| |
| |||||||
Log-Analyse und Auswertung: WinXP GVU Trojaner 2.07Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
16.07.2012, 14:29
| #1 |
| |  WinXP GVU Trojaner 2.07 Hallo zusammen, seit gestern Abend habe ich den GVU-Trojaner (2.07) mit Webcam auf meinem Rechner. Der Desktop ist vom Trojaner völlig blockiert und ein Arbeiten ist nur im abgesicherten Modus möglich. Ich habe schonmal die OTL-Dsteien erstellt. Herzlichen Dank für die Hilfe im Voraus und beste Grüße, Alex |
|
16.07.2012, 16:19
| #2 |
| /// Helfer-Team  | WinXP GVU Trojaner 2.07 Fixen mit OTL Lade (falls noch nicht vorhanden) OTL von Oldtimer herunter und speichere es auf Deinem Desktop (nicht woanders hin).
Code:
ATTFilter :OTL
SRV - (HWDeviceService.exe) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DatacardService\HWDeviceService.exe ()
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKCU\..\SearchScopes,DefaultScope = {E74CBA6E-0A1C-417E-904B-3177B706A0F7}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKCU\..\SearchScopes\{E74CBA6E-0A1C-417E-904B-3177B706A0F7}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;192.168.*.*
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004
FF - prefs.js..extensions.enabledItems: {455D905A-D37C-4643-A9E2-F6FEFAA0424A}:0.8.15
FF - prefs.js..extensions.enabledItems: {8AA36F4F-6DC7-4c06-77AF-5035170634FE}:2010.01.21
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:11.0.0.232
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (PDFCreator Toolbar) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Programme\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll ()
O4 - HKCU..\Run: [MotoCast] C:\Programme\Motorola Mobility\MotoCast\MotoLauncher.lnk ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{2af1a1f2-ed57-11e0-9ae8-544f4c000031}\Shell - "" = AutoRun
O33 - MountPoints2\{2af1a1f2-ed57-11e0-9ae8-544f4c000031}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{2af1a1f2-ed57-11e0-9ae8-544f4c000031}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{55a45219-e5d5-11df-98ea-001060c7a6e9}\Shell - "" = AutoRun
O33 - MountPoints2\{55a45219-e5d5-11df-98ea-001060c7a6e9}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{55a45219-e5d5-11df-98ea-001060c7a6e9}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{74dff027-c1b7-11dc-91e1-544f4c000031}\Shell\AutoRun\command - "" = F:\stdhost_boa_veop.exe
O33 - MountPoints2\{76db4321-8eda-11df-9810-001060c7a6e9}\Shell\AutoRun\command - "" = DUNJA//juana.exe
O33 - MountPoints2\{7b86d281-acb8-11e1-9c69-544f4c000031}\Shell - "" = AutoRun
O33 - MountPoints2\{7b86d281-acb8-11e1-9c69-544f4c000031}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{7b86d281-acb8-11e1-9c69-544f4c000031}\Shell\AutoRun\command - "" = H:\MotoCastSetup.exe -a
O33 - MountPoints2\{dd603c2c-a8fa-11e1-9c62-544f4c000031}\Shell - "" = AutoRun
O33 - MountPoints2\{dd603c2c-a8fa-11e1-9c62-544f4c000031}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{dd603c2c-a8fa-11e1-9c62-544f4c000031}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\{e8dc8ef3-d779-11df-98cb-001060c7a6e9}\Shell\AutoRun\command - "" = F:\TranscendService(JF).exe
[2012.07.16 14:50:47 | 000,000,386 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2012.07.16 14:38:57 | 004,503,728 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\to_r0tsef.pad
[2012.07.16 14:38:50 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.07.15 20:47:00 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.07.15 19:21:00 | 000,001,618 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Autostart\ctfmon.lnk
[2012.07.15 19:21:00 | 000,001,618 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Autostart\ctfmon.lnk
[2012.07.15 19:20:59 | 004,503,728 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\to_r0tsef.pad
:Files
C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Autostart\ctfmon.lnk
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[emptyflash]
Hinweis für Mitleser: Obiges OTL-Script ist ausschließlich für diesen User in dieser Situtation erstellt worden. Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen!
__________________ |
|
16.07.2012, 17:02
| #3 |
| | WinXP GVU Trojaner 2.07 Hallo, besten Dank für die schnelle Antwort. Hier der Code:
__________________Code:
ATTFilter All processes killed
========== OTL ==========
Service HWDeviceService.exe stopped successfully!
Service HWDeviceService.exe deleted successfully!
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DatacardService\HWDeviceService.exe moved successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E74CBA6E-0A1C-417E-904B-3177B706A0F7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E74CBA6E-0A1C-417E-904B-3177B706A0F7}\ not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
Prefs.js: "www.google.de" removed from browser.startup.homepage
Prefs.js: jqs@sun.com:1.0 removed from extensions.enabledItems
Prefs.js: moveplayer@movenetworks.com:1.0.0.071303000004 removed from extensions.enabledItems
Prefs.js: {455D905A-D37C-4643-A9E2-F6FEFAA0424A}:0.8.15 removed from extensions.enabledItems
Prefs.js: {8AA36F4F-6DC7-4c06-77AF-5035170634FE}:2010.01.21 removed from extensions.enabledItems
Prefs.js: linkfilter@kaspersky.ru:11.0.0.232 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 removed from extensions.enabledItems
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
C:\Programme\Google\Update\1.3.21.115\npGoogleUpdate3.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
File C:\Programme\Google\Update\1.3.21.115\npGoogleUpdate3.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{31CF9EBE-5755-4A1D-AC25-2834D952D9B4} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}\ deleted successfully.
C:\Programme\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\MotoCast deleted successfully.
C:\Programme\Motorola Mobility\MotoCast\MotoLauncher.lnk moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\HonorAutoRunSetting deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
File oft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab not found.
Starting removal of ActiveX control Microsoft XML Parser for Java
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2af1a1f2-ed57-11e0-9ae8-544f4c000031}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2af1a1f2-ed57-11e0-9ae8-544f4c000031}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2af1a1f2-ed57-11e0-9ae8-544f4c000031}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2af1a1f2-ed57-11e0-9ae8-544f4c000031}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2af1a1f2-ed57-11e0-9ae8-544f4c000031}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2af1a1f2-ed57-11e0-9ae8-544f4c000031}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{55a45219-e5d5-11df-98ea-001060c7a6e9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{55a45219-e5d5-11df-98ea-001060c7a6e9}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{55a45219-e5d5-11df-98ea-001060c7a6e9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{55a45219-e5d5-11df-98ea-001060c7a6e9}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{55a45219-e5d5-11df-98ea-001060c7a6e9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{55a45219-e5d5-11df-98ea-001060c7a6e9}\ not found.
File F:\LaunchU3.exe -a not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{74dff027-c1b7-11dc-91e1-544f4c000031}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{74dff027-c1b7-11dc-91e1-544f4c000031}\ not found.
File F:\stdhost_boa_veop.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{76db4321-8eda-11df-9810-001060c7a6e9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{76db4321-8eda-11df-9810-001060c7a6e9}\ not found.
File DUNJA//juana.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7b86d281-acb8-11e1-9c69-544f4c000031}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7b86d281-acb8-11e1-9c69-544f4c000031}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7b86d281-acb8-11e1-9c69-544f4c000031}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7b86d281-acb8-11e1-9c69-544f4c000031}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7b86d281-acb8-11e1-9c69-544f4c000031}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7b86d281-acb8-11e1-9c69-544f4c000031}\ not found.
File H:\MotoCastSetup.exe -a not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dd603c2c-a8fa-11e1-9c62-544f4c000031}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{dd603c2c-a8fa-11e1-9c62-544f4c000031}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dd603c2c-a8fa-11e1-9c62-544f4c000031}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{dd603c2c-a8fa-11e1-9c62-544f4c000031}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dd603c2c-a8fa-11e1-9c62-544f4c000031}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{dd603c2c-a8fa-11e1-9c62-544f4c000031}\ not found.
File G:\LaunchU3.exe -a not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e8dc8ef3-d779-11df-98cb-001060c7a6e9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e8dc8ef3-d779-11df-98cb-001060c7a6e9}\ not found.
File F:\TranscendService(JF).exe not found.
C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job moved successfully.
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\to_r0tsef.pad moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Autostart\ctfmon.lnk moved successfully.
File C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Autostart\ctfmon.lnk not found.
File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\to_r0tsef.pad not found.
========== FILES ==========
File\Folder C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Autostart\ctfmon.lnk not found.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Auflösungscache wurde geleert.
C:\Dokumente und Einstellungen\Administrator\Desktop\cmd.bat deleted successfully.
C:\Dokumente und Einstellungen\Administrator\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 1832127041 bytes
->Temporary Internet Files folder emptied: 329842999 bytes
->Java cache emptied: 25371384 bytes
->FireFox cache emptied: 33040627 bytes
->Opera cache emptied: 20988893 bytes
->Flash cache emptied: 4602112 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 34702 bytes
->FireFox cache emptied: 1927529 bytes
User: NetworkService
->Temp folder emptied: 3239804 bytes
->Temporary Internet Files folder emptied: 7507449 bytes
->Flash cache emptied: 1151 bytes
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1337974 bytes
%systemroot%\System32 .tmp files removed: 7362951 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 223306784 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 2.375,00 mb
[EMPTYFLASH]
User: Administrator
->Flash cache emptied: 0 bytes
User: All Users
User: Default User
->Flash cache emptied: 0 bytes
User: LocalService
User: NetworkService
->Flash cache emptied: 0 bytes
User: UpdatusUser
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.54.0 log created on 07162012_174636
Files\Folders moved on Reboot...
File\Folder C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\Temporäres Verzeichnis 1 für Guru Josh Proj - Infinity 2008 (Klaas R -- Infinity 2008 (Klaas VocM25876197.zip\Guru Josh Project_Infinity 2008_02_Infinity 2008 (Jerome Isma-Ae Remix)_ML3494461.mp3 not found!
PendingFileRenameOperations files...
File C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\Temporäres Verzeichnis 1 für Guru Josh Proj - Infinity 2008 (Klaas R -- Infinity 2008 (Klaas VocM25876197.zip\Guru Josh Project_Infinity 2008_02_Infinity 2008 (Jerome Isma-Ae Remix)_ML3494461.mp3 not found!
