Infizierung mit My Security Shield

Hypocrite666 · 05.07.2012, 11:31

Hallo liebe Leute,

meine Freundin hat sich auf ihrem Laptop die My Security Shield Malware eingefangen.
Bin nach dieser Anleitung vorgegangen: http://www.trojaner-board.de/89160-m...entfernen.html
rkill, Anti-Malware und HostsXpert habe ich erfolgreich ausgeführt.
OTH habe ich nicht ausgeführt, weil ich es nicht runterladen konnte.
Danach habe ich dann noch OTL und GMER laufen lassen.

Es folgen die logs, gmer und extras.log sind angehängt:

Code:

ATTFilter

 Malwarebytes Anti-Malware  (Test) 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.07.05.02

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
*** :: SIRHENRYJR [Administrator]

Schutz: Aktiviert

05.07.2012 09:12:56
mbam-log-2012-07-05 (09-12-56).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 305824
Laufzeit: 1 Stunde(n), 20 Minute(n), 56 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\xeermvd.exe (Trojan.LameShield) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 05.07.2012 10:51:44 - Run 1
OTL by OldTimer - Version 3.2.53.1     Folder = E:\
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,99 Gb Total Physical Memory | 1,40 Gb Available Physical Memory | 70,28% Memory free
5,84 Gb Paging File | 5,25 Gb Available in Paging File | 89,88% Paging File free
Paging file location(s): C:\pagefile.sys 4092 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 74,53 Gb Total Space | 1,19 Gb Free Space | 1,59% Space Free | Partition Type: NTFS
Drive E: | 3,76 Gb Total Space | 3,74 Gb Free Space | 99,64% Space Free | Partition Type: FAT32
 
Computer Name: SIRHENRYJR | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.07.05 09:21:38 | 000,595,968 | ---- | M] (OldTimer Tools) -- E:\OTL.exe
PRC - [2012.05.08 20:15:48 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.08 20:15:46 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.05.08 20:15:46 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.05.08 20:15:46 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.01.18 14:02:04 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
PRC - [2011.02.18 16:37:16 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2009.03.30 17:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVC.EXE
PRC - [2009.03.30 17:28:36 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVCM.EXE
PRC - [2008.10.20 22:18:26 | 000,071,096 | ---- | M] () -- C:\Programme\CDBurnerXP\NMSAccessU.exe
PRC - [2008.04.14 14:00:00 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.03.04 14:46:16 | 000,999,424 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Wireless\Bin\ZCfgSvc.exe
PRC - [2008.03.04 14:41:50 | 001,101,824 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Wireless\Bin\iFrmewrk.exe
PRC - [2007.12.06 13:39:12 | 000,576,104 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2007.01.24 14:28:58 | 000,124,928 | ---- | M] (Hewlett-Packard Corporation) -- C:\WINDOWS\system32\accelerometerST.exe
PRC - [2007.01.04 19:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2006.12.04 16:13:16 | 000,292,384 | R--- | M] (Sierra Wireless Inc.) -- C:\Programme\HPQ\Shared\Sierra Wireless\Win32\Unicode\SWIHPWMI.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.05.08 20:15:48 | 000,398,288 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2010.08.10 01:01:06 | 000,067,872 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\zlib1.dll
MOD - [2009.02.27 16:41:26 | 000,311,296 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\pdfshell.DEU
MOD - [2008.10.20 22:18:26 | 000,071,096 | ---- | M] () -- C:\Programme\CDBurnerXP\NMSAccessU.exe
MOD - [2008.07.10 18:56:19 | 000,753,664 | ---- | M] () -- C:\WINDOWS\system32\bcm1xsup.dll
MOD - [2008.07.10 18:56:19 | 000,143,360 | ---- | M] () -- C:\WINDOWS\system32\preflib.dll
MOD - [2008.03.04 14:31:26 | 000,245,760 | ---- | M] () -- C:\Programme\Intel\Wireless\Bin\iWMSProv.dll
MOD - [2007.12.06 10:55:12 | 002,842,624 | ---- | M] () -- C:\WINDOWS\system32\btwicons.dll
MOD - [2007.12.06 10:52:44 | 000,040,960 | ---- | M] () -- C:\Programme\WIDCOMM\Bluetooth Software\BTKeyInd.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2012.07.04 23:21:45 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.05.08 20:15:48 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.08 20:15:46 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.07.20 06:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2011.02.18 16:37:16 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010.01.09 21:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2010.01.09 21:18:00 | 000,149,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2009.03.30 17:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2008.10.20 22:18:26 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Programme\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU)
SRV - [2007.01.04 19:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2006.12.04 16:13:16 | 000,292,384 | R--- | M] (Sierra Wireless Inc.) [Auto | Running] -- C:\Programme\HPQ\Shared\Sierra Wireless\Win32\Unicode\SWIHPWMI.exe -- (SWIHPWMI)
SRV - [2004.10.22 03:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - [2012.05.08 20:15:49 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.05.08 20:15:49 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012.04.04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.09.16 17:08:07 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2009.11.12 14:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009.10.08 17:55:33 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2008.04.28 20:22:10 | 000,009,344 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2008.03.13 03:25:36 | 002,530,176 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw4x32.sys -- (NETw4x32) Intel(R)
DRV - [2008.03.04 16:06:22 | 000,012,288 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2007.12.10 12:14:02 | 000,879,624 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2007.12.10 12:14:02 | 000,074,688 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2007.10.16 07:29:00 | 000,989,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2007.10.16 07:28:20 | 000,211,200 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2007.10.16 07:28:16 | 000,731,136 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2007.08.28 15:47:36 | 000,146,560 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atswpdrv.sys -- (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor)
DRV - [2007.07.12 11:41:52 | 000,045,056 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HECI.sys -- (HECI) Intel(R)
DRV - [2007.06.18 16:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2007.02.24 14:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007.01.24 03:13:26 | 000,036,608 | R--- | M] (Infineon Technologies AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ifxtpm.sys -- (IFXTPM)
DRV - [2006.12.20 01:08:00 | 000,047,616 | ---- | M] (RICOH Company, Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rismc32.sys -- (rismc32)
DRV - [2006.10.19 01:23:00 | 000,033,024 | R--- | M] (Hewlett Packard) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HP24X.sys -- (HP24X)
DRV - [2006.10.17 10:59:06 | 000,022,016 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2006.10.17 10:57:58 | 000,017,920 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\hpdskflt.sys -- (hpdskflt)
DRV - [2004.06.16 12:19:58 | 000,046,080 | ---- | M] (SMSC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smcirda.sys -- (SMCIRDA)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope = {03971127-8906-4745-9F08-5193CADF5B42}
IE - HKCU\..\SearchScopes\{03971127-8906-4745-9F08-5193CADF5B42}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={sear
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Programme\Picasa2\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Programme\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\stk\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.4: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\stk\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.07.04 23:21:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.06.17 19:51:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Components: C:\Programme\Mozilla Thunderbird\components [2012.04.12 17:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Plugins: C:\Programme\Mozilla Thunderbird\plugins
 
[2011.01.16 23:50:16 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Extensions
[2011.01.16 23:50:16 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012.05.02 22:33:12 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\an0339hp.default\extensions
[2012.06.17 19:51:40 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.06.17 19:51:41 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012.07.04 23:21:46 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2012.07.01 20:41:37 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.07.01 20:41:37 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.07.01 20:41:37 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.01 20:41:37 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.07.01 20:41:37 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.01 20:41:37 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2012.07.05 10:50:19 | 000,000,698 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\stk\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AccelerometerSysTrayApplet] C:\WINDOWS\system32\accelerometerST.exe (Hewlett-Packard Corporation)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [IntelWireless] C:\Programme\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Programme\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [WatchDog] C:\Programme\InterVideo\DVD Check\DVDCheck.exe (InterVideo Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\BTTray.lnk = C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\DVD Check.lnk = C:\Programme\InterVideo\DVD Check\DVDCheck.exe (InterVideo Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Senden an &Bluetooth-Gerät... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Senden an Bluetooth - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1224258872312 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - Explorer.exe ()
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.07.10 15:31:05 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.07.05 09:11:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Malwarebytes
[2012.07.05 09:11:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2012.07.05 09:11:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2012.07.05 09:11:37 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012.07.05 09:11:37 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2012.07.04 23:32:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Desktop\118___07
[2012.07.04 23:23:59 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\vlc
[2012.07.04 23:23:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\VideoLAN
[2012.06.19 20:56:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Desktop\Australien 2012
[2012.06.17 19:58:29 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Java
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.07.05 10:51:02 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\***\defogger_reenable
[2012.07.05 10:47:17 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.07.05 10:35:46 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.07.05 10:35:43 | 2138,361,856 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.05 09:11:40 | 000,000,756 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.07.04 23:23:48 | 000,000,691 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\VLC media player.lnk
[2012.06.28 19:07:15 | 000,036,544 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Fauser, ***  Visa.pdf
[2012.06.24 20:34:20 | 005,243,159 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Leo_00682.JPG
[2012.06.17 19:50:52 | 000,474,316 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012.06.17 19:50:52 | 000,433,138 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.06.17 19:50:52 | 000,090,560 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012.06.17 19:50:52 | 000,068,094 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.06.16 13:25:51 | 000,148,400 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.06.15 21:04:42 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.07.05 10:51:02 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\***\defogger_reenable
[2012.07.05 09:11:40 | 000,000,756 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.07.04 23:23:48 | 000,000,691 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\VLC media player.lnk
[2012.06.28 19:07:15 | 000,036,544 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Fauser, ***  Visa.pdf
[2012.06.24 20:34:18 | 005,243,159 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Leo_00682.JPG
[2012.02.14 23:28:29 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2008.07.11 20:08:44 | 000,043,008 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== LOP Check ==========
 
[2010.04.24 00:14:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Canneverbe Limited
[2012.05.20 12:06:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\elsterformular
[2008.07.10 15:45:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Infineon
[2010.11.27 13:49:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009.06.02 19:37:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2010.12.22 20:41:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Canneverbe Limited
[2010.08.14 18:27:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Dropbox
[2012.05.20 12:07:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\elsterformular
[2008.07.10 15:49:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Hewlett Packard
[2008.07.10 15:45:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Infineon
[2008.07.11 00:01:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\InterVideo
[2008.07.11 00:13:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Miranda
[2011.01.16 23:50:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Thunderbird
[2009.12.10 21:01:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Windows Desktop Search
[2010.06.05 19:21:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Windows Search
[2008.07.10 15:52:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\{881447B1-B258-42E0-8EF2-3B1C22143BE9}
 
========== Purity Check ==========
 
 

< End of report >

--- --- ---

markusg · 05.07.2012, 13:41

hi
für eine weitere analyse benötige ich mal folgendes.
C:\Dokumente und Einstellungen\name\Anwendungsdaten\Sun\Java\Deployment\cache

dort rechtsklick auf den ordner cache, diesen mit winrar oder einem anderen programm packen, und im upload channel hochladen bitte
Trojaner-Board Upload Channel
wenn erledigt, bitte melden

Hypocrite666 · 05.07.2012, 13:53

ok, erledigt
toll, dass du dich so schnell drum kümmerst

markusg · 05.07.2012, 13:54

danke dir.

Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.

Downloade dir bitte Combofix von einem dieser Downloadspiegel

Link 1
Link 2

WICHTIG - Speichere Combofix auf deinem Desktop

Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

starte den Rechner einfach neu. Dies sollte das Problem beheben.

Hypocrite666 · 05.07.2012, 14:21

[code]
Combofix Logfile:

Code:

ATTFilter

ComboFix 12-07-05.02 - *** 05.07.2012  15:10:23.1.2 - x86
Microsoft Windows XP Professional  5.1.2600.3.1252.49.1031.18.2039.1382 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\***\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\AegisI5Installer.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-06-05 bis 2012-07-05  ))))))))))))))))))))))))))))))
.
.
2012-07-05 12:50 . 2012-07-05 12:50	--------	d-----w-	c:\programme\7-Zip
2012-07-05 12:49 . 2012-07-05 12:49	56200	----a-w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\{421CFB4C-EE7E-4898-93A1-94B7EC991CF7}\offreg.dll
2012-07-05 12:46 . 2012-07-05 12:46	29904	----a-w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\{421CFB4C-EE7E-4898-93A1-94B7EC991CF7}\MpKsl3c7094b9.sys
2012-07-05 10:55 . 2012-05-30 18:41	6762896	----a-w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\{421CFB4C-EE7E-4898-93A1-94B7EC991CF7}\mpengine.dll
2012-07-05 10:55 . 2012-01-31 12:44	237072	------w-	c:\windows\system32\MpSigStub.exe
2012-07-05 10:48 . 2012-07-05 10:48	--------	d-----w-	c:\dokumente und einstellungen\***\Lokale Einstellungen\Anwendungsdaten\PCHealth
2012-07-05 10:48 . 2012-07-05 10:48	--------	d-----w-	c:\dokumente und einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\PCHealth
2012-07-05 10:48 . 2012-07-05 10:48	--------	d-----w-	c:\programme\Microsoft Security Client
2012-07-05 07:11 . 2012-07-05 07:11	--------	d-----w-	c:\dokumente und einstellungen\***\Anwendungsdaten\Malwarebytes
2012-07-05 07:11 . 2012-07-05 07:11	--------	d-----w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\Malwarebytes
2012-07-05 07:11 . 2012-07-05 07:11	--------	d-----w-	c:\programme\Malwarebytes' Anti-Malware
2012-07-05 07:11 . 2012-04-04 13:56	22344	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-07-04 21:23 . 2012-07-05 06:27	--------	d-----w-	c:\dokumente und einstellungen\***\Anwendungsdaten\vlc
2012-06-17 17:58 . 2012-06-17 17:58	--------	d-----w-	c:\programme\Gemeinsame Dateien\Java
2012-06-17 17:51 . 2012-06-17 17:51	73728	----a-w-	c:\windows\system32\javacpl.cpl
2012-06-17 17:51 . 2012-06-17 17:51	476936	----a-w-	c:\windows\system32\npdeployJava1.dll
2012-06-14 17:57 . 2012-05-11 14:40	521728	-c----w-	c:\windows\system32\dllcache\jsdbgui.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-17 17:51 . 2010-06-04 12:45	472840	----a-w-	c:\windows\system32\deployJava1.dll
2012-06-02 13:19 . 2008-07-10 13:29	329240	----a-w-	c:\windows\system32\wucltui.dll
2012-06-02 13:19 . 2008-07-10 13:29	219160	----a-w-	c:\windows\system32\wuaucpl.cpl
2012-06-02 13:19 . 2008-07-10 13:29	210968	----a-w-	c:\windows\system32\wuweb.dll
2012-06-02 13:19 . 2007-07-30 17:20	15896	----a-w-	c:\windows\system32\wuapi.dll.mui
2012-06-02 13:19 . 2007-07-30 17:18	18456	----a-w-	c:\windows\system32\wuaueng.dll.mui
2012-06-02 13:19 . 2008-07-10 13:29	35864	----a-w-	c:\windows\system32\wups.dll
2012-06-02 13:19 . 2008-07-10 13:29	53784	----a-w-	c:\windows\system32\wuauclt.exe
2012-06-02 13:19 . 2008-04-14 12:00	97304	----a-w-	c:\windows\system32\cdm.dll
2012-06-02 13:19 . 2007-07-30 17:20	15896	----a-w-	c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 13:19 . 2007-07-30 17:19	45080	----a-w-	c:\windows\system32\wups2.dll
2012-06-02 13:19 . 2007-07-30 17:18	23576	----a-w-	c:\windows\system32\wucltui.dll.mui
2012-06-02 13:19 . 2008-07-10 13:29	577048	----a-w-	c:\windows\system32\wuapi.dll
2012-06-02 13:19 . 2008-07-10 13:29	1933848	----a-w-	c:\windows\system32\wuaueng.dll
2012-06-02 13:18 . 2008-10-17 15:54	275696	----a-w-	c:\windows\system32\mucltui.dll
2012-06-02 13:18 . 2008-10-17 15:54	214256	----a-w-	c:\windows\system32\muweb.dll
2012-06-02 13:18 . 2008-10-17 15:54	18160	----a-w-	c:\windows\system32\mucltui.dll.mui
2012-05-31 13:22 . 2008-04-14 12:00	604160	----a-w-	c:\windows\system32\crypt32.dll
2012-05-16 15:07 . 2008-04-14 12:00	916992	----a-w-	c:\windows\system32\wininet.dll
2012-05-15 13:56 . 2008-04-14 12:00	1863296	----a-w-	c:\windows\system32\win32k.sys
2012-05-11 14:40 . 2008-04-14 12:00	43520	----a-w-	c:\windows\system32\licmgr10.dll
2012-05-11 14:40 . 2008-04-14 12:00	1469440	------w-	c:\windows\system32\inetcpl.cpl
2012-05-11 11:38 . 2008-04-14 12:00	385024	----a-w-	c:\windows\system32\html.iec
2012-05-05 03:14 . 2008-04-14 12:00	2150912	----a-w-	c:\windows\system32\ntoskrnl.exe
2012-05-05 03:14 . 2008-04-14 07:30	2029056	----a-w-	c:\windows\system32\ntkrnlpa.exe
2012-05-02 13:46 . 2008-07-10 13:27	139656	----a-w-	c:\windows\system32\drivers\rdpwd.sys
2012-07-04 21:21 . 2012-07-01 18:41	85472	----a-w-	c:\programme\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\atapi.sys
[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\drivers\atapi.sys
[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\ReinstallBackups\0017\DriverFiles\i386\atapi.sys
.
[-] 2008-04-14 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\asyncmac.sys
[-] 2008-04-14 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys
.
[-] 2008-04-14 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys
[-] 2008-04-14 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys
.
[-] 2008-04-14 . 1704D8C4C8807B889E43C649B478A452 . 25216 . . [5.1.2600.5512] . . c:\windows\system32\ReinstallBackups\0011\DriverFiles\i386\kbdclass.sys
[-] 2008-04-14 . 1704D8C4C8807B889E43C649B478A452 . 25216 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\kbdclass.sys
[-] 2008-04-14 . 1704D8C4C8807B889E43C649B478A452 . 25216 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys
.
[-] 2008-04-14 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ndis.sys
[-] 2008-04-14 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ndis.sys
.
[-] 2008-04-14 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ntfs.sys
[-] 2008-04-14 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ntfs.sys
.
[-] 2008-04-14 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\null.sys
[-] 2008-04-14 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys
.
[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[-] 2008-04-14 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
.
[-] 2008-04-14 . B42057F06BBB98B31876C0B3F2B54E33 . 77824 . . [5.1.2600.5512] . . c:\windows\system32\browser.dll
[-] 2008-04-14 . B42057F06BBB98B31876C0B3F2B54E33 . 77824 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\browser.dll
.
[-] 2008-04-14 . AFB8261B56CBA0D86AEB6DF682AF9785 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe
[-] 2008-04-14 . AFB8261B56CBA0D86AEB6DF682AF9785 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\lsass.exe
.
[-] 2008-04-14 . E6D88F1F6745BF00B57E7855A2AB696C . 198144 . . [5.1.2600.5512] . . c:\windows\system32\netman.dll
[-] 2008-04-14 . E6D88F1F6745BF00B57E7855A2AB696C . 198144 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\netman.dll
.
[-] 2008-04-14 12:00 . D0DE8A2EC95184E5193BB4B3112E29DF . 846848 . . [2001.12.4414.700] . . c:\windows\system32\comres.dll
[-] 2008-04-14 12:00 . D0DE8A2EC95184E5193BB4B3112E29DF . 846848 . . [2001.12.4414.700] . . c:\windows\system32\dllcache\comres.dll
.
[-] 2008-04-14 . D6F603772A789BB3228F310D650B8BD1 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll
[-] 2008-04-14 . D6F603772A789BB3228F310D650B8BD1 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\dllcache\qmgr.dll
.
[-] 2009-02-09 . D3D765E8455A961AE567B408F767D4F9 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll
[-] 2009-02-09 . 3127AFBF2C1ED0AB14A1BBB7AAECB85B . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll
[-] 2009-02-09 . 3127AFBF2C1ED0AB14A1BBB7AAECB85B . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll
[-] 2008-04-14 . E970C2296916BF4A2F958680016FE312 . 399360 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\rpcss.dll
.
[-] 2009-02-09 . A3EDBE9053889FB24AB22492472B39DC . 111104 . . [5.1.2600.5755] . . c:\windows\system32\services.exe
[-] 2009-02-09 . A3EDBE9053889FB24AB22492472B39DC . 111104 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe
[-] 2009-02-09 . F0A7D59AF279326528715B206669B86C . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[-] 2008-04-14 . 4BB6A83640F1D1792AD21CE767B621C6 . 109056 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\services.exe
.
[-] 2010-08-17 . 258DD5D4283FD9F9A7166BE9AE45CE73 . 58880 . . [5.1.2600.6024] . . c:\windows\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
[-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\spoolsv.exe
[-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\dllcache\spoolsv.exe
[-] 2008-04-14 . 39356A9CDB6753A6D13A4072A9F5A4BB . 57856 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB2347290$\spoolsv.exe
.
[-] 2008-04-14 . F09A527B422E25C478E38CAA0E44417A . 513024 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
[-] 2008-04-14 . F09A527B422E25C478E38CAA0E44417A . 513024 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\winlogon.exe
.
[-] 2008-04-14 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ipsec.sys
[-] 2008-04-14 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ipsec.sys
.
[-] 2010-08-23 . 1438703F3D9FFE111DA3869E4F3EEE73 . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2010-08-23 . 1438703F3D9FFE111DA3869E4F3EEE73 . 617472 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll
[-] 2010-08-23 . 2B6ADE29F8D00EEFA5FA2250CBE094AD . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
[-] 2008-04-14 . AD28671D1B83A386B070DC451A113C13 . 617472 . . [5.82] . . c:\windows\$NtUninstallKB2296011$\comctl32.dll
[-] 2008-04-14 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
[-] 2008-04-14 . 3C93CE6C6985C55952B7BE6673E9FD15 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
.
[-] 2008-04-14 . 611F824E5C703A5A899F84C5F1699E4D . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll
[-] 2008-04-14 . 611F824E5C703A5A899F84C5F1699E4D . 62464 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cryptsvc.dll
.
[-] 2008-07-07 20:26 . AF4F6B5739D18CA7972AB53E091CBC74 . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll
[-] 2008-07-07 20:26 . AF4F6B5739D18CA7972AB53E091CBC74 . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll
[-] 2008-07-07 20:23 . ADA7241C16F3F42C7F210539FAD5F3AA . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
[-] 2008-04-14 12:00 . 0F3EDAEE1EF97CF3DB2BE23A7289B78C . 246272 . . [2001.12.4414.701] . . c:\windows\$NtUninstallKB950974$\es.dll
.
[-] 2008-04-14 . F9954695D246B33A5BF105029A4C6AB6 . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll
[-] 2008-04-14 . F9954695D246B33A5BF105029A4C6AB6 . 110080 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\imm32.dll
.
[-] 2009-03-21 . B055C64AABC1A3E3DE57EC8025CAD283 . 1063424 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll
[-] 2009-03-21 . B055C64AABC1A3E3DE57EC8025CAD283 . 1063424 . . [5.1.2600.5781] . . c:\windows\system32\dllcache\kernel32.dll
[-] 2009-03-21 . 3EB703BFC2ED26A3D8ACB8626AB2C006 . 1065472 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[-] 2008-04-14 . 4C897C69754D88F496339B1A666907C1 . 1063424 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB959426$\kernel32.dll
.
[-] 2008-04-14 . 5543A9D4A1D0F9F84092482A9373A024 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll
[-] 2008-04-14 . 5543A9D4A1D0F9F84092482A9373A024 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\linkinfo.dll
.
[-] 2008-04-14 . F38F3C47BBFFD748C1359AB171C3A630 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll
[-] 2008-04-14 . F38F3C47BBFFD748C1359AB171C3A630 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\lpk.dll
.
[-] 2012-05-11 . 610AFC1D924512EEB7797ADD9E5F9455 . 6007808 . . [8.00.6001.19258] . . c:\windows\system32\mshtml.dll
[-] 2012-05-11 . 610AFC1D924512EEB7797ADD9E5F9455 . 6007808 . . [8.00.6001.19258] . . c:\windows\system32\dllcache\mshtml.dll
[-] 2012-05-11 . E3C9C5F75F06CECD02E0BE32E0BE7463 . 6009344 . . [8.00.6001.23345] . . c:\windows\$hf_mig$\KB2699988-IE8\SP3QFE\mshtml.dll
[-] 2012-03-01 . C34FC3162FE56D908A7285B5983D03FF . 5978624 . . [8.00.6001.19222] . . c:\windows\ie8updates\KB2699988-IE8\mshtml.dll
[-] 2012-03-01 . AFF12544647103F756962F43BF60C238 . 5980672 . . [8.00.6001.23318] . . c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\mshtml.dll
[-] 2011-12-17 . ED2A6223A232E6463E6168A0A7A6EA93 . 5979136 . . [8.00.6001.19190] . . c:\windows\ie8updates\KB2675157-IE8\mshtml.dll
[-] 2011-12-17 . 384D5CD1286CA3364EE2DAA991CF4726 . 5980160 . . [8.00.6001.23286] . . c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\mshtml.dll
[-] 2011-11-04 . 4823271E3A5F3A3D2229EACA01D849F1 . 5978112 . . [8.00.6001.19170] . . c:\windows\ie8updates\KB2647516-IE8\mshtml.dll
[-] 2011-11-04 . CD31B8FA968485999C4B02802D8C482C . 5978624 . . [8.00.6001.23266] . . c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\mshtml.dll
[-] 2011-10-03 . F591C3C571E547DDED6624EB3DCAB7C9 . 5971456 . . [8.00.6001.19154] . . c:\windows\ie8updates\KB2618444-IE8\mshtml.dll
[-] 2011-10-03 . CC43AB1B8E1C5244B7F354307A3C9A77 . 5972992 . . [8.00.6001.23250] . . c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\mshtml.dll
[-] 2011-07-25 . 9316AF4E14DC9C85A86A1A14A675F160 . 5969920 . . [8.00.6001.19120] . . c:\windows\ie8updates\KB2586448-IE8\mshtml.dll
[-] 2011-07-25 . 1D96C20A4B27E16481C3E774EFC87E09 . 5971456 . . [8.00.6001.23216] . . c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\mshtml.dll
[-] 2011-05-30 . 930A3ED33CD772EA8A2C4BB226A81CAF . 5964800 . . [8.00.6001.19088] . . c:\windows\ie8updates\KB2559049-IE8\mshtml.dll
[-] 2011-05-30 . F439589BF8C2B1B07DAED345CD2F710D . 5967360 . . [8.00.6001.23181] . . c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\mshtml.dll
[-] 2011-02-22 . 581142E0B30A2457893EDCF11479BB6C . 5964800 . . [8.00.6001.23141] . . c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\mshtml.dll
[-] 2011-02-22 . C37FC01CC7347AA073EA7AC3C70D7C7E . 5962240 . . [8.00.6001.19046] . . c:\windows\ie8updates\KB2530548-IE8\mshtml.dll
[-] 2010-12-20 . 10669CF45FBCA6774260726D6D62282C . 5961216 . . [8.00.6001.19019] . . c:\windows\ie8updates\KB2497640-IE8\mshtml.dll
[-] 2010-12-20 . BE8A4C7BFF06DC3BCCBCE689FAC751F7 . 5962240 . . [8.00.6001.23111] . . c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\mshtml.dll
[-] 2010-11-06 . 40627E7D2717A6DD38337A54FDA03F34 . 5960704 . . [8.00.6001.23091] . . c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\mshtml.dll
[-] 2010-11-06 . 3414295B9307D2EFE47EE89F5CC43125 . 5959168 . . [8.00.6001.18999] . . c:\windows\ie8updates\KB2482017-IE8\mshtml.dll
[-] 2010-09-10 . 2EE27CDF8C897B5ABE5D86D1C03F1066 . 5957120 . . [8.00.6001.18975] . . c:\windows\ie8updates\KB2416400-IE8\mshtml.dll
[-] 2010-09-10 . FC277C347BBAAE912A5B0748B3504483 . 5958656 . . [8.00.6001.23067] . . c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\mshtml.dll
[-] 2010-06-24 . 7CF74ED1A2C05369C67531E7855742CF . 5954560 . . [8.00.6001.23037] . . c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\mshtml.dll
.
[-] 2008-04-14 . C6A6E53A0C34EC87883137A6CB87AE5E . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll
[-] 2008-04-14 . C6A6E53A0C34EC87883137A6CB87AE5E . 343040 . . [7.0.2600.5512] . . c:\windows\system32\dllcache\msvcrt.dll
[-] 2008-04-14 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll
[-] 2008-04-14 . C536AAD8A71608FE33CD956214EDD366 . 343040 . . [7.0.2600.5512] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll
.
[-] 2008-06-20 . ACD8BD448A74F344D46FCAF21BAB92AF . 247296 . . [5.1.2600.5625] . . c:\windows\$NtUninstallKB2509553$\mswsock.dll
[-] 2008-06-20 . 4AA50627B01C0E9C6B4C6BD3AF648F12 . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\mswsock.dll
[-] 2008-06-20 . 4AA50627B01C0E9C6B4C6BD3AF648F12 . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
[-] 2008-06-20 . F1B67B6B0751AE0E6E964B02821206A3 . 247296 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll
[-] 2008-06-20 . F1B67B6B0751AE0E6E964B02821206A3 . 247296 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\mswsock.dll
[-] 2008-04-14 . F12B9D9A069331877D006CC81B4735F9 . 247296 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\mswsock.dll
.
[-] 2008-04-14 . 0098D35F91DEAB9C127360A877F2CF84 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\netlogon.dll
[-] 2008-04-14 . 0098D35F91DEAB9C127360A877F2CF84 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\netlogon.dll
.
[-] 2008-04-14 . C8C0BDABC966B6C24D337DF0A0A399E1 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll
[-] 2008-04-14 . C8C0BDABC966B6C24D337DF0A0A399E1 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\powrprof.dll
.
[-] 2008-04-14 . 5132443DF6FC3771A17AB4AE55DCBC28 . 187904 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll
[-] 2008-04-14 . 5132443DF6FC3771A17AB4AE55DCBC28 . 187904 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\scecli.dll
.
[-] 2008-04-14 . 44161A59DC33AC2EA9C95438ADFFFB7F . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll
[-] 2008-04-14 . 44161A59DC33AC2EA9C95438ADFFFB7F . 5120 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\sfc.dll
.
[-] 2008-04-14 . 4FBC75B74479C7A6F829E0CA19DF3366 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe
[-] 2008-04-14 . 4FBC75B74479C7A6F829E0CA19DF3366 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\svchost.exe
.
[-] 2008-04-14 . 05903CAC4B98908D55EA5774775B382E . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll
[-] 2008-04-14 . 05903CAC4B98908D55EA5774775B382E . 249856 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\tapisrv.dll
.
[-] 2008-04-14 . B0050CC5340E3A0760DD8B417FF7AEBD . 580096 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[-] 2008-04-14 . B0050CC5340E3A0760DD8B417FF7AEBD . 580096 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\user32.dll
.
[-] 2008-04-14 . 788F95312E26389D596C0FA55834E106 . 26624 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe
[-] 2008-04-14 . 788F95312E26389D596C0FA55834E106 . 26624 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\userinit.exe
.
[-] 2012-05-16 . CB1B69A4306EAE327DE46277CA3BA9C9 . 916992 . . [8.00.6001.19272] . . c:\windows\system32\wininet.dll
[-] 2012-05-16 . CB1B69A4306EAE327DE46277CA3BA9C9 . 916992 . . [8.00.6001.19272] . . c:\windows\system32\dllcache\wininet.dll
[-] 2012-05-16 . FA932FB2522C5B8436DF9D2290F56A98 . 920064 . . [8.00.6001.23359] . . c:\windows\$hf_mig$\KB2699988-IE8\SP3QFE\wininet.dll
[-] 2012-03-01 . 9C4ABC4869FB2EB0E6F38E27A536B325 . 916992 . . [8.00.6001.19222] . . c:\windows\ie8updates\KB2699988-IE8\wininet.dll
[-] 2012-03-01 . 4CF6DBF445D93CAB7986F8EB90F27DEC . 919552 . . [8.00.6001.23318] . . c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\wininet.dll
[-] 2011-12-17 . 4C4FA27D15C83B59B16CED7DED66E33D . 916992 . . [8.00.6001.19190] . . c:\windows\ie8updates\KB2675157-IE8\wininet.dll
[-] 2011-12-17 . 48F111BC456924B4F131E9FF11B4925E . 919552 . . [8.00.6001.23286] . . c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\wininet.dll
[-] 2011-11-04 . 0BB4286D73CE2CF106F21C7D38C9F85A . 916992 . . [8.00.6001.19165] . . c:\windows\ie8updates\KB2647516-IE8\wininet.dll
[-] 2011-11-04 . C87AFD199FB2BAA77BADC2974815A7A4 . 919552 . . [8.00.6001.23261] . . c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\wininet.dll
[-] 2011-08-22 . 5F841994DB0F2B3A3303F8E6ADFDB13E . 916480 . . [8.00.6001.19131] . . c:\windows\ie8updates\KB2618444-IE8\wininet.dll
[-] 2011-08-22 . 15F8399C03B9717AC8F5722649CB017D . 919552 . . [8.00.6001.23227] . . c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\wininet.dll
[-] 2011-06-23 . 0BF4985026EF2B7F22B91B3A4A56E222 . 916480 . . [8.00.6001.19098] . . c:\windows\ie8updates\KB2586448-IE8\wininet.dll
[-] 2011-06-23 . 11C398190972B60689CA0E61FEC75C42 . 919552 . . [8.00.6001.23192] . . c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\wininet.dll
[-] 2011-04-25 . 64F49D76DBEDDC28C676AF86A8613575 . 916480 . . [8.00.6001.19072] . . c:\windows\ie8updates\KB2559049-IE8\wininet.dll
[-] 2011-04-25 . 69E2C6E3430C34698F72E735646B346E . 919552 . . [8.00.6001.23165] . . c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\wininet.dll
[-] 2011-02-22 . 0E05446F197207A173E06A27C70A1DF7 . 919552 . . [8.00.6001.23139] . . c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\wininet.dll
[-] 2011-02-22 . A2B8733A4FB67717861CF97DB1F03053 . 916480 . . [8.00.6001.19044] . . c:\windows\ie8updates\KB2530548-IE8\wininet.dll
[-] 2010-12-20 . 4E6109D5651FAB2D9C7ACEBFA5E49076 . 916480 . . [8.00.6001.19019] . . c:\windows\ie8updates\KB2497640-IE8\wininet.dll
[-] 2010-12-20 . B5FF24B723725959D6AE0904F53F74BC . 919552 . . [8.00.6001.23111] . . c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\wininet.dll
[-] 2010-11-06 . 628696B409200762C12C5140C434CBFA . 919552 . . [8.00.6001.23084] . . c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\wininet.dll
[-] 2010-11-06 . 24BC8815BBD3BB53829E0141529E49FD . 916480 . . [8.00.6001.18992] . . c:\windows\ie8updates\KB2482017-IE8\wininet.dll
[-] 2010-09-10 . 41E62E6AA4D4C03322467FB0D2D29967 . 916480 . . [8.00.6001.18968] . . c:\windows\ie8updates\KB2416400-IE8\wininet.dll
[-] 2010-09-10 . 7B7028B726053782DD9B98B729515567 . 919552 . . [8.00.6001.23060] . . c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\wininet.dll
[-] 2010-06-24 . 1ACB8E6FAD2A8690CBB41D3229A2B27D . 919040 . . [8.00.6001.23037] . . c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\wininet.dll
[-] 2010-06-24 . 5AC0C1733D8C3DE781002F45A678E0FC . 916480 . . [8.00.6001.18939] . . c:\windows\ie8updates\KB2360131-IE8\wininet.dll
[-] 2010-05-06 . 12C5EEBBC10DB644B44131EE3ECBC430 . 916480 . . [8.00.6001.18923] . . c:\windows\ie8updates\KB2183461-IE8\wininet.dll
[-] 2010-05-06 . B5B9887088B8168D52CB28020CF05498 . 919040 . . [8.00.6001.23014] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\wininet.dll
[-] 2010-02-25 . 7857131DA01250E02BEE64F1163F6159 . 916480 . . [8.00.6001.18904] . . c:\windows\ie8updates\KB982381-IE8\wininet.dll
[-] 2010-02-25 . 3C41EB3A0EC8E2606B6C906993E11C29 . 919040 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\wininet.dll
[-] 2009-12-21 . F2A70583964128530B7E86B1A13023A7 . 916480 . . [8.00.6001.18876] . . c:\windows\ie8updates\KB980182-IE8\wininet.dll
[-] 2009-12-21 . 5E3A3EB3BC5849BE4D5FE2B5F1869783 . 916480 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\wininet.dll
[-] 2009-10-29 . A20B2C09CCE24D136F0519323A3F7072 . 832512 . . [7.00.6000.16945] . . c:\windows\ie8\wininet.dll
[-] 2009-10-29 . 3426FBE495D1825D5C09C84D1E9361C1 . 916480 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\wininet.dll
[-] 2009-10-29 . 3426FBE495D1825D5C09C84D1E9361C1 . 916480 . . [8.00.6001.18854] . . c:\windows\SoftwareDistribution\Download\85af8afe81c33bd591227dcad3f455c7\SP3GDR\wininet.dll
[-] 2009-10-29 . 9B5D0E4E82FFC178D82206D93D89C71C . 841216 . . [7.00.6000.21148] . . c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\wininet.dll
[-] 2009-10-29 . 0A4248E124C88EDD1E0A93AE93E4DB6A . 916480 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\wininet.dll
[-] 2009-10-29 . 0A4248E124C88EDD1E0A93AE93E4DB6A . 916480 . . [8.00.6001.22945] . . c:\windows\SoftwareDistribution\Download\85af8afe81c33bd591227dcad3f455c7\SP3QFE\wininet.dll
[-] 2009-08-29 . CB74316772D625807EF16F6701F2A25E . 832512 . . [7.00.6000.16915] . . c:\windows\ie7updates\KB976325-IE7\wininet.dll
[-] 2009-08-29 . BA0DE4DD7959D0638EAD5B400294C416 . 840704 . . [7.00.6000.21115] . . c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\wininet.dll
[-] 2009-06-29 . 93552887262FEE6DD5D98E452FCD495A . 828928 . . [7.00.6000.21073] . . c:\windows\$hf_mig$\KB972260-IE7\SP3QFE\wininet.dll
[-] 2009-06-29 . 90590032B6E9EF719F5E78FCD2AD2CBC . 827392 . . [7.00.6000.16876] . . c:\windows\ie7updates\KB974455-IE7\wininet.dll
