ok
12:44:35.0592 2932 Kbdclass (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
12:44:35.0733 2932 Kbdclass - ok
12:44:35.0764 2932 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
12:44:35.0905 2932 kmixer - ok
12:44:35.0936 2932 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
12:44:35.0983 2932 KSecDD - ok
12:44:36.0014 2932 lanmanserver (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll
12:44:36.0061 2932 lanmanserver - ok
12:44:36.0108 2932 lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll
12:44:36.0155 2932 lanmanworkstation - ok
12:44:36.0155 2932 lbrtfdc - ok
12:44:36.0186 2932 LmHosts (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll
12:44:36.0342 2932 LmHosts - ok
12:44:36.0467 2932 McAfeeFramework (062d80f13d762f7bc2f38430d60f5048) C:\Programme\McAfee\Common Framework\FrameworkService.exe
12:44:36.0483 2932 McAfeeFramework - ok
12:44:36.0577 2932 McShield (c7a9f5343373f389de64c625c5f93d96) C:\Programme\Common\McAfee\SystemCore\\mcshield.exe
12:44:36.0608 2932 McShield - ok
12:44:36.0670 2932 McTaskManager (b15bb3aef59158b4e1dda5328c842713) C:\Programme\McAfee\VirusScan Enterprise\vstskmgr.exe
12:44:36.0686 2932 McTaskManager - ok
12:44:36.0764 2932 MDM (11f714f85530a2bd134074dc30e99fca) C:\Programme\Common\Microsoft Shared\VS7DEBUG\MDM.EXE
12:44:36.0795 2932 MDM - ok
12:44:36.0827 2932 Messenger (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll
12:44:36.0967 2932 Messenger - ok
12:44:36.0999 2932 mfeapfk (fca77f9c5d9f19992ae02538181236a6) C:\WINDOWS\system32\drivers\mfeapfk.sys
12:44:37.0014 2932 mfeapfk - ok
12:44:37.0045 2932 mfeavfk (ed6c0825f98bcfa05ee10db9d9ca8391) C:\WINDOWS\system32\drivers\mfeavfk.sys
12:44:37.0061 2932 mfeavfk - ok
12:44:37.0061 2932 mfeavfk01 - ok
12:44:37.0077 2932 mfebopk (4957d3b3f35f583a2b11eacb651bff9f) C:\WINDOWS\system32\drivers\mfebopk.sys
12:44:37.0092 2932 mfebopk - ok
12:44:37.0139 2932 mfehidk (37800fbb68d88e3c3e49bb9c97233e87) C:\WINDOWS\system32\drivers\mfehidk.sys
12:44:37.0170 2932 mfehidk - ok
12:44:37.0186 2932 mferkdet (47c91e229b129047f0138011ddf9f92f) C:\WINDOWS\system32\drivers\mferkdet.sys
12:44:37.0202 2932 mferkdet - ok
12:44:37.0249 2932 mferkdk - ok
12:44:37.0280 2932 mfetdi2k (09aaf8e41a1e965fea21700ce69c408c) C:\WINDOWS\system32\drivers\mfetdi2k.sys
12:44:37.0295 2932 mfetdi2k - ok
12:44:37.0311 2932 mfevtp (9f09caa8dc12fc1626f82a5c212f6f9c) C:\WINDOWS\system32\mfevtps.exe
12:44:37.0327 2932 mfevtp - ok
12:44:37.0358 2932 Modem (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
12:44:37.0514 2932 Modem - ok
12:44:37.0530 2932 Mouclass (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
12:44:37.0670 2932 Mouclass - ok
12:44:37.0702 2932 mouhid (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
12:44:37.0858 2932 mouhid - ok
12:44:37.0858 2932 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
12:44:38.0014 2932 MountMgr - ok
12:44:38.0045 2932 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
12:44:38.0092 2932 MozillaMaintenance - ok
12:44:38.0092 2932 mraid35x - ok
12:44:38.0108 2932 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
12:44:38.0264 2932 MRxDAV - ok
12:44:38.0327 2932 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:44:38.0389 2932 MRxSmb - ok
12:44:38.0420 2932 MSDTC (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\system32\msdtc.exe
12:44:38.0577 2932 MSDTC - ok
12:44:38.0592 2932 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
12:44:38.0717 2932 Msfs - ok
12:44:38.0717 2932 MSIServer - ok
12:44:38.0748 2932 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:44:38.0889 2932 MSKSSRV - ok
12:44:38.0905 2932 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:44:39.0030 2932 MSPCLOCK - ok
12:44:39.0045 2932 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
12:44:39.0186 2932 MSPQM - ok
12:44:39.0217 2932 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
12:44:39.0342 2932 mssmbios - ok
12:44:39.0389 2932 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
12:44:39.0420 2932 Mup - ok
