| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: mystart by incredibar im FirefoxWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
12.10.2012, 14:28
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  mystart by incredibar im Firefox Das hat etwas mit unseren Regel zu run, weil wir hier zB normalerweise keine gewerbliche Rechner (Büro-PCs) Bereinigen weil die EDV-Abteilung dafür zuständig ist! Aber es wurde ja nun geklärt, dass es kein derartiger PC ist da ist immer noch Toolbar-Müll drin Bitte mal den aktuellen adwCleaner runterladen, also die alte adwcleaner löschen und neu runterladen Wenn der das nicht erkennt machen wir das später mit OTL weg adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren Downloade Dir bitte AdwCleaner auf deinen Desktop. Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
12.10.2012, 14:41
| #17 | |
 | mystart by incredibar im FirefoxZitat:
Hier wie verlangt das aktuelle AdwCleaner-Log: Code:
ATTFilter # AdwCleaner v2.004 - Datei am 12/10/2012 um 15:38:32 erstellt
# Aktualisiert am 06/10/2012 von Xplode
# Betriebssystem : Microsoft Windows XP Service Pack 3 (32 bits)
# Benutzer : MeinName - SAMSUNG
# Bootmodus : Normal
# Ausgeführt unter : C:\Dokumente und Einstellungen\MeinName\Desktop\adwcleaner.exe
# Option [Suche]
**** [Dienste] ****
***** [Dateien / Ordner] *****
***** [Registrierungsdatenbank] *****
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{A0B139A7-E8D5-49E8-A7BF-12421E652208}
Schlüssel Gefunden : HKU\S-1-5-21-299502267-1757981266-1644491937-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
***** [Internet Browser] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Die Registrierungsdatenbank ist sauber.
*************************
AdwCleaner[R1].txt - [3337 octets] - [12/09/2012 10:11:03]
AdwCleaner[R2].txt - [2172 octets] - [04/10/2012 15:26:04]
AdwCleaner[S1].txt - [2505 octets] - [04/10/2012 15:27:33]
AdwCleaner[R3].txt - [892 octets] - [04/10/2012 20:23:22]
AdwCleaner[S2].txt - [953 octets] - [04/10/2012 20:23:51]
AdwCleaner[R4].txt - [1537 octets] - [11/10/2012 09:07:56]
AdwCleaner[R5].txt - [1468 octets] - [12/10/2012 15:38:32]
########## EOF - C:\AdwCleaner[R5].txt - [1528 octets] ##########
|
|
12.10.2012, 16:54
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | mystart by incredibar im Firefox Um die Lizenzen geht es weniger, eher um die Zuständigkeit des Rechners
__________________ adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen
__________________ |
|
12.10.2012, 17:24
| #19 | |
| | mystart by incredibar im FirefoxZitat:
 Hier das Log nach der Bereinigung: Code:
ATTFilter # AdwCleaner v2.004 - Datei am 12/10/2012 um 18:15:33 erstellt
# Aktualisiert am 06/10/2012 von Xplode
# Betriebssystem : Microsoft Windows XP Service Pack 3 (32 bits)
# Benutzer : MeinName - SAMSUNG
# Bootmodus : Normal
# Ausgeführt unter : C:\Dokumente und Einstellungen\MeinName\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{A0B139A7-E8D5-49E8-A7BF-12421E652208}
***** [Internet Browser] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Die Registrierungsdatenbank ist sauber.
*************************
AdwCleaner[R1].txt - [3337 octets] - [12/09/2012 10:11:03]
AdwCleaner[R2].txt - [2172 octets] - [04/10/2012 15:26:04]
AdwCleaner[S1].txt - [2505 octets] - [04/10/2012 15:27:33]
AdwCleaner[R3].txt - [892 octets] - [04/10/2012 20:23:22]
AdwCleaner[S2].txt - [953 octets] - [04/10/2012 20:23:51]
AdwCleaner[R4].txt - [1537 octets] - [11/10/2012 09:07:56]
AdwCleaner[R5].txt - [1597 octets] - [12/10/2012 15:38:32]
AdwCleaner[R6].txt - [1657 octets] - [12/10/2012 18:15:09]
AdwCleaner[S3].txt - [1429 octets] - [12/10/2012 18:15:33]
########## EOF - C:\AdwCleaner[S3].txt - [1489 octets] ##########
|
|
12.10.2012, 19:10
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | mystart by incredibar im Firefox Hätte da mal zwei Fragen bevor es weiter geht (wir sind noch nicht fertig!) 1.) Geht der normale Modus von Windows (wieder) uneingeschränkt? 2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
12.10.2012, 19:24
| #21 | ||
| | mystart by incredibar im FirefoxZitat:
Zitat:
|
|
12.10.2012, 20:51
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | mystart by incredibar im Firefox Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.