Registry entries deleted on Reboot...
|
|
16.07.2012, 17:07
| #4 |
| /// Helfer-Team | WinXP GVU Trojaner 2.07 Sehr gut!  Wie laeuft der Rechner? 1. Schritt Neue Version! Bitte neu runterladen! Bitte einen Vollscan mit Malwarebytes Anti-Malware machen und Log posten. danach: Downloade Dir bitte AdwCleaner auf deinen Desktop.
|
|
16.07.2012, 19:13
| #5 |
| | WinXP GVU Trojaner 2.07 Hallo, hier das Ergebnis der Anti-Malware Code:
ATTFilter Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Datenbank Version: v2012.07.16.08 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Administrator :: ALEX [Administrator] 16.07.2012 18:25:40 mbam-log-2012-07-16 (18-25-40).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 320401 Laufzeit: 1 Stunde(n), 30 Minute(n), 47 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 11 HKCR\Typelib\{74D46BBA-5638-473A-83B6-97E7804A7411} (Trojan.FakeAlert) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\Interface\{48D78BE5-CFB9-4B66-9AC4-96D4CF21DE06} (Trojan.FakeAlert) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\dsaip32b.Video (Trojan.FakeAlert) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\AppID\dsaip32b.dll (Trojan.FakeAlert) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Bind (Malware.Trace) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\Software\AVSolution (Trojan.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\Software\AVSuitE (Rogue.AntivirusSuite) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\AVSolution (Trojan.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\AVSuitE (Rogue.AntivirusSuite) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\xpreapp (Malware.Trace) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\net (Trojan.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 2 HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bösartig: (1) Gut: (0) -> Erfolgreich ersetzt und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bösartig: (1) Gut: (0) -> Erfolgreich ersetzt und in Quarantäne gestellt. Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 3 C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\avdrn.dat (Malware.Trace) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\sysReserve.ini (Malware.Trace) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\WINDOWS\system32\fjhdyfhsn.bat (Malware.Trace) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Code:
ATTFilter # AdwCleaner v1.702 - Logfile created 07/16/2012 at 20:09:58
# Updated 13/07/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Administrator - ALEX
# Running from : C:\Dokumente und Einstellungen\Administrator\Desktop\adwcleaner.exe
# Option [Search]
***** [Services] *****
***** [Files / Folders] *****
***** [Registry] *****
Key Found : HKCU\Software\pdfforge.org
Key Found : HKLM\SOFTWARE\pdfforge.org
***** [Registre - GUID] *****
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A3F2A195-0D11-463b-96BB-D2FF1B7490A1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{ECD0ECC6-DCA4-4013-A915-12355AB70999}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}
***** [Internet Browsers] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Registry is clean.
-\\ Opera v11.61.1250.0
File : C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Opera\Opera\operaprefs.ini
[OK] File is clean.
*************************
AdwCleaner[R1].txt - [1030 octets] - [16/07/2012 20:09:58]
########## EOF - C:\AdwCleaner[R1].txt - [1158 octets] ##########
|
|
16.07.2012, 19:17
| #6 |
| /// Helfer-Team | WinXP GVU Trojaner 2.07 Sehr gut!
danach: TDSSKiller von Kaspersky - Lade den TDSSKiller und entpacke das Archiv auf Deinen Desktop.Hier findest Du eine ausführlichere TDSSKiller Anleitung.
__________________ --> WinXP GVU Trojaner 2.07 |
|
16.07.2012, 19:40
| #7 |
| | WinXP GVU Trojaner 2.07 Hallo, hier das Ergebnis des adwcleaner: Code:
ATTFilter # AdwCleaner v1.702 - Logfile created 07/16/2012 at 20:23:34
# Updated 13/07/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Administrator - ALEX
# Running from : C:\Dokumente und Einstellungen\Administrator\Desktop\adwcleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
***** [Registry] *****
Key Deleted : HKCU\Software\pdfforge.org
Key Deleted : HKLM\SOFTWARE\pdfforge.org
***** [Registre - GUID] *****
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A3F2A195-0D11-463b-96BB-D2FF1B7490A1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ECD0ECC6-DCA4-4013-A915-12355AB70999}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}
***** [Internet Browsers] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Registry is clean.
-\\ Opera v11.61.1250.0
File : C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Opera\Opera\operaprefs.ini
[OK] File is clean.
*************************
AdwCleaner[R1].txt - [1159 octets] - [16/07/2012 20:09:58]
AdwCleaner[S1].txt - [300 octets] - [16/07/2012 20:23:21]
AdwCleaner[S2].txt - [1159 octets] - [16/07/2012 20:23:34]
########## EOF - C:\AdwCleaner[S2].txt - [1287 octets] ##########
Code:
ATTFilter 20:29:32.0406 3972 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35
20:29:32.0546 3972 ============================================================
20:29:32.0546 3972 Current date / time: 2012/07/16 20:29:32.0546
20:29:32.0546 3972 SystemInfo:
20:29:32.0546 3972
20:29:32.0546 3972 OS Version: 5.1.2600 ServicePack: 3.0
20:29:32.0546 3972 Product type: Workstation
20:29:32.0546 3972 ComputerName: ALEX
20:29:32.0546 3972 UserName: Administrator
20:29:32.0546 3972 Windows directory: C:\WINDOWS
20:29:32.0546 3972 System windows directory: C:\WINDOWS
20:29:32.0546 3972 Processor architecture: Intel x86
20:29:32.0546 3972 Number of processors: 2
20:29:32.0546 3972 Page size: 0x1000
20:29:32.0546 3972 Boot type: Normal boot
20:29:32.0546 3972 ============================================================
20:29:34.0765 3972 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:29:34.0796 3972 Drive \Device\Harddisk1\DR2 - Size: 0x1DCC00000 (7.45 Gb), SectorSize: 0x200, Cylinders: 0x3CC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:29:34.0828 3972 Drive \Device\Harddisk2\DR3 - Size: 0xEDFFA000 (3.72 Gb), SectorSize: 0x200, Cylinders: 0x1E5, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:29:34.0828 3972 ============================================================
20:29:34.0828 3972 \Device\Harddisk0\DR0:
20:29:34.0859 3972 MBR partitions:
20:29:34.0859 3972 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xFFFAC05
20:29:34.0859 3972 \Device\Harddisk1\DR2:
20:29:34.0859 3972 MBR partitions:
20:29:34.0859 3972 \Device\Harddisk1\DR2\Partition0: MBR, Type 0xC, StartLBA 0x1F80, BlocksNum 0xEE4080
20:29:34.0859 3972 \Device\Harddisk2\DR3:
20:29:34.0859 3972 MBR partitions:
20:29:34.0859 3972 ============================================================
20:29:34.0968 3972 C: <-> \Device\Harddisk0\DR0\Partition0
20:29:34.0984 3972 ============================================================
20:29:34.0984 3972 Initialize success
20:29:34.0984 3972 ============================================================
20:29:37.0171 3552 ============================================================
20:29:37.0171 3552 Scan started
20:29:37.0171 3552 Mode: Manual;
20:29:37.0171 3552 ============================================================
20:29:38.0265 3552 Abiosdsk - ok
20:29:38.0265 3552 abp480n5 - ok
20:29:38.0312 3552 ACPI (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:29:38.0328 3552 ACPI - ok
20:29:38.0359 3552 ACPIEC (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
20:29:38.0359 3552 ACPIEC - ok
20:29:38.0390 3552 ADIDTSFiltService (175b51ddf26e9d06722beec50ac15a9a) C:\WINDOWS\system32\drivers\adidts.sys
20:29:38.0406 3552 ADIDTSFiltService - ok
20:29:38.0437 3552 ADIHdAudAddService (ab0d9669bab1009e48cc91117e59912b) C:\WINDOWS\system32\drivers\ADIHdAud.sys
20:29:38.0453 3552 ADIHdAudAddService - ok
20:29:38.0453 3552 adpu160m - ok
20:29:38.0453 3552 AEAudio (03be587e90c8b37c7ff1fe2e9c1d1c90) C:\WINDOWS\system32\drivers\AEAudio.sys
20:29:38.0500 3552 AEAudio - ok
20:29:38.0515 3552 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
20:29:38.0515 3552 aec - ok
20:29:38.0546 3552 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
20:29:38.0562 3552 AFD - ok
20:29:38.0562 3552 Aha154x - ok
20:29:38.0562 3552 aic78u2 - ok
20:29:38.0578 3552 aic78xx - ok
20:29:38.0609 3552 Alerter (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll
20:29:38.0609 3552 Alerter - ok
20:29:38.0625 3552 ALG (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe
20:29:38.0625 3552 ALG - ok
20:29:38.0625 3552 AliIde - ok
20:29:38.0625 3552 amsint - ok
20:29:38.0734 3552 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:29:38.0734 3552 Apple Mobile Device - ok
20:29:38.0781 3552 AppMgmt (d45960be52c3c610d361977057f98c54) C:\WINDOWS\System32\appmgmts.dll
20:29:38.0781 3552 AppMgmt - ok
20:29:38.0812 3552 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
20:29:38.0828 3552 Arp1394 - ok
20:29:38.0828 3552 asc - ok
20:29:38.0828 3552 asc3350p - ok
20:29:38.0843 3552 asc3550 - ok
20:29:38.0906 3552 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
20:29:38.0921 3552 aspnet_state - ok
20:29:38.0953 3552 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:29:38.0953 3552 AsyncMac - ok
20:29:38.0968 3552 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
20:29:38.0968 3552 atapi - ok
20:29:38.0984 3552 Atdisk - ok
20:29:39.0000 3552 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:29:39.0015 3552 Atmarpc - ok
20:29:39.0046 3552 AudioSrv (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll
20:29:39.0062 3552 AudioSrv - ok
20:29:39.0093 3552 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
20:29:39.0093 3552 audstub - ok
20:29:39.0093 3552 Automatisches LiveUpdate - Scheduler - ok
20:29:39.0140 3552 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
20:29:39.0140 3552 Beep - ok
20:29:39.0187 3552 BITS (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll
20:29:39.0250 3552 BITS - ok
20:29:39.0328 3552 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Programme\Bonjour\mDNSResponder.exe
20:29:39.0343 3552 Bonjour Service - ok
20:29:39.0390 3552 Browser (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll
20:29:39.0390 3552 Browser - ok
20:29:39.0406 3552 BTCFilterService (4813df77ede536a52e3737971f910baa) C:\WINDOWS\system32\DRIVERS\motfilt.sys
20:29:39.0437 3552 BTCFilterService - ok
20:29:39.0515 3552 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
20:29:39.0515 3552 cbidf2k - ok
20:29:39.0531 3552 cd20xrnt - ok
20:29:39.0562 3552 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
20:29:39.0562 3552 Cdaudio - ok
20:29:39.0593 3552 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
20:29:39.0609 3552 Cdfs - ok
20:29:39.0625 3552 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:29:39.0625 3552 Cdrom - ok
20:29:39.0671 3552 Changer (2a5815ca6fff24b688c01f828b96819c) C:\WINDOWS\system32\drivers\Changer.sys