12:44:39.0452 2932 napagent (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll
12:44:39.0577 2932 napagent - ok
12:44:39.0686 2932 NBService (6d8fcdd5bb3b676ef58fa234073492c6) C:\Programme\Nero\Nero 7\Nero BackItUp\NBService.exe
12:44:39.0717 2932 NBService - ok
12:44:39.0748 2932 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
12:44:39.0889 2932 NDIS - ok
12:44:39.0905 2932 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:44:39.0967 2932 NdisTapi - ok
12:44:39.0983 2932 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:44:40.0108 2932 Ndisuio - ok
12:44:40.0123 2932 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:44:40.0280 2932 NdisWan - ok
12:44:40.0311 2932 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
12:44:40.0373 2932 NDProxy - ok
12:44:40.0389 2932 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
12:44:40.0498 2932 NetBIOS - ok
12:44:40.0514 2932 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
12:44:40.0655 2932 NetBT - ok
12:44:40.0686 2932 NetDDE (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
12:44:40.0842 2932 NetDDE - ok
12:44:40.0842 2932 NetDDEdsdm (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
12:44:40.0967 2932 NetDDEdsdm - ok
12:44:40.0983 2932 Netlogon (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
12:44:41.0108 2932 Netlogon - ok
12:44:41.0139 2932 Netman (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll
12:44:41.0264 2932 Netman - ok
12:44:41.0405 2932 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:44:41.0420 2932 NetTcpPortSharing - ok
12:44:41.0467 2932 Nla (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll
12:44:41.0498 2932 Nla - ok
12:44:41.0655 2932 NMIndexingService (e584d6668e6a3923ff32e026a5ed2a03) C:\Programme\Common\Ahead\Lib\NMIndexingService.exe
12:44:41.0670 2932 NMIndexingService - ok
12:44:41.0701 2932 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
12:44:41.0795 2932 Npfs - ok
12:44:41.0858 2932 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
12:44:42.0045 2932 Ntfs - ok
12:44:42.0061 2932 NtLmSsp (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
12:44:42.0170 2932 NtLmSsp - ok
12:44:42.0233 2932 NtmsSvc (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll
12:44:42.0358 2932 NtmsSvc - ok
12:44:42.0389 2932 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
12:44:42.0514 2932 Null - ok
12:44:42.0545 2932 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
12:44:42.0670 2932 NwlnkFlt - ok
12:44:42.0670 2932 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
12:44:42.0795 2932 NwlnkFwd - ok
12:44:42.0967 2932 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Programme\Common\Microsoft Shared\OFFICE12\ODSERV.EXE
12:44:42.0998 2932 odserv - ok
12:44:43.0045 2932 ose (5a432a042dae460abe7199b758e8606c) C:\Programme\Common\Microsoft Shared\Source Engine\OSE.EXE
12:44:43.0217 2932 ose - ok
12:44:43.0248 2932 Parport (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
12:44:43.0404 2932 Parport - ok
12:44:43.0436 2932 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
12:44:43.0545 2932 PartMgr - ok
12:44:43.0592 2932 ParVdm (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
12:44:43.0701 2932 ParVdm - ok
12:44:43.0764 2932 PCI (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
12:44:43.0889 2932 PCI - ok
12:44:43.0889 2932 PCIDump - ok
12:44:43.0920 2932 PCIIde (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
12:44:44.0045 2932 PCIIde - ok
12:44:44.0076 2932 Pcmcia (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
12:44:44.0186 2932 Pcmcia - ok
12:44:44.0186 2932 PDCOMP - ok
12:44:44.0201 2932 PDFRAME - ok
12:44:44.0201 2932 PDRELI - ok
12:44:44.0217 2932 PDRFRAME - ok
12:44:44.0217 2932 perc2 - ok
12:44:44.0217 2932 perc2hib - ok
12:44:44.0264 2932 PlugPlay (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
12:44:44.0311 2932 PlugPlay - ok
12:44:44.0326 2932 PolicyAgent (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
12:44:44.0451 2932 PolicyAgent - ok
12:44:44.0483 2932 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:44:44.0608 2932 PptpMiniport - ok