[-] 2009-04-29 . B7E6D6663CB6BC05316FEB978217360D . 827392 . . [7.00.6000.16850] . . c:\windows\ie7updates\KB972260-IE7\wininet.dll
[-] 2009-04-29 . F5D59B0B453F8AF7ADC7AFB34D39C441 . 828928 . . [7.00.6000.21045] . . c:\windows\$hf_mig$\KB969897-IE7\SP3QFE\wininet.dll
[-] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB976325-IE8\wininet.dll
[-] 2009-03-03 . AF68C6F857EB438770E86FFEE013F04D . 828416 . . [7.00.6000.21020] . . c:\windows\$hf_mig$\KB963027-IE7\SP3QFE\wininet.dll
[-] 2009-03-03 . 9F434E15A82D1322FB6860E317783E57 . 826368 . . [7.00.6000.16827] . . c:\windows\ie7updates\KB969897-IE7\wininet.dll
[-] 2008-12-20 . 2B5AE9ACD86E1B8B86D62E153DE130AB . 827904 . . [7.00.6000.20978] . . c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\wininet.dll
[-] 2008-12-20 . C3D4047626F8CC8EC7DD7558FA5CC2E2 . 826368 . . [7.00.6000.16791] . . c:\windows\ie7updates\KB963027-IE7\wininet.dll
[-] 2008-10-16 . CBAAEBDFC6F9291D2D31E36FE1AD19AC . 826368 . . [7.00.6000.16762] . . c:\windows\ie7updates\KB961260-IE7\wininet.dll
[-] 2008-10-16 . 5A1F997EC096EF26F3A3880347F5F9D8 . 827904 . . [7.00.6000.20935] . . c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\wininet.dll
[-] 2008-08-26 . E1F83BCC84D6223965D35AB06B63BBEB . 827904 . . [7.00.6000.20900] . . c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\wininet.dll
[-] 2008-08-26 . B905F284F45675F3019413DFF055C666 . 826368 . . [7.00.6000.16735] . . c:\windows\ie7updates\KB958215-IE7\wininet.dll
[-] 2008-06-23 . 7B28D5C8C5C075037F864256E4044B83 . 826368 . . [7.00.6000.16705] . . c:\windows\ie7updates\KB956390-IE7\wininet.dll
[-] 2008-06-23 . 4F08E6D8C9DDA8ED4346A1857849ADB3 . 827904 . . [7.00.6000.20861] . . c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\wininet.dll
[-] 2008-04-23 . 751EFBEC900CC4E4B41DB6E522B67D41 . 827392 . . [7.00.6000.20815] . . c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\wininet.dll
[-] 2008-04-23 . A5795741E53F72C4A2736BC51007A5D5 . 826368 . . [7.00.6000.16674] . . c:\windows\ie7updates\KB953838-IE7\wininet.dll
[-] 2008-04-21 . 11D26D87E041000EA4C0128CD0010F7A . 671744 . . [6.00.2900.5583] . . c:\windows\ie7\wininet.dll
[-] 2008-04-21 . 645A4A4884EB5EB8453C01531FCBEC3A . 672256 . . [6.00.2900.5583] . . c:\windows\$hf_mig$\KB950759\SP3QFE\wininet.dll
[-] 2008-04-14 . B4AEE98A48917B274FACFB78BBE0BC84 . 671744 . . [6.00.2900.5512] . . c:\windows\$NtUninstallKB950759$\wininet.dll
[-] 2007-08-13 . A4A0FC92358F39538A6494C42EF99FE9 . 818688 . . [7.00.5730.13] . . c:\windows\ie7updates\KB950759-IE7\wininet.dll
.
[-] 2008-04-14 . 6A35E2D6F5F052C84EC2CEB296389439 . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll
[-] 2008-04-14 . 6A35E2D6F5F052C84EC2CEB296389439 . 82432 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ws2_32.dll
.
[-] 2008-04-14 . C7D8A0517CBF16B84F657DE87EBE9D4B . 19968 . . [5.1.2600.5512] . . c:\windows\system32\ws2help.dll
[-] 2008-04-14 . C7D8A0517CBF16B84F657DE87EBE9D4B . 19968 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ws2help.dll
.
[-] 2008-04-14 . 418045A93CD87A352098AB7DABE1B53E . 1036800 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 418045A93CD87A352098AB7DABE1B53E . 1036800 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\explorer.exe
.
[-] 2008-04-14 . AD9226BF3CED13636083BB9C76E9D2A2 . 153600 . . [5.1.2600.5512] . . c:\windows\regedit.exe
[-] 2008-04-14 . AD9226BF3CED13636083BB9C76E9D2A2 . 153600 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\regedit.exe
.
[-] 2011-11-01 . 6AD6619E7523E27B771569C26F408F0A . 1288704 . . [5.1.2600.6168] . . c:\windows\system32\ole32.dll
[-] 2011-11-01 . 6AD6619E7523E27B771569C26F408F0A . 1288704 . . [5.1.2600.6168] . . c:\windows\system32\dllcache\ole32.dll
[-] 2011-11-01 . D684C601EC79D9543D50EB2DB124FE78 . 1289216 . . [5.1.2600.6168] . . c:\windows\$hf_mig$\KB2624667\SP3QFE\ole32.dll
[-] 2010-07-16 . B28AF7976F2D8109C0DC2CF2460BEDC2 . 1288192 . . [5.1.2600.6010] . . c:\windows\$NtUninstallKB2624667$\ole32.dll
[-] 2010-07-16 . B3D7633CF83B09042A49810A7A72ADED . 1289216 . . [5.1.2600.6010] . . c:\windows\$hf_mig$\KB979687\SP3QFE\ole32.dll
[-] 2008-04-14 . E08D638BA3D3DD6DF6E31216AB66AE0B . 1287680 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB979687$\ole32.dll
.
[-] 2010-04-16 . 45954AFB7AE6E29B23C56B830C820A11 . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\usp10.dll
[-] 2010-04-16 . 45954AFB7AE6E29B23C56B830C820A11 . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\dllcache\usp10.dll
[-] 2010-04-16 . EB2AD9C7DADE6C63F5F933881BA2A430 . 406016 . . [1.0420.2600.5969] . . c:\windows\$hf_mig$\KB981322\SP3QFE\usp10.dll
[-] 2008-04-14 . 052F968390A85D37D5EE8BE3AB2A83A2 . 406016 . . [1.0420.2600.5512] . . c:\windows\$NtUninstallKB981322$\usp10.dll
.
[-] 2008-04-14 . 671ABB33C712B1585A5BF7ADD36AD96E . 4096 . . [5.3.2600.5512] . . c:\windows\system32\ksuser.dll
[-] 2008-04-14 . 671ABB33C712B1585A5BF7ADD36AD96E . 4096 . . [5.3.2600.5512] . . c:\windows\system32\dllcache\ksuser.dll
.
[-] 2008-04-14 . 01B4E6E990B6C5EA8856D96C7FD044B2 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
[-] 2008-04-14 . 01B4E6E990B6C5EA8856D96C7FD044B2 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ctfmon.exe
.
[-] 2009-07-27 . 2DB7D303C36DDD055215052F118E8E75 . 135680 . . [6.00.2900.5853] . . c:\windows\system32\shsvcs.dll
[-] 2009-07-27 . 2DB7D303C36DDD055215052F118E8E75 . 135680 . . [6.00.2900.5853] . . c:\windows\system32\dllcache\shsvcs.dll
[-] 2009-07-27 . 927666F4228E3FBBC3D1171581DC8BDC . 135680 . . [6.00.2900.5853] . . c:\windows\$hf_mig$\KB971029\SP3QFE\shsvcs.dll
[-] 2008-04-14 . 40602EBFBE06AA075C8E4560743F6883 . 135168 . . [6.00.2900.5512] . . c:\windows\$NtUninstallKB971029$\shsvcs.dll
.
[-] 2008-04-14 . FE77A85495065F3AD59C5C65B6C54182 . 171520 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[-] 2008-04-14 . FE77A85495065F3AD59C5C65B6C54182 . 171520 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\srsvc.dll
.
[-] 2008-04-14 . EDAFBE25FB6480CE68F688BA691890DC . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe
[-] 2008-04-14 . EDAFBE25FB6480CE68F688BA691890DC . 13824 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\wscntfy.exe
.
[-] 2008-04-14 . 0ADA34871A2E1CD2CAAFED1237A47750 . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll
[-] 2008-04-14 . 0ADA34871A2E1CD2CAAFED1237A47750 . 129024 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\xmlprov.dll
.
[-] 2008-04-14 . 04955AA695448C181B367D964AF158AA . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll
[-] 2008-04-14 . 04955AA695448C181B367D964AF158AA . 56320 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\eventlog.dll
.
[-] 2008-04-14 . E7EF7580241236552C7114FC71166CB6 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
[-] 2008-04-14 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ipsec.sys
[-] 2008-04-14 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ipsec.sys
.
[-] 2008-04-14 . E4CD1F3D84E1C2CA0B8CF7501E201593 . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll
[-] 2008-04-14 . E4CD1F3D84E1C2CA0B8CF7501E201593 . 59904 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\regsvc.dll
.
[-] 2008-04-14 . A050194A44D7FA8D7186ED2F4E8367AE . 193536 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll
[-] 2008-04-14 . A050194A44D7FA8D7186ED2F4E8367AE . 193536 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\schedsvc.dll
.
[-] 2008-04-14 . 4DF5B05DFAEC29E13E1ED6F6EE12C500 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll
[-] 2008-04-14 . 4DF5B05DFAEC29E13E1ED6F6EE12C500 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ssdpsrv.dll
.
[-] 2008-04-14 . B7DE02C863D8F5A005A7BF375375A6A4 . 297472 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll
[-] 2008-04-14 . B7DE02C863D8F5A005A7BF375375A6A4 . 297472 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\termsrv.dll
.
[-] 2008-04-14 . 0DAF0705D7B39C94E287913226688804 . 348672 . . [5.1.2600.5512] . . c:\windows\system32\hnetcfg.dll
[-] 2008-04-14 . 0DAF0705D7B39C94E287913226688804 . 348672 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\hnetcfg.dll
.
[-] 2008-04-14 . D45960BE52C3C610D361977057F98C54 . 175616 . . [5.1.2600.5512] . . c:\windows\system32\appmgmts.dll
[-] 2008-04-14 . D45960BE52C3C610D361977057F98C54 . 175616 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\appmgmts.dll
.
[-] 2008-04-14 . 9E1CA3160DAFB159CA14F83B1E317F75 . 12160 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys
.
[-] 2008-04-13 20:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\dllcache\aec.sys
[-] 2008-04-13 20:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys
.
[-] 2008-04-14 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ip6fw.sys
[-] 2008-04-14 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys
.
[-] 2010-09-18 07:18 . 4891FCDAE77486BFB56999AA217651FA . 953856 . . [4.1.6151] . . c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc40u.dll
[-] 2010-09-18 06:52 . 1614669828A32BCD06E1BE6F334BB888 . 953856 . . [4.1.6151] . . c:\windows\system32\mfc40u.dll
[-] 2010-09-18 06:52 . 1614669828A32BCD06E1BE6F334BB888 . 953856 . . [4.1.6151] . . c:\windows\system32\dllcache\mfc40u.dll
[-] 2008-04-14 12:00 . ACC19BA6876AF18768EE87931CAD14E2 . 927504 . . [4.1.0.61] . . c:\windows\$NtUninstallKB2387149$\mfc40u.dll
.
[-] 2008-04-14 . B7550A7107281D170CE85524B1488C98 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll
[-] 2008-04-14 . B7550A7107281D170CE85524B1488C98 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\msgsvc.dll
.
[-] 2008-04-14 12:00 . 6E18978B749F0696A774DE3F2CB142DD . 52736 . . [9.0.1.56] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll
[-] 2006-10-18 19:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll
[-] 2006-10-18 19:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\dllcache\mspmsnsv.dll
.
[-] 2012-05-05 . 0A7BFA15D9F9432DB882CD2A174E7F7F . 2071424 . . [5.1.2600.6223] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe
[-] 2012-05-05 . 0A7BFA15D9F9432DB882CD2A174E7F7F . 2071424 . . [5.1.2600.6223] . . c:\windows\system32\dllcache\ntkrnlpa.exe
[-] 2012-05-05 . BE4A6D3DB8E11A1B644B8675FE7D1A43 . 2029056 . . [5.1.2600.6223] . . c:\windows\system32\ntkrnlpa.exe
[-] 2012-05-05 . 339D9DA45F631C9D9D7132D9F6957943 . 2071424 . . [5.1.2600.6223] . . c:\windows\$hf_mig$\KB2707511\SP3QFE\ntkrnlpa.exe
[-] 2012-04-11 . 12E964E3514BC6ECD028A792F23E1976 . 2029056 . . [5.1.2600.6206] . . c:\windows\$NtUninstallKB2707511$\ntkrnlpa.exe
[-] 2012-04-11 . C3124524EDDDA49504AE558352440F65 . 2071424 . . [5.1.2600.6206] . . c:\windows\$hf_mig$\KB2676562\SP3QFE\ntkrnlpa.exe
[-] 2011-10-26 . 07FD1B85212CB29D3D75932B8C3FD210 . 2029568 . . [5.1.2600.6165] . . c:\windows\$NtUninstallKB2676562$\ntkrnlpa.exe
[-] 2011-10-26 . ADD968B4D4A095407FD5B915F89BA8B5 . 2071680 . . [5.1.2600.6165] . . c:\windows\$hf_mig$\KB2633171\SP3QFE\ntkrnlpa.exe
[-] 2010-12-09 . 7B1CA0A6C042E4B90A18B49ED73CBA76 . 2071680 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntkrnlpa.exe
[-] 2010-12-09 . 56371A8F18F7D9570A11B1C54D602A2A . 2029568 . . [5.1.2600.6055] . . c:\windows\$NtUninstallKB2633171$\ntkrnlpa.exe
[-] 2010-04-28 . 4EACA49489EB3C4A2E83C5546EB5884C . 2069248 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntkrnlpa.exe
[-] 2010-04-28 . 6D8D53C3EE866AB72AC73A68808E7371 . 2027008 . . [5.1.2600.5973] . . c:\windows\$NtUninstallKB2393802$\ntkrnlpa.exe
[-] 2010-02-16 . 1DFCBCFD1C9016C051BE6D7243459CCA . 2027008 . . [5.1.2600.5938] . . c:\windows\$NtUninstallKB981852$\ntkrnlpa.exe
[-] 2010-02-16 . CEE28C8C47E52F185F9F8F3A2E31880C . 2069248 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe
[-] 2009-12-09 . 2E72317A93EF61138E43DCF7CD423EDF . 2068480 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3QFE\ntkrnlpa.exe
[-] 2009-12-09 . 1143EBE276EA80A88942A21613078088 . 2026496 . . [5.1.2600.5913] . . c:\windows\$NtUninstallKB979683$\ntkrnlpa.exe
[-] 2009-08-04 . C50ED62BB5CDC5AD4F3985ED39C6AE87 . 2068480 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlpa.exe
[-] 2009-08-04 . 1FF1F43613BA7510A5A975ED034EB8E0 . 2026496 . . [5.1.2600.5857] . . c:\windows\$NtUninstallKB977165$\ntkrnlpa.exe
[-] 2009-02-09 . 43FBA8A9CBEEA36EA95AF77CD538200A . 2026496 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB971486$\ntkrnlpa.exe
[-] 2009-02-09 . 1F9DA92672B8B5720C5FB1E87D8F249F . 2068480 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
[-] 2008-08-14 . C789B5AEA9AB71C5BEF6DD568F744842 . 2068352 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe
[-] 2008-08-14 . 13334FAF18AB3B9083B8DD8A668B8BB6 . 2026496 . . [5.1.2600.5657] . . c:\windows\$NtUninstallKB956572$\ntkrnlpa.exe
[-] 2008-04-14 . FEFB3BDA35CF469809B0C89AB6833AFC . 2026496 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956841$\ntkrnlpa.exe
.
[-] 2008-04-14 12:00 . 56AF4064996FA5BAC9C449B1514B4770 . 438272 . . [5.1.2400.5512] . . c:\windows\system32\ntmssvc.dll
[-] 2008-04-14 12:00 . 56AF4064996FA5BAC9C449B1514B4770 . 438272 . . [5.1.2400.5512] . . c:\windows\system32\dllcache\ntmssvc.dll
.
[-] 2008-04-14 . 1DFD8975D8C89214B98D9387C1125B49 . 186880 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll
[-] 2008-04-14 . 1DFD8975D8C89214B98D9387C1125B49 . 186880 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\upnphost.dll
.
[-] 2008-04-14 . 9236E736EDB57BE7D1EF6274410E3BAC . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dsound.dll
[-] 2008-04-14 . 9236E736EDB57BE7D1EF6274410E3BAC . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dllcache\dsound.dll
.
[-] 2008-04-14 . 36969CF86E51EC8ED202B40F2FA80AA6 . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\d3d9.dll
[-] 2008-04-14 . 36969CF86E51EC8ED202B40F2FA80AA6 . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\dllcache\d3d9.dll
.
[-] 2008-04-14 . 4A37188B83B00DD9CFBA049687AD0DAF . 279552 . . [5.03.2600.5512] . . c:\windows\system32\ddraw.dll
[-] 2008-04-14 . 4A37188B83B00DD9CFBA049687AD0DAF . 279552 . . [5.03.2600.5512] . . c:\windows\system32\dllcache\ddraw.dll
.
[-] 2008-04-14 12:00 . 5D7F5A46975D2E59A6FECB6C231D200F . 84992 . . [5.1.2600.5512] . . c:\windows\system32\olepro32.dll
[-] 2008-04-14 12:00 . 5D7F5A46975D2E59A6FECB6C231D200F . 84992 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\olepro32.dll
.
[-] 2008-04-14 . C47FD93010649AC0D79022D9B69ADBE4 . 41984 . . [5.1.2600.5512] . . c:\windows\system32\perfctrs.dll
[-] 2008-04-14 . C47FD93010649AC0D79022D9B69ADBE4 . 41984 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\perfctrs.dll
.
[-] 2008-04-14 . F86000634319F71535BCE6B06995EE99 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\version.dll
[-] 2008-04-14 . F86000634319F71535BCE6B06995EE99 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\version.dll
.
[-] 2012-05-05 . 6005B4877E0E9AFB992615A0D5130D11 . 2194944 . . [5.1.2600.6223] . . c:\windows\Driver Cache\i386\ntoskrnl.exe
[-] 2012-05-05 . 6005B4877E0E9AFB992615A0D5130D11 . 2194944 . . [5.1.2600.6223] . . c:\windows\system32\dllcache\ntoskrnl.exe
[-] 2012-05-05 . 916B2FD262DDD2DD31EB5B80B5645516 . 2150912 . . [5.1.2600.6223] . . c:\windows\system32\ntoskrnl.exe
[-] 2012-05-05 . C11516E90F6D8C45329A070429392A04 . 2194944 . . [5.1.2600.6223] . . c:\windows\$hf_mig$\KB2707511\SP3QFE\ntoskrnl.exe
[-] 2012-04-11 . 1055CB3C62F7007EBD5ECB1E5CC8069E . 2150912 . . [5.1.2600.6206] . . c:\windows\$NtUninstallKB2707511$\ntoskrnl.exe
[-] 2012-04-11 . 35BEC26067274CCFE4BE16CA22E54557 . 2194944 . . [5.1.2600.6206] . . c:\windows\$hf_mig$\KB2676562\SP3QFE\ntoskrnl.exe
[-] 2011-10-26 . 63907C9E2D9EEA3ADA8263F0A8D79797 . 2151424 . . [5.1.2600.6165] . . c:\windows\$NtUninstallKB2676562$\ntoskrnl.exe
[-] 2011-10-26 . 43BA9F58FD87BBF57F958C06241F2C9C . 2195072 . . [5.1.2600.6165] . . c:\windows\$hf_mig$\KB2633171\SP3QFE\ntoskrnl.exe
[-] 2010-12-09 . 2A5A8BE47E1F8E55520FB4031E21D129 . 2195072 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntoskrnl.exe
[-] 2010-12-09 . DAC0BE266F11618A2B9A6EC4D1F255ED . 2151424 . . [5.1.2600.6055] . . c:\windows\$NtUninstallKB2633171$\ntoskrnl.exe
[-] 2010-04-28 . 490911C4B913989D4958543FED2C8F21 . 2148864 . . [5.1.2600.5973] . . c:\windows\$NtUninstallKB2393802$\ntoskrnl.exe
[-] 2010-04-28 . 6AF2E8CEB03F7CB3B8183359563DBB87 . 2192384 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntoskrnl.exe
[-] 2010-02-16 . E1BD0FAFF2C1D0A825CBA97DCF0DDDAE . 2148864 . . [5.1.2600.5938] . . c:\windows\$NtUninstallKB981852$\ntoskrnl.exe
[-] 2010-02-16 . 4456016C2FF1A8CCCAC8309C9B76E2F5 . 2192384 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe
[-] 2009-12-09 . A97847B2D30F4A299B35239D26BAD948 . 2191616 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3QFE\ntoskrnl.exe
[-] 2009-12-09 . D4128AA197DD8F3120FC80008AB66CF7 . 2147840 . . [5.1.2600.5913] . . c:\windows\$NtUninstallKB979683$\ntoskrnl.exe
[-] 2009-08-04 . 96D6882D49438D58B0DE0F7E8C8D241B . 2147840 . . [5.1.2600.5857] . . c:\windows\$NtUninstallKB977165$\ntoskrnl.exe
[-] 2009-08-04 . 4B86421F2D85D9A4ECB06885C40B8EEB . 2191616 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe
[-] 2009-02-10 . D3453310FC92736E674FFDC6E3F455B7 . 2191488 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[-] 2009-02-09 . 18D976FE984BDA3DAC8164B05D69205D . 2147840 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB971486$\ntoskrnl.exe
[-] 2008-08-14 . 59282EFE7147C011530E51FF92BA86AC . 2191488 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe
[-] 2008-08-14 . 5961DD3AEC44962A76F0D8D895C172F1 . 2147840 . . [5.1.2600.5657] . . c:\windows\$NtUninstallKB956572$\ntoskrnl.exe
[-] 2008-04-14 . 88077F757C6C793C33408D878B6E0F76 . 2147840 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956841$\ntoskrnl.exe
.
[-] 2008-04-14 . FE77A85495065F3AD59C5C65B6C54182 . 171520 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[-] 2008-04-14 . FE77A85495065F3AD59C5C65B6C54182 . 171520 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\srsvc.dll
.
[-] 2008-04-14 . 7B353059E665F8B7AD2BBEAEF597CF45 . 177152 . . [5.1.2600.5512] . . c:\windows\system32\w32time.dll
[-] 2008-04-14 . 7B353059E665F8B7AD2BBEAEF597CF45 . 177152 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\w32time.dll
.
[-] 2008-04-14 . BC2C5985611C5356B24AEB370953DED9 . 334336 . . [5.1.2600.5512] . . c:\windows\system32\wiaservc.dll
[-] 2008-04-14 . BC2C5985611C5356B24AEB370953DED9 . 334336 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\wiaservc.dll
.
[-] 2008-04-14 . 2CF969B9BF1EF069075DCDCE309FAAE1 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\midimap.dll
[-] 2008-04-14 . 2CF969B9BF1EF069075DCDCE309FAAE1 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\midimap.dll
.
[-] 2008-04-14 . 469FED8597896DB77B49384BE90E2E0A . 7680 . . [5.1.2600.5512] . . c:\windows\system32\rasadhlp.dll
[-] 2008-04-14 . 469FED8597896DB77B49384BE90E2E0A . 7680 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\rasadhlp.dll
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\programme\Synaptics\SynTP\SynTPEnh.exe" [2008-03-27 1040384]
"hpWirelessAssistant"="c:\programme\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-03-01 472776]
"WatchDog"="c:\programme\InterVideo\DVD Check\DVDCheck.exe" [2006-09-05 184320]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-12-20 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-12-20 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-12-20 137752]
"SoundMAXPnP"="c:\programme\Analog Devices\Core\smax4pnp.exe" [2007-01-05 872448]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2008-07-10 1871872]
"IntelZeroConfig"="c:\programme\Intel\Wireless\bin\ZCfgSvc.exe" [2008-03-04 999424]
"IntelWireless"="c:\programme\Intel\Wireless\Bin\ifrmewrk.exe" [2008-03-04 1101824]
"AccelerometerSysTrayApplet"="c:\windows\system32\AccelerometerSt.exe" [2007-01-24 124928]
"QlbCtrl.exe"="c:\programme\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-02-26 177456]
"HP Software Update"="c:\programme\Hp\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"QuickTime Task"="c:\programme\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\programme\iTunes\iTunesHelper.exe" [2011-03-07 421160]
"SunJavaUpdateSched"="c:\programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [2012-01-18 254696]
"Malwarebytes' Anti-Malware"="c:\programme\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
"MSC"="c:\programme\Microsoft Security Client\msseces.exe" [2012-03-26 931200]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\GEMEIN~1\MICROS~1\DW\dwtrig20.exe" [2010-12-20 519584]
.
c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\
BTTray.lnk - c:\programme\WIDCOMM\Bluetooth Software\BTTray.exe [2007-12-6 576104]
DVD Check.lnk - c:\programme\InterVideo\DVD Check\DVDCheck.exe [2008-7-10 184320]
Windows Search.lnk - c:\programme\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\programme\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programme\\Miranda IM\\miranda32.exe"=
"c:\\Programme\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Programme\\Bonjour\\mDNSResponder.exe"=
"c:\\Programme\\iTunes\\iTunes.exe"=
.
R1 MpKsl3c7094b9;MpKsl3c7094b9;c:\dokumente und einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\{421CFB4C-EE7E-4898-93A1-94B7EC991CF7}\MpKsl3c7094b9.sys [05.07.2012 14:46 29904]
R2 MBAMService;MBAMService;c:\programme\Malwarebytes' Anti-Malware\mbamservice.exe [05.07.2012 09:11 654408]
R2 SWIHPWMI;SWIHPWMI;c:\programme\HPQ\Shared\Sierra Wireless\Win32\Unicode\SWIHPWMI.exe [04.12.2006 16:13 292384]
R3 Com4QLBEx;Com4QLBEx;c:\programme\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [15.07.2008 21:57 193840]
R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [10.07.2008 15:45 36608]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [05.07.2012 09:11 22344]
R3 rismc32;RICOH Smart Card Reader;c:\windows\system32\drivers\rismc32.sys [10.07.2008 15:49 47616]
S3 HP24X;HP PC Card Smart Card Reader;c:\windows\system32\drivers\HP24X.sys [10.07.2008 15:48 33024]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\programme\Mozilla Maintenance Service\maintenanceservice.exe [07.05.2012 22:59 113120]
S3 osppsvc;Office Software Protection Platform;c:\programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [09.01.2010 21:37 4640000]
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - MPKSL3C7094B9
.
Inhalt des "geplante Tasks" Ordners
.
2012-03-29 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programme\Apple Software Update\SoftwareUpdate.exe [2008-04-11 10:34]
.
2012-07-05 c:\windows\Tasks\MpIdleTask.job
- c:\programme\Microsoft Security Client\MpCmdRun.exe [2012-03-26 15:03]
.
.
------- Zusätzlicher Suchlauf -------
.
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Senden an &Bluetooth-Gerät... - c:\programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Senden an Bluetooth - c:\programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm
FF - ProfilePath - c:\dokumente und einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\an0339hp.default\
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2012-07-05 15:14
Windows 5.1.2600 Service Pack 3 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'winlogon.exe'(960)
c:\windows\System32\BCMLogon.dll
c:\windows\system32\netprovcredman.dll
c:\windows\system32\igfxdev.dll
.
Zeit der Fertigstellung: 2012-07-05  15:18:10
ComboFix-quarantined-files.txt  2012-07-05 13:18
.
Vor Suchlauf: 9 Verzeichnis(se), 12.454.383.616 Bytes frei
Nach Suchlauf: 12 Verzeichnis(se), 12.950.458.368 Bytes frei
.
WindowsXP-KB310994-SP2-Pro-BootDisk-DEU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - EB04C0F70D0D8570DC24DEAA192C2024