20:29:39.0671 3552 Changer - ok
20:29:39.0687 3552 cisvc (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\System32\cisvc.exe
20:29:39.0687 3552 cisvc - ok
20:29:39.0718 3552 ClipSrv (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe
20:29:39.0718 3552 ClipSrv - ok
20:29:39.0796 3552 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:29:39.0859 3552 clr_optimization_v2.0.50727_32 - ok
20:29:39.0859 3552 CmdIde - ok
20:29:39.0859 3552 COMSysApp - ok
20:29:39.0875 3552 Cpqarray - ok
20:29:39.0921 3552 CryptSvc (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll
20:29:39.0921 3552 CryptSvc - ok
20:29:39.0937 3552 dac2w2k - ok
20:29:39.0937 3552 dac960nt - ok
20:29:40.0000 3552 DcomLaunch (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
20:29:40.0062 3552 DcomLaunch - ok
20:29:40.0156 3552 DeviceMonitorService (6824007c0ecec46edd64d7a9d86eba84) C:\Programme\Motorola Media Link\Lite\NServiceEntry.exe
20:29:40.0171 3552 DeviceMonitorService - ok
20:29:40.0218 3552 Dhcp (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll
20:29:40.0218 3552 Dhcp - ok
20:29:40.0234 3552 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
20:29:40.0250 3552 Disk - ok
20:29:40.0250 3552 dmadmin - ok
20:29:40.0312 3552 dmboot (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
20:29:40.0328 3552 dmboot - ok
20:29:40.0343 3552 dmio (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
20:29:40.0359 3552 dmio - ok
20:29:40.0375 3552 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
20:29:40.0375 3552 dmload - ok
20:29:40.0406 3552 dmserver (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll
20:29:40.0406 3552 dmserver - ok
20:29:40.0421 3552 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
20:29:40.0421 3552 DMusic - ok
20:29:40.0468 3552 Dnscache (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll
20:29:40.0500 3552 Dnscache - ok
20:29:40.0578 3552 Dot3svc (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll
20:29:40.0609 3552 Dot3svc - ok
20:29:40.0609 3552 dpti2o - ok
20:29:40.0625 3552 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
20:29:40.0640 3552 drmkaud - ok
20:29:40.0656 3552 EapHost (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll
20:29:40.0671 3552 EapHost - ok
20:29:40.0703 3552 ERSvc (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll
20:29:40.0703 3552 ERSvc - ok
20:29:40.0734 3552 Eventlog (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
20:29:40.0734 3552 Eventlog - ok
20:29:40.0765 3552 EventSystem (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\System32\es.dll
20:29:40.0796 3552 EventSystem - ok
20:29:40.0843 3552 ewusbnet (a52794c010c6df5b4bc70c4ab5e04088) C:\WINDOWS\system32\DRIVERS\ewusbnet.sys
20:29:40.0843 3552 ewusbnet - ok
20:29:40.0875 3552 ew_hwusbdev (57c171ea22f0a7f068fcb0caedd1e8e7) C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys
20:29:40.0875 3552 ew_hwusbdev - ok
20:29:40.0906 3552 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
20:29:40.0921 3552 Fastfat - ok
20:29:40.0968 3552 FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
20:29:40.0984 3552 FastUserSwitchingCompatibility - ok
20:29:41.0000 3552 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
20:29:41.0000 3552 Fdc - ok
20:29:41.0000 3552 Fips (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
20:29:41.0000 3552 Fips - ok
20:29:41.0046 3552 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
20:29:41.0046 3552 Flpydisk - ok
20:29:41.0046 3552 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
20:29:41.0078 3552 FltMgr - ok
20:29:41.0250 3552 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
20:29:41.0250 3552 FontCache3.0.0.0 - ok
20:29:41.0281 3552 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:29:41.0281 3552 Fs_Rec - ok
20:29:41.0296 3552 Ftdisk (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:29:41.0312 3552 Ftdisk - ok
20:29:41.0343 3552 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
20:29:41.0359 3552 GEARAspiWDM - ok
20:29:41.0359 3552 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:29:41.0406 3552 Gpc - ok
20:29:41.0546 3552 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Programme\Google\Update\GoogleUpdate.exe
20:29:41.0562 3552 gupdate - ok
20:29:41.0562 3552 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Programme\Google\Update\GoogleUpdate.exe
20:29:41.0562 3552 gupdatem - ok
20:29:41.0593 3552 GVCplDrv (f22bf7f345df95c09942951246aaa28d) C:\WINDOWS\system32\drivers\GVCplDrv.sys
20:29:41.0640 3552 GVCplDrv - ok
20:29:41.0640 3552 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
20:29:41.0640 3552 HDAudBus - ok
20:29:41.0750 3552 helpsvc (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:29:41.0750 3552 helpsvc - ok
20:29:41.0781 3552 HidServ (b35da85e60c0103f2e4104532da2f12b) C:\WINDOWS\System32\hidserv.dll
20:29:41.0781 3552 HidServ - ok
20:29:41.0796 3552 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:29:41.0796 3552 hidusb - ok
20:29:41.0828 3552 hkmsvc (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll
20:29:41.0843 3552 hkmsvc - ok
20:29:41.0843 3552 hpn - ok
20:29:41.0843 3552 hpt3xx - ok
20:29:41.0890 3552 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
20:29:41.0906 3552 HTTP - ok
20:29:41.0921 3552 HTTPFilter (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll
20:29:41.0937 3552 HTTPFilter - ok
20:29:41.0968 3552 huawei_enumerator (bed3a9f86a637cc6c2c5296cd82423d8) C:\WINDOWS\system32\DRIVERS\ew_jubusenum.sys
20:29:41.0968 3552 huawei_enumerator - ok
20:29:42.0000 3552 hwdatacard (1f40368dc40b17de3fa0fbe8a9d82f9e) C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
20:29:42.0015 3552 hwdatacard - ok
20:29:42.0046 3552 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
20:29:42.0046 3552 i2omgmt - ok
20:29:42.0046 3552 i2omp - ok
20:29:42.0078 3552 i8042prt (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\drivers\i8042prt.sys
20:29:42.0078 3552 i8042prt - ok
20:29:42.0250 3552 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:29:42.0281 3552 idsvc - ok
20:29:42.0312 3552 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
20:29:42.0328 3552 Imapi - ok
20:29:42.0375 3552 ImapiService (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\System32\imapi.exe
20:29:42.0390 3552 ImapiService - ok
20:29:42.0421 3552 InCDfs (b87fc7c71632240dac8f4d20e9ce8377) C:\WINDOWS\system32\drivers\InCDfs.sys
20:29:42.0484 3552 InCDfs - ok
20:29:42.0484 3552 InCDPass (2e878405128ec98886eb9c2216ac7bd6) C:\WINDOWS\system32\DRIVERS\InCDPass.sys
20:29:42.0515 3552 InCDPass - ok
20:29:42.0531 3552 InCDrec (ddf078917a42f105385d7eb6debb3433) C:\WINDOWS\system32\drivers\InCDrec.sys
20:29:42.0578 3552 InCDrec - ok
20:29:42.0609 3552 incdrm (7f352360e947ad2cd4ba60de27b1a299) C:\WINDOWS\system32\drivers\incdrm.sys
20:29:42.0640 3552 incdrm - ok
20:29:42.0750 3552 InCDsrv (e9372a17c22fc4e5c9fd8798a97775fc) C:\Programme\Ahead\InCD\InCDsrv.exe
20:29:42.0765 3552 InCDsrv - ok
20:29:42.0765 3552 ini910u - ok
20:29:42.0781 3552 IntelIde - ok
20:29:42.0812 3552 intelppm (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys
20:29:42.0828 3552 intelppm - ok
20:29:42.0843 3552 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
20:29:42.0843 3552 ip6fw - ok
20:29:42.0890 3552 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:29:42.0890 3552 IpFilterDriver - ok
20:29:42.0921 3552 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:29:42.0921 3552 IpInIp - ok
20:29:42.0953 3552 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:29:42.0953 3552 IpNat - ok
20:29:43.0031 3552 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Programme\iPod\bin\iPodService.exe
20:29:43.0046 3552 iPod Service - ok
20:29:43.0062 3552 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:29:43.0078 3552 IPSec - ok
20:29:43.0093 3552 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
20:29:43.0109 3552 IRENUM - ok
20:29:43.0125 3552 isapnp (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:29:43.0140 3552 isapnp - ok
20:29:43.0296 3552 JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Programme\Java\jre6\bin\jqs.exe
20:29:43.0296 3552 JavaQuickStarterService - ok
20:29:43.0312 3552 Kbdclass (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:29:43.0312 3552 Kbdclass - ok
20:29:43.0328 3552 kbdhid (b6d6c117d771c98130497265f26d1882) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
20:29:43.0328 3552 kbdhid - ok
20:29:43.0343 3552 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
20:29:43.0343 3552 kmixer - ok
20:29:43.0375 3552 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
20:29:43.0375 3552 KSecDD - ok
20:29:43.0406 3552 lanmanserver (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll
20:29:43.0421 3552 lanmanserver - ok
20:29:43.0453 3552 lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll
20:29:43.0468 3552 lanmanworkstation - ok
20:29:43.0500 3552 LBeepKE (9ffd1cf2a782f2560e78eec4b8b8689e) C:\WINDOWS\system32\Drivers\LBeepKE.sys
20:29:43.0500 3552 LBeepKE - ok
20:29:43.0531 3552 lbrtfdc (406598827a1b5f77954de11dde115ced) C:\WINDOWS\system32\drivers\lbrtfdc.sys
20:29:43.0546 3552 lbrtfdc - ok
20:29:43.0625 3552 LBTServ (3af6b73a3ad1fc37c5933441f66ceb91) C:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTServ.exe
20:29:43.0656 3552 LBTServ - ok
20:29:43.0671 3552 LEqdUsb (70035567754bed4e6ad353ca3f175127) C:\WINDOWS\system32\Drivers\LEqdUsb.Sys
20:29:43.0687 3552 LEqdUsb - ok
20:29:43.0718 3552 LHidEqd (32491b6bae0afad1d7a62c0ef0af4321) C:\WINDOWS\system32\Drivers\LHidEqd.Sys
20:29:43.0718 3552 LHidEqd - ok
20:29:43.0718 3552 LHidFilt (7f9c7b28cf1c859e1c42619eea946dc8) C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
20:29:43.0718 3552 LHidFilt - ok
20:29:43.0781 3552 LightScribeService (6e5dac168d1ff9843e84a59d51d31107) C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
20:29:43.0781 3552 LightScribeService - ok
20:29:43.0812 3552 LmHosts (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll
20:29:43.0812 3552 LmHosts - ok
20:29:43.0812 3552 LMouFilt (ab33792a87285344f43b5ce23421bab0) C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
20:29:43.0812 3552 LMouFilt - ok
20:29:43.0843 3552 Messenger (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll
20:29:43.0843 3552 Messenger - ok
20:29:43.0875 3552 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
20:29:43.0875 3552 mnmdd - ok
20:29:43.0906 3552 mnmsrvc (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\System32\mnmsrvc.exe
20:29:43.0906 3552 mnmsrvc - ok
20:29:43.0984 3552 Mobile Partner. RunOuc (38106c7bd34eae89d2769ac0ba2e846b) C:\Programme\Mobile Partner\UpdateDog\ouc.exe
20:29:43.0984 3552 Mobile Partner. RunOuc - ok
20:29:44.0031 3552 Modem (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
20:29:44.0046 3552 Modem - ok
20:29:44.0078 3552 motccgp (0bc43805b6da0d7d4f99c737839fc9ec) C:\WINDOWS\system32\DRIVERS\motccgp.sys
20:29:44.0093 3552 motccgp - ok