Code:
ATTFilter netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
__________________ Logfiles bitte immer in CODE-Tags posten |
|
12.10.2012, 21:22
| #23 |
| | mystart by incredibar im Firefox Voilá: OTL Logfile: Code:
ATTFilter OTL logfile created on: 12.10.2012 21:59:52 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\MeinName\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1,75 Gb Total Physical Memory | 1,15 Gb Available Physical Memory | 65,58% Memory free 3,60 Gb Paging File | 3,12 Gb Available in Paging File | 86,52% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 69,05 Gb Total Space | 9,51 Gb Free Space | 13,78% Space Free | Partition Type: NTFS Drive D: | 70,00 Gb Total Space | 8,41 Gb Free Space | 12,01% Space Free | Partition Type: NTFS Computer Name: SAMSUNG | User Name: MeinName | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.10.12 21:56:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\MeinName\Desktop\OTL.exe PRC - [2012.09.18 16:47:47 | 002,863,168 | ---- | M] (Sophos Limited) -- C:\Programme\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe PRC - [2012.09.18 13:15:47 | 000,216,640 | ---- | M] (Sophos Limited) -- C:\Programme\Sophos\Sophos Anti-Virus\SAVAdminService.exe PRC - [2012.09.12 10:17:46 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Programme\Java\jre7\bin\jqs.exe PRC - [2012.08.08 16:38:56 | 000,900,160 | ---- | M] (Sophos Limited) -- C:\Programme\Sophos\AutoUpdate\ALMon.exe PRC - [2012.08.08 16:38:56 | 000,232,512 | ---- | M] (Sophos Limited) -- C:\Programme\Sophos\AutoUpdate\ALsvc.exe PRC - [2012.07.05 16:26:30 | 000,139,840 | ---- | M] (Sophos Limited) -- C:\Programme\Sophos\Sophos Anti-Virus\SavService.exe PRC - [2012.07.03 09:04:54 | 000,252,848 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe PRC - [2012.05.11 12:59:27 | 000,357,400 | ---- | M] (Sophos Limited) -- C:\Programme\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe PRC - [2012.05.07 11:25:34 | 001,754,112 | ---- | M] (Krzysztof Kowalczyk) -- C:\Programme\SumatraPDF\SumatraPDF.exe PRC - [2012.03.08 20:12:02 | 000,281,880 | ---- | M] (hxxp://tortoisesvn.net) -- C:\Programme\TortoiseSVN\bin\TSVNCache.exe PRC - [2010.03.04 23:38:00 | 000,071,096 | ---- | M] () -- C:\Programme\CDBurnerXP\NMSAccessU.exe PRC - [2009.11.17 12:07:46 | 001,528,624 | ---- | M] (Cisco Systems, Inc.) -- C:\Programme\Cisco Systems\VPN Client\cvpnd.exe PRC - [2009.08.27 18:09:10 | 001,253,376 | ---- | M] (MAGIX AG) -- C:\Programme\Gemeinsame Dateien\MAGIX Services\Database\bin\FABS.exe PRC - [2008.04.14 14:00:00 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007.10.03 14:02:44 | 002,976,256 | ---- | M] (WinEdt Team) -- C:\Programme\WinEdt Team\WinEdt\WinEdt.exe PRC - [2007.09.20 20:01:44 | 000,634,880 | ---- | M] (Samsung Electronics,.LTD) -- C:\Programme\samsung\Samsung EDS\EDSAgent.exe PRC - [2007.04.01 09:02:38 | 000,568,176 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe PRC - [2006.10.05 17:10:12 | 000,009,216 | ---- | M] (Agere Systems) -- C:\WINDOWS\system32\agrsmsvc.exe PRC - [2005.05.28 08:35:56 | 000,036,864 | R--- | M] () -- C:\Programme\samsung\Samsung Network Manager\SNMWLANService.exe ========== Modules (No Company Name) ========== MOD - [2012.06.15 09:23:53 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\dbc413807cb7360b3e26ef3ca1d54f9a\System.Web.ni.dll MOD - [2012.06.15 08:50:44 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbadafaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll MOD - [2012.06.15 08:50:25 | 001,592,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86f2038209a4cf0d0f5b30f6375c9b2\System.Drawing.ni.dll MOD - [2012.06.15 08:48:09 | 000,372,736 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll MOD - [2012.06.15 08:48:07 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll MOD - [2012.05.14 15:40:27 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll MOD - [2012.05.14 15:37:06 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll MOD - [2012.05.14 15:34:58 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll MOD - [2012.05.14 15:34:39 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll MOD - [2012.03.08 20:11:36 | 000,070,424 | ---- | M] () -- C:\Programme\TortoiseSVN\bin\libsasl32.dll MOD - [2010.07.13 11:12:07 | 001,675,264 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.2840.38361__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll MOD - [2010.07.13 11:12:07 | 000,245,760 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.2840.38318__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll MOD - [2010.07.13 11:12:07 | 000,196,608 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.2840.38373__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll MOD - [2010.07.13 11:12:07 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.2840.38353__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll MOD - [2010.07.13 11:12:07 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.2840.38339__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll MOD - [2010.07.13 11:12:06 | 000,364,544 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.2840.38587__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll MOD - [2010.07.13 11:12:06 | 000,077,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.2840.38579__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll MOD - [2010.07.13 11:12:06 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.2840.38537__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll MOD - [2010.07.13 11:12:06 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.2840.38473__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll MOD - [2010.07.13 11:12:03 | 000,483,328 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.2840.38616__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll MOD - [2010.07.13 11:10:25 | 000,135,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2840.38621__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll MOD - [2010.07.13 11:10:25 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.2840.38332__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll MOD - [2010.07.13 11:10:24 | 000,352,256 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.2840.38545__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll MOD - [2010.07.13 11:10:24 | 000,090,112 