12:44:44.0623 2932 Processor (2cb55427c58679f49ad600fccba76360) C:\WINDOWS\system32\DRIVERS\processr.sys
12:44:44.0764 2932 Processor - ok
12:44:44.0764 2932 ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
12:44:44.0889 2932 ProtectedStorage - ok
12:44:44.0904 2932 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
12:44:45.0029 2932 PSched - ok
12:44:45.0061 2932 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
12:44:45.0170 2932 Ptilink - ok
12:44:45.0170 2932 ql1080 - ok
12:44:45.0186 2932 Ql10wnt - ok
12:44:45.0186 2932 ql12160 - ok
12:44:45.0186 2932 ql1240 - ok
12:44:45.0201 2932 ql1280 - ok
12:44:45.0201 2932 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:44:45.0357 2932 RasAcd - ok
12:44:45.0373 2932 RasAuto (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll
12:44:45.0482 2932 RasAuto - ok
12:44:45.0514 2932 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
12:44:45.0561 2932 Rasirda - ok
12:44:45.0576 2932 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:44:45.0717 2932 Rasl2tp - ok
12:44:45.0764 2932 RasMan (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll
12:44:45.0873 2932 RasMan - ok
12:44:45.0889 2932 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:44:46.0014 2932 RasPppoe - ok
12:44:46.0029 2932 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
12:44:46.0170 2932 Raspti - ok
12:44:46.0201 2932 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:44:46.0326 2932 Rdbss - ok
12:44:46.0326 2932 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
12:44:46.0451 2932 RDPCDD - ok
12:44:46.0482 2932 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
12:44:46.0592 2932 rdpdr - ok
12:44:46.0639 2932 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
12:44:46.0701 2932 RDPWD - ok
12:44:46.0732 2932 RDSessMgr (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe
12:44:46.0857 2932 RDSessMgr - ok
12:44:46.0889 2932 redbook (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
12:44:47.0045 2932 redbook - ok
12:44:47.0076 2932 RemoteAccess (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll
12:44:47.0185 2932 RemoteAccess - ok
12:44:47.0232 2932 RemoteRegistry (e4cd1f3d84e1c2ca0b8cf7501e201593) C:\WINDOWS\system32\regsvc.dll
12:44:47.0357 2932 RemoteRegistry - ok
12:44:47.0498 2932 RichVideo (bd517c7fb119997effbe39d5e4b37b05) C:\Programme\CyberLink\Shared Files\RichVideo.exe
12:44:47.0498 2932 RichVideo ( UnsignedFile.Multi.Generic ) - warning
12:44:47.0498 2932 RichVideo - detected UnsignedFile.Multi.Generic (1)
12:44:47.0529 2932 RpcLocator (2a02e21867497df20b8fc95631395169) C:\WINDOWS\system32\locator.exe
12:44:47.0654 2932 RpcLocator - ok
12:44:47.0701 2932 RpcSs (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
12:44:47.0732 2932 RpcSs - ok
12:44:47.0764 2932 RSVP (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\system32\rsvp.exe
12:44:47.0873 2932 RSVP - ok
12:44:47.0920 2932 RTLE8023xp (36ada62330c31ad314e4a26b815fc485) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
12:44:47.0951 2932 RTLE8023xp - ok
12:44:47.0982 2932 SamSs (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
12:44:48.0107 2932 SamSs - ok
12:44:48.0123 2932 SCardSvr (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe
12:44:48.0279 2932 SCardSvr - ok
12:44:48.0310 2932 Schedule (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll
12:44:48.0451 2932 Schedule - ok
12:44:48.0482 2932 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
12:44:48.0529 2932 Secdrv - ok
12:44:48.0545 2932 seclogon (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll
12:44:48.0670 2932 seclogon - ok
12:44:48.0701 2932 SENS (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll
12:44:48.0842 2932 SENS - ok
12:44:48.0857 2932 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
12:44:48.0982 2932 serenum - ok
12:44:48.0998 2932 Serial (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
12:44:49.0123 2932 Serial - ok
12:44:49.0154 2932 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
12:44:49.0279 2932 Sfloppy - ok