20:29:44.0109 3552 motccgpfl (1b3720c4d16904756d49ef306706b978) C:\WINDOWS\system32\DRIVERS\motccgpfl.sys
20:29:44.0125 3552 motccgpfl - ok
20:29:44.0140 3552 motmodem (11b8118f538b579488e7645b2578e544) C:\WINDOWS\system32\DRIVERS\motmodem.sys
20:29:44.0156 3552 motmodem - ok
20:29:44.0203 3552 MotoHelper (290750346f5937b02f62594b8eb03215) C:\Programme\Motorola\MotoHelper\MotoHelperService.exe
20:29:44.0203 3552 MotoHelper - ok
20:29:44.0234 3552 MotoSwitchService (fd8c2cef7ad8b23c6714103d621fac1f) C:\WINDOWS\system32\DRIVERS\motswch.sys
20:29:44.0265 3552 MotoSwitchService - ok
20:29:44.0296 3552 Motousbnet (5073ed2d13d77f89df99caaa72e23526) C:\WINDOWS\system32\DRIVERS\Motousbnet.sys
20:29:44.0328 3552 Motousbnet - ok
20:29:44.0359 3552 motusbdevice (f780c53d98a0aad28f5b7403b184aea1) C:\WINDOWS\system32\DRIVERS\motusbdevice.sys
20:29:44.0375 3552 motusbdevice - ok
20:29:44.0406 3552 Mouclass (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:29:44.0406 3552 Mouclass - ok
20:29:44.0437 3552 mouhid (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
20:29:44.0437 3552 mouhid - ok
20:29:44.0468 3552 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
20:29:44.0484 3552 MountMgr - ok
20:29:44.0531 3552 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
20:29:44.0531 3552 MozillaMaintenance - ok
20:29:44.0562 3552 MpFilter (d993bea500e7382dc4e760bf4f35efcb) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
20:29:44.0578 3552 MpFilter - ok
20:29:44.0687 3552 MpKsl2413573d (a69630d039c38018689190234f866d77) c:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\{41D04BDB-B4CB-4B18-A79D-DACFAFBFFCA8}\MpKsl2413573d.sys
20:29:44.0687 3552 MpKsl2413573d - ok
20:29:44.0687 3552 mraid35x - ok
20:29:44.0718 3552 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:29:44.0734 3552 MRxDAV - ok
20:29:44.0781 3552 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:29:44.0796 3552 MRxSmb - ok
20:29:44.0828 3552 MSDTC (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\System32\msdtc.exe
20:29:44.0828 3552 MSDTC - ok
20:29:44.0828 3552 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
20:29:44.0828 3552 Msfs - ok
20:29:44.0828 3552 MSIServer - ok
20:29:44.0843 3552 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:29:44.0843 3552 MSKSSRV - ok
20:29:44.0906 3552 MsMpSvc (24516bf4e12a46cb67302e2cdcb8cddf) c:\Programme\Microsoft Security Client\MsMpEng.exe
20:29:44.0906 3552 MsMpSvc - ok
20:29:44.0953 3552 MSPCLOCK (e943adb93d83c5cbc0ca3f53f53b48cc) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:29:44.0953 3552 MSPCLOCK - ok
20:29:44.0968 3552 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
20:29:44.0968 3552 MSPQM - ok
20:29:44.0984 3552 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:29:45.0000 3552 mssmbios - ok
20:29:45.0062 3552 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\WINDOWS\system32\DRIVERS\ASACPI.sys
20:29:45.0062 3552 MTsensor - ok
20:29:45.0093 3552 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
20:29:45.0093 3552 Mup - ok
20:29:45.0140 3552 napagent (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll
20:29:45.0171 3552 napagent - ok
20:29:45.0218 3552 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
20:29:45.0234 3552 NDIS - ok
20:29:45.0265 3552 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:29:45.0265 3552 NdisTapi - ok
20:29:45.0281 3552 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:29:45.0281 3552 Ndisuio - ok
20:29:45.0296 3552 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:29:45.0312 3552 NdisWan - ok
20:29:45.0343 3552 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
20:29:45.0343 3552 NDProxy - ok
20:29:45.0343 3552 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
20:29:45.0359 3552 NetBIOS - ok
20:29:45.0359 3552 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
20:29:45.0375 3552 NetBT - ok
20:29:45.0406 3552 NetDDE (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
20:29:45.0421 3552 NetDDE - ok
20:29:45.0421 3552 NetDDEdsdm (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
20:29:45.0421 3552 NetDDEdsdm - ok
20:29:45.0453 3552 Netlogon (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\System32\lsass.exe
20:29:45.0453 3552 Netlogon - ok
20:29:45.0468 3552 Netman (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll
20:29:45.0484 3552 Netman - ok
20:29:45.0578 3552 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:29:45.0593 3552 NetTcpPortSharing - ok
20:29:45.0625 3552 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
20:29:45.0640 3552 NIC1394 - ok
20:29:45.0687 3552 Nla (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll
20:29:45.0703 3552 Nla - ok
20:29:45.0703 3552 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
20:29:45.0703 3552 Npfs - ok
20:29:45.0734 3552 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
20:29:45.0765 3552 Ntfs - ok
20:29:45.0765 3552 ntiomin - ok
20:29:45.0781 3552 NtLmSsp (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\System32\lsass.exe
20:29:45.0781 3552 NtLmSsp - ok
20:29:45.0828 3552 NtmsSvc (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll
20:29:45.0843 3552 NtmsSvc - ok
20:29:45.0875 3552 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
20:29:45.0875 3552 Null - ok
20:29:47.0562 3552 nv (7b5a17bd54bb9142843dbe99a1caaed8) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
20:29:49.0328 3552 nv - ok
20:29:49.0468 3552 NVSvc (5150b108ea88831e1c599603d8b89621) C:\WINDOWS\system32\nvsvc32.exe
20:29:49.0468 3552 NVSvc - ok
20:29:49.0609 3552 nvUpdatusService (83e8ab7bb3c8956c53fec071c94f0bbb) C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
20:29:49.0640 3552 nvUpdatusService - ok
20:29:49.0703 3552 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:29:49.0703 3552 NwlnkFlt - ok
20:29:49.0718 3552 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:29:49.0718 3552 NwlnkFwd - ok
20:29:49.0750 3552 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
20:29:49.0765 3552 ohci1394 - ok
20:29:49.0765 3552 Parport (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\drivers\Parport.sys
20:29:49.0781 3552 Parport - ok
20:29:49.0781 3552 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
20:29:49.0796 3552 PartMgr - ok
20:29:49.0812 3552 ParVdm (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
20:29:49.0812 3552 ParVdm - ok
20:29:49.0859 3552 PCANDIS5 (d0084a9ade989fe703e4f22171f4e4dc) C:\PROGRA~1\T-Online\T-DSLT~1\PCANDIS5.SYS
20:29:49.0859 3552 PCANDIS5 - ok
20:29:49.0875 3552 PCI (6fb463e5b243fbd6f3d3c83f914d94fb) C:\WINDOWS\system32\drivers\pci.kav
20:29:49.0906 3552 PCI - ok
20:29:49.0906 3552 PCIDump - ok
20:29:49.0921 3552 PCIIde (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
20:29:49.0921 3552 PCIIde - ok
20:29:49.0937 3552 Pcmcia (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
20:29:49.0937 3552 Pcmcia - ok
20:29:49.0953 3552 PDCOMP - ok
20:29:49.0953 3552 PDFRAME - ok
20:29:49.0953 3552 PDRELI - ok
20:29:49.0953 3552 PDRFRAME - ok
20:29:49.0968 3552 perc2 - ok
20:29:49.0968 3552 perc2hib - ok
20:29:50.0015 3552 PlugPlay (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
20:29:50.0015 3552 PlugPlay - ok
20:29:50.0093 3552 PolicyAgent (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\System32\lsass.exe
20:29:50.0093 3552 PolicyAgent - ok
20:29:50.0093 3552 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:29:50.0109 3552 PptpMiniport - ok
20:29:50.0109 3552 Processor (2cb55427c58679f49ad600fccba76360) C:\WINDOWS\system32\DRIVERS\processr.sys
20:29:50.0125 3552 Processor - ok
20:29:50.0125 3552 ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:29:50.0125 3552 ProtectedStorage - ok
20:29:50.0187 3552 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
20:29:50.0187 3552 PSched - ok
20:29:50.0234 3552 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:29:50.0234 3552 Ptilink - ok
20:29:50.0250 3552 PxHelp20 (1962166e0ceb740704f30fa55ad3d509) C:\WINDOWS\system32\Drivers\PxHelp20.sys
20:29:50.0250 3552 PxHelp20 - ok
20:29:50.0250 3552 ql1080 - ok
20:29:50.0265 3552 Ql10wnt - ok
20:29:50.0265 3552 ql12160 - ok
20:29:50.0265 3552 ql1240 - ok
20:29:50.0281 3552 ql1280 - ok
20:29:50.0281 3552 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:29:50.0281 3552 RasAcd - ok
20:29:50.0343 3552 RasAuto (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll
20:29:50.0343 3552 RasAuto - ok
20:29:50.0375 3552 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:29:50.0375 3552 Rasl2tp - ok
20:29:50.0421 3552 RasMan (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll
20:29:50.0437 3552 RasMan - ok
20:29:50.0437 3552 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:29:50.0453 3552 RasPppoe - ok
20:29:50.0453 3552 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
20:29:50.0453 3552 Raspti - ok
20:29:50.0484 3552 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:29:50.0484 3552 Rdbss - ok
20:29:50.0500 3552 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:29:50.0500 3552 RDPCDD - ok
20:29:50.0515 3552 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
20:29:50.0531 3552 rdpdr - ok
20:29:50.0562 3552 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
20:29:50.0578 3552 RDPWD - ok
20:29:50.0609 3552 RDSessMgr (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe
20:29:50.0625 3552 RDSessMgr - ok
20:29:50.0656 3552 redbook (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
20:29:50.0656 3552 redbook - ok
20:29:50.0687 3552 RemoteAccess (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll
20:29:50.0703 3552 RemoteAccess - ok
20:29:50.0718 3552 RemoteRegistry (e4cd1f3d84e1c2ca0b8cf7501e201593) C:\WINDOWS\system32\regsvc.dll
20:29:50.0734 3552 RemoteRegistry - ok
20:29:50.0750 3552 RpcLocator (2a02e21867497df20b8fc95631395169) C:\WINDOWS\System32\locator.exe
20:29:50.0765 3552 RpcLocator - ok
20:29:50.0828 3552 RpcSs (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
20:29:50.0828 3552 RpcSs - ok
20:29:50.0859 3552 RSVP (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\System32\rsvp.exe
20:29:50.0875 3552 RSVP - ok
20:29:50.0875 3552 RT73 - ok
20:29:50.0906 3552 SamSs (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:29:50.0906 3552 SamSs - ok
20:29:50.0921 3552 SCardSvr (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe
20:29:50.0937 3552 SCardSvr - ok
20:29:50.0968 3552 Schedule (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll
20:29:50.0984 3552 Schedule - ok
20:29:51.0015 3552 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:29:51.0015 3552 Secdrv - ok
20:29:51.0046 3552 seclogon (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll
20:29:51.0046 3552 seclogon - ok
20:29:51.0062 3552 SENS (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll
20:29:51.0062 3552 SENS - ok
20:29:51.0093 3552 Sentinel (cd8f847a75a974d7aa723a23dfb7d004) C:\WINDOWS\System32\Drivers\SENTINEL.SYS
20:29:51.0093 3552 Sentinel - ok
20:29:51.0140 3552 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