--- --- ---

markusg · 05.07.2012, 14:23

hi
download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
- bei funden erst mal immer skip wählen, log posten

Hypocrite666 · 05.07.2012, 14:31

Code:

ATTFilter

15:28:38.0734 2688	TDSS rootkit removing tool 2.7.44.0 Jul  2 2012 20:01:08
15:28:38.0875 2688	============================================================
15:28:38.0875 2688	Current date / time: 2012/07/05 15:28:38.0875
15:28:38.0875 2688	SystemInfo:
15:28:38.0875 2688	
15:28:38.0875 2688	OS Version: 5.1.2600 ServicePack: 3.0
15:28:38.0875 2688	Product type: Workstation
15:28:38.0875 2688	ComputerName: SIRHENRYJR
15:28:38.0875 2688	UserName: ***
15:28:38.0875 2688	Windows directory: C:\WINDOWS
15:28:38.0875 2688	System windows directory: C:\WINDOWS
15:28:38.0875 2688	Processor architecture: Intel x86
15:28:38.0875 2688	Number of processors: 2
15:28:38.0875 2688	Page size: 0x1000
15:28:38.0875 2688	Boot type: Normal boot
15:28:38.0875 2688	============================================================
15:28:40.0671 2688	Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:28:40.0703 2688	============================================================
15:28:40.0703 2688	\Device\Harddisk0\DR0:
15:28:40.0703 2688	MBR partitions:
15:28:40.0703 2688	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x950E800
15:28:40.0703 2688	============================================================
15:28:40.0703 2688	C: <-> \Device\Harddisk0\DR0\Partition0
15:28:40.0703 2688	============================================================
15:28:40.0703 2688	Initialize success
15:28:40.0703 2688	============================================================
15:28:55.0656 3444	============================================================
15:28:55.0656 3444	Scan started
15:28:55.0656 3444	Mode: Manual; SigCheck; TDLFS; 
15:28:55.0656 3444	============================================================
15:28:55.0906 3444	Abiosdsk - ok
15:28:55.0921 3444	abp480n5 - ok
15:28:55.0968 3444	Accelerometer   (ac24b66995aff48be6b2f8cc3ca843c7) C:\WINDOWS\system32\DRIVERS\Accelerometer.sys
15:28:56.0250 3444	Accelerometer ( UnsignedFile.Multi.Generic ) - warning
15:28:56.0250 3444	Accelerometer - detected UnsignedFile.Multi.Generic (1)
15:28:56.0312 3444	ACPI            (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
15:28:56.0359 3444	ACPI ( UnsignedFile.Multi.Generic ) - warning
15:28:56.0359 3444	ACPI - detected UnsignedFile.Multi.Generic (1)
15:28:56.0390 3444	ACPIEC          (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
15:28:56.0437 3444	ACPIEC ( UnsignedFile.Multi.Generic ) - warning
15:28:56.0437 3444	ACPIEC - detected UnsignedFile.Multi.Generic (1)
15:28:56.0500 3444	ADIHdAudAddService (4e12c97cbfe99be15d7680918f9899ec) C:\WINDOWS\system32\drivers\ADIHdAud.sys
15:28:56.0578 3444	ADIHdAudAddService ( UnsignedFile.Multi.Generic ) - warning
15:28:56.0578 3444	ADIHdAudAddService - detected UnsignedFile.Multi.Generic (1)
15:28:56.0578 3444	adpu160m - ok
15:28:56.0625 3444	AEAudio         (fff87a9b1ab36ee4b7bec98a4cb01b79) C:\WINDOWS\system32\drivers\AEAudio.sys
15:28:56.0734 3444	AEAudio ( UnsignedFile.Multi.Generic ) - warning
15:28:56.0734 3444	AEAudio - detected UnsignedFile.Multi.Generic (1)
15:28:56.0734 3444	aec             (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
15:28:56.0828 3444	aec ( UnsignedFile.Multi.Generic ) - warning
15:28:56.0828 3444	aec - detected UnsignedFile.Multi.Generic (1)
15:28:56.0859 3444	AegisP          (023867b6606fbabcdd52e089c4a507da) C:\WINDOWS\system32\DRIVERS\AegisP.sys
15:28:56.0921 3444	AegisP ( UnsignedFile.Multi.Generic ) - warning
15:28:56.0921 3444	AegisP - detected UnsignedFile.Multi.Generic (1)
15:28:56.0984 3444	AFD             (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
15:28:57.0031 3444	AFD ( UnsignedFile.Multi.Generic ) - warning
15:28:57.0031 3444	AFD - detected UnsignedFile.Multi.Generic (1)
15:28:57.0031 3444	Aha154x - ok
15:28:57.0046 3444	aic78u2 - ok
15:28:57.0046 3444	aic78xx - ok
15:28:57.0078 3444	Alerter         (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll
15:28:57.0140 3444	Alerter ( UnsignedFile.Multi.Generic ) - warning
15:28:57.0140 3444	Alerter - detected UnsignedFile.Multi.Generic (1)
15:28:57.0171 3444	ALG             (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe
15:28:57.0250 3444	ALG ( UnsignedFile.Multi.Generic ) - warning
15:28:57.0250 3444	ALG - detected UnsignedFile.Multi.Generic (1)
15:28:57.0250 3444	AliIde - ok
15:28:57.0250 3444	amsint - ok
15:28:57.0375 3444	Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:28:57.0437 3444	Apple Mobile Device - ok
15:28:57.0468 3444	AppMgmt         (d45960be52c3c610d361977057f98c54) C:\WINDOWS\System32\appmgmts.dll
15:28:57.0546 3444	AppMgmt ( UnsignedFile.Multi.Generic ) - warning
15:28:57.0546 3444	AppMgmt - detected UnsignedFile.Multi.Generic (1)
15:28:57.0562 3444	Arp1394         (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
15:28:57.0625 3444	Arp1394 ( UnsignedFile.Multi.Generic ) - warning
15:28:57.0625 3444	Arp1394 - detected UnsignedFile.Multi.Generic (1)
15:28:57.0625 3444	asc - ok
15:28:57.0625 3444	asc3350p - ok
15:28:57.0625 3444	asc3550 - ok
15:28:57.0734 3444	aspnet_state    (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
15:28:57.0765 3444	aspnet_state - ok
15:28:57.0812 3444	AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
15:28:57.0859 3444	AsyncMac ( UnsignedFile.Multi.Generic ) - warning
15:28:57.0859 3444	AsyncMac - detected UnsignedFile.Multi.Generic (1)
15:28:57.0906 3444	atapi           (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
15:28:57.0968 3444	atapi ( UnsignedFile.Multi.Generic ) - warning
15:28:57.0968 3444	atapi - detected UnsignedFile.Multi.Generic (1)
15:28:57.0968 3444	Atdisk - ok
15:28:58.0000 3444	Atmarpc         (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
15:28:58.0062 3444	Atmarpc ( UnsignedFile.Multi.Generic ) - warning
15:28:58.0062 3444	Atmarpc - detected UnsignedFile.Multi.Generic (1)
15:28:58.0109 3444	ATSWPDRV        (69e65a2ce11619f0c868967ca9540b80) C:\WINDOWS\system32\DRIVERS\ATSwpDrv.sys
15:28:58.0171 3444	ATSWPDRV - ok
15:28:58.0187 3444	AudioSrv        (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll
15:28:58.0281 3444	AudioSrv ( UnsignedFile.Multi.Generic ) - warning
15:28:58.0281 3444	AudioSrv - detected UnsignedFile.Multi.Generic (1)
15:28:58.0312 3444	audstub         (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
15:28:58.0375 3444	audstub ( UnsignedFile.Multi.Generic ) - warning
15:28:58.0375 3444	audstub - detected UnsignedFile.Multi.Generic (1)
15:28:58.0421 3444	Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
15:28:58.0531 3444	Beep ( UnsignedFile.Multi.Generic ) - warning
15:28:58.0531 3444	Beep - detected UnsignedFile.Multi.Generic (1)
15:28:58.0609 3444	BITS            (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll
15:28:58.0828 3444	BITS ( UnsignedFile.Multi.Generic ) - warning
15:28:58.0828 3444	BITS - detected UnsignedFile.Multi.Generic (1)
15:28:58.0921 3444	Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Programme\Bonjour\mDNSResponder.exe
15:28:58.0953 3444	Bonjour Service - ok
15:28:58.0984 3444	Browser         (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll
15:28:59.0093 3444	Browser ( UnsignedFile.Multi.Generic ) - warning
15:28:59.0093 3444	Browser - detected UnsignedFile.Multi.Generic (1)
15:28:59.0187 3444	BTKRNL          (ef5e0de0a7ca2977a9255f36f4d915ab) C:\WINDOWS\system32\DRIVERS\btkrnl.sys
15:28:59.0250 3444	BTKRNL - ok
15:28:59.0312 3444	btwdins         (dd9c025e98a45eb0bf33ba952d0726d8) C:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe
15:28:59.0359 3444	btwdins - ok
15:28:59.0375 3444	BTWUSB          (053dc5be74621b63bb48c2b86bafc7b0) C:\WINDOWS\system32\Drivers\btwusb.sys
15:28:59.0406 3444	BTWUSB - ok
15:28:59.0484 3444	catchme - ok
15:28:59.0515 3444	cbidf2k         (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
15:28:59.0671 3444	cbidf2k ( UnsignedFile.Multi.Generic ) - warning
15:28:59.0671 3444	cbidf2k - detected UnsignedFile.Multi.Generic (1)
15:28:59.0671 3444	cd20xrnt - ok
15:28:59.0703 3444	Cdaudio         (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
15:28:59.0812 3444	Cdaudio ( UnsignedFile.Multi.Generic ) - warning
15:28:59.0828 3444	Cdaudio - detected UnsignedFile.Multi.Generic (1)
15:28:59.0859 3444	Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
15:29:00.0015 3444	Cdfs ( UnsignedFile.Multi.Generic ) - warning
15:29:00.0015 3444	Cdfs - detected UnsignedFile.Multi.Generic (1)
15:29:00.0031 3444	Cdrom           (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
15:29:00.0093 3444	Cdrom ( UnsignedFile.Multi.Generic ) - warning
15:29:00.0093 3444	Cdrom - detected UnsignedFile.Multi.Generic (1)
15:29:00.0093 3444	Changer - ok
15:29:00.0125 3444	CiSvc           (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe
15:29:00.0171 3444	CiSvc ( UnsignedFile.Multi.Generic ) - warning
15:29:00.0171 3444	CiSvc - detected UnsignedFile.Multi.Generic (1)
15:29:00.0187 3444	ClipSrv         (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe
15:29:00.0234 3444	ClipSrv ( UnsignedFile.Multi.Generic ) - warning
15:29:00.0234 3444	ClipSrv - detected UnsignedFile.Multi.Generic (1)
15:29:00.0312 3444	clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:29:00.0406 3444	clr_optimization_v2.0.50727_32 - ok
15:29:00.0437 3444	CmBatt          (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
15:29:00.0484 3444	CmBatt ( UnsignedFile.Multi.Generic ) - warning
15:29:00.0484 3444	CmBatt - detected UnsignedFile.Multi.Generic (1)
15:29:00.0500 3444	CmdIde - ok
15:29:00.0578 3444	Com4QLBEx       (a94146208170d78906c93ee39cebdd9f) C:\Programme\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
15:29:00.0593 3444	Com4QLBEx - ok
15:29:00.0625 3444	Compbatt        (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
15:29:00.0671 3444	Compbatt ( UnsignedFile.Multi.Generic ) - warning
15:29:00.0671 3444	Compbatt - detected UnsignedFile.Multi.Generic (1)
15:29:00.0671 3444	COMSysApp - ok
15:29:00.0687 3444	Cpqarray - ok
15:29:00.0734 3444	CryptSvc        (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll
15:29:00.0796 3444	CryptSvc ( UnsignedFile.Multi.Generic ) - warning
15:29:00.0796 3444	CryptSvc - detected UnsignedFile.Multi.Generic (1)
15:29:00.0796 3444	dac2w2k - ok
15:29:00.0796 3444	dac960nt - ok
15:29:00.0859 3444	DcomLaunch      (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
15:29:00.0921 3444	DcomLaunch ( UnsignedFile.Multi.Generic ) - warning
15:29:00.0921 3444	DcomLaunch - detected UnsignedFile.Multi.Generic (1)
15:29:00.0937 3444	Dhcp            (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll
15:29:00.0968 3444	Dhcp ( UnsignedFile.Multi.Generic ) - warning
15:29:00.0968 3444	Dhcp - detected UnsignedFile.Multi.Generic (1)
15:29:00.0984 3444	Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
15:29:01.0031 3444	Disk ( UnsignedFile.Multi.Generic ) - warning
15:29:01.0031 3444	Disk - detected UnsignedFile.Multi.Generic (1)
15:29:01.0031 3444	dmadmin - ok
15:29:01.0093 3444	dmboot          (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
15:29:01.0171 3444	dmboot ( UnsignedFile.Multi.Generic ) - warning
15:29:01.0171 3444	dmboot - detected UnsignedFile.Multi.Generic (1)
15:29:01.0203 3444	dmio            (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
15:29:01.0281 3444	dmio ( UnsignedFile.Multi.Generic ) - warning
15:29:01.0281 3444	dmio - detected UnsignedFile.Multi.Generic (1)
15:29:01.0312 3444	dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
15:29:01.0343 3444	dmload ( UnsignedFile.Multi.Generic ) - warning
15:29:01.0343 3444	dmload - detected UnsignedFile.Multi.Generic (1)
15:29:01.0359 3444	dmserver        (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll
15:29:01.0390 3444	dmserver ( UnsignedFile.Multi.Generic ) - warning
15:29:01.0390 3444	dmserver - detected UnsignedFile.Multi.Generic (1)
15:29:01.0437 3444	DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
15:29:01.0484 3444	DMusic ( UnsignedFile.Multi.Generic ) - warning
15:29:01.0484 3444	DMusic - detected UnsignedFile.Multi.Generic (1)
15:29:01.0531 3444	Dnscache        (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll
15:29:01.0578 3444	Dnscache ( UnsignedFile.Multi.Generic ) - warning
15:29:01.0578 3444	Dnscache - detected UnsignedFile.Multi.Generic (1)
15:29:01.0609 3444	Dot3svc         (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll
15:29:01.0671 3444	Dot3svc ( UnsignedFile.Multi.Generic ) - warning
15:29:01.0671 3444	Dot3svc - detected UnsignedFile.Multi.Generic (1)
15:29:01.0671 3444	dpti2o - ok
15:29:01.0687 3444	drmkaud         (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
15:29:01.0718 3444	drmkaud ( UnsignedFile.Multi.Generic ) - warning
15:29:01.0718 3444	drmkaud - detected UnsignedFile.Multi.Generic (1)
15:29:01.0781 3444	e1express       (8942419786970adb32b05bb7950aee72) C:\WINDOWS\system32\DRIVERS\e1e5132.sys
15:29:01.0796 3444	e1express - ok
15:29:01.0828 3444	EapHost         (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll
15:29:01.0906 3444	EapHost ( UnsignedFile.Multi.Generic ) - warning
15:29:01.0906 3444	EapHost - detected UnsignedFile.Multi.Generic (1)
15:29:01.0921 3444	ERSvc           (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll
15:29:01.0953 3444	ERSvc ( UnsignedFile.Multi.Generic ) - warning
15:29:01.0953 3444	ERSvc - detected UnsignedFile.Multi.Generic (1)
15:29:02.0000 3444	Eventlog        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
15:29:02.0031 3444	Eventlog ( UnsignedFile.Multi.Generic ) - warning
15:29:02.0031 3444	Eventlog - detected UnsignedFile.Multi.Generic (1)
15:29:02.0078 3444	EventSystem     (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\system32\es.dll
15:29:02.0109 3444	EventSystem ( UnsignedFile.Multi.Generic ) - warning
15:29:02.0109 3444	EventSystem - detected UnsignedFile.Multi.Generic (1)
15:29:02.0265 3444	EvtEng          (a2ca7c9169f5781a261310dfadc52514) C:\Programme\Intel\Wireless\Bin\EvtEng.exe
15:29:02.0484 3444	EvtEng ( UnsignedFile.Multi.Generic ) - warning
15:29:02.0484 3444	EvtEng - detected UnsignedFile.Multi.Generic (1)
15:29:02.0546 3444	Fastfat         (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
15:29:02.0625 3444	Fastfat ( UnsignedFile.Multi.Generic ) - warning
15:29:02.0625 3444	Fastfat - detected UnsignedFile.Multi.Generic (1)
15:29:02.0671 3444	FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
15:29:02.0750 3444	FastUserSwitchingCompatibility ( UnsignedFile.Multi.Generic ) - warning
15:29:02.0750 3444	FastUserSwitchingCompatibility - detected UnsignedFile.Multi.Generic (1)
15:29:02.0765 3444	Fdc             (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
15:29:02.0859 3444	Fdc ( UnsignedFile.Multi.Generic ) - warning
15:29:02.0859 3444	Fdc - detected UnsignedFile.Multi.Generic (1)
15:29:02.0859 3444	Fips            (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
15:29:02.0921 3444	Fips ( UnsignedFile.Multi.Generic ) - warning
15:29:02.0921 3444	Fips - detected UnsignedFile.Multi.Generic (1)
15:29:02.0937 3444	Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
15:29:02.0968 3444	Flpydisk ( UnsignedFile.Multi.Generic ) - warning
15:29:02.0968 3444	Flpydisk - detected UnsignedFile.Multi.Generic (1)
15:29:03.0015 3444	FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
15:29:03.0078 3444	FltMgr ( UnsignedFile.Multi.Generic ) - warning
15:29:03.0078 3444	FltMgr - detected UnsignedFile.Multi.Generic (1)
15:29:03.0203 3444	FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
15:29:03.0218 3444	FontCache3.0.0.0 - ok
15:29:03.0234 3444	Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:29:03.0281 3444	Fs_Rec ( UnsignedFile.Multi.Generic ) - warning
15:29:03.0281 3444	Fs_Rec - detected UnsignedFile.Multi.Generic (1)
15:29:03.0296 3444	Ftdisk          (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
15:29:03.0343 3444	Ftdisk ( UnsignedFile.Multi.Generic ) - warning
15:29:03.0343 3444	Ftdisk - detected UnsignedFile.Multi.Generic (1)
15:29:03.0375 3444	GEARAspiWDM     (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
15:29:03.0390 3444	GEARAspiWDM - ok
15:29:03.0437 3444	Gpc             (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
15:29:03.0515 3444	Gpc ( UnsignedFile.Multi.Generic ) - warning
15:29:03.0515 3444	Gpc - detected UnsignedFile.Multi.Generic (1)
15:29:03.0609 3444	gusvc           (c1b577b2169900f4cf7190c39f085794) C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
15:29:03.0625 3444	gusvc - ok
15:29:03.0671 3444	HBtnKey         (407e41ddb2bfece109132aec296e0d98) C:\WINDOWS\system32\DRIVERS\cpqbttn.sys
15:29:03.0734 3444	HBtnKey ( UnsignedFile.Multi.Generic ) - warning
15:29:03.0734 3444	HBtnKey - detected UnsignedFile.Multi.Generic (1)
15:29:03.0781 3444	HDAudBus        (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
15:29:03.0859 3444	HDAudBus ( UnsignedFile.Multi.Generic ) - warning
15:29:03.0859 3444	HDAudBus - detected UnsignedFile.Multi.Generic (1)
15:29:03.0890 3444	HECI            (982da8edc8e2680ba8e39dc1ad54a04e) C:\WINDOWS\system32\DRIVERS\HECI.sys
15:29:04.0031 3444	HECI ( UnsignedFile.Multi.Generic ) - warning
15:29:04.0031 3444	HECI - detected UnsignedFile.Multi.Generic (1)
15:29:04.0093 3444	helpsvc         (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
15:29:04.0140 3444	helpsvc ( UnsignedFile.Multi.Generic ) - warning
15:29:04.0140 3444	helpsvc - detected UnsignedFile.Multi.Generic (1)
15:29:04.0171 3444	HidServ         (b35da85e60c0103f2e4104532da2f12b) C:\WINDOWS\System32\hidserv.dll
15:29:04.0218 3444	HidServ ( UnsignedFile.Multi.Generic ) - warning
15:29:04.0218 3444	HidServ - detected UnsignedFile.Multi.Generic (1)
15:29:04.0234 3444	hidusb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
15:29:04.0265 3444	hidusb ( UnsignedFile.Multi.Generic ) - warning
15:29:04.0265 3444	hidusb - detected UnsignedFile.Multi.Generic (1)
15:29:04.0296 3444	hkmsvc          (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll
15:29:04.0359 3444	hkmsvc ( UnsignedFile.Multi.Generic ) - warning
15:29:04.0359 3444	hkmsvc - detected UnsignedFile.Multi.Generic (1)
15:29:04.0375 3444	HP24X           (04ebefe45b300a4edee5a38dc2791291) C:\WINDOWS\system32\DRIVERS\HP24X.sys
15:29:04.0421 3444	HP24X ( UnsignedFile.Multi.Generic ) - warning
15:29:04.0421 3444	HP24X - detected UnsignedFile.Multi.Generic (1)
15:29:04.0453 3444	hpdskflt        (4f586a990238ab147099bc76c07c566e) C:\WINDOWS\system32\DRIVERS\hpdskflt.sys
15:29:04.0515 3444	hpdskflt ( UnsignedFile.Multi.Generic ) - warning
15:29:04.0515 3444	hpdskflt - detected UnsignedFile.Multi.Generic (1)
15:29:04.0515 3444	hpn - ok
15:29:04.0562 3444	HpqKbFiltr      (35956140e686d53bf676cf0c778880fc) C:\WINDOWS\system32\DRIVERS\HpqKbFiltr.sys
15:29:04.0593 3444	HpqKbFiltr ( UnsignedFile.Multi.Generic ) - warning
15:29:04.0593 3444	HpqKbFiltr - detected UnsignedFile.Multi.Generic (1)
15:29:04.0671 3444	hpqwmiex        (d50fdad1e57aa60f1973cfc77d905f0e) C:\Programme\Hewlett-Packard\Shared\hpqWmiEx.exe
15:29:04.0687 3444	hpqwmiex - ok
15:29:04.0750 3444	HSFHWAZL        (3c01c18b866488fb6cc4e7d5472986a0) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
15:29:04.0796 3444	HSFHWAZL ( UnsignedFile.Multi.Generic ) - warning
15:29:04.0796 3444	HSFHWAZL - detected UnsignedFile.Multi.Generic (1)
15:29:04.0859 3444	HSF_DPV         (0d7d34441e37e4a41b61cff0cbca1e3d) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
15:29:04.0937 3444	HSF_DPV ( UnsignedFile.Multi.Generic ) - warning
15:29:04.0937 3444	HSF_DPV - detected UnsignedFile.Multi.Generic (1)
15:29:05.0000 3444	HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
15:29:05.0031 3444	HTTP ( UnsignedFile.Multi.Generic ) - warning
15:29:05.0031 3444	HTTP - detected UnsignedFile.Multi.Generic (1)
15:29:05.0062 3444	HTTPFilter      (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll
15:29:05.0093 3444	HTTPFilter ( UnsignedFile.Multi.Generic ) - warning
15:29:05.0093 3444	HTTPFilter - detected UnsignedFile.Multi.Generic (1)
15:29:05.0109 3444	i2omgmt - ok
15:29:05.0109 3444	i2omp - ok
15:29:05.0140 3444	i8042prt        (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
15:29:05.0265 3444	i8042prt ( UnsignedFile.Multi.Generic ) - warning
15:29:05.0265 3444	i8042prt - detected UnsignedFile.Multi.Generic (1)
15:29:05.0781 3444	ialm            (42caa789a21014aa809a8ff59b3ccfd9) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
15:29:06.0296 3444	ialm ( UnsignedFile.Multi.Generic ) - warning
15:29:06.0296 3444	ialm - detected UnsignedFile.Multi.Generic (1)
15:29:06.0500 3444	iaStor          (e5a0034847537eaee3c00349d5c34c5f) C:\WINDOWS\system32\DRIVERS\iaStor.sys
15:29:06.0515 3444	iaStor - ok
15:29:06.0609 3444	IDriverT        (6f95324909b502e2651442c1548ab12f) C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe
15:29:06.0687 3444	IDriverT ( UnsignedFile.Multi.Generic ) - warning
15:29:06.0687 3444	IDriverT - detected UnsignedFile.Multi.Generic (1)
15:29:06.0875 3444	idsvc           (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:29:06.0953 3444	idsvc - ok
15:29:07.0000 3444	IFXTPM          (2cdf483f8fc2bf3f7b93e3bdd734cfbd) C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS
15:29:07.0109 3444	IFXTPM ( UnsignedFile.Multi.Generic ) - warning
15:29:07.0109 3444	IFXTPM - detected UnsignedFile.Multi.Generic (1)
15:29:07.0250 3444	igfx            (1b954f2bcb244596da704dc8c7729930) C:\WINDOWS\system32\DRIVERS\igdkmd32.sys
15:29:07.0468 3444	igfx ( UnsignedFile.Multi.Generic ) - warning
15:29:07.0468 3444	igfx - detected UnsignedFile.Multi.Generic (1)
15:29:07.0640 3444	Imapi           (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
15:29:07.0796 3444	Imapi ( UnsignedFile.Multi.Generic ) - warning
15:29:07.0796 3444	Imapi - detected UnsignedFile.Multi.Generic (1)
15:29:07.0828 3444	ImapiService    (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\system32\imapi.exe
15:29:08.0031 3444	ImapiService ( UnsignedFile.Multi.Generic ) - warning
15:29:08.0031 3444	ImapiService - detected UnsignedFile.Multi.Generic (1)
15:29:08.0031 3444	ini910u - ok
15:29:08.0046 3444	IntelIde - ok
15:29:08.0078 3444	intelppm        (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys
15:29:08.0125 3444	intelppm ( UnsignedFile.Multi.Generic ) - warning
15:29:08.0125 3444	intelppm - detected UnsignedFile.Multi.Generic (1)
15:29:08.0140 3444	Ip6Fw           (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
15:29:08.0203 3444	Ip6Fw ( UnsignedFile.Multi.Generic ) - warning
15:29:08.0203 3444	Ip6Fw - detected UnsignedFile.Multi.Generic (1)
15:29:08.0218 3444	IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:29:08.0281 3444	IpFilterDriver ( UnsignedFile.Multi.Generic ) - warning
15:29:08.0281 3444	IpFilterDriver - detected UnsignedFile.Multi.Generic (1)
15:29:08.0281 3444	IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
15:29:08.0328 3444	IpInIp ( UnsignedFile.Multi.Generic ) - warning
15:29:08.0328 3444	IpInIp - detected UnsignedFile.Multi.Generic (1)
15:29:08.0343 3444	IpNat           (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
15:29:08.0390 3444	IpNat ( UnsignedFile.Multi.Generic ) - warning
15:29:08.0390 3444	IpNat - detected UnsignedFile.Multi.Generic (1)
15:29:08.0515 3444	iPod Service    (9033d67b7112d23eded6789bacded128) C:\Programme\iPod\bin\iPodService.exe
15:29:08.0562 3444	iPod Service - ok
15:29:08.0593 3444	IPSec           (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
15:29:08.0671 3444	IPSec ( UnsignedFile.Multi.Generic ) - warning
15:29:08.0671 3444	IPSec - detected UnsignedFile.Multi.Generic (1)
15:29:08.0718 3444	irda            (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
15:29:08.0765 3444	irda ( UnsignedFile.Multi.Generic ) - warning