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.2840.38552__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll MOD - [2010.07.13 11:10:23 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.2840.38545__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll MOD - [2010.07.13 11:10:20 | 000,794,624 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.2840.38482__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll MOD - [2010.07.13 11:10:20 | 000,401,408 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.2840.38565__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll MOD - [2010.07.13 11:10:20 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.2840.38481__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll MOD - [2010.07.13 11:10:19 | 000,434,176 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.2840.38340__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll MOD - [2010.07.13 11:10:19 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.2840.38380__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll MOD - [2010.07.13 11:10:19 | 000,118,784 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.2840.38504__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll MOD - [2010.07.13 11:10:19 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.2840.38503__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll MOD - [2010.07.13 11:10:18 | 000,901,120 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.2840.38580__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll MOD - [2010.07.13 11:10:18 | 000,589,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.2840.38387__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll MOD - [2010.07.13 11:10:18 | 000,401,408 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.2840.38524__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll MOD - [2010.07.13 11:10:18 | 000,307,200 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.2840.38392__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll MOD - [2010.07.13 11:10:18 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.2840.38392__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll MOD - [2010.07.13 11:10:17 | 000,479,232 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.2840.38475__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll MOD - [2010.07.13 11:10:17 | 000,057,344 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.2840.38474__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll MOD - [2010.07.13 11:10:17 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.2840.38481__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll MOD - [2010.07.13 11:10:17 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.2840.38523__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll MOD - [2010.07.13 11:10:16 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2791.32000__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll MOD - [2010.07.13 11:10:16 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2791.31999__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll MOD - [2010.07.13 11:10:16 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2791.32011__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll MOD - [2010.07.13 11:10:15 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2791.32024__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll MOD - [2010.07.13 11:10:15 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2791.32025__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll MOD - [2010.07.13 11:10:15 | 000,006,656 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll MOD - [2010.07.13 11:10:13 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.2791.31986__90ba9c70f846762e\LOG.Foundation.dll MOD - [2010.07.13 11:10:13 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2791.31992__90ba9c70f846762e\NEWAEM.Foundation.dll MOD - [2010.07.13 11:10:13 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2791.32016__90ba9c70f846762e\DEM.OS.I0602.dll MOD - [2010.07.13 11:10:13 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.2791.32006__90ba9c70f846762e\MOM.Foundation.dll MOD - [2010.07.13 11:10:13 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS\2.0.2791.32016__90ba9c70f846762e\DEM.OS.dll MOD - [2010.07.13 11:10:13 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll MOD - [2010.07.13 11:10:12 | 000,049,152 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.2791.31988__90ba9c70f846762e\CLI.Foundation.dll MOD - [2010.07.13 11:10:12 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll MOD - [2010.07.13 11:10:12 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2791.32434__90ba9c70f846762e\CLI.Foundation.XManifest.dll MOD - [2010.07.13 11:10:12 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2791.32007__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll MOD - [2010.07.13 11:10:12 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2791.31999__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll MOD - [2010.07.13 11:10:12 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2791.31995__90ba9c70f846762e\CLI.Component.Client.Shared.dll MOD - [2010.07.13 11:10:12 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.2791.32015__90ba9c70f846762e\DEM.Graphics.dll MOD - [2010.07.13 11:10:12 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll MOD - [2010.07.13 11:10:12 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2791.32001__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll MOD - [2010.07.13 11:10:11 | 000,057,344 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2791.32002__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll MOD - [2010.07.13 11:10:11 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2791.32027__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll MOD - [2010.07.13 11:10:11 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2791.32041__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll MOD - [2010.07.13 11:10:11 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2791.32029__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll MOD - [2010.07.13 11:10:11 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2791.32040__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll MOD - [2010.07.13 11:10:09 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2791.32027__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll MOD - [2010.07.13 11:10:09 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2791.32015__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll MOD - [2010.07.13 11:10:09 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2791.32007__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll MOD - [2010.07.13 11:10:09 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2791.32014__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll MOD - [2010.07.13 11:10:09 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2791.32039__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll MOD - [2010.07.13 11:10:09 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2791.32029__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll MOD - [2010.07.13 11:10:08 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2791.32014__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll MOD - [2010.07.13 11:10:08 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2833.15324__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll MOD - [2010.07.13 11:10:08 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2833.15304__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll MOD - [2010.07.13 11:10:08 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2791.32039__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll MOD - [2010.07.13 11:10:08 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2833.15206__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll MOD - [2010.07.13 11:10:08 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.2791.32006__90ba9c70f846762e\APM.Foundation.dll MOD - [2010.07.13 11:10:08 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2791.32001__90ba9c70f846762e\AEM.Server.Shared.dll MOD - [2010.07.13 11:10:07 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Foundation\2.0.2791.31987__90ba9c70f846762e\AEM.Foundation.dll MOD - [2010.07.13 11:10:07 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll MOD - [2010.07.13 11:09:45 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray.resources\2.0.2840.38594_de_90ba9c70f846762e\CLI.Component.Systemtray.resources.dll MOD - [2010.07.13 11:09:42 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.2840.38644__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll MOD - [2010.07.13 11:09:41 | 000,102,400 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.2840.38602__90ba9c70f846762e\MOM.Implementation.dll MOD - [2010.07.13 11:09:41 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2791.31993__90ba9c70f846762e\LOG.Foundation.Private.dll MOD - [2010.07.13 11:09:41 | 000,006,656 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.2840.38309__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll MOD - [2010.07.13 11:09:40 | 000,471,040 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.2840.38348__90ba9c70f846762e\CLI.Component.Wizard.dll MOD - [2010.07.13 11:09:40 | 000,462,848 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.2840.38594__90ba9c70f846762e\CLI.Component.Systemtray.dll MOD - [2010.07.13 11:09:40 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2840.38601__90ba9c70f846762e\LOG.Foundation.Implementation.dll MOD - [2010.07.13 11:09:40 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2791.31996__90ba9c70f846762e\CLI.Foundation.Private.dll MOD - [2010.07.13 11:09:40 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2791.32039__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll MOD - [2010.07.13 11:09:40 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2791.32009__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll MOD - [2010.07.13 11:09:39 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.2840.38310__90ba9c70f846762e\CLI.Component.Runtime.dll MOD - [2010.07.13 11:09:39 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2791.32008__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll MOD - [2010.07.13 11:09:38 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2791.32010__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll MOD - [2010.07.13 11:09:37 | 001,503,232 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.2840.38327__90ba9c70f846762e\CLI.Component.Dashboard.dll MOD - [2010.07.13 11:09:37 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2791.32004__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll MOD - [2010.07.13 11:09:36 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.2840.38602__90ba9c70f846762e\CCC.Implementation.dll MOD - [2010.07.13 11:09:36 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2791.32030__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll MOD - [2010.07.13 11:09:35 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATIDEMOS\2.0.2840.38311__90ba9c70f846762e\ATIDEMOS.dll MOD - [2010.07.13 11:09:35 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.2840.38310__90ba9c70f846762e\APM.Server.dll MOD - [2010.07.13 11:09:35 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.2840.38309__90ba9c70f846762e\AEM.Server.dll MOD - [2010.07.13 11:09:35 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll MOD - [2010.03.15 11:28:22 | 000,141,824 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll MOD - [2010.03.04 23:38:00 | 000,071,096 | ---- | M] () -- C:\Programme\CDBurnerXP\NMSAccessU.exe MOD - [2009.11.17 12:08:34 | 000,197,424 | ---- | M] () -- C:\WINDOWS\system32\vpnapi.dll MOD - [2009.11.16 20:31:58 | 000,069,632 | ---- | M] () -- C:\Programme\PSPad editor\PSPadShell.dll MOD - [2009.02.27 17:41:26 | 000,311,296 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\pdfshell.DEU MOD - [2007.04.01 09:00:28 | 002,842,624 | ---- | M] () -- C:\WINDOWS\system32\btwicons.dll MOD - [2007.03.02 10:44:34 | 000,073,728 | ---- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll MOD - [2005.05.28 08:35:56 | 000,036,864 | R--- | M] () -- C:\Programme\samsung\Samsung Network Manager\SNMWLANService.exe MOD - [2005.05.27 22:03:06 | 000,364,666 | R--- | M] () -- C:\Programme\samsung\Samsung Network Manager\SNMCoreDll.dll MOD - [2001.10.28 17:42:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\pdfcmnnt.dll ========== Services (SafeList) ========== SRV - [2012.10.12 18:32:03 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.10.09 09:57:06 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.09.18 16:47:47 | 002,863,168 | ---- | M] (Sophos Limited) [Auto | Running] -- C:\Programme\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe -- (swi_service) SRV - [2012.09.18 13:15:47 | 000,216,640 | ---- | M] (Sophos Limited) [Auto | Running] -- C:\Programme\Sophos\Sophos Anti-Virus\SAVAdminService.exe -- (SAVAdminService) SRV - [2012.09.12 10:17:46 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Programme\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2012.08.08 16:38:56 | 000,232,512 | ---- | M] (Sophos Limited) [Auto | Running] -- C:\Programme\Sophos\AutoUpdate\ALsvc.exe -- (Sophos AutoUpdate Service) SRV - [2012.08.08 16:38:27 | 001,465,920 | ---- | M] (Sophos Limited) [Auto | Stopped] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sophos\Web Intelligence\swi_update.exe -- (swi_update) SRV - [2012.07.05 16:26:30 | 000,139,840 | ---- | M] (Sophos Limited) [Auto | Running] -- C:\Programme\Sophos\Sophos Anti-Virus\SavService.exe -- (SAVService) SRV - [2012.05.11 12:59:27 | 000,357,400 | ---- | M] (Sophos Limited) [Auto | Running] -- C:\Programme\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe -- (Sophos Web Control Service) SRV - [2010.03.04 23:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Programme\CDBurnerXP\NMSAccessU.exe -- (NMSAccess) SRV - [2009.11.17 12:07:46 | 001,528,624 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Programme\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND) SRV - [2009.08.27 18:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\MAGIX Services\Database\bin\FABS.exe -- (Fabs) SRV - [2008.08.07 12:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance) SRV - [2006.10.05 17:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\WINDOWS\system32\agrsmsvc.exe -- (AgereModemAudio) SRV - [2005.05.28 08:35:56 | 000,036,864 | R--- | M] () [Auto | Running] -- C:\Programme\samsung\Samsung Network Manager\SNMWLANService.exe -- (SNM WLAN Service) SRV - [2003.07.28 12:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - [2012.05.11 12:59:26 | 000,024,832 | ---- | M] (Sophos Limited) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\savonaccessfilter.sys -- (SAVOnAccessFilter) DRV - [2012.05.11 12:59:24 | 000,155,392 | ---- | M] (Sophos Limited) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\savonaccesscontrol.sys -- (SAVOnAccessControl) DRV - [2012.01.18 11:39:07 | 000,033,696 | ---- | M] (Sophos Limited) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sdcfilter.sys -- (sdcfilter) DRV - [2011.06.03 08:39:12 | 000,031,736 | ---- | M] (Sophos Plc) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\skmscan.sys -- (SKMScan) DRV - [2011.02.10 04:34:22 | 000,051,968 | ---- | M] (Generic USB smartcard reader) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MHIKEY10.sys -- (MHIKEY10) DRV - [2010.07.11 18:37:52 | 000,004,300 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\MEMIO.SYS -- (DOSMEMIO) DRV - [2010.06.04 12:29:04 | 001,606,368 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416) DRV - [2009.11.17 12:07:06 | 000,308,859 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\CVPNDRVA.sys -- (CVPNDRVA) DRV - [2009.11.12 14:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2008.11.16 18:39:44 | 000,131,984 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dne2000.sys -- (DNE) DRV - [2008.05.23 08:38:25 | 000,014,976 | ---- | M] (Sophos Plc) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\SophosBootDriver.sys -- (SophosBootDriver) DRV - [2007.12.06 09:51:00 | 000,285,952 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp) DRV - [2007.11.14 19:05:16 | 000,394,952 | ---- | M] (Zone Labs, LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant) DRV - [2007.10.11 22:04:52 | 002,456,576 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2007.09.19 08:47:14 | 000,029,184 | ---- | M] (Samsung Electronics,.LTD) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SamsungEDS.SYS -- (DNSeFilter) DRV - [2007.07.09 18:56:00 | 004,449,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) DRV - [2007.03.31 13:02:42 | 000,876,384 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL) DRV - [2007.01.18 20:28:02 | 000,005,275 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CVirtA.sys -- (CVirtA) DRV - [2006.11.28 20:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2005.05.24 15:26:02 | 000,019,840 | R--- | M] (Samsung) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SUE_PD.sys -- (SUEPD) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-299502267-1757981266-1644491937-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKU\S-1-5-21-299502267-1757981266-1644491937-1003\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-299502267-1757981266-1644491937-1003\..\SearchScopes\{2FF80E14-5DB8-4471-8D75-BFCFCCCFA08E}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=302398&p={searchTerms} IE - HKU\S-1-5-21-299502267-1757981266-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "about:home" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: pdfforge@mybrowserbar.com:4.3 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:4.3 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..network.proxy.http: "proxy.informatik.tu-muenchen.de" FF - prefs.js..network.proxy.http_port: 8080 FF - prefs.js..network.proxy.type: 4 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.10.10 09:40:05 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.10.10 09:39:55 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.1\extensions\\Components: C:\Programme\Mozilla Thunderbird\components [2012.07.19 20:53:11 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.1\extensions\\Plugins: C:\Programme\Mozilla Thunderbird\plugins [2010.07.12 09:31:53 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Mozilla\Extensions [2010.07.12 09:31:53 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2012.10.02 14:58:46 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Mozilla\Firefox\Profiles\grfzyh5o.default\extensions [2012.10.10 09:39:52 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2010.07.17 20:23:09 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION [2012.10.10 09:40:05 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll [2012.09.06 04:07:37 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.09.06 04:07:37 | 000,002,465 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml [2012.09.06 04:07:37 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml [2012.09.06 04:07:37 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml [2012.09.06 04:07:37 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml [2012.09.06 04:07:37 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2008.04.14 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [EDS] C:\Programme\samsung\Samsung EDS\EDSAgent.exe (Samsung Electronics,.LTD) O4 - HKLM..