20:29:51.0140 3552 serenum - ok
20:29:51.0187 3552 Serial (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
20:29:51.0203 3552 Serial - ok
20:29:51.0218 3552 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
20:29:51.0218 3552 Sfloppy - ok
20:29:51.0234 3552 SharedAccess (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll
20:29:51.0250 3552 SharedAccess - ok
20:29:51.0281 3552 ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
20:29:51.0296 3552 ShellHWDetection - ok
20:29:51.0296 3552 Simbad - ok
20:29:51.0312 3552 Sparrow - ok
20:29:51.0328 3552 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
20:29:51.0328 3552 splitter - ok
20:29:51.0359 3552 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
20:29:51.0359 3552 Spooler - ok
20:29:51.0406 3552 sr (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
20:29:51.0421 3552 sr - ok
20:29:51.0468 3552 srservice (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\System32\srsvc.dll
20:29:51.0468 3552 srservice - ok
20:29:51.0515 3552 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
20:29:51.0531 3552 Srv - ok
20:29:51.0546 3552 SSDPSRV (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll
20:29:51.0546 3552 SSDPSRV - ok
20:29:51.0593 3552 stisvc (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll
20:29:51.0609 3552 stisvc - ok
20:29:51.0640 3552 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
20:29:51.0640 3552 swenum - ok
20:29:51.0656 3552 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
20:29:51.0656 3552 swmidi - ok
20:29:51.0656 3552 SwPrv - ok
20:29:51.0671 3552 symc810 - ok
20:29:51.0671 3552 symc8xx - ok
20:29:51.0687 3552 sym_hi - ok
20:29:51.0687 3552 sym_u3 - ok
20:29:51.0687 3552 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
20:29:51.0703 3552 sysaudio - ok
20:29:51.0734 3552 SysmonLog (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe
20:29:51.0734 3552 SysmonLog - ok
20:29:51.0765 3552 TapiSrv (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll
20:29:51.0781 3552 TapiSrv - ok
20:29:51.0812 3552 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:29:51.0828 3552 Tcpip - ok
20:29:51.0859 3552 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
20:29:51.0859 3552 TDPIPE - ok
20:29:51.0890 3552 TDSLAdapter (e459470f8e5356ad1b15e8e9c803dd9f) C:\WINDOWS\system32\DRIVERS\TDSLAdap.sys
20:29:51.0953 3552 TDSLAdapter - ok
20:29:51.0984 3552 TDSLProtocol (5ca87aea02c49117802831f9ae890d22) C:\WINDOWS\system32\DRIVERS\TDSLProt.sys
20:29:52.0000 3552 TDSLProtocol - ok
20:29:52.0015 3552 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
20:29:52.0015 3552 TDTCP - ok
20:29:52.0062 3552 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
20:29:52.0062 3552 TermDD - ok
20:29:52.0109 3552 TermService (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll
20:29:52.0125 3552 TermService - ok
20:29:52.0156 3552 Themes (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
20:29:52.0156 3552 Themes - ok
20:29:52.0234 3552 TlntSvr (03681a1ce77f51586903869a5ab1deab) C:\WINDOWS\System32\tlntsvr.exe
20:29:52.0234 3552 TlntSvr - ok
20:29:52.0234 3552 TosIde - ok
20:29:52.0265 3552 TrkWks (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll
20:29:52.0281 3552 TrkWks - ok
20:29:52.0296 3552 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
20:29:52.0312 3552 Udfs - ok
20:29:52.0328 3552 ultra - ok
20:29:52.0359 3552 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
20:29:52.0375 3552 Update - ok
20:29:52.0390 3552 upnphost (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll
20:29:52.0390 3552 upnphost - ok
20:29:52.0406 3552 UPS (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe
20:29:52.0421 3552 UPS - ok
20:29:52.0453 3552 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:29:52.0453 3552 usbccgp - ok
20:29:52.0484 3552 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:29:52.0500 3552 usbhub - ok
20:29:52.0515 3552 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
20:29:52.0515 3552 usbprint - ok
20:29:52.0531 3552 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:29:52.0531 3552 usbscan - ok
20:29:52.0546 3552 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:29:52.0546 3552 USBSTOR - ok
20:29:52.0546 3552 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
20:29:52.0546 3552 usbuhci - ok
20:29:52.0562 3552 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
20:29:52.0562 3552 VgaSave - ok
20:29:52.0562 3552 ViaIde - ok
20:29:52.0578 3552 VolSnap (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
20:29:52.0593 3552 VolSnap - ok
20:29:52.0640 3552 VSS (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe
20:29:52.0640 3552 VSS - ok
20:29:52.0671 3552 W32Time (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\System32\w32time.dll
20:29:52.0687 3552 W32Time - ok
20:29:52.0703 3552 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:29:52.0703 3552 Wanarp - ok
20:29:52.0750 3552 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
20:29:52.0765 3552 Wdf01000 - ok
20:29:52.0765 3552 WDICA - ok
20:29:52.0781 3552 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
20:29:52.0781 3552 wdmaud - ok
20:29:52.0796 3552 WebClient (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll
20:29:52.0812 3552 WebClient - ok
20:29:52.0890 3552 winmgmt (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll
20:29:52.0906 3552 winmgmt - ok
20:29:52.0937 3552 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
20:29:52.0937 3552 WmdmPmSN - ok
20:29:52.0984 3552 Wmi (ffa4d901d46d07a5bab2d8307fbb51a6) C:\WINDOWS\System32\advapi32.dll
20:29:53.0015 3552 Wmi - ok
20:29:53.0031 3552 WmiApSrv (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\System32\wbem\wmiapsrv.exe
20:29:53.0031 3552 WmiApSrv - ok
20:29:53.0218 3552 WMPNetworkSvc (bf05650bb7df5e9ebdd25974e22403bb) C:\Programme\Windows Media Player\WMPNetwk.exe
20:29:53.0312 3552 WMPNetworkSvc - ok
20:29:53.0359 3552 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
20:29:53.0375 3552 WpdUsb - ok
20:29:53.0390 3552 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
20:29:53.0390 3552 WS2IFSL - ok
20:29:53.0406 3552 wscsvc (300b3e84faf1a5c1f791c159ba28035d) C:\WINDOWS\system32\wscsvc.dll
20:29:53.0421 3552 wscsvc - ok
20:29:53.0437 3552 wuauserv (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll
20:29:53.0453 3552 wuauserv - ok
20:29:53.0468 3552 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
20:29:53.0484 3552 WudfPf - ok
20:29:53.0500 3552 WUDFRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
20:29:53.0515 3552 WUDFRd - ok
20:29:53.0546 3552 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
20:29:53.0562 3552 WudfSvc - ok
20:29:53.0609 3552 WZCSVC (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll
20:29:53.0640 3552 WZCSVC - ok
20:29:53.0671 3552 xmlprov (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll
20:29:53.0687 3552 xmlprov - ok
20:29:53.0734 3552 yukonwxp (228d0403f0210d6d67a9acf907597efe) C:\WINDOWS\system32\DRIVERS\yk51x86.sys
20:29:53.0750 3552 yukonwxp - ok
20:29:53.0765 3552 MBR (0x1B8) (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
20:29:54.0140 3552 \Device\Harddisk0\DR0 - ok
20:29:54.0171 3552 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR2
20:29:57.0265 3552 \Device\Harddisk1\DR2 - ok
20:29:57.0312 3552 MBR (0x1B8) (83af61a2abe40010864c01e2e6549845) \Device\Harddisk2\DR3
20:30:14.0890 3552 \Device\Harddisk2\DR3 - ok
20:30:14.0906 3552 Boot (0x1200) (d354d4e2d2b5e2445435bdc4be800717) \Device\Harddisk0\DR0\Partition0
20:30:14.0906 3552 \Device\Harddisk0\DR0\Partition0 - ok
20:30:14.0921 3552 Boot (0x1200) (a56b665f6f6fecf8926a1c0677a619e9) \Device\Harddisk1\DR2\Partition0
20:30:14.0921 3552 \Device\Harddisk1\DR2\Partition0 - ok
20:30:14.0921 3552 ============================================================
20:30:14.0921 3552 Scan finished
20:30:14.0921 3552 ============================================================
20:30:14.0937 3556 Detected object count: 0
20:30:14.0937 3556 Actual detected object count: 0
20:30:59.0171 2516 ============================================================
20:30:59.0171 2516 Scan started
20:30:59.0171 2516 Mode: Manual;
20:30:59.0171 2516 ============================================================
20:30:59.0343 2516 Abiosdsk - ok
20:30:59.0343 2516 abp480n5 - ok
20:30:59.0390 2516 ACPI (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:30:59.0390 2516 ACPI - ok
20:30:59.0421 2516 ACPIEC (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
20:30:59.0421 2516 ACPIEC - ok
20:30:59.0468 2516 ADIDTSFiltService (175b51ddf26e9d06722beec50ac15a9a) C:\WINDOWS\system32\drivers\adidts.sys
20:30:59.0468 2516 ADIDTSFiltService - ok
20:30:59.0500 2516 ADIHdAudAddService (ab0d9669bab1009e48cc91117e59912b) C:\WINDOWS\system32\drivers\ADIHdAud.sys
20:30:59.0500 2516 ADIHdAudAddService - ok
20:30:59.0515 2516 adpu160m - ok
20:30:59.0515 2516 AEAudio (03be587e90c8b37c7ff1fe2e9c1d1c90) C:\WINDOWS\system32\drivers\AEAudio.sys
20:30:59.0515 2516 AEAudio - ok
20:30:59.0531 2516 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
20:30:59.0531 2516 aec - ok
20:30:59.0562 2516 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
20:30:59.0562 2516 AFD - ok
20:30:59.0578 2516 Aha154x - ok
20:30:59.0578 2516 aic78u2 - ok
20:30:59.0578 2516 aic78xx - ok
20:30:59.0609 2516 Alerter (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll
20:30:59.0609 2516 Alerter - ok
20:30:59.0625 2516 ALG (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe
20:30:59.0640 2516 ALG - ok
20:30:59.0640 2516 AliIde - ok
20:30:59.0640 2516 amsint - ok
20:30:59.0734 2516 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:30:59.0734 2516 Apple Mobile Device - ok
20:30:59.0781 2516 AppMgmt (d45960be52c3c610d361977057f98c54) C:\WINDOWS\System32\appmgmts.dll
20:30:59.0781 2516 AppMgmt - ok
20:30:59.0828 2516 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
20:30:59.0828 2516 Arp1394 - ok
20:30:59.0828 2516 asc - ok
20:30:59.0843 2516 asc3350p - ok
20:30:59.0843 2516 asc3550 - ok
20:30:59.0937 2516 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
20:30:59.0937 2516 aspnet_state - ok
20:30:59.0953 2516 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:30:59.0953 2516 AsyncMac - ok
20:30:59.0968 2516 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
20:30:59.0968 2516 atapi - ok
20:30:59.0984 2516 Atdisk - ok
20:31:00.0015 2516 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:31:00.0015 2516 Atmarpc - ok
20:31:00.0046 2516 AudioSrv (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll
20:31:00.0046 2516 AudioSrv - ok
20:31:00.0093 2516 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
20:31:00.0093 2516 audstub - ok
20:31:00.0093 2516 Automatisches LiveUpdate - Scheduler - ok
20:31:00.0140 2516 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
20:31:00.0140 2516 Beep - ok
20:31:00.0203 2516 BITS (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll
20:31:00.0203 2516 BITS - ok
20:31:00.0281 2516 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Programme\Bonjour\mDNSResponder.exe
20:31:00.0281 2516 Bonjour Service - ok
20:31:00.0328 2516 Browser (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll
20:31:00.0328 2516 Browser - ok
20:31:00.0359 2516 BTCFilterService (4813df77ede536a52e3737971f910baa) C:\WINDOWS\system32\DRIVERS\motfilt.sys
20:31:00.0359 2516 BTCFilterService - ok
20:31:00.0375 2516 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
20:31:00.0375 2516 cbidf2k - ok
20:31:00.0390 2516 cd20xrnt - ok
20:31:00.0406 2516 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
20:31:00.0406 2516 Cdaudio - ok
20:31:00.0437 2516 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
20:31:00.0437 2516 Cdfs - ok
20:31:00.0453 2516 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:31:00.0453 2516 Cdrom - ok
20:31:00.0484 2516 Changer (2a5815ca6fff24b688c01f828b96819c) C:\WINDOWS\system32\drivers\Changer.sys
20:31:00.0484 2516 Changer - ok
20:31:00.0515 2516 cisvc (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\System32\cisvc.exe
20:31:00.0515 2516 cisvc - ok
20:31:00.0531 2516 ClipSrv (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe
20:31:00.0531 2516 ClipSrv - ok
20:31:00.0593 2516 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:31:00.0609 2516 clr_optimization_v2.0.50727_32 - ok
20:31:00.0609 2516 CmdIde - ok
20:31:00.0609 2516 COMSysApp - ok
20:31:00.0625 2516 Cpqarray - ok
20:31:00.0656 2516 CryptSvc (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll
20:31:00.0656 2516 CryptSvc - ok
20:31:00.0656 2516 dac2w2k - ok
20:31:00.0671 2516 dac960nt - ok
20:31:00.0718 2516 DcomLaunch (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
20:31:00.0718 2516 DcomLaunch - ok
20:31:00.0828 2516 DeviceMonitorService (6824007c0ecec46edd64d7a9d86eba84) C:\Programme\Motorola Media Link\Lite\NServiceEntry.exe
20:31:00.0828 2516 DeviceMonitorService - ok
20:31:00.0875 2516 Dhcp (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll
20:31:00.0875 2516 Dhcp - ok
20:31:00.0890 2516 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
20:31:00.0890 2516 Disk - ok
20:31:00.0890 2516 dmadmin - ok
20:31:00.0953 2516 dmboot (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
20:31:00.0953 2516 dmboot - ok
20:31:00.0968 2516 dmio (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
20:31:00.0968 2516 dmio - ok
20:31:00.0984 2516 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
20:31:00.0984 2516 dmload - ok
20:31:01.0031 2516 dmserver (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll
20:31:01.0031 2516 dmserver - ok
20:31:01.0109 2516 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
20:31:01.0109 2516 DMusic - ok
20:31:01.0218 2516 Dnscache (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll
20:31:01.0218 2516 Dnscache - ok
20:31:01.0296 2516 Dot3svc (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll
20:31:01.0296 2516 Dot3svc - ok
20:31:01.0296 2516 dpti2o - ok
20:31:01.0328 2516 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
20:31:01.0343 2516 drmkaud - ok
20:31:01.0390 2516 EapHost (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll
20:31:01.0390 2516 EapHost - ok
20:31:01.0453 2516 ERSvc (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll
20:31:01.0453 2516 ERSvc - ok
20:31:01.0484 2516 Eventlog (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
20:31:01.0484 2516 Eventlog - ok
20:31:01.0531 2516 EventSystem (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\System32\es.dll
20:31:01.0546 2516 EventSystem - ok
20:31:01.0578 2516 ewusbnet (a52794c010c6df5b4bc70c4ab5e04088) C:\WINDOWS\system32\DRIVERS\ewusbnet.sys
20:31:01.0578 2516 ewusbnet - ok
20:31:01.0593 2516 ew_hwusbdev (57c171ea22f0a7f068fcb0caedd1e8e7) C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys
20:31:01.0593 2516 ew_hwusbdev - ok
20:31:01.0640 2516 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
20:31:01.0640 2516 Fastfat - ok
20:31:01.0671 2516 FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
20:31:01.0671 2516 FastUserSwitchingCompatibility - ok
20:31:01.0687 2516 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
20:31:01.0687 2516 Fdc - ok
20:31:01.0703 2516 Fips (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
20:31:01.0703 2516 Fips - ok
20:31:01.0750 2516 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
20:31:01.0750 2516 Flpydisk - ok
20:31:01.0750 2516 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
20:31:01.0750 2516 FltMgr - ok
20:31:01.0859 2516 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
20:31:01.0859 2516 FontCache3.0.0.0 - ok
20:31:01.0859 2516 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:31:01.0875 2516 Fs_Rec - ok
20:31:01.0875 2516 Ftdisk (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:31:01.0875 2516 Ftdisk - ok
20:31:01.0906 2516 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
20:31:01.0906 2516 GEARAspiWDM - ok
20:31:01.0921 2516 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:31:01.0921 2516 Gpc - ok
20:31:02.0031 2516 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Programme\Google\Update\GoogleUpdate.exe
20:31:02.0031 2516 gupdate - ok
20:31:02.0031 2516 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Programme\Google\Update\GoogleUpdate.exe
20:31:02.0031 2516 gupdatem - ok
20:31:02.0078 2516 GVCplDrv (f22bf7f345df95c09942951246aaa28d) C:\WINDOWS\system32\drivers\GVCplDrv.sys
20:31:02.0078 2516 GVCplDrv - ok
20:31:02.0093 2516 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
20:31:02.0093 2516 HDAudBus - ok
20:31:02.0203 2516 helpsvc (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:31:02.0203 2516 helpsvc - ok
20:31:02.0234 2516 HidServ (b35da85e60c0103f2e4104532da2f12b) C:\WINDOWS\System32\hidserv.dll
20:31:02.0250 2516 HidServ - ok
20:31:02.0250 2516 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:31:02.0250 2516 hidusb - ok
20:31:02.0296 2516 hkmsvc (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll
20:31:02.0296 2516 hkmsvc - ok
20:31:02.0296 2516 hpn - ok
20:31:02.0312 2516 hpt3xx - ok
20:31:02.0343 2516 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
20:31:02.0343 2516 HTTP - ok
20:31:02.0375 2516 HTTPFilter (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll
20:31:02.0390 2516 HTTPFilter - ok
20:31:02.0421 2516 huawei_enumerator (bed3a9f86a637cc6c2c5296cd82423d8) C:\WINDOWS\system32\DRIVERS\ew_jubusenum.sys
20:31:02.0421 2516 huawei_enumerator - ok
20:31:02.0453 2516 hwdatacard (1f40368dc40b17de3fa0fbe8a9d82f9e) C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
20:31:02.0453 2516 hwdatacard - ok
20:31:02.0484 2516 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
20:31:02.0484 2516 i2omgmt - ok
20:31:02.0500 2516 i2omp - ok
20:31:02.0515 2516 i8042prt (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\drivers\i8042prt.sys
20:31:02.0515 2516 i8042prt - ok
20:31:02.0625 2516 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:31:02.0640 2516 idsvc - ok
20:31:02.0671 2516 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
20:31:02.0671 2516 Imapi - ok
20:31:02.0718 2516 ImapiService (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\System32\imapi.exe
20:31:02.0718 2516 ImapiService - ok
20:31:02.0765 2516 InCDfs (b87fc7c71632240dac8f4d20e9ce8377) C:\WINDOWS\system32\drivers\InCDfs.sys
20:31:02.0765 2516 InCDfs - ok
20:31:02.0765 2516 InCDPass (2e878405128ec98886eb9c2216ac7bd6) C:\WINDOWS\system32\DRIVERS\InCDPass.sys
20:31:02.0765 2516 InCDPass - ok
20:31:02.0781 2516 InCDrec (ddf078917a42f105385d7eb6debb3433) C:\WINDOWS\system32\drivers\InCDrec.sys
20:31:02.0781 2516 InCDrec - ok
20:31:02.0796 2516 incdrm (7f352360e947ad2cd4ba60de27b1a299) C:\WINDOWS\system32\drivers\incdrm.sys
20:31:02.0796 2516 incdrm - ok
20:31:02.0921 2516 InCDsrv (e9372a17c22fc4e5c9fd8798a97775fc) C:\Programme\Ahead\InCD\InCDsrv.exe
20:31:02.0937 2516 InCDsrv - ok
20:31:02.0937 2516 ini910u - ok
20:31:02.0953 2516 IntelIde - ok
20:31:02.0953 2516 intelppm (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys
20:31:02.0953 2516 intelppm - ok
20:31:02.0984 2516 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
20:31:02.0984 2516 ip6fw - ok
20:31:03.0015 2516 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:31:03.0015 2516 IpFilterDriver - ok
20:31:03.0046 2516 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:31:03.0046 2516 IpInIp - ok
20:31:03.0078 2516 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:31:03.0078 2516 IpNat - ok
20:31:03.0140 2516 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Programme\iPod\bin\iPodService.exe
20:31:03.0140 2516 iPod Service - ok
20:31:03.0156 2516 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:31:03.0156 2516 IPSec - ok
20:31:03.0203 2516 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
20:31:03.0203 2516 IRENUM - ok
20:31:03.0250 2516 isapnp (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:31:03.0250 2516 isapnp - ok
20:31:03.0343 2516 JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Programme\Java\jre6\bin\jqs.exe
20:31:03.0343 2516 JavaQuickStarterService - ok
20:31:03.0359 2516 Kbdclass (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:31:03.0359 2516 Kbdclass - ok
20:31:03.0375 2516 kbdhid (b6d6c117d771c98130497265f26d1882) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
20:31:03.0375 2516 kbdhid - ok
20:31:03.0390 2516 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
20:31:03.0390 2516 kmixer - ok
20:31:03.0421 2516 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
20:31:03.0421 2516 KSecDD - ok
20:31:03.0437 2516 lanmanserver (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll
20:31:03.0437 2516 lanmanserver - ok
20:31:03.0484 2516 lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll
20:31:03.0484 2516 lanmanworkstation - ok
20:31:03.0515 2516 LBeepKE (9ffd1cf2a782f2560e78eec4b8b8689e) C:\WINDOWS\system32\Drivers\LBeepKE.sys
20:31:03.0515 2516 LBeepKE - ok
20:31:03.0546 2516 lbrtfdc (406598827a1b5f77954de11dde115ced) C:\WINDOWS\system32\drivers\lbrtfdc.sys
20:31:03.0546 2516 lbrtfdc - ok
20:31:03.0625 2516 LBTServ (3af6b73a3ad1fc37c5933441f66ceb91) C:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTServ.exe
20:31:03.0625 2516 LBTServ - ok
20:31:03.0671 2516 LEqdUsb (70035567754bed4e6ad353ca3f175127) C:\WINDOWS\system32\Drivers\LEqdUsb.Sys
20:31:03.0671 2516 LEqdUsb - ok
20:31:03.0703 2516 LHidEqd (32491b6bae0afad1d7a62c0ef0af4321) C:\WINDOWS\system32\Drivers\LHidEqd.Sys
20:31:03.0703 2516 LHidEqd - ok
20:31:03.0718 2516 LHidFilt (7f9c7b28cf1c859e1c42619eea946dc8) C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
20:31:03.0718 2516 LHidFilt - ok
20:31:03.0781 2516 LightScribeService (6e5dac168d1ff9843e84a59d51d31107) C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
20:31:03.0781 2516 LightScribeService - ok
20:31:03.0812 2516 LmHosts (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll
20:31:03.0812 2516 LmHosts - ok
20:31:03.0812 2516 LMouFilt (ab33792a87285344f43b5ce23421bab0) C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
20:31:03.0812 2516 LMouFilt - ok
20:31:03.0859 2516 Messenger (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll
20:31:03.0859 2516 Messenger - ok
20:31:03.0890 2516 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
20:31:03.0890 2516 mnmdd - ok
20:31:03.0921 2516 mnmsrvc (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\System32\mnmsrvc.exe
20:31:03.0921 2516 mnmsrvc - ok
20:31:04.0015 2516 Mobile Partner. RunOuc (38106c7bd34eae89d2769ac0ba2e846b) C:\Programme\Mobile Partner\UpdateDog\ouc.exe
20:31:04.0015 2516 Mobile Partner. RunOuc - ok
20:31:04.0031 2516 Modem (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
20:31:04.0031 2516 Modem - ok
20:31:04.0062 2516 motccgp (0bc43805b6da0d7d4f99c737839fc9ec) C:\WINDOWS\system32\DRIVERS\motccgp.sys
20:31:04.0062 2516 motccgp - ok
20:31:04.0078 2516 motccgpfl (1b3720c4d16904756d49ef306706b978) C:\WINDOWS\system32\DRIVERS\motccgpfl.sys
20:31:04.0078 2516 motccgpfl - ok
20:31:04.0093 2516 motmodem (11b8118f538b579488e7645b2578e544) C:\WINDOWS\system32\DRIVERS\motmodem.sys
20:31:04.0093 2516 motmodem - ok
20:31:04.0203 2516 MotoHelper (290750346f5937b02f62594b8eb03215) C:\Programme\Motorola\MotoHelper\MotoHelperService.exe
20:31:04.0218 2516 MotoHelper - ok
20:31:04.0234 2516 MotoSwitchService (fd8c2cef7ad8b23c6714103d621fac1f) C:\WINDOWS\system32\DRIVERS\motswch.sys
20:31:04.0234 2516 MotoSwitchService - ok
20:31:04.0281 2516 Motousbnet (5073ed2d13d77f89df99caaa72e23526) C:\WINDOWS\system32\DRIVERS\Motousbnet.sys
20:31:04.0281 2516 Motousbnet - ok
20:31:04.0296 2516 motusbdevice (f780c53d98a0aad28f5b7403b184aea1) C:\WINDOWS\system32\DRIVERS\motusbdevice.sys
20:31:04.0296 2516 motusbdevice - ok
20:31:04.0328 2516 Mouclass (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:31:04.0328 2516 Mouclass - ok
20:31:04.0343 2516 mouhid (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
20:31:04.0343 2516 mouhid - ok
20:31:04.0343 2516 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
20:31:04.0343 2516 MountMgr - ok
20:31:04.0390 2516 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
20:31:04.0406 2516 MozillaMaintenance - ok
20:31:04.0421 2516 MpFilter (d993bea500e7382dc4e760bf4f35efcb) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
20:31:04.0421 2516 MpFilter - ok
20:31:04.0531 2516 MpKsl2413573d (a69630d039c38018689190234f866d77) c:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\{41D04BDB-B4CB-4B18-A79D-DACFAFBFFCA8}\MpKsl2413573d.sys
20:31:04.0531 2516 MpKsl2413573d - ok
20:31:04.0546 2516 mraid35x - ok
20:31:04.0593 2516 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:31:04.0593 2516 MRxDAV - ok
20:31:04.0625 2516 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:31:04.0640 2516 MRxSmb - ok
20:31:04.0656 2516 MSDTC (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\System32\msdtc.exe
20:31:04.0656 2516 MSDTC - ok
20:31:04.0671 2516 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
20:31:04.0671 2516 Msfs - ok
20:31:04.0687 2516 MSIServer - ok
20:31:04.0703 2516 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:31:04.0703 2516 MSKSSRV - ok
20:31:04.0765 2516 MsMpSvc (24516bf4e12a46cb67302e2cdcb8cddf) c:\Programme\Microsoft Security Client\MsMpEng.exe
20:31:04.0765 2516 MsMpSvc - ok
20:31:04.0796 2516 MSPCLOCK (e943adb93d83c5cbc0ca3f53f53b48cc) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:31:04.0796 2516 MSPCLOCK - ok
20:31:04.0812 2516 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
20:31:04.0812 2516 MSPQM - ok
20:31:04.0843 2516 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:31:04.0843 2516 mssmbios - ok
20:31:04.0875 2516 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\WINDOWS\system32\DRIVERS\ASACPI.sys
20:31:04.0875 2516 MTsensor - ok
20:31:04.0906 2516 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
20:31:04.0906 2516 Mup - ok
20:31:04.0937 2516 napagent (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll
20:31:04.0937 2516 napagent - ok
20:31:04.0984 2516 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
20:31:04.0984 2516 NDIS - ok
20:31:05.0000 2516 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:31:05.0015 2516 NdisTapi - ok
20:31:05.0015 2516 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:31:05.0015 2516 Ndisuio - ok
20:31:05.0062 2516 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:31:05.0062 2516 NdisWan - ok
20:31:05.0093 2516 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
20:31:05.0093 2516 NDProxy - ok
20:31:05.0109 2516 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
20:31:05.0109 2516 NetBIOS - ok
20:31:05.0125 2516 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
20:31:05.0125 2516 NetBT - ok
20:31:05.0171 2516 NetDDE (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
20:31:05.0171 2516 NetDDE - ok
20:31:05.0171 2516 NetDDEdsdm (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
20:31:05.0171 2516 NetDDEdsdm - ok
20:31:05.0203 2516 Netlogon (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\System32\lsass.exe
20:31:05.0203 2516 Netlogon - ok
20:31:05.0250 2516 Netman (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll
20:31:05.0250 2516 Netman - ok
20:31:05.0328 2516 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:31:05.0328 2516 NetTcpPortSharing - ok
20:31:05.0359 2516 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
20:31:05.0359 2516 NIC1394 - ok
20:31:05.0390 2516 Nla (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll
20:31:05.0390 2516 Nla - ok
20:31:05.0406 2516 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
20:31:05.0406 2516 Npfs - ok
20:31:05.0437 2516 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
20:31:05.0437 2516 Ntfs - ok
20:31:05.0453 2516 ntiomin - ok
20:31:05.0453 2516 NtLmSsp (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\System32\lsass.exe
20:31:05.0453 2516 NtLmSsp - ok
20:31:05.0500 2516 NtmsSvc (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll
20:31:05.0500 2516 NtmsSvc - ok
20:31:05.0531 2516 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
20:31:05.0531 2516 Null - ok
20:31:06.0015 2516 nv (7b5a17bd54bb9142843dbe99a1caaed8) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
20:31:06.0109 2516 nv - ok
20:31:06.0343 2516 NVSvc (5150b108ea88831e1c599603d8b89621) C:\WINDOWS\system32\nvsvc32.exe
20:31:06.0343 2516 NVSvc - ok
20:31:06.0468 2516 nvUpdatusService (83e8ab7bb3c8956c53fec071c94f0bbb) C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
20:31:06.0484 2516 nvUpdatusService - ok
20:31:06.0546 2516 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:31:06.0546 2516 NwlnkFlt - ok
20:31:06.0562 2516 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:31:06.0562 2516 NwlnkFwd - ok
20:31:06.0593 2516 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
20:31:06.0593 2516 ohci1394 - ok
20:31:06.0609 2516 Parport (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\drivers\Parport.sys
20:31:06.0609 2516 Parport - ok
20:31:06.0640 2516 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
20:31:06.0640 2516 PartMgr - ok
20:31:06.0656 2516 ParVdm (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
20:31:06.0656 2516 ParVdm - ok
20:31:06.0734 2516 PCANDIS5 (d0084a9ade989fe703e4f22171f4e4dc) C:\PROGRA~1\T-Online\T-DSLT~1\PCANDIS5.SYS
20:31:06.0734 2516 PCANDIS5 - ok
20:31:06.0765 2516 PCI (6fb463e5b243fbd6f3d3c83f914d94fb) C:\WINDOWS\system32\drivers\pci.kav
20:31:06.0765 2516 PCI - ok
20:31:06.0765 2516 PCIDump - ok
20:31:06.0781 2516 PCIIde (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
20:31:06.0781 2516 PCIIde - ok
20:31:06.0796 2516 Pcmcia (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
20:31:06.0796 2516 Pcmcia - ok
20:31:06.0812 2516 PDCOMP - ok
20:31:06.0812 2516 PDFRAME - ok
20:31:06.0812 2516 PDRELI - ok
20:31:06.0828 2516 PDRFRAME - ok
20:31:06.0828 2516 perc2 - ok
20:31:06.0828 2516 perc2hib - ok
20:31:06.0890 2516 PlugPlay (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
20:31:06.0890 2516 PlugPlay - ok
20:31:06.0921 2516 PolicyAgent (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\System32\lsass.exe
20:31:06.0921 2516 PolicyAgent - ok
20:31:06.0968 2516 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:31:06.0968 2516 PptpMiniport - ok
20:31:06.0984 2516 Processor (2cb55427c58679f49ad600fccba76360) C:\WINDOWS\system32\DRIVERS\processr.sys
20:31:06.0984 2516 Processor - ok
20:31:06.0984 2516 ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:31:06.0984 2516 ProtectedStorage - ok
20:31:07.0000 2516 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
20:31:07.0000 2516 PSched - ok
20:31:07.0031 2516 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:31:07.0031 2516 Ptilink - ok
20:31:07.0062 2516 PxHelp20 (1962166e0ceb740704f30fa55ad3d509) C:\WINDOWS\system32\Drivers\PxHelp20.sys
20:31:07.0062 2516 PxHelp20 - ok
20:31:07.0078 2516 ql1080 - ok
20:31:07.0078 2516 Ql10wnt - ok
20:31:07.0078 2516 ql12160 - ok
20:31:07.0093 2516 ql1240 - ok
20:31:07.0093 2516 ql1280 - ok
20:31:07.0093 2516 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:31:07.0109 2516 RasAcd - ok
20:31:07.0125 2516 RasAuto (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll
20:31:07.0140 2516 RasAuto - ok
20:31:07.0156 2516 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:31:07.0156 2516 Rasl2tp - ok
20:31:07.0234 2516 RasMan (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll
20:31:07.0250 2516 RasMan - ok
20:31:07.0265 2516 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:31:07.0265 2516 RasPppoe - ok
20:31:07.0265 2516 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
20:31:07.0265 2516 Raspti - ok
20:31:07.0281 2516 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:31:07.0296 2516 Rdbss - ok
20:31:07.0296 2516 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:31:07.0296 2516 RDPCDD - ok
20:31:07.0312 2516 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
20:31:07.0312 2516 rdpdr - ok
20:31:07.0359 2516 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
20:31:07.0359 2516 RDPWD - ok
20:31:07.0375 2516 RDSessMgr (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe
20:31:07.0390 2516 RDSessMgr - ok
20:31:07.0421 2516 redbook (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
20:31:07.0421 2516 redbook - ok
20:31:07.0453 2516 RemoteAccess (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll
20:31:07.0453 2516 RemoteAccess - ok
20:31:07.0484 2516 RemoteRegistry (e4cd1f3d84e1c2ca0b8cf7501e201593) C:\WINDOWS\system32\regsvc.dll
20:31:07.0484 2516 RemoteRegistry - ok
20:31:07.0500 2516 RpcLocator (2a02e21867497df20b8fc95631395169) C:\WINDOWS\System32\locator.exe
20:31:07.0500 2516 RpcLocator - ok
20:31:07.0546 2516 RpcSs (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
20:31:07.0562 2516 RpcSs - ok