15:29:08.0765 3444	irda - detected UnsignedFile.Multi.Generic (1)
15:29:08.0812 3444	IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
15:29:08.0843 3444	IRENUM ( UnsignedFile.Multi.Generic ) - warning
15:29:08.0843 3444	IRENUM - detected UnsignedFile.Multi.Generic (1)
15:29:08.0859 3444	Irmon           (2efe1db1ec58a26b0c14bfda122e246f) C:\WINDOWS\System32\irmon.dll
15:29:08.0906 3444	Irmon ( UnsignedFile.Multi.Generic ) - warning
15:29:08.0906 3444	Irmon - detected UnsignedFile.Multi.Generic (1)
15:29:08.0953 3444	isapnp          (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
15:29:09.0078 3444	isapnp ( UnsignedFile.Multi.Generic ) - warning
15:29:09.0078 3444	isapnp - detected UnsignedFile.Multi.Generic (1)
15:29:09.0140 3444	IviRegMgr       (213822072085b5bbad9af30ab577d817) C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe
15:29:09.0156 3444	IviRegMgr - ok
15:29:09.0312 3444	JavaQuickStarterService (de5d05fd449798ef88cc34ad4b1e7f85) C:\Programme\Java\jre6\bin\jqs.exe
15:29:09.0343 3444	JavaQuickStarterService - ok
15:29:09.0375 3444	Kbdclass        (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
15:29:09.0484 3444	Kbdclass ( UnsignedFile.Multi.Generic ) - warning
15:29:09.0484 3444	Kbdclass - detected UnsignedFile.Multi.Generic (1)
15:29:09.0500 3444	kbdhid          (b6d6c117d771c98130497265f26d1882) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
15:29:09.0593 3444	kbdhid ( UnsignedFile.Multi.Generic ) - warning
15:29:09.0593 3444	kbdhid - detected UnsignedFile.Multi.Generic (1)
15:29:09.0640 3444	kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
15:29:09.0671 3444	kmixer ( UnsignedFile.Multi.Generic ) - warning
15:29:09.0671 3444	kmixer - detected UnsignedFile.Multi.Generic (1)
15:29:09.0734 3444	KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
15:29:09.0765 3444	KSecDD ( UnsignedFile.Multi.Generic ) - warning
15:29:09.0765 3444	KSecDD - detected UnsignedFile.Multi.Generic (1)
15:29:09.0812 3444	LanmanServer    (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll
15:29:09.0843 3444	LanmanServer ( UnsignedFile.Multi.Generic ) - warning
15:29:09.0843 3444	LanmanServer - detected UnsignedFile.Multi.Generic (1)
15:29:09.0890 3444	lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll
15:29:09.0921 3444	lanmanworkstation ( UnsignedFile.Multi.Generic ) - warning
15:29:09.0921 3444	lanmanworkstation - detected UnsignedFile.Multi.Generic (1)
15:29:09.0937 3444	lbrtfdc - ok
15:29:09.0968 3444	LmHosts         (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll
15:29:10.0031 3444	LmHosts ( UnsignedFile.Multi.Generic ) - warning
15:29:10.0031 3444	LmHosts - detected UnsignedFile.Multi.Generic (1)
15:29:10.0078 3444	MBAMProtector   (fb097bbc1a18f044bd17bd2fccf97865) C:\WINDOWS\system32\drivers\mbam.sys
15:29:10.0093 3444	MBAMProtector - ok
15:29:10.0218 3444	MBAMService     (ba400ed640bca1eae5c727ae17c10207) C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
15:29:10.0265 3444	MBAMService - ok
15:29:10.0312 3444	mdmxsdk         (0cea2d0d3fa284b85ed5b68365114f76) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
15:29:10.0484 3444	mdmxsdk ( UnsignedFile.Multi.Generic ) - warning
15:29:10.0484 3444	mdmxsdk - detected UnsignedFile.Multi.Generic (1)
15:29:10.0515 3444	Messenger       (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll
15:29:10.0640 3444	Messenger ( UnsignedFile.Multi.Generic ) - warning
15:29:10.0640 3444	Messenger - detected UnsignedFile.Multi.Generic (1)
15:29:10.0671 3444	mnmdd           (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
15:29:10.0718 3444	mnmdd ( UnsignedFile.Multi.Generic ) - warning
15:29:10.0718 3444	mnmdd - detected UnsignedFile.Multi.Generic (1)
15:29:10.0750 3444	mnmsrvc         (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\system32\mnmsrvc.exe
15:29:10.0812 3444	mnmsrvc ( UnsignedFile.Multi.Generic ) - warning
15:29:10.0812 3444	mnmsrvc - detected UnsignedFile.Multi.Generic (1)
15:29:10.0828 3444	Modem           (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
15:29:10.0890 3444	Modem ( UnsignedFile.Multi.Generic ) - warning
15:29:10.0890 3444	Modem - detected UnsignedFile.Multi.Generic (1)
15:29:10.0906 3444	Mouclass        (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
15:29:10.0968 3444	Mouclass ( UnsignedFile.Multi.Generic ) - warning
15:29:10.0968 3444	Mouclass - detected UnsignedFile.Multi.Generic (1)
15:29:11.0000 3444	mouhid          (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
15:29:11.0062 3444	mouhid ( UnsignedFile.Multi.Generic ) - warning
15:29:11.0062 3444	mouhid - detected UnsignedFile.Multi.Generic (1)
15:29:11.0078 3444	MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
15:29:11.0140 3444	MountMgr ( UnsignedFile.Multi.Generic ) - warning
15:29:11.0140 3444	MountMgr - detected UnsignedFile.Multi.Generic (1)
15:29:11.0187 3444	MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
15:29:11.0203 3444	MozillaMaintenance - ok
15:29:11.0250 3444	MpFilter        (d993bea500e7382dc4e760bf4f35efcb) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
15:29:11.0265 3444	MpFilter - ok
15:29:11.0406 3444	MpKsl9563daa1   (a69630d039c38018689190234f866d77) c:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\{D90B0717-816E-490D-8269-BBD0DBB21BB2}\MpKsl9563daa1.sys
15:29:11.0421 3444	MpKsl9563daa1 - ok
15:29:11.0421 3444	mraid35x - ok
15:29:11.0453 3444	MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
15:29:11.0515 3444	MRxDAV ( UnsignedFile.Multi.Generic ) - warning
15:29:11.0515 3444	MRxDAV - detected UnsignedFile.Multi.Generic (1)
15:29:11.0562 3444	MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:29:11.0625 3444	MRxSmb ( UnsignedFile.Multi.Generic ) - warning
15:29:11.0625 3444	MRxSmb - detected UnsignedFile.Multi.Generic (1)
15:29:11.0687 3444	MSDTC           (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\system32\msdtc.exe
15:29:11.0812 3444	MSDTC ( UnsignedFile.Multi.Generic ) - warning
15:29:11.0812 3444	MSDTC - detected UnsignedFile.Multi.Generic (1)
15:29:11.0828 3444	Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
15:29:12.0015 3444	Msfs ( UnsignedFile.Multi.Generic ) - warning
15:29:12.0015 3444	Msfs - detected UnsignedFile.Multi.Generic (1)
15:29:12.0015 3444	MSIServer - ok
15:29:12.0046 3444	MSKSSRV         (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:29:12.0109 3444	MSKSSRV ( UnsignedFile.Multi.Generic ) - warning
15:29:12.0109 3444	MSKSSRV - detected UnsignedFile.Multi.Generic (1)
15:29:12.0171 3444	MsMpSvc         (24516bf4e12a46cb67302e2cdcb8cddf) c:\Programme\Microsoft Security Client\MsMpEng.exe
15:29:12.0171 3444	MsMpSvc - ok
15:29:12.0203 3444	MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:29:12.0265 3444	MSPCLOCK ( UnsignedFile.Multi.Generic ) - warning
15:29:12.0265 3444	MSPCLOCK - detected UnsignedFile.Multi.Generic (1)
15:29:12.0281 3444	MSPQM           (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
15:29:12.0328 3444	MSPQM ( UnsignedFile.Multi.Generic ) - warning
15:29:12.0328 3444	MSPQM - detected UnsignedFile.Multi.Generic (1)
15:29:12.0359 3444	mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
15:29:12.0421 3444	mssmbios ( UnsignedFile.Multi.Generic ) - warning
15:29:12.0421 3444	mssmbios - detected UnsignedFile.Multi.Generic (1)
15:29:12.0468 3444	Mup             (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
15:29:12.0515 3444	Mup ( UnsignedFile.Multi.Generic ) - warning
15:29:12.0515 3444	Mup - detected UnsignedFile.Multi.Generic (1)
15:29:12.0562 3444	napagent        (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll
15:29:12.0703 3444	napagent ( UnsignedFile.Multi.Generic ) - warning
15:29:12.0703 3444	napagent - detected UnsignedFile.Multi.Generic (1)
15:29:12.0750 3444	NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
15:29:12.0843 3444	NDIS ( UnsignedFile.Multi.Generic ) - warning
15:29:12.0843 3444	NDIS - detected UnsignedFile.Multi.Generic (1)
15:29:12.0890 3444	NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:29:12.0937 3444	NdisTapi ( UnsignedFile.Multi.Generic ) - warning
15:29:12.0937 3444	NdisTapi - detected UnsignedFile.Multi.Generic (1)
15:29:12.0953 3444	Ndisuio         (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:29:13.0031 3444	Ndisuio ( UnsignedFile.Multi.Generic ) - warning
15:29:13.0031 3444	Ndisuio - detected UnsignedFile.Multi.Generic (1)
15:29:13.0031 3444	NdisWan         (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:29:13.0156 3444	NdisWan ( UnsignedFile.Multi.Generic ) - warning
15:29:13.0156 3444	NdisWan - detected UnsignedFile.Multi.Generic (1)
15:29:13.0203 3444	NDProxy         (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
15:29:13.0250 3444	NDProxy ( UnsignedFile.Multi.Generic ) - warning
15:29:13.0250 3444	NDProxy - detected UnsignedFile.Multi.Generic (1)
15:29:13.0296 3444	NetBIOS         (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
15:29:13.0375 3444	NetBIOS ( UnsignedFile.Multi.Generic ) - warning
15:29:13.0375 3444	NetBIOS - detected UnsignedFile.Multi.Generic (1)
15:29:13.0390 3444	NetBT           (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
15:29:13.0484 3444	NetBT ( UnsignedFile.Multi.Generic ) - warning
15:29:13.0484 3444	NetBT - detected UnsignedFile.Multi.Generic (1)
15:29:13.0515 3444	NetDDE          (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
15:29:13.0640 3444	NetDDE ( UnsignedFile.Multi.Generic ) - warning
15:29:13.0640 3444	NetDDE - detected UnsignedFile.Multi.Generic (1)
15:29:13.0656 3444	NetDDEdsdm      (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
15:29:13.0703 3444	NetDDEdsdm ( UnsignedFile.Multi.Generic ) - warning
15:29:13.0703 3444	NetDDEdsdm - detected UnsignedFile.Multi.Generic (1)
15:29:13.0734 3444	Netlogon        (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
15:29:13.0796 3444	Netlogon ( UnsignedFile.Multi.Generic ) - warning
15:29:13.0796 3444	Netlogon - detected UnsignedFile.Multi.Generic (1)
15:29:13.0828 3444	Netman          (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll
15:29:13.0890 3444	Netman ( UnsignedFile.Multi.Generic ) - warning
15:29:13.0890 3444	Netman - detected UnsignedFile.Multi.Generic (1)
15:29:14.0000 3444	NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:29:14.0015 3444	NetTcpPortSharing - ok
15:29:14.0187 3444	NETw4x32        (d57258165aba8162de8e29d71487fc4b) C:\WINDOWS\system32\DRIVERS\NETw4x32.sys
15:29:14.0437 3444	NETw4x32 ( UnsignedFile.Multi.Generic ) - warning
15:29:14.0437 3444	NETw4x32 - detected UnsignedFile.Multi.Generic (1)
15:29:14.0625 3444	NIC1394         (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
15:29:14.0812 3444	NIC1394 ( UnsignedFile.Multi.Generic ) - warning
15:29:14.0812 3444	NIC1394 - detected UnsignedFile.Multi.Generic (1)
15:29:14.0843 3444	Nla             (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll
15:29:14.0906 3444	Nla ( UnsignedFile.Multi.Generic ) - warning
15:29:14.0906 3444	Nla - detected UnsignedFile.Multi.Generic (1)
15:29:15.0000 3444	NMSAccessU      (fd306fbcce7adb1077b709742e7148e9) C:\Programme\CDBurnerXP\NMSAccessU.exe
15:29:15.0046 3444	NMSAccessU - ok
15:29:15.0062 3444	Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
15:29:15.0125 3444	Npfs ( UnsignedFile.Multi.Generic ) - warning
15:29:15.0125 3444	Npfs - detected UnsignedFile.Multi.Generic (1)
15:29:15.0156 3444	Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
15:29:15.0250 3444	Ntfs ( UnsignedFile.Multi.Generic ) - warning
15:29:15.0250 3444	Ntfs - detected UnsignedFile.Multi.Generic (1)
15:29:15.0281 3444	NtLmSsp         (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
15:29:15.0328 3444	NtLmSsp ( UnsignedFile.Multi.Generic ) - warning
15:29:15.0328 3444	NtLmSsp - detected UnsignedFile.Multi.Generic (1)
15:29:15.0375 3444	NtmsSvc         (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll
15:29:15.0500 3444	NtmsSvc ( UnsignedFile.Multi.Generic ) - warning
15:29:15.0500 3444	NtmsSvc - detected UnsignedFile.Multi.Generic (1)
15:29:15.0546 3444	Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
15:29:15.0609 3444	Null ( UnsignedFile.Multi.Generic ) - warning
15:29:15.0609 3444	Null - detected UnsignedFile.Multi.Generic (1)
15:29:15.0640 3444	NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
15:29:15.0703 3444	NwlnkFlt ( UnsignedFile.Multi.Generic ) - warning
15:29:15.0703 3444	NwlnkFlt - detected UnsignedFile.Multi.Generic (1)
15:29:15.0703 3444	NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
15:29:15.0796 3444	NwlnkFwd ( UnsignedFile.Multi.Generic ) - warning
15:29:15.0796 3444	NwlnkFwd - detected UnsignedFile.Multi.Generic (1)
15:29:15.0953 3444	odserv          (785f487a64950f3cb8e9f16253ba3b7b) C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE
15:29:15.0984 3444	odserv - ok
15:29:16.0015 3444	ohci1394        (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
15:29:16.0109 3444	ohci1394 ( UnsignedFile.Multi.Generic ) - warning
15:29:16.0109 3444	ohci1394 - detected UnsignedFile.Multi.Generic (1)
15:29:16.0156 3444	ose             (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
15:29:16.0171 3444	ose - ok
15:29:16.0500 3444	osppsvc         (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:29:17.0078 3444	osppsvc - ok
15:29:17.0281 3444	Parport         (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
15:29:17.0375 3444	Parport ( UnsignedFile.Multi.Generic ) - warning
15:29:17.0375 3444	Parport - detected UnsignedFile.Multi.Generic (1)
15:29:17.0390 3444	PartMgr         (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
15:29:17.0453 3444	PartMgr ( UnsignedFile.Multi.Generic ) - warning
15:29:17.0453 3444	PartMgr - detected UnsignedFile.Multi.Generic (1)
15:29:17.0484 3444	ParVdm          (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
15:29:17.0531 3444	ParVdm ( UnsignedFile.Multi.Generic ) - warning
15:29:17.0531 3444	ParVdm - detected UnsignedFile.Multi.Generic (1)
15:29:17.0578 3444	PCI             (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
15:29:17.0656 3444	PCI ( UnsignedFile.Multi.Generic ) - warning
15:29:17.0656 3444	PCI - detected UnsignedFile.Multi.Generic (1)
15:29:17.0656 3444	PCIDump - ok
15:29:17.0656 3444	PCIIde          (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
15:29:17.0703 3444	PCIIde ( UnsignedFile.Multi.Generic ) - warning
15:29:17.0703 3444	PCIIde - detected UnsignedFile.Multi.Generic (1)
15:29:17.0718 3444	Pcmcia          (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
15:29:17.0781 3444	Pcmcia ( UnsignedFile.Multi.Generic ) - warning
15:29:17.0781 3444	Pcmcia - detected UnsignedFile.Multi.Generic (1)
15:29:17.0781 3444	PDCOMP - ok
15:29:17.0781 3444	PDFRAME - ok
15:29:17.0796 3444	PDRELI - ok
15:29:17.0796 3444	PDRFRAME - ok
15:29:17.0796 3444	perc2 - ok
15:29:17.0796 3444	perc2hib - ok
15:29:17.0828 3444	PlugPlay        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
15:29:17.0875 3444	PlugPlay ( UnsignedFile.Multi.Generic ) - warning
15:29:17.0875 3444	PlugPlay - detected UnsignedFile.Multi.Generic (1)
15:29:17.0921 3444	PolicyAgent     (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
15:29:17.0953 3444	PolicyAgent ( UnsignedFile.Multi.Generic ) - warning
15:29:17.0953 3444	PolicyAgent - detected UnsignedFile.Multi.Generic (1)
15:29:18.0000 3444	PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
15:29:18.0078 3444	PptpMiniport ( UnsignedFile.Multi.Generic ) - warning
15:29:18.0078 3444	PptpMiniport - detected UnsignedFile.Multi.Generic (1)
15:29:18.0078 3444	ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
15:29:18.0125 3444	ProtectedStorage ( UnsignedFile.Multi.Generic ) - warning
15:29:18.0125 3444	ProtectedStorage - detected UnsignedFile.Multi.Generic (1)
15:29:18.0140 3444	PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
15:29:18.0218 3444	PSched ( UnsignedFile.Multi.Generic ) - warning
15:29:18.0218 3444	PSched - detected UnsignedFile.Multi.Generic (1)
15:29:18.0218 3444	Ptilink         (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
15:29:18.0281 3444	Ptilink ( UnsignedFile.Multi.Generic ) - warning
15:29:18.0281 3444	Ptilink - detected UnsignedFile.Multi.Generic (1)
15:29:18.0312 3444	PxHelp20        (49452bfcec22f36a7a9b9c2181bc3042) C:\WINDOWS\system32\Drivers\PxHelp20.sys
15:29:18.0312 3444	PxHelp20 - ok
15:29:18.0312 3444	ql1080 - ok
15:29:18.0328 3444	Ql10wnt - ok
15:29:18.0328 3444	ql12160 - ok
15:29:18.0328 3444	ql1240 - ok
15:29:18.0328 3444	ql1280 - ok
15:29:18.0343 3444	RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:29:18.0390 3444	RasAcd ( UnsignedFile.Multi.Generic ) - warning
15:29:18.0390 3444	RasAcd - detected UnsignedFile.Multi.Generic (1)
15:29:18.0406 3444	RasAuto         (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll
15:29:18.0484 3444	RasAuto ( UnsignedFile.Multi.Generic ) - warning
15:29:18.0484 3444	RasAuto - detected UnsignedFile.Multi.Generic (1)
15:29:18.0515 3444	Rasirda         (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
15:29:18.0578 3444	Rasirda ( UnsignedFile.Multi.Generic ) - warning
15:29:18.0578 3444	Rasirda - detected UnsignedFile.Multi.Generic (1)
15:29:18.0578 3444	Rasl2tp         (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
15:29:18.0656 3444	Rasl2tp ( UnsignedFile.Multi.Generic ) - warning
15:29:18.0656 3444	Rasl2tp - detected UnsignedFile.Multi.Generic (1)
15:29:18.0687 3444	RasMan          (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll
15:29:18.0750 3444	RasMan ( UnsignedFile.Multi.Generic ) - warning
15:29:18.0750 3444	RasMan - detected UnsignedFile.Multi.Generic (1)
15:29:18.0765 3444	RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:29:18.0843 3444	RasPppoe ( UnsignedFile.Multi.Generic ) - warning
15:29:18.0843 3444	RasPppoe - detected UnsignedFile.Multi.Generic (1)
15:29:18.0859 3444	Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
15:29:18.0921 3444	Raspti ( UnsignedFile.Multi.Generic ) - warning
15:29:18.0921 3444	Raspti - detected UnsignedFile.Multi.Generic (1)
15:29:18.0953 3444	Rdbss           (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:29:19.0000 3444	Rdbss ( UnsignedFile.Multi.Generic ) - warning
15:29:19.0000 3444	Rdbss - detected UnsignedFile.Multi.Generic (1)
15:29:19.0015 3444	RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
15:29:19.0062 3444	RDPCDD ( UnsignedFile.Multi.Generic ) - warning
15:29:19.0062 3444	RDPCDD - detected UnsignedFile.Multi.Generic (1)
15:29:19.0093 3444	rdpdr           (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
15:29:19.0140 3444	rdpdr ( UnsignedFile.Multi.Generic ) - warning
15:29:19.0140 3444	rdpdr - detected UnsignedFile.Multi.Generic (1)
15:29:19.0203 3444	RDPWD           (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
15:29:19.0250 3444	RDPWD ( UnsignedFile.Multi.Generic ) - warning
15:29:19.0250 3444	RDPWD - detected UnsignedFile.Multi.Generic (1)
15:29:19.0265 3444	RDSessMgr       (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe
15:29:19.0375 3444	RDSessMgr ( UnsignedFile.Multi.Generic ) - warning
15:29:19.0375 3444	RDSessMgr - detected UnsignedFile.Multi.Generic (1)
15:29:19.0390 3444	redbook         (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
15:29:19.0468 3444	redbook ( UnsignedFile.Multi.Generic ) - warning
15:29:19.0468 3444	redbook - detected UnsignedFile.Multi.Generic (1)
15:29:19.0593 3444	RegSrvc         (8477d7c3ee18513911547785a06eaf70) C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
15:29:19.0765 3444	RegSrvc ( UnsignedFile.Multi.Generic ) - warning
15:29:19.0765 3444	RegSrvc - detected UnsignedFile.Multi.Generic (1)
15:29:19.0812 3444	RemoteAccess    (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll
15:29:19.0890 3444	RemoteAccess ( UnsignedFile.Multi.Generic ) - warning
15:29:19.0890 3444	RemoteAccess - detected UnsignedFile.Multi.Generic (1)
15:29:19.0937 3444	RemoteRegistry  (e4cd1f3d84e1c2ca0b8cf7501e201593) C:\WINDOWS\system32\regsvc.dll
15:29:20.0000 3444	RemoteRegistry ( UnsignedFile.Multi.Generic ) - warning
15:29:20.0000 3444	RemoteRegistry - detected UnsignedFile.Multi.Generic (1)
15:29:20.0031 3444	rimmptsk        (355aac141b214bef1dbc1483afd9bd50) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
15:29:20.0093 3444	rimmptsk ( UnsignedFile.Multi.Generic ) - warning
15:29:20.0093 3444	rimmptsk - detected UnsignedFile.Multi.Generic (1)
15:29:20.0109 3444	rismc32         (7c21554942bef51cbd84fd7d4e62cb9a) C:\WINDOWS\system32\DRIVERS\rismc32.sys
15:29:20.0171 3444	rismc32 ( UnsignedFile.Multi.Generic ) - warning
15:29:20.0171 3444	rismc32 - detected UnsignedFile.Multi.Generic (1)
15:29:20.0187 3444	RpcLocator      (2a02e21867497df20b8fc95631395169) C:\WINDOWS\system32\locator.exe
15:29:20.0265 3444	RpcLocator ( UnsignedFile.Multi.Generic ) - warning
15:29:20.0265 3444	RpcLocator - detected UnsignedFile.Multi.Generic (1)
15:29:20.0312 3444	RpcSs           (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\System32\rpcss.dll
15:29:20.0359 3444	RpcSs ( UnsignedFile.Multi.Generic ) - warning
15:29:20.0359 3444	RpcSs - detected UnsignedFile.Multi.Generic (1)
15:29:20.0406 3444	RSVP            (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\system32\rsvp.exe
15:29:20.0500 3444	RSVP ( UnsignedFile.Multi.Generic ) - warning
15:29:20.0500 3444	RSVP - detected UnsignedFile.Multi.Generic (1)
15:29:20.0609 3444	S24EventMonitor (e087728d371709c1817ef6487f3e2e73) C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
15:29:21.0984 3444	S24EventMonitor ( UnsignedFile.Multi.Generic ) - warning
15:29:21.0984 3444	S24EventMonitor - detected UnsignedFile.Multi.Generic (1)
15:29:22.0031 3444	s24trans        (15f598ddaafae02102438f09d4d14461) C:\WINDOWS\system32\DRIVERS\s24trans.sys
15:29:22.0046 3444	s24trans ( UnsignedFile.Multi.Generic ) - warning
15:29:22.0046 3444	s24trans - detected UnsignedFile.Multi.Generic (1)
15:29:22.0093 3444	SamSs           (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
15:29:22.0109 3444	SamSs ( UnsignedFile.Multi.Generic ) - warning
15:29:22.0109 3444	SamSs - detected UnsignedFile.Multi.Generic (1)
15:29:22.0156 3444	SCardSvr        (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe
15:29:22.0218 3444	SCardSvr ( UnsignedFile.Multi.Generic ) - warning
15:29:22.0218 3444	SCardSvr - detected UnsignedFile.Multi.Generic (1)
15:29:22.0265 3444	Schedule        (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll
15:29:22.0296 3444	Schedule ( UnsignedFile.Multi.Generic ) - warning
15:29:22.0296 3444	Schedule - detected UnsignedFile.Multi.Generic (1)
15:29:22.0328 3444	sdbus           (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
15:29:22.0343 3444	sdbus ( UnsignedFile.Multi.Generic ) - warning
15:29:22.0343 3444	sdbus - detected UnsignedFile.Multi.Generic (1)
15:29:22.0375 3444	Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
15:29:22.0390 3444	Secdrv ( UnsignedFile.Multi.Generic ) - warning
15:29:22.0390 3444	Secdrv - detected UnsignedFile.Multi.Generic (1)
15:29:22.0421 3444	seclogon        (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll
15:29:22.0453 3444	seclogon ( UnsignedFile.Multi.Generic ) - warning
15:29:22.0453 3444	seclogon - detected UnsignedFile.Multi.Generic (1)
15:29:22.0468 3444	SENS            (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll
15:29:22.0500 3444	SENS ( UnsignedFile.Multi.Generic ) - warning
15:29:22.0500 3444	SENS - detected UnsignedFile.Multi.Generic (1)
15:29:22.0515 3444	Serenum         (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
15:29:22.0562 3444	Serenum ( UnsignedFile.Multi.Generic ) - warning
15:29:22.0562 3444	Serenum - detected UnsignedFile.Multi.Generic (1)
15:29:22.0593 3444	Serial          (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
15:29:22.0734 3444	Serial ( UnsignedFile.Multi.Generic ) - warning
15:29:22.0734 3444	Serial - detected UnsignedFile.Multi.Generic (1)