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [Sophos AutoUpdate Monitor] C:\Programme\Sophos\AutoUpdate\ALMon.exe (Sophos Limited) O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe () O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\BTTray.lnk = C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Password.lnk = C:\WINDOWS\Temp\Password.exe (Freecom) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\VPN Client.lnk = C:\WINDOWS\Installer\{21E247D4-5E27-4BEA-AA4D-19A81203FE2A}\Icon3E5562ED7.ico () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-299502267-1757981266-1644491937-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Senden an &Bluetooth-Gerät... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited) O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.156.33.53 129.187.5.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{56C2CCC0-97CC-49E7-A0D6-8E706CA5E97D}: DhcpNameServer = 10.156.33.53 129.187.5.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E311F396-D0B4-49AA-A1AE-9C828D6282D6}: DhcpNameServer = 131.159.254.1 131.159.254.2 O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL) - C:\Programme\Sophos\Sophos Anti-Virus\sophos_detoured.dll (Sophos Limited) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010.07.11 17:50:21 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{54e9d808-86af-11e0-b20b-00059a3c7800}\Shell - "" = AutoRun O33 - MountPoints2\{54e9d808-86af-11e0-b20b-00059a3c7800}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{54e9d808-86af-11e0-b20b-00059a3c7800}\Shell\AutoRun\command - "" = F:\Setup.exe O33 - MountPoints2\{a4ab9d86-7c9a-11e1-b358-0013775a81d8}\Shell - "" = AutoRun O33 - MountPoints2\{a4ab9d86-7c9a-11e1-b358-0013775a81d8}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{a4ab9d86-7c9a-11e1-b358-0013775a81d8}\Shell\AutoRun\command - "" = F:\IronKey.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) NetSvcs: 6to4 - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SAVService - C:\Programme\Sophos\Sophos Anti-Virus\SavService.exe (Sophos Limited) SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SAVService - C:\Programme\Sophos\Sophos Anti-Virus\SavService.exe (Sophos Limited) SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4 ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7 ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Sicherheitsupdate für Windows XP (KB923789) ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} - ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Shockwave Flash ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation) Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.) Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2012.10.11 17:25:51 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\MeinName\Desktop\OTL.exe [2012.10.10 09:39:51 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox [2012.10.09 16:03:09 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\MeinName\Recent [2012.09.27 21:35:16 | 000,000,000 | ---D | C] -- C:\SAV32CLI [2012.09.27 21:23:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\MeinName\Lokale Einstellungen\Anwendungsdaten\Sophos [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.10.12 21:57:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2012.10.12 21:56:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\MeinName\Desktop\OTL.exe [2012.10.12 21:53:35 | 000,000,600 | ---- | M] () -- C:\Dokumente und Einstellungen\MeinName\Lokale Einstellungen\Anwendungsdaten\PUTTY.RND [2012.10.12 21:38:00 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012.10.12 18:18:46 | 000,002,423 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\VPN Client.lnk [2012.10.12 18:18:17 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012.10.12 18:17:28 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012.10.12 18:17:13 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012.10.12 18:11:52 | 000,122,880 | ---- | M] () -- C:\Dokumente und Einstellungen\MeinName\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.10.12 15:37:05 | 000,538,327 | ---- | M] () -- C:\Dokumente und Einstellungen\MeinName\Desktop\adwcleaner.exe [2012.10.10 12:27:36 | 000,011,227 | ---- | M] () -- C:\Dokumente und Einstellungen\MeinName\gsview32.ini [2012.10.10 09:20:26 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2012.10.09 18:55:10 | 000,000,600 | ---- | M] () -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\winscp.rnd [2012.10.09 16:05:20 | 000,001,774 | ---- | M] () -- C:\Dokumente und Einstellungen\MeinName\Eigene Dateien\cc_20121009_160512.reg [2012.10.09 15:52:17 | 000,000,654 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\CCleaner.lnk [2012.10.04 20:31:29 | 000,002,409 | ---- | M] () -- C:\Dokumente und Einstellungen\MeinName\Desktop\VPN Client.lnk [2012.09.26 16:00:15 | 000,002,004 | ---- | M] () -- C:\Dokumente und Einstellungen\MeinName\Eigene Dateien\cc_20120926_160009.reg [2012.09.17 18:16:57 | 000,001,664 | ---- | M] () -- C:\Dokumente und Einstellungen\MeinName\Eigene Dateien\cc_20120917_181650.reg [2012.09.16 17:51:47 | 000,002,241 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Skype.lnk [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.10.12 15:37:04 | 000,538,327 | ---- | C] () -- C:\Dokumente und Einstellungen\MeinName\Desktop\adwcleaner.exe [2012.10.10 09:20:13 | 000,001,393 | ---- | C] () -- C:\WINDOWS\imsins.BAK [2012.10.09 16:05:14 | 000,001,774 | ---- | C] () -- C:\Dokumente und Einstellungen\MeinName\Eigene Dateien\cc_20121009_160512.reg [2012.09.26 16:00:13 | 000,002,004 | ---- | C] () -- C:\Dokumente und Einstellungen\MeinName\Eigene Dateien\cc_20120926_160009.reg [2012.09.17 18:16:55 | 000,001,664 | ---- | C] () -- C:\Dokumente und Einstellungen\MeinName\Eigene Dateien\cc_20120917_181650.reg [2012.08.06 09:31:13 | 000,000,600 | ---- | C] () -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\PUTTY.RND [2012.05.16 