12:44:49.0326 2932 SharedAccess (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll
12:44:49.0467 2932 SharedAccess - ok
12:44:49.0498 2932 ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
12:44:49.0529 2932 ShellHWDetection - ok
12:44:49.0529 2932 Simbad - ok
12:44:49.0545 2932 Sparrow - ok
12:44:49.0560 2932 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
12:44:49.0685 2932 splitter - ok
12:44:49.0717 2932 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
12:44:49.0748 2932 Spooler - ok
12:44:49.0763 2932 sr (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
12:44:49.0826 2932 sr - ok
12:44:49.0857 2932 srservice (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\system32\srsvc.dll
12:44:49.0920 2932 srservice - ok
12:44:49.0951 2932 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
12:44:50.0013 2932 Srv - ok
12:44:50.0029 2932 SSDPSRV (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll
12:44:50.0092 2932 SSDPSRV - ok
12:44:50.0123 2932 stisvc (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll
12:44:50.0248 2932 stisvc - ok
12:44:50.0263 2932 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
12:44:50.0420 2932 swenum - ok
12:44:50.0435 2932 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
12:44:50.0545 2932 swmidi - ok
12:44:50.0545 2932 SwPrv - ok
12:44:50.0560 2932 symc810 - ok
12:44:50.0560 2932 symc8xx - ok
12:44:50.0560 2932 sym_hi - ok
12:44:50.0576 2932 sym_u3 - ok
12:44:50.0592 2932 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
12:44:50.0732 2932 sysaudio - ok
12:44:50.0748 2932 SysmonLog (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe
12:44:50.0857 2932 SysmonLog - ok
12:44:50.0888 2932 TapiSrv (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll
12:44:51.0013 2932 TapiSrv - ok
12:44:51.0060 2932 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:44:51.0107 2932 Tcpip - ok
12:44:51.0123 2932 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
12:44:51.0279 2932 TDPIPE - ok
12:44:51.0295 2932 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
12:44:51.0435 2932 TDTCP - ok
12:44:51.0451 2932 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
12:44:51.0576 2932 TermDD - ok
12:44:51.0623 2932 TermService (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll
12:44:51.0748 2932 TermService - ok
12:44:51.0795 2932 Themes (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
12:44:51.0810 2932 Themes - ok
12:44:51.0826 2932 TlntSvr (03681a1ce77f51586903869a5ab1deab) C:\WINDOWS\system32\tlntsvr.exe
12:44:51.0904 2932 TlntSvr - ok
12:44:51.0904 2932 TosIde - ok
12:44:51.0935 2932 TrkWks (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll
12:44:52.0060 2932 TrkWks - ok
12:44:52.0091 2932 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
12:44:52.0216 2932 Udfs - ok
12:44:52.0232 2932 ultra - ok
12:44:52.0279 2932 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
12:44:52.0420 2932 Update - ok
12:44:52.0451 2932 upnphost (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll
12:44:52.0513 2932 upnphost - ok
12:44:52.0529 2932 UPS (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe
12:44:52.0623 2932 UPS - ok
12:44:52.0654 2932 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
12:44:52.0763 2932 usbccgp - ok
12:44:52.0779 2932 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
12:44:52.0888 2932 usbehci - ok
12:44:52.0920 2932 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
12:44:53.0045 2932 usbhub - ok
12:44:53.0060 2932 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
12:44:53.0185 2932 usbohci - ok
12:44:53.0216 2932 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
12:44:53.0326 2932 usbprint - ok
12:44:53.0357 2932 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
12:44:53.0466 2932 usbscan - ok
12:44:53.0498 2932 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
12:44:53.0607 2932 usbstor - ok
12:44:53.0623 2932 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
12:44:53.0763 2932 VgaSave - ok
12:44:53.0763 2932 ViaIde - ok