15:29:22.0750 3444	Sfloppy         (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
15:29:22.0796 3444	Sfloppy ( UnsignedFile.Multi.Generic ) - warning
15:29:22.0796 3444	Sfloppy - detected UnsignedFile.Multi.Generic (1)
15:29:22.0859 3444	SharedAccess    (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll
15:29:22.0937 3444	SharedAccess ( UnsignedFile.Multi.Generic ) - warning
15:29:22.0937 3444	SharedAccess - detected UnsignedFile.Multi.Generic (1)
15:29:22.0984 3444	ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
15:29:23.0015 3444	ShellHWDetection ( UnsignedFile.Multi.Generic ) - warning
15:29:23.0015 3444	ShellHWDetection - detected UnsignedFile.Multi.Generic (1)
15:29:23.0015 3444	Simbad - ok
15:29:23.0062 3444	SMCIRDA         (a8eb0aa07632a4c936ff6f8eda5bdead) C:\WINDOWS\system32\DRIVERS\smcirda.sys
15:29:23.0125 3444	SMCIRDA ( UnsignedFile.Multi.Generic ) - warning
15:29:23.0125 3444	SMCIRDA - detected UnsignedFile.Multi.Generic (1)
15:29:23.0125 3444	Sparrow - ok
15:29:23.0171 3444	splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
15:29:23.0218 3444	splitter ( UnsignedFile.Multi.Generic ) - warning
15:29:23.0218 3444	splitter - detected UnsignedFile.Multi.Generic (1)
15:29:23.0265 3444	Spooler         (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
15:29:23.0296 3444	Spooler ( UnsignedFile.Multi.Generic ) - warning
15:29:23.0296 3444	Spooler - detected UnsignedFile.Multi.Generic (1)
15:29:23.0343 3444	sr              (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
15:29:23.0421 3444	sr ( UnsignedFile.Multi.Generic ) - warning
15:29:23.0421 3444	sr - detected UnsignedFile.Multi.Generic (1)
15:29:23.0453 3444	srservice       (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\system32\srsvc.dll
15:29:23.0531 3444	srservice ( UnsignedFile.Multi.Generic ) - warning
15:29:23.0531 3444	srservice - detected UnsignedFile.Multi.Generic (1)
15:29:23.0578 3444	Srv             (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
15:29:23.0609 3444	Srv ( UnsignedFile.Multi.Generic ) - warning
15:29:23.0609 3444	Srv - detected UnsignedFile.Multi.Generic (1)
15:29:23.0656 3444	SSDPSRV         (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll
15:29:23.0718 3444	SSDPSRV ( UnsignedFile.Multi.Generic ) - warning
15:29:23.0718 3444	SSDPSRV - detected UnsignedFile.Multi.Generic (1)
15:29:23.0765 3444	ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
15:29:23.0781 3444	ssmdrv - ok
15:29:23.0812 3444	StarOpen        (f92254b0bcfcd10caac7bccc7cb7f467) C:\WINDOWS\system32\drivers\StarOpen.sys
15:29:23.0875 3444	StarOpen ( UnsignedFile.Multi.Generic ) - warning
15:29:23.0875 3444	StarOpen - detected UnsignedFile.Multi.Generic (1)
15:29:23.0921 3444	stisvc          (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll
15:29:24.0015 3444	stisvc ( UnsignedFile.Multi.Generic ) - warning
15:29:24.0015 3444	stisvc - detected UnsignedFile.Multi.Generic (1)
15:29:24.0062 3444	swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
15:29:24.0109 3444	swenum ( UnsignedFile.Multi.Generic ) - warning
15:29:24.0109 3444	swenum - detected UnsignedFile.Multi.Generic (1)
15:29:24.0218 3444	SWIHPWMI        (58c341d38cfa462489b735d89df6df12) C:\Programme\HPQ\Shared\Sierra Wireless\Win32\Unicode\SWIHPWMI.exe
15:29:24.0390 3444	SWIHPWMI - ok
15:29:24.0484 3444	swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
15:29:24.0546 3444	swmidi ( UnsignedFile.Multi.Generic ) - warning
15:29:24.0562 3444	swmidi - detected UnsignedFile.Multi.Generic (1)
15:29:24.0562 3444	SwPrv - ok
15:29:24.0562 3444	symc810 - ok
15:29:24.0562 3444	symc8xx - ok
15:29:24.0578 3444	sym_hi - ok
15:29:24.0578 3444	sym_u3 - ok
15:29:24.0640 3444	SynTP           (926e0bb4cac05d9a0c3b59dc16fe2f1c) C:\WINDOWS\system32\DRIVERS\SynTP.sys
15:29:24.0734 3444	SynTP ( UnsignedFile.Multi.Generic ) - warning
15:29:24.0734 3444	SynTP - detected UnsignedFile.Multi.Generic (1)
15:29:24.0765 3444	sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
15:29:24.0843 3444	sysaudio ( UnsignedFile.Multi.Generic ) - warning
15:29:24.0843 3444	sysaudio - detected UnsignedFile.Multi.Generic (1)
15:29:24.0890 3444	SysmonLog       (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe
15:29:25.0000 3444	SysmonLog ( UnsignedFile.Multi.Generic ) - warning
15:29:25.0000 3444	SysmonLog - detected UnsignedFile.Multi.Generic (1)
15:29:25.0046 3444	TapiSrv         (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll
15:29:25.0109 3444	TapiSrv ( UnsignedFile.Multi.Generic ) - warning
15:29:25.0109 3444	TapiSrv - detected UnsignedFile.Multi.Generic (1)
15:29:25.0171 3444	Tcpip           (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:29:25.0234 3444	Tcpip ( UnsignedFile.Multi.Generic ) - warning
15:29:25.0234 3444	Tcpip - detected UnsignedFile.Multi.Generic (1)
15:29:25.0250 3444	TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
15:29:25.0328 3444	TDPIPE ( UnsignedFile.Multi.Generic ) - warning
15:29:25.0328 3444	TDPIPE - detected UnsignedFile.Multi.Generic (1)
15:29:25.0343 3444	TDTCP           (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
15:29:25.0390 3444	TDTCP ( UnsignedFile.Multi.Generic ) - warning
15:29:25.0390 3444	TDTCP - detected UnsignedFile.Multi.Generic (1)
15:29:25.0421 3444	TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
15:29:25.0453 3444	TermDD ( UnsignedFile.Multi.Generic ) - warning
15:29:25.0453 3444	TermDD - detected UnsignedFile.Multi.Generic (1)
15:29:25.0484 3444	TermService     (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll
15:29:25.0578 3444	TermService ( UnsignedFile.Multi.Generic ) - warning
15:29:25.0578 3444	TermService - detected UnsignedFile.Multi.Generic (1)
15:29:25.0625 3444	Themes          (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
15:29:25.0656 3444	Themes ( UnsignedFile.Multi.Generic ) - warning
15:29:25.0656 3444	Themes - detected UnsignedFile.Multi.Generic (1)
15:29:25.0718 3444	TlntSvr         (03681a1ce77f51586903869a5ab1deab) C:\WINDOWS\system32\tlntsvr.exe
15:29:25.0812 3444	TlntSvr ( UnsignedFile.Multi.Generic ) - warning
15:29:25.0812 3444	TlntSvr - detected UnsignedFile.Multi.Generic (1)
15:29:25.0812 3444	TosIde - ok
15:29:25.0828 3444	TrkWks          (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll
15:29:25.0906 3444	TrkWks ( UnsignedFile.Multi.Generic ) - warning
15:29:25.0906 3444	TrkWks - detected UnsignedFile.Multi.Generic (1)
15:29:25.0953 3444	Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
15:29:26.0062 3444	Udfs ( UnsignedFile.Multi.Generic ) - warning
15:29:26.0062 3444	Udfs - detected UnsignedFile.Multi.Generic (1)
15:29:26.0062 3444	ultra - ok
15:29:26.0125 3444	Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
15:29:26.0218 3444	Update ( UnsignedFile.Multi.Generic ) - warning
15:29:26.0218 3444	Update - detected UnsignedFile.Multi.Generic (1)
15:29:26.0250 3444	upnphost        (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll
15:29:26.0328 3444	upnphost ( UnsignedFile.Multi.Generic ) - warning
15:29:26.0328 3444	upnphost - detected UnsignedFile.Multi.Generic (1)
15:29:26.0343 3444	UPS             (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe
15:29:26.0484 3444	UPS ( UnsignedFile.Multi.Generic ) - warning
15:29:26.0484 3444	UPS - detected UnsignedFile.Multi.Generic (1)
15:29:26.0531 3444	USBAAPL         (c1ca131f4e3ed63d6bc89a35ffad4cda) C:\WINDOWS\system32\Drivers\usbaapl.sys
15:29:26.0625 3444	USBAAPL ( UnsignedFile.Multi.Generic ) - warning
15:29:26.0625 3444	USBAAPL - detected UnsignedFile.Multi.Generic (1)
15:29:26.0656 3444	usbccgp         (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
15:29:26.0734 3444	usbccgp ( UnsignedFile.Multi.Generic ) - warning
15:29:26.0734 3444	usbccgp - detected UnsignedFile.Multi.Generic (1)
15:29:26.0796 3444	usbehci         (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
15:29:26.0890 3444	usbehci ( UnsignedFile.Multi.Generic ) - warning
15:29:26.0890 3444	usbehci - detected UnsignedFile.Multi.Generic (1)
15:29:26.0906 3444	usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
15:29:27.0015 3444	usbhub ( UnsignedFile.Multi.Generic ) - warning
15:29:27.0015 3444	usbhub - detected UnsignedFile.Multi.Generic (1)
15:29:27.0046 3444	USBSTOR         (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
15:29:27.0093 3444	USBSTOR ( UnsignedFile.Multi.Generic ) - warning
15:29:27.0093 3444	USBSTOR - detected UnsignedFile.Multi.Generic (1)
15:29:27.0109 3444	usbuhci         (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
15:29:27.0171 3444	usbuhci ( UnsignedFile.Multi.Generic ) - warning
15:29:27.0171 3444	usbuhci - detected UnsignedFile.Multi.Generic (1)
15:29:27.0203 3444	VgaSave         (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
15:29:27.0265 3444	VgaSave ( UnsignedFile.Multi.Generic ) - warning
15:29:27.0265 3444	VgaSave - detected UnsignedFile.Multi.Generic (1)
15:29:27.0265 3444	ViaIde - ok
15:29:27.0281 3444	VolSnap         (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
15:29:27.0375 3444	VolSnap ( UnsignedFile.Multi.Generic ) - warning
15:29:27.0375 3444	VolSnap - detected UnsignedFile.Multi.Generic (1)
15:29:27.0406 3444	VSS             (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe
15:29:27.0515 3444	VSS ( UnsignedFile.Multi.Generic ) - warning
15:29:27.0515 3444	VSS - detected UnsignedFile.Multi.Generic (1)
15:29:27.0546 3444	W32Time         (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\system32\w32time.dll
15:29:27.0625 3444	W32Time ( UnsignedFile.Multi.Generic ) - warning
15:29:27.0625 3444	W32Time - detected UnsignedFile.Multi.Generic (1)
15:29:27.0640 3444	Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:29:27.0734 3444	Wanarp ( UnsignedFile.Multi.Generic ) - warning
15:29:27.0734 3444	Wanarp - detected UnsignedFile.Multi.Generic (1)
15:29:27.0781 3444	Wdf01000        (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
15:29:27.0796 3444	Wdf01000 - ok
15:29:27.0812 3444	WDICA - ok
15:29:27.0843 3444	wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
15:29:27.0906 3444	wdmaud ( UnsignedFile.Multi.Generic ) - warning
15:29:27.0906 3444	wdmaud - detected UnsignedFile.Multi.Generic (1)
15:29:27.0953 3444	WebClient       (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll
15:29:28.0000 3444	WebClient ( UnsignedFile.Multi.Generic ) - warning
15:29:28.0000 3444	WebClient - detected UnsignedFile.Multi.Generic (1)
15:29:28.0078 3444	winachsf        (bb62e6fadcfe4096151103ac4b07f1ed) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
15:29:28.0156 3444	winachsf ( UnsignedFile.Multi.Generic ) - warning
15:29:28.0156 3444	winachsf - detected UnsignedFile.Multi.Generic (1)
15:29:28.0234 3444	winmgmt         (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll
15:29:28.0312 3444	winmgmt ( UnsignedFile.Multi.Generic ) - warning
15:29:28.0312 3444	winmgmt - detected UnsignedFile.Multi.Generic (1)
15:29:28.0484 3444	wlidsvc         (d9250b31b353ee3322c1cad411997e38) C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:29:28.0531 3444	wlidsvc - ok
15:29:28.0718 3444	wltrysvc - ok
15:29:28.0750 3444	WmdmPmSN        (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
15:29:28.0843 3444	WmdmPmSN ( UnsignedFile.Multi.Generic ) - warning
15:29:28.0843 3444	WmdmPmSN - detected UnsignedFile.Multi.Generic (1)
15:29:28.0937 3444	Wmi             (ffa4d901d46d07a5bab2d8307fbb51a6) C:\WINDOWS\System32\advapi32.dll
15:29:29.0046 3444	Wmi ( UnsignedFile.Multi.Generic ) - warning
15:29:29.0046 3444	Wmi - detected UnsignedFile.Multi.Generic (1)
15:29:29.0093 3444	WmiAcpi         (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
15:29:29.0187 3444	WmiAcpi ( UnsignedFile.Multi.Generic ) - warning
15:29:29.0187 3444	WmiAcpi - detected UnsignedFile.Multi.Generic (1)
15:29:29.0250 3444	WmiApSrv        (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\system32\wbem\wmiapsrv.exe
15:29:29.0406 3444	WmiApSrv ( UnsignedFile.Multi.Generic ) - warning
15:29:29.0406 3444	WmiApSrv - detected UnsignedFile.Multi.Generic (1)
15:29:29.0609 3444	WMPNetworkSvc   (bf05650bb7df5e9ebdd25974e22403bb) C:\Programme\Windows Media Player\WMPNetwk.exe
15:29:29.0921 3444	WMPNetworkSvc ( UnsignedFile.Multi.Generic ) - warning
15:29:29.0921 3444	WMPNetworkSvc - detected UnsignedFile.Multi.Generic (1)
15:29:29.0937 3444	WS2IFSL         (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
15:29:30.0031 3444	WS2IFSL ( UnsignedFile.Multi.Generic ) - warning
15:29:30.0031 3444	WS2IFSL - detected UnsignedFile.Multi.Generic (1)
15:29:30.0078 3444	wscsvc          (300b3e84faf1a5c1f791c159ba28035d) C:\WINDOWS\system32\wscsvc.dll
15:29:30.0203 3444	wscsvc ( UnsignedFile.Multi.Generic ) - warning
15:29:30.0203 3444	wscsvc - detected UnsignedFile.Multi.Generic (1)
15:29:30.0203 3444	WSearch - ok
15:29:30.0250 3444	wuauserv        (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll
15:29:30.0296 3444	wuauserv ( UnsignedFile.Multi.Generic ) - warning
15:29:30.0296 3444	wuauserv - detected UnsignedFile.Multi.Generic (1)
15:29:30.0328 3444	WudfPf          (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
15:29:30.0406 3444	WudfPf ( UnsignedFile.Multi.Generic ) - warning
15:29:30.0406 3444	WudfPf - detected UnsignedFile.Multi.Generic (1)
15:29:30.0421 3444	WudfRd          (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
15:29:30.0500 3444	WudfRd ( UnsignedFile.Multi.Generic ) - warning
15:29:30.0500 3444	WudfRd - detected UnsignedFile.Multi.Generic (1)
15:29:30.0515 3444	WudfSvc         (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
15:29:30.0593 3444	WudfSvc ( UnsignedFile.Multi.Generic ) - warning
15:29:30.0593 3444	WudfSvc - detected UnsignedFile.Multi.Generic (1)
15:29:30.0656 3444	WZCSVC          (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll
15:29:30.0703 3444	WZCSVC ( UnsignedFile.Multi.Generic ) - warning
15:29:30.0703 3444	WZCSVC - detected UnsignedFile.Multi.Generic (1)
15:29:30.0750 3444	xmlprov         (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll
15:29:30.0796 3444	xmlprov ( UnsignedFile.Multi.Generic ) - warning
15:29:30.0796 3444	xmlprov - detected UnsignedFile.Multi.Generic (1)
15:29:30.0828 3444	MBR (0x1B8)     (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
15:29:31.0296 3444	\Device\Harddisk0\DR0 - ok
15:29:31.0296 3444	Boot (0x1200)   (a17e03968a3336549421dae9bcf4d297) \Device\Harddisk0\DR0\Partition0
15:29:31.0296 3444	\Device\Harddisk0\DR0\Partition0 - ok
15:29:31.0296 3444	============================================================
15:29:31.0296 3444	Scan finished
15:29:31.0296 3444	============================================================
15:29:31.0406 3456	Detected object count: 234
15:29:31.0406 3456	Actual detected object count: 234
15:29:45.0234 3456	Accelerometer ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0234 3456	Accelerometer ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0234 3456	ACPI ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0234 3456	ACPI ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0234 3456	ACPIEC ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0234 3456	ACPIEC ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0234 3456	ADIHdAudAddService ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0234 3456	ADIHdAudAddService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0234 3456	AEAudio ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0234 3456	AEAudio ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0234 3456	aec ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0234 3456	aec ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0234 3456	AegisP ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0234 3456	AegisP ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0234 3456	AFD ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0234 3456	AFD ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0250 3456	Alerter ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0250 3456	Alerter ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0250 3456	ALG ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0250 3456	ALG ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0250 3456	AppMgmt ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0250 3456	AppMgmt ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0250 3456	Arp1394 ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0250 3456	Arp1394 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0250 3456	AsyncMac ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0250 3456	AsyncMac ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0250 3456	atapi ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0250 3456	atapi ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0250 3456	Atmarpc ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0250 3456	Atmarpc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0250 3456	AudioSrv ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0250 3456	AudioSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0265 3456	audstub ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0265 3456	audstub ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0265 3456	Beep ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0265 3456	Beep ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0265 3456	BITS ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0265 3456	BITS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0265 3456	Browser ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0265 3456	Browser ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0265 3456	cbidf2k ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0265 3456	cbidf2k ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0265 3456	Cdaudio ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0265 3456	Cdaudio ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0265 3456	Cdfs ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0265 3456	Cdfs ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0265 3456	Cdrom ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0265 3456	Cdrom ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0281 3456	CiSvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0281 3456	CiSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0281 3456	ClipSrv ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0281 3456	ClipSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0281 3456	CmBatt ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0281 3456	CmBatt ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0281 3456	Compbatt ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0281 3456	Compbatt ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0281 3456	CryptSvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0281 3456	CryptSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0281 3456	DcomLaunch ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0281 3456	DcomLaunch ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0281 3456	Dhcp ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0281 3456	Dhcp ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0281 3456	Disk ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0281 3456	Disk ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0296 3456	dmboot ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0296 3456	dmboot ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0296 3456	dmio ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0296 3456	dmio ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0296 3456	dmload ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0296 3456	dmload ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0296 3456	dmserver ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0296 3456	dmserver ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0296 3456	DMusic ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0296 3456	DMusic ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0296 3456	Dnscache ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0296 3456	Dnscache ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0296 3456	Dot3svc ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0296 3456	Dot3svc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0296 3456	drmkaud ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0296 3456	drmkaud ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0312 3456	EapHost ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0312 3456	EapHost ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0312 3456	ERSvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0312 3456	ERSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0312 3456	Eventlog ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0312 3456	Eventlog ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0312 3456	EventSystem ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0312 3456	EventSystem ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0312 3456	EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0312 3456	EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0312 3456	Fastfat ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0312 3456	Fastfat ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0312 3456	FastUserSwitchingCompatibility ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0312 3456	FastUserSwitchingCompatibility ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0312 3456	Fdc ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0312 3456	Fdc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0328 3456	Fips ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0328 3456	Fips ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0328 3456	Flpydisk ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0328 3456	Flpydisk ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0328 3456	FltMgr ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0328 3456	FltMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0328 3456	Fs_Rec ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0328 3456	Fs_Rec ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0328 3456	Ftdisk ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0328 3456	Ftdisk ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0328 3456	Gpc ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0328 3456	Gpc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0328 3456	HBtnKey ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0328 3456	HBtnKey ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0343 3456	HDAudBus ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0343 3456	HDAudBus ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0343 3456	HECI ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0343 3456	HECI ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0343 3456	helpsvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0343 3456	helpsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0343 3456	HidServ ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0343 3456	HidServ ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0343 3456	hidusb ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0343 3456	hidusb ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0343 3456	hkmsvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0343 3456	hkmsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0343 3456	HP24X ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0343 3456	HP24X ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0359 3456	hpdskflt ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0359 3456	hpdskflt ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0359 3456	HpqKbFiltr ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0359 3456	HpqKbFiltr ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0359 3456	HSFHWAZL ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0359 3456	HSFHWAZL ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0359 