20:26:48 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\gnuplot_history [2012.02.15 09:42:05 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012.01.10 21:18:12 | 000,000,158 | ---- | C] () -- C:\WINDOWS\ricdb.ini [2011.08.01 11:41:19 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI [2010.12.31 19:47:45 | 000,000,600 | ---- | C] () -- C:\Dokumente und Einstellungen\MeinName\Lokale Einstellungen\Anwendungsdaten\PUTTY.RND [2010.07.12 18:18:17 | 000,000,150 | ---- | C] () -- C:\Dokumente und Einstellungen\MeinName\.Xauthority [2010.07.12 18:02:44 | 000,000,600 | ---- | C] () -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\winscp.rnd [2010.07.12 14:10:00 | 000,011,227 | ---- | C] () -- C:\Dokumente und Einstellungen\MeinName\gsview32.ini [2010.07.11 18:35:30 | 000,122,880 | ---- | C] () -- C:\Dokumente und Einstellungen\MeinName\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ========== ZeroAccess Check ========== [2010.07.13 11:06:09 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2010.04.16 18:06:44 | 001,509,888 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 14:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2010.08.29 19:21:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Canneverbe Limited [2011.08.15 11:34:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EPSON [2011.03.23 19:37:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MAGIX [2012.05.11 13:01:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sophos [2010.08.29 19:21:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Canneverbe Limited [2011.04.26 18:23:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\DVDVideoSoftIEHelpers [2011.03.23 19:40:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\MAGIX [2010.10.20 19:15:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Neuer Ordner [2012.08.08 10:55:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Oracle [2012.04.17 10:56:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Subversion [2012.06.19 17:22:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\SumatraPDF [2010.07.12 09:31:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Thunderbird [2012.10.12 18:09:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\WinEdt ========== Purity Check ========== ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2010.10.20 08:30:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Adobe [2010.07.13 11:15:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\ATI [2010.08.29 19:21:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Canneverbe Limited [2011.09.04 14:34:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\dvdcss [2011.04.26 18:23:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\DVDVideoSoftIEHelpers [2010.08.02 08:44:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Google [2010.08.11 09:58:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Help [2010.07.11 17:54:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Identities [2010.07.11 19:38:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Macromedia [2011.03.23 19:40:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\MAGIX [2012.01.05 16:47:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Malwarebytes [2010.07.12 20:40:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\MathWorks [2011.12.13 16:24:01 | 000,000,000 | --SD | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Microsoft [2011.06.01 10:59:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\MiKTeX [2010.07.11 19:23:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Mozilla [2010.08.29 12:50:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Nero [2010.10.20 19:15:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Neuer Ordner [2012.08.08 10:55:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Oracle [2012.09.04 14:34:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\PSpad [2012.09.16 17:54:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Skype [2011.11.07 18:28:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\skypePM [2012.04.17 10:56:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Subversion [2012.06.19 17:22:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\SumatraPDF [2010.07.12 16:06:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Sun [2010.07.12 09:31:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Thunderbird [2012.04.17 21:33:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\TortoiseSVN [2012.02.10 21:29:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\vlc [2012.09.12 14:21:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Winamp [2012.10.12 18:09:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\WinEdt [2010.07.12 17:57:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\WinRAR < %APPDATA%\*.exe /s > [2011.09.18 15:34:31 | 003,088,032 | ---- | M] (Adobe Systems, Inc.) -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe [2010.10.02 21:06:49 | 001,288,704 | ---- | M] () -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\MiKTeX\2.9\miktex\bin\miktex-taskbar-icon.exe [2010.10.02 21:06:49 | 001,288,704 | ---- | M] () -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\MiKTeX\2.9\miktex\bin\miktex-update.exe [2010.10.02 21:06:51 | 001,288,704 | ---- | M] () -- C:\Dokumente und Einstellungen\MeinName\Anwendungsdaten\MiKTeX\2.9\miktex\bin\miktex-update_admin.exe < %SYSTEMDRIVE%\*.exe > [2010.12.31 14:05:32 | 000,454,656 | ---- | M] (Simon Tatham) -- C:\putty.exe [2012.04.17 19:09:34 | 000,180,224 | ---- | M] (Simon Tatham) -- C:\puttygen.exe < MD5 for: AGP440.SYS > [2008.04.14 14:00:00 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys < MD5 for: ATAPI.SYS > [2008.04.14 14:00:00 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2008.04.14 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys < MD5 for: EVENTLOG.DLL > [2011.10.07 16:28:36 | 000,024,704 | R--- | M] () MD5=003C387405B636F7633DAD80FDE9F436 -- C:\Programme\Perl\lib\auto\Win32\EventLog\EventLog.dll [2008.04.14 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\dllcache\eventlog.dll [2008.04.14 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll [2007.01.23 17:22:16 | 000,032,890 | ---- | M] () MD5=4FA5D1120762802A741F374F8B391E69 -- C:\Programme\MATLAB\R2009b\sys\perl\win32\lib\auto\Win32\EventLog\EventLog.dll < MD5 for: NETLOGON.DLL > [2008.04.14 