12:44:53.0794 2932 VolSnap (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
12:44:53.0919 2932 VolSnap - ok
12:44:53.0966 2932 VSS (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe
12:44:54.0029 2932 VSS - ok
12:44:54.0060 2932 W32Time (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\system32\w32time.dll
12:44:54.0169 2932 W32Time - ok
12:44:54.0185 2932 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:44:54.0326 2932 Wanarp - ok
12:44:54.0326 2932 WDICA - ok
12:44:54.0341 2932 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
12:44:54.0451 2932 wdmaud - ok
12:44:54.0482 2932 WebClient (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll
12:44:54.0607 2932 WebClient - ok
12:44:54.0716 2932 winmgmt (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll
12:44:54.0857 2932 winmgmt - ok
12:44:54.0935 2932 WinRM (f10075c2ec96d2eb118012e78ece2fc2) C:\WINDOWS\system32\WsmSvc.dll
12:44:55.0029 2932 WinRM - ok
12:44:55.0060 2932 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
12:44:55.0107 2932 WmdmPmSN - ok
12:44:55.0169 2932 Wmi (ffa4d901d46d07a5bab2d8307fbb51a6) C:\WINDOWS\System32\advapi32.dll
12:44:55.0216 2932 Wmi - ok
12:44:55.0326 2932 WmiApSrv (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\system32\wbem\wmiapsrv.exe
12:44:55.0466 2932 WmiApSrv - ok
12:44:55.0607 2932 WMPNetworkSvc (bf05650bb7df5e9ebdd25974e22403bb) C:\Programme\Windows Media Player\WMPNetwk.exe
12:44:55.0669 2932 WMPNetworkSvc - ok
12:44:55.0997 2932 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
12:44:56.0029 2932 WPFFontCache_v0400 - ok
12:44:56.0763 2932 wscsvc (300b3e84faf1a5c1f791c159ba28035d) C:\WINDOWS\system32\wscsvc.dll
12:44:56.0872 2932 wscsvc - ok
12:44:56.0888 2932 wuauserv (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll
12:44:57.0044 2932 wuauserv - ok
12:44:57.0169 2932 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
12:44:57.0216 2932 WudfPf - ok
12:44:57.0263 2932 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
12:44:57.0279 2932 WudfRd - ok
12:44:57.0294 2932 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
12:44:57.0326 2932 WudfSvc - ok
12:44:57.0372 2932 WZCSVC (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll
12:44:57.0497 2932 WZCSVC - ok
12:44:57.0529 2932 xmlprov (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll
12:44:57.0669 2932 xmlprov - ok
12:44:57.0685 2932 MBR (0x1B8) (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
12:44:58.0122 2932 \Device\Harddisk0\DR0 - ok
12:44:58.0122 2932 Boot (0x1200) (0d1cf8d85f4616114d6c44e72b6bb271) \Device\Harddisk0\DR0\Partition0
12:44:58.0138 2932 \Device\Harddisk0\DR0\Partition0 - ok
12:44:58.0138 2932 ============================================================
12:44:58.0138 2932 Scan finished
12:44:58.0138 2932 ============================================================
12:44:58.0247 1456 Detected object count: 6
12:44:58.0247 1456 Actual detected object count: 6
15:45:47.0689 1456 AmdK8 ( UnsignedFile.Multi.Generic ) - skipped by user
15:45:47.0689 1456 AmdK8 ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:45:47.0689 1456 Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - skipped by user
15:45:47.0689 1456 Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:45:47.0689 1456 ATI Smart ( UnsignedFile.Multi.Generic ) - skipped by user
15:45:47.0689 1456 ATI Smart ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:45:47.0689 1456 ati2mtag ( UnsignedFile.Multi.Generic ) - skipped by user
15:45:47.0689 1456 ati2mtag ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:45:47.0704 1456 IntcAzAudAddService ( UnsignedFile.Multi.Generic ) - skipped by user
15:45:47.0704 1456 IntcAzAudAddService ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:45:47.0704 1456 RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
15:45:47.0704 1456 RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
12.07.2012, 15:18
| #42 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Infizierte Registrierungswerte Hijack.ControlPanelStyle Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
Linear-Darstellung