20:31:07.0593 2516 RSVP (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\System32\rsvp.exe
20:31:07.0593 2516 RSVP - ok
20:31:07.0609 2516 RT73 - ok
20:31:07.0625 2516 SamSs (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:31:07.0625 2516 SamSs - ok
20:31:07.0656 2516 SCardSvr (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe
20:31:07.0656 2516 SCardSvr - ok
20:31:07.0703 2516 Schedule (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll
20:31:07.0703 2516 Schedule - ok
20:31:07.0734 2516 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:31:07.0734 2516 Secdrv - ok
20:31:07.0765 2516 seclogon (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll
20:31:07.0765 2516 seclogon - ok
20:31:07.0781 2516 SENS (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll
20:31:07.0781 2516 SENS - ok
20:31:07.0828 2516 Sentinel (cd8f847a75a974d7aa723a23dfb7d004) C:\WINDOWS\System32\Drivers\SENTINEL.SYS
20:31:07.0828 2516 Sentinel - ok
20:31:07.0859 2516 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
20:31:07.0875 2516 serenum - ok
20:31:07.0875 2516 Serial (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
20:31:07.0875 2516 Serial - ok
20:31:07.0906 2516 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
20:31:07.0906 2516 Sfloppy - ok
20:31:07.0937 2516 SharedAccess (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll
20:31:07.0953 2516 SharedAccess - ok
20:31:07.0984 2516 ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
20:31:07.0984 2516 ShellHWDetection - ok
20:31:08.0000 2516 Simbad - ok
20:31:08.0000 2516 Sparrow - ok
20:31:08.0015 2516 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
20:31:08.0015 2516 splitter - ok
20:31:08.0046 2516 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
20:31:08.0046 2516 Spooler - ok
20:31:08.0062 2516 sr (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
20:31:08.0062 2516 sr - ok
20:31:08.0109 2516 srservice (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\System32\srsvc.dll
20:31:08.0109 2516 srservice - ok
20:31:08.0140 2516 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
20:31:08.0140 2516 Srv - ok
20:31:08.0203 2516 SSDPSRV (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll
20:31:08.0203 2516 SSDPSRV - ok
20:31:08.0250 2516 stisvc (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll
20:31:08.0250 2516 stisvc - ok
20:31:08.0296 2516 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
20:31:08.0296 2516 swenum - ok
20:31:08.0296 2516 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
20:31:08.0296 2516 swmidi - ok
20:31:08.0312 2516 SwPrv - ok
20:31:08.0312 2516 symc810 - ok
20:31:08.0328 2516 symc8xx - ok
20:31:08.0328 2516 sym_hi - ok
20:31:08.0328 2516 sym_u3 - ok
20:31:08.0343 2516 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
20:31:08.0343 2516 sysaudio - ok
20:31:08.0375 2516 SysmonLog (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe
20:31:08.0375 2516 SysmonLog - ok
20:31:08.0406 2516 TapiSrv (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll
20:31:08.0406 2516 TapiSrv - ok
20:31:08.0453 2516 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:31:08.0453 2516 Tcpip - ok
20:31:08.0484 2516 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
20:31:08.0484 2516 TDPIPE - ok
20:31:08.0515 2516 TDSLAdapter (e459470f8e5356ad1b15e8e9c803dd9f) C:\WINDOWS\system32\DRIVERS\TDSLAdap.sys
20:31:08.0515 2516 TDSLAdapter - ok
20:31:08.0531 2516 TDSLProtocol (5ca87aea02c49117802831f9ae890d22) C:\WINDOWS\system32\DRIVERS\TDSLProt.sys
20:31:08.0531 2516 TDSLProtocol - ok
20:31:08.0546 2516 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
20:31:08.0546 2516 TDTCP - ok
20:31:08.0593 2516 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
20:31:08.0593 2516 TermDD - ok
20:31:08.0640 2516 TermService (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll
20:31:08.0640 2516 TermService - ok
20:31:08.0671 2516 Themes (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
20:31:08.0687 2516 Themes - ok
20:31:08.0718 2516 TlntSvr (03681a1ce77f51586903869a5ab1deab) C:\WINDOWS\System32\tlntsvr.exe
20:31:08.0718 2516 TlntSvr - ok
20:31:08.0718 2516 TosIde - ok
20:31:08.0750 2516 TrkWks (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll
20:31:08.0750 2516 TrkWks - ok
20:31:08.0781 2516 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
20:31:08.0796 2516 Udfs - ok
20:31:08.0796 2516 ultra - ok
20:31:08.0828 2516 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
20:31:08.0828 2516 Update - ok
20:31:08.0843 2516 upnphost (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll
20:31:08.0843 2516 upnphost - ok
20:31:08.0875 2516 UPS (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe
20:31:08.0875 2516 UPS - ok
20:31:08.0921 2516 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:31:08.0921 2516 usbccgp - ok
20:31:08.0937 2516 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:31:08.0937 2516 usbhub - ok
20:31:08.0953 2516 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
20:31:08.0953 2516 usbprint - ok
20:31:08.0968 2516 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:31:08.0968 2516 usbscan - ok
20:31:08.0984 2516 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:31:08.0984 2516 USBSTOR - ok
20:31:09.0000 2516 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
20:31:09.0000 2516 usbuhci - ok
20:31:09.0000 2516 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
20:31:09.0015 2516 VgaSave - ok
20:31:09.0015 2516 ViaIde - ok
20:31:09.0031 2516 VolSnap (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
20:31:09.0031 2516 VolSnap - ok
20:31:09.0062 2516 VSS (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe
20:31:09.0078 2516 VSS - ok
20:31:09.0109 2516 W32Time (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\System32\w32time.dll
20:31:09.0109 2516 W32Time - ok
20:31:09.0125 2516 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:31:09.0125 2516 Wanarp - ok
20:31:09.0218 2516 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
20:31:09.0218 2516 Wdf01000 - ok
20:31:09.0218 2516 WDICA - ok
20:31:09.0265 2516 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
20:31:09.0265 2516 wdmaud - ok
20:31:09.0281 2516 WebClient (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll
20:31:09.0281 2516 WebClient - ok
20:31:09.0359 2516 winmgmt (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll
20:31:09.0359 2516 winmgmt - ok
20:31:09.0406 2516 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
20:31:09.0406 2516 WmdmPmSN - ok
20:31:09.0453 2516 Wmi (ffa4d901d46d07a5bab2d8307fbb51a6) C:\WINDOWS\System32\advapi32.dll
20:31:09.0453 2516 Wmi - ok
20:31:09.0484 2516 WmiApSrv (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\System32\wbem\wmiapsrv.exe
20:31:09.0484 2516 WmiApSrv - ok
20:31:09.0609 2516 WMPNetworkSvc (bf05650bb7df5e9ebdd25974e22403bb) C:\Programme\Windows Media Player\WMPNetwk.exe
20:31:09.0625 2516 WMPNetworkSvc - ok
20:31:09.0671 2516 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
20:31:09.0671 2516 WpdUsb - ok
20:31:09.0687 2516 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
20:31:09.0687 2516 WS2IFSL - ok
20:31:09.0734 2516 wscsvc (300b3e84faf1a5c1f791c159ba28035d) C:\WINDOWS\system32\wscsvc.dll
20:31:09.0734 2516 wscsvc - ok
20:31:09.0765 2516 wuauserv (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll
20:31:09.0765 2516 wuauserv - ok
20:31:09.0796 2516 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
20:31:09.0796 2516 WudfPf - ok
20:31:09.0828 2516 WUDFRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
20:31:09.0828 2516 WUDFRd - ok
20:31:09.0859 2516 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
20:31:09.0859 2516 WudfSvc - ok
20:31:09.0921 2516 WZCSVC (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll
20:31:09.0921 2516 WZCSVC - ok
20:31:09.0953 2516 xmlprov (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll
20:31:09.0953 2516 xmlprov - ok
20:31:10.0000 2516 yukonwxp (228d0403f0210d6d67a9acf907597efe) C:\WINDOWS\system32\DRIVERS\yk51x86.sys
20:31:10.0000 2516 yukonwxp - ok
20:31:10.0046 2516 MBR (0x1B8) (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
20:31:10.0390 2516 \Device\Harddisk0\DR0 - ok
20:31:10.0421 2516 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR2
20:31:13.0500 2516 \Device\Harddisk1\DR2 - ok
20:31:13.0546 2516 MBR (0x1B8) (83af61a2abe40010864c01e2e6549845) \Device\Harddisk2\DR3
20:31:31.0125 2516 \Device\Harddisk2\DR3 - ok
20:31:31.0140 2516 Boot (0x1200) (d354d4e2d2b5e2445435bdc4be800717) \Device\Harddisk0\DR0\Partition0
20:31:31.0140 2516 \Device\Harddisk0\DR0\Partition0 - ok
20:31:31.0156 2516 Boot (0x1200) (a56b665f6f6fecf8926a1c0677a619e9) \Device\Harddisk1\DR2\Partition0
20:31:31.0171 2516 \Device\Harddisk1\DR2\Partition0 - ok
20:31:31.0171 2516 ============================================================
20:31:31.0171 2516 Scan finished
20:31:31.0171 2516 ============================================================
20:31:31.0171 2508 Detected object count: 0
20:31:31.0171 2508 Actual detected object count: 0
|
|
16.07.2012, 19:51
| #8 |
| /// Helfer-Team | WinXP GVU Trojaner 2.07 Sehr gut! zur Kontrolle: Malware-Scan mit Emsisoft Anti-Malware Lade die Gratisversion von => Emsisoft Anti-Malware herunter und installiere das Programm. Lade über Jetzt Updaten die aktuellen Signaturen herunter. Wähle den Freeware-Modus aus. Wähle Detail Scan und starte über den Button Scan die Überprüfung des Computers. Am Ende des Scans nichts loeschen lassen!. Mit Klick auf Bericht speichern das Logfile auf dem Desktop speichern und hier in den Thread posten. Anleitung: http://www.trojaner-board.de/103809-...i-malware.html |
|
17.07.2012, 19:34
| #9 |
| | WinXP GVU Trojaner 2.07 Hallo, hier ist das Ergebnis des Malware-Scan: Code:
ATTFilter Emsisoft Anti-Malware - Version 6.6
Letztes Update: 17.07.2012 18:33:14
Scan Einstellungen:
Scan Methode: Detail Scan
Objekte: Rootkits, Speicher, Traces, C:\
Archiv Scan: An
ADS Scan: An
Scan Beginn: 17.07.2012 18:33:30
Value: hkey_current_user\software\k++ --> applicationname gefunden: Trace.Registry.kazaa lite resurrection!E1
Value: hkey_current_user\software\k++ --> kazaastartpage gefunden: Trace.Registry.kazaa lite resurrection!E1
Gescannt 554741
Gefunden 2
Scan Ende: 17.07.2012 20:23:04
Scan Zeit: 1:49:34
Alex |
|
17.07.2012, 19:59
| #10 |
| /// Helfer-Team | WinXP GVU Trojaner 2.07 Sehr gut! Lass die Funde loeschen! damit bist Du sauber und entlassen!  Tool-Bereinigung mit OTL Wir werden nun die CleanUp!-Funktion von OTL nutzen, um die meisten Programme, die wir zur Bereinigung installiert haben, wieder von Deinem System zu löschen.
Lektuere zum abarbeiten: http://www.trojaner-board.de/90880-d...tallation.html http://www.trojaner-board.de/105213-...tellungen.html PluginCheck http://www.trojaner-board.de/96344-a...-rechners.html Secunia Online Software Inspector http://www.trojaner-board.de/71715-k...iendungen.html http://www.trojaner-board.de/83238-a...sschalten.html |
|
Linear-Darstellung