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\dllcache\netlogon.dll [2008.04.14 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll < MD5 for: SCECLI.DLL > [2008.04.14 14:00:00 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\dllcache\scecli.dll [2008.04.14 14:00:00 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll < MD5 for: USER32.DLL > [2008.04.14 14:00:00 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\dllcache\user32.dll [2008.04.14 14:00:00 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll < MD5 for: USERINIT.EXE > [2008.04.14 14:00:00 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\dllcache\userinit.exe [2008.04.14 14:00:00 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe < MD5 for: WINLOGON.EXE > [2012.09.07 17:04:42 | 000,218,696 | ---- | M] () MD5=4E0D8C9F83B7FD82393F7D8CCC27E7AE -- C:\Programme\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe [2008.04.14 14:00:00 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\dllcache\winlogon.exe [2008.04.14 14:00:00 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe < MD5 for: WS2IFSL.SYS > [2008.04.14 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys [2008.04.14 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > [2010.07.11 19:34:00 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav [2010.07.11 19:34:00 | 001,089,536 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav [2010.07.11 19:34:00 | 000,454,656 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] < End of report > [/code] |
|
13.10.2012, 15:06
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | mystart by incredibar im Firefox Ist ziemlich unauffällig Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
14.10.2012, 22:12
| #25 |
| | mystart by incredibar im Firefox Hier das TDSS-Log Code:
ATTFilter 23:06:52.0296 3740 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
23:06:52.0375 3740 ============================================================
23:06:52.0375 3740 Current date / time: 2012/10/14 23:06:52.0375
23:06:52.0375 3740 SystemInfo:
23:06:52.0375 3740
23:06:52.0375 3740 OS Version: 5.1.2600 ServicePack: 3.0
23:06:52.0375 3740 Product type: Workstation
23:06:52.0375 3740 ComputerName: SAMSUNG
23:06:52.0375 3740 UserName: MeinName
23:06:52.0375 3740 Windows directory: C:\WINDOWS
23:06:52.0375 3740 System windows directory: C:\WINDOWS
23:06:52.0375 3740 Processor architecture: Intel x86
23:06:52.0375 3740 Number of processors: 2
23:06:52.0375 3740 Page size: 0x1000
23:06:52.0375 3740 Boot type: Normal boot
23:06:52.0375 3740 ============================================================
23:06:54.0156 3740 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
23:06:54.0156 3740 ============================================================
23:06:54.0156 3740 \Device\Harddisk0\DR0:
23:06:54.0156 3740 MBR partitions:
23:06:54.0156 3740 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1400800, BlocksNum 0x8A19000
23:06:54.0156 3740 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x9E19800, BlocksNum 0x8BFF800
23:06:54.0156 3740 ============================================================
23:06:54.0171 3740 C: <-> \Device\Harddisk0\DR0\Partition1
23:06:54.0265 3740 D: <-> \Device\Harddisk0\DR0\Partition2
23:06:54.0265 3740 ============================================================
23:06:54.0265 3740 Initialize success
23:06:54.0265 3740 ============================================================
23:07:45.0187 2680 ============================================================
23:07:45.0187 2680 Scan started
23:07:45.0187 2680 Mode: Manual; SigCheck; TDLFS;
23:07:45.0187 2680 ============================================================
23:07:46.0375 2680 ================ Scan system memory ========================
23:07:49.0062 2680 System memory - ok
23:07:49.0062 2680 ================ Scan services =============================
23:07:49.0921 2680 Abiosdsk - ok
23:07:49.0921 2680 abp480n5 - ok
23:07:50.0000 2680 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
23:07:54.0359 2680 ACPI - ok
23:07:54.0406 2680 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
23:07:54.0640 2680 ACPIEC - ok
23:07:54.0750 2680 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
23:07:54.0796 2680 AdobeFlashPlayerUpdateSvc - ok
23:07:54.0796 2680 adpu160m - ok
23:07:54.0859 2680 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
23:07:55.0171 2680 aec - ok
23:07:55.0234 2680 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
23:07:55.0375 2680 AFD - ok
23:07:55.0453 2680 [ 39E435C90C9C4F780FA0ED05CA3C3A1B ] AgereModemAudio C:\WINDOWS\system32\agrsmsvc.exe
23:07:55.0500 2680 AgereModemAudio - ok
23:07:55.0625 2680 [ CE91B158FA490CF4C4D487A4130F4660 ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys
23:07:55.0781 2680 AgereSoftModem - ok
23:07:55.0781 2680 Aha154x - ok
23:07:55.0796 2680 aic78u2 - ok
23:07:55.0796 2680 aic78xx - ok
23:07:55.0890 2680 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll
23:07:56.0125 2680 Alerter - ok
23:07:56.0156 2680 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe
23:07:56.0234 2680 ALG - ok
23:07:56.0234 2680 AliIde - ok
23:07:56.0234 2680 amsint - ok
23:07:56.0406 2680 [ D45960BE52C3C610D361977057F98C54 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
23:07:56.0484 2680 AppMgmt - ok
23:07:56.0812 2680 [ C413E2E549488A5F1969DECB5B03187A ] AR5416 C:\WINDOWS\system32\DRIVERS\athw.sys
23:07:57.0062 2680 AR5416 - ok
23:07:57.0078 2680 asc - ok
23:07:57.0078 2680 asc3350p - ok
23:07:57.0078 2680 asc3550 - ok
23:07:57.0359 2680 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
23:07:57.0375 2680 aspnet_state - ok
23:07:57.0437 2680 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
23:07:57.0640 2680 AsyncMac - ok
23:07:57.0718 2680 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
23:07:57.0843 2680 atapi - ok
23:07:57.0859 2680 Atdisk - ok
23:07:57.0937 2680 [ 814A264F3D5ADF7B5CC531C0BB0A5C94 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
23:07:58.0078 2680 Ati HotKey Poller - ok
23:07:58.0468 2680 [ D06F84AEC48E1D9E7ECEDAF8DA0948D7 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
23:07:58.0859 2680 ati2mtag - ok
23:07:58.0937 2680 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
23:07:59.0093 2680 Atmarpc - ok
23:07:59.0218 2680 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
23:07:59.0453 2680 AudioSrv - ok