3456	HSF_DPV ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0359 3456	HSF_DPV ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0359 3456	HTTP ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0359 3456	HTTP ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0359 3456	HTTPFilter ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0359 3456	HTTPFilter ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0375 3456	i8042prt ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0375 3456	i8042prt ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0375 3456	ialm ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0375 3456	ialm ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0375 3456	IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0375 3456	IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0375 3456	IFXTPM ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0375 3456	IFXTPM ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0375 3456	igfx ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0375 3456	igfx ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0375 3456	Imapi ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0375 3456	Imapi ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0375 3456	ImapiService ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0390 3456	ImapiService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0390 3456	intelppm ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0390 3456	intelppm ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0390 3456	Ip6Fw ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0390 3456	Ip6Fw ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0390 3456	IpFilterDriver ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0390 3456	IpFilterDriver ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0390 3456	IpInIp ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0390 3456	IpInIp ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0390 3456	IpNat ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0390 3456	IpNat ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0390 3456	IPSec ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0390 3456	IPSec ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0406 3456	irda ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0406 3456	irda ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0406 3456	IRENUM ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0406 3456	IRENUM ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0406 3456	Irmon ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0406 3456	Irmon ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0406 3456	isapnp ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0406 3456	isapnp ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0406 3456	Kbdclass ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0406 3456	Kbdclass ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0406 3456	kbdhid ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0406 3456	kbdhid ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0421 3456	kmixer ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0421 3456	kmixer ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0421 3456	KSecDD ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0421 3456	KSecDD ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0421 3456	LanmanServer ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0421 3456	LanmanServer ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0421 3456	lanmanworkstation ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0421 3456	lanmanworkstation ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0421 3456	LmHosts ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0421 3456	LmHosts ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0421 3456	mdmxsdk ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0421 3456	mdmxsdk ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0421 3456	Messenger ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0421 3456	Messenger ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0421 3456	mnmdd ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0421 3456	mnmdd ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0437 3456	mnmsrvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0437 3456	mnmsrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0437 3456	Modem ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0437 3456	Modem ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0437 3456	Mouclass ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0437 3456	Mouclass ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0437 3456	mouhid ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0437 3456	mouhid ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0437 3456	MountMgr ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0437 3456	MountMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0437 3456	MRxDAV ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0437 3456	MRxDAV ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0437 3456	MRxSmb ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0437 3456	MRxSmb ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0437 3456	MSDTC ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0437 3456	MSDTC ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0437 3456	Msfs ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0437 3456	Msfs ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0437 3456	MSKSSRV ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0437 3456	MSKSSRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0437 3456	MSPCLOCK ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0437 3456	MSPCLOCK ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0437 3456	MSPQM ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0437 3456	MSPQM ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0437 3456	mssmbios ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0437 3456	mssmbios ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0437 3456	Mup ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0453 3456	Mup ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0453 3456	napagent ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0453 3456	napagent ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0453 3456	NDIS ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0453 3456	NDIS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0453 3456	NdisTapi ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0453 3456	NdisTapi ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0453 3456	Ndisuio ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0453 3456	Ndisuio ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0453 3456	NdisWan ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0453 3456	NdisWan ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0453 3456	NDProxy ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0453 3456	NDProxy ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0453 3456	NetBIOS ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0453 3456	NetBIOS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0453 3456	NetBT ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0453 3456	NetBT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0453 3456	NetDDE ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0453 3456	NetDDE ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0453 3456	NetDDEdsdm ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0453 3456	NetDDEdsdm ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0453 3456	Netlogon ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0453 3456	Netlogon ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0453 3456	Netman ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0453 3456	Netman ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0453 3456	NETw4x32 ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0453 3456	NETw4x32 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0453 3456	NIC1394 ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0453 3456	NIC1394 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0453 3456	Nla ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0453 3456	Nla ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0468 3456	Npfs ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0468 3456	Npfs ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0468 3456	Ntfs ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0468 3456	Ntfs ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0468 3456	NtLmSsp ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0468 3456	NtLmSsp ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0468 3456	NtmsSvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0468 3456	NtmsSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0468 3456	Null ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0468 3456	Null ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0468 3456	NwlnkFlt ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0468 3456	NwlnkFlt ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0468 3456	NwlnkFwd ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0468 3456	NwlnkFwd ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0468 3456	ohci1394 ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0468 3456	ohci1394 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0468 3456	Parport ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0468 3456	Parport ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0468 3456	PartMgr ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0468 3456	PartMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0468 3456	ParVdm ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0468 3456	ParVdm ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0468 3456	PCI ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0468 3456	PCI ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0468 3456	PCIIde ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0468 3456	PCIIde ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0468 3456	Pcmcia ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0468 3456	Pcmcia ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0468 3456	PlugPlay ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0468 3456	PlugPlay ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0468 3456	PolicyAgent ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0468 3456	PolicyAgent ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0468 3456	PptpMiniport ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0468 3456	PptpMiniport ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0468 3456	ProtectedStorage ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0468 3456	ProtectedStorage ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0484 3456	PSched ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0484 3456	PSched ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0484 3456	Ptilink ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0484 3456	Ptilink ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0484 3456	RasAcd ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0484 3456	RasAcd ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0484 3456	RasAuto ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0484 3456	RasAuto ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0484 3456	Rasirda ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0484 3456	Rasirda ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0484 3456	Rasl2tp ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0484 3456	Rasl2tp ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0484 3456	RasMan ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0484 3456	RasMan ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0484 3456	RasPppoe ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0484 3456	RasPppoe ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0484 3456	Raspti ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0484 3456	Raspti ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0484 3456	Rdbss ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0484 3456	Rdbss ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0484 3456	RDPCDD ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0484 3456	RDPCDD ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0484 3456	rdpdr ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0484 3456	rdpdr ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0484 3456	RDPWD ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0484 3456	RDPWD ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0484 3456	RDSessMgr ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0484 3456	RDSessMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0484 3456	redbook ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0484 3456	redbook ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0484 3456	RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0484 3456	RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0484 3456	RemoteAccess ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0484 3456	RemoteAccess ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0500 3456	RemoteRegistry ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0500 3456	RemoteRegistry ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0500 3456	rimmptsk ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0500 3456	rimmptsk ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0500 3456	rismc32 ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0500 3456	rismc32 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0500 3456	RpcLocator ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0500 3456	RpcLocator ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0500 3456	RpcSs ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0500 3456	RpcSs ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0500 3456	RSVP ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0500 3456	RSVP ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0500 3456	S24EventMonitor ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0500 3456	S24EventMonitor ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0500 3456	s24trans ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0500 3456	s24trans ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0500 3456	SamSs ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0500 3456	SamSs ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0500 3456	SCardSvr ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0500 3456	SCardSvr ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0500 3456	Schedule ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0500 3456	Schedule ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0500 3456	sdbus ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0500 3456	sdbus ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0500 3456	Secdrv ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0500 3456	Secdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0500 3456	seclogon ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0500 3456	seclogon ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0500 3456	SENS ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0500 3456	SENS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0500 3456	Serenum ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0500 3456	Serenum ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0500 3456	Serial ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0500 3456	Serial ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0500 3456	Sfloppy ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0500 3456	Sfloppy ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0515 3456	SharedAccess ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0515 3456	SharedAccess ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0515 3456	ShellHWDetection ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0515 3456	ShellHWDetection ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0515 3456	SMCIRDA ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0515 3456	SMCIRDA ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0515 3456	splitter ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0515 3456	splitter ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0515 3456	Spooler ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0515 3456	Spooler ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0515 3456	sr ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0515 3456	sr ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0515 3456	srservice ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0515 3456	srservice ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0515 3456	Srv ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0515 3456	Srv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0515 3456	SSDPSRV ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0515 3456	SSDPSRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0515 3456	StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0515 3456	StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0515 3456	stisvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0515 3456	stisvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0515 3456	swenum ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0515 3456	swenum ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0515 3456	swmidi ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0515 3456	swmidi ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0515 3456	SynTP ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0515 3456	SynTP ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0515 3456	sysaudio ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0515 3456	sysaudio ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0515 3456	SysmonLog ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0515 3456	SysmonLog ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0515 3456	TapiSrv ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0515 3456	TapiSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0515 3456	Tcpip ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0515 3456	Tcpip ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0531 3456	TDPIPE ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0531 3456	TDPIPE ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0531 3456	TDTCP ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0531 3456	TDTCP ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0531 3456	TermDD ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0531 3456	TermDD ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0531 3456	TermService ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0531 3456	TermService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0531 3456	Themes ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0531 3456	Themes ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0531 3456	TlntSvr ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0531 3456	TlntSvr ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0531 3456	TrkWks ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0531 3456	TrkWks ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0531 3456	Udfs ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0531 3456	Udfs ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0531 3456	Update ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0531 3456	Update ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0531 3456	upnphost ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0531 3456	upnphost ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0531 3456	UPS ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0531 3456	UPS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0531 3456	USBAAPL ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0531 3456	USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0531 3456	usbccgp ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0531 3456	usbccgp ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0531 3456	usbehci ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0531 3456	usbehci ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0531 3456	usbhub ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0531 3456	usbhub ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0531 3456	USBSTOR ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0531 3456	USBSTOR ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0531 3456	usbuhci ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0531 3456	usbuhci ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0531 3456	VgaSave ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0531 3456	VgaSave ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0546 3456	VolSnap ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0546 3456	VolSnap ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0546 3456	VSS ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0546 3456	VSS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0546 3456	W32Time ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0546 3456	W32Time ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0546 3456	Wanarp ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0546 3456	Wanarp ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0546 3456	wdmaud ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0546 3456	wdmaud ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0546 3456	WebClient ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0546 3456	WebClient ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0546 3456	winachsf ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0546 3456	winachsf ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0546 3456	winmgmt ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0546 3456	winmgmt ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0546 3456	WmdmPmSN ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0546 3456	WmdmPmSN ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0546 3456	Wmi ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0546 3456	Wmi ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0546 3456	WmiAcpi ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0546 3456	WmiAcpi ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0546 3456	WmiApSrv ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0546 3456	WmiApSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0546 3456	WMPNetworkSvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0546 3456	WMPNetworkSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0546 3456	WS2IFSL ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0546 3456	WS2IFSL ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0546 3456	wscsvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0546 3456	wscsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0546 3456	wuauserv ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0546 3456	wuauserv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0546 3456	WudfPf ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0546 3456	WudfPf ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0546 3456	WudfRd ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0546 3456	WudfRd ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0562 3456	WudfSvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0562 3456	WudfSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0562 3456	WZCSVC ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0562 3456	WZCSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:29:45.0562 3456	xmlprov ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:45.0562 3456	xmlprov ( UnsignedFile.Multi.Generic ) - User select action: Skip

Hypocrite666 · 06.07.2012, 17:55

ist das soweit ok?

markusg · 06.07.2012, 18:59

hab auch noch einiges anderes zu tun.
in den foren regeln etc steht eindeutig etwas über die mögliche wartezeit.
lade den CCleaner standard:
CCleaner Download - CCleaner 3.20.1750
falls der CCleaner
bereits instaliert, überspringen.
instalieren, öffnen, extras, liste der instalierten programme, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.

Hypocrite666 · 07.07.2012, 00:24

sorry, wollte dich nicht drängen
weil es vorher so schnell ging, dachte ich, mein letzter log-post wäre vielleicht untergegangen

Code:

ATTFilter

7-Zip 9.20		05.07.2012 notwendig		
Adobe Flash Player 10 ActiveX	Adobe Systems Incorporated	04.07.2012		10.1.85.3 notwendig
Adobe Flash Player 10 Plugin	Adobe Systems Incorporated	04.07.2012		10.2.153.1 notwendig
Apple Application Support	Apple Inc.	08.04.2011	52,66MB	1.5.0 notwendig
Apple Mobile Device Support	Apple Inc.	08.04.2011	21,75MB	3.4.0.25 notwendig
Apple Software Update	Apple Inc.	13.09.2008	2,16MB	2.1.1.116 notwendig
AuthenTec Fingerprint Sensor Minimum Install	AuthenTec	10.07.2008	2,33MB	7.9 unnötig
Bonjour	Apple Inc.	27.11.2010	0,97MB	2.0.4.0 notwendig
Broadcom 802.11-WLAN-Adapter	Broadcom Corporation	10.07.2008		4.170.77.3 notwendig
Broadcom Wireless-Dienstprogramm	Broadcom Corporation	10.07.2008		4.170.77.3 notwendig
CCleaner	Piriform	22.06.2012		3.20 notwendig
CDBurnerXP	CDBurnerXP	22.12.2010		4.3.8.2474 notwendig
DivX Codec	DivX, Inc.	17.11.2008		6.8.5 notwendig
ElsterFormular	Landesfinanzdirektion Thüringen	20.05.2012		13.2.0.8623p notwendig
ElsterFormular 2008/2009	Steuerverwaltung des Bundes und der Länder	21.05.2009		10.0.0.0 notwendig
HP 3D DriveGuard		11.07.2008		1.00 A4 notwendig
HP Broadband Wireless Modules	Sierra Wireless Inc	10.07.2008	14,93MB	18.7.1.1348 notwendig
HP Doc Viewer	Hewlett-Packard	10.07.2008	0,50MB	1.01.0005 notwendig
HP Integrated Module with Bluetooth wireless technology	HP	10.07.2008	17,57MB	5.1.0.4800 notwendig
HP MULTIPLE WLAN INSTALLER for VISTA	Hewlett Packard	10.07.2008	22,55MB	6.0.0.3 notwendig
HP PCMCIA Smart Card Reader	HP	10.07.2008	3,23MB	1.01.0001 notwendig
HP Quick Launch Buttons 6.40 C2	Hewlett-Packard	15.07.2008		6.40 C2 notwendig
HP Update	Hewlett-Packard	18.09.2011	3,98MB	5.003.001.001 notwendig
HP User Guides 0058	Hewlett-Packard	10.07.2008	229,00MB	1.01.0000 notwendig
HP Wireless Assistant	Hewlett-Packard	10.07.2008	3,10MB	3.00 E1 notwendig
Intel(R) Graphics Media Accelerator Driver		10.07.2008 notwendig		
Intel(R) Management Engine Interface		11.07.2008 notwendig
Intel(R) Network Connections Drivers		05.07.2012 notwendig		
Intel(R) PROSet/Wireless Software	Intel Corporation	05.07.2012		11.5.0.0 notwendig
InterVideo DVD Check		10.07.2008 unnötig		
InterVideo WinDVD	InterVideo Inc.	10.07.2008		5.0-B11.1145 unnötig
iTunes	Apple Inc.	08.04.2011	142,00MB	10.2.1.1  notwendig
Java(TM) 6 Update 33	Oracle	17.06.2012	91,84MB	6.0.330 notwendig
Malwarebytes Anti-Malware Version 1.61.0.1400	Malwarebytes Corporation	05.07.2012		1.61.0.1400 notwendig
Microsoft .NET Framework 2.0 Language Pack - DEU	Microsoft Corporation	11.07.2008 notwendig		
Microsoft .NET Framework 2.0 Service Pack 2	Microsoft Corporation	15.06.2012	184,00MB	2.2.30729 notwendig
Microsoft .NET Framework 3.0 Service Pack 2	Microsoft Corporation	12.05.2012	239,00MB	3.2.30729 notwendig
Microsoft .NET Framework 3.5 SP1	Microsoft Corporation	12.05.2012 notwendig		
Microsoft Compression Client Pack 1.0 for Windows XP	Microsoft Corporation	11.07.2008		1 unbekannt
Microsoft Office File Validation Add-In	Microsoft Corporation	16.09.2011	7,92MB	14.0.5130.5003 unbekannt
Microsoft Office Home and Student 2007	Microsoft Corporation	12.05.2012		12.0.6612.1000 notwendig
Microsoft Office Live Add-in 1.4	Microsoft Corporation	10.12.2009	0,48MB	2.0.3008.0 unbekannt
Microsoft Office Professional 2010	Microsoft Corporation	17.10.2011		14.0.6029.1000 notwendig
Microsoft Security Essentials	Microsoft Corporation	05.07.2012		4.0.1526.0 notwendig
Microsoft Silverlight	Microsoft Corporation	14.05.2012	251,00MB	5.1.10411.0 notwendig
Microsoft User-Mode Driver Framework Feature Pack 1.0	Microsoft Corporation	11.07.2008 unbekannt		
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053	Microsoft Corporation	12.08.2009	0,11MB	8.0.50727.4053 notwendig
Microsoft Visual C++ 2005 Redistributable	Microsoft Corporation	18.06.2011	5,28MB	8.0.61001 notwendig
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148	Microsoft Corporation	10.12.2009	0,15MB	9.0.30729.4148 notwendig
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570	Microsoft Corporation	25.04.2011	10,20MB	9.0.30729.5570 notwendig
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729	Microsoft Corporation	16.05.2010	10,29MB	9.0.30729 notwendig
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17	Microsoft Corporation	10.12.2009	10,28MB	9.0.30729 notwendig
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148	Microsoft Corporation	04.06.2010	10,19MB	9.0.30729.4148 notwendig
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161	Microsoft Corporation	18.06.2011	10,20MB	9.0.30729.6161 notwendig
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219	Microsoft Corporation	18.03.2012	14,97MB	10.0.40219 notwendig
Microsoft-Basissmartcard-Kryptografiedienstanbieterpaket	Microsoft Corporation	10.12.2009 unbekannt		
Miranda IM 0.7.8		23.07.2008 unnötig		
Mozilla Firefox 13.0.1 (x86 de)	Mozilla	04.07.2012		13.0.1 notwendig
Mozilla Maintenance Service	Mozilla	05.07.2012		13.0.1 notwendig
Mozilla Thunderbird 12.0.1 (x86 de)	Mozilla	28.06.2012		12.0.1 notwendig
Picasa 3	Google, Inc.	30.07.2008		3.8 notwendig
QuickTime	Apple Inc.	08.04.2011	73,72MB	7.69.80.9 notwendig
RICOH R5C853 Driver WXP Ver.1.01.05				1.01.05 notwendig
Security Update for Windows Search 4 - KB963093	Microsoft Corporation	13.12.2009 unbekannt		
Soft Data Fax Modem with SmartCP		11.07.2008 unbekannt		
SoundMAX	Analog Devices	10.07.2008		5.10.01.5220 notwendig
Synaptics Pointing Device Driver	Synaptics	11.07.2008		11.0.7.0 notwendig
VLC media player 2.0.2	VideoLAN	04.07.2012		2.0.2 notwendig
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray	Microsoft Corporation	14.08.2010		1.0 unbekannt
Windows Genuine Advantage Validation Tool (KB892130)	Microsoft Corporation	11.07.2008 notwendig
Windows Internet Explorer 8	Microsoft Corporation	10.12.2009		20090308.140743  notwendig
Windows Live ID-Anmelde-Assistent	Microsoft Corporation	10.12.2009	4,69MB	6.500.3146.0 unbekannt
Windows Media Format 11 runtime		11.07.2008 notwendig		
Windows Media Player 11		11.07.2008 notwendig		
Windows Search 4.0	Microsoft Corporation	10.12.2009		04.00.6001.503 notwendig

markusg · 10.07.2012, 23:36

deinstaliere:
Adobe Flash Player alle
Adobe - Adobe Flash Player installieren
neueste version laden
AuthenTec
InterVideo beide
Miranda
Windows Live

öffne ccleaner, analysieren, starten.
öffne otl, cleanup, pc startet neu, testen wie er läuft

Hypocrite666 · 11.07.2012, 21:17

scheint soweit alles zu laufen.
ist jetzt noch was zu tun? ansonsten bedanke ich mich schonmal herzlich für deine hilfe.

markusg · 14.07.2012, 12:29

hi
pc absichern:
als antimalware programm würde ich emsisoft empfehlen.
diese haben für mich den besten schutz kostet aber etwas.
http://www.trojaner-board.de/103809-...i-malware.html
testversion:
Meine Antivirus-Empfehlung: Emsisoft Anti-Malware
insbesondere wenn du onlinebanking, einkäufe, sonstige zahlungsabwicklungen oder ähnlich wichtiges, wie zb berufliches machst, also sensible daten zu schützen sind, solltest du in sicherheitssoftware investieren.
vor dem aktivieren der lizenz die 30 tage testzeitraum ausnutzen.

kostenlos, aber eben nicht ganz so gut wäre avast zu empfehlen.
http://www.trojaner-board.de/110895-...antivirus.html

sag mir welches du nutzt, dann gebe ich konfigurationshinweise.
bitte dein bisheriges av deinstalieren
die folgende anleitung ist umfangreich, dass ist mir klar, sie sollte aber umgesetzt werden, da nur dann dein pc sicher ist. stelle so viele fragen wie nötig, ich arbeite gern alles mit dir durch!

http://www.trojaner-board.de/96344-a...-rechners.html
Starte bitte mit der Passage, Windows Vista und Windows 7
Bitte beginne damit, Windows Updates zu instalieren.
Am besten geht dies, wenn du über Start, Suchen gehst, und dort Windows Updates eingibst.
Prüfe unter "Einstellungen ändern" dass folgendes ausgewählt ist:
- Updates automatisch Instalieren,
- Täglich
- Uhrzeit wählen
- Bitte den gesammten rest anhaken, außer:
- detailierte benachichtungen anzeigen, wenn neue Microsoft software verfügbar ist.
Klicke jetzt die Schaltfläche "OK"
Klicke jetzt "nach Updates suchen".
Bitte instaliere zunächst wichtige Updates.
Es wird nötig sein, den PC zwischendurch neu zu starten. falls dies der Fall ist, musst du erneut über Start, Suchen, Windows Update aufrufen, auf Updates suchen klicken und die nächsten instalieren.
Mache das selbe bitte mit den optionalen Updates.
Bitte übernimm den rest so, wie es im Abschnitt windows 7 / Vista zu lesen ist.
aus dem Abschnitt xp, bitte den punkt "datenausführungsverhinderung, dep" übernehmen.
als browser rate ich dir zu chrome:
Installation von Google Chrome für mehrere Nutzerkonten - Google Chrome-Hilfe
anleitung lesen bitte
falls du nen andern nutzen willst, sags mir dann muss ich teile der nun folgenden anleitung

Sandboxie
Die devinition einer Sandbox ist hier nachzulesen:
Sandbox
Kurz gesagt, man kann Programme fast 100 %ig isuliert vom System ausführen.

Der Vorteil liegt klar auf der Hand, wenn über den Browser Schadcode eingeschläust wird, kann dieser nicht nach außen dringen.
Download Link:
Sandboxie Download - Sandboxie 3.72

anleitung:
http://www.trojaner-board.de/71542-a...sandboxie.html
ausführliche anleitung als pdf, auch abarbeiten:
Sandbox Einstellungen |

bitte folgende zusatz konfiguration machen:
sandboxie control öffnen, menü sandbox anklicken, defauldbox wählen.
dort klicke auf sandbox einstellungen.
beschrenkungen, bei programm start und internet zugriff schreibe:
chrome.exe
dann gehe auf anwendungen, webbrowser, chrome.
dort aktiviere alles außer gesammten profil ordner freigeben.
Wie du evtl. schon gesehen hast, kannst du einige Funktionen nicht nutzen.
Dies ist nur in der Vollversion nötig, zu deren Kauf ich dir rate.
Du kannst zb unter "Erzwungene Programmstarts" festlegen, dass alle Browser in der Sandbox starten.
Ansonsten musst du immer auf "Sandboxed webbrowser" klicken bzw Rechtsklick, in Sandboxie starten.
Eine lebenslange Lizenz kostet 30 €, und ist auf allen deinen PC's nutzbar.

Weiter mit:
Maßnahmen für ALLE Windows-Versionen
alles komplett durcharbeiten
anmerkung zu file hippo.
in den settings zusätzlich auswählen:
hide beta updates.
Run updateChecker when Windows starts

Backup Programm:
in meiner Anleitung ist bereits ein Backup Programm verlinkt, als Alternative bietet sich auch das Windows eigene Backup Programm an:
http://www.trojaner-board.de/82962-w...en-backup.html
Dies ist aber leider nur für Windows 7 Nutzer vernünftig nutzbar.
Alle Anderen sollten sich aber auf jeden fall auch ein Backup Programm instalieren, denn dies kann unter Umständen sehr wichtig sein, zum Beispiel, wenn die Festplatte einmal kaputt ist.

Zum Schluss, die allgemeinen sicherheitstipps beachten, wenn es dich betrifft, den Tipp zum Onlinebanking beachten und alle Passwörter ändern
bitte auch lesen, wie mache ich programme für alle sichtbar:
Programme für alle Konten nutzbar machen - PCtipp.ch - Praxis & Hilfe
surfe jetzt also nur noch im standard nutzer konto und dort in der sandbox.
wenn du die kostenlose version nutzt, dann mit klick auf sandboxed web browser, wenn du die bezahlversion hast, kannst du erzwungene programm starts festlegen, dann wird Sandboxie immer gestartet wenn du nen browser aufrufst.
wenn du mit der maus über den browser fährst sollte der eingerahmt sein, dann bist du im sandboxed web browser

05.07.2012, 14:23	#6
markusg /// Malware-holic	Infizierung mit My Security Shield hi download tdss killer: http://www.trojaner-board.de/82358-t...entfernen.html Klicke auf Change parameters • Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system • Klick auf OK und anschließend auf Start scan - bei funden erst mal immer skip wählen, log posten __________________ --> Infizierung mit My Security Shield

Infizierung mit My Security Shield

Plagegeister aller Art und deren Bekämpfung: Infizierung mit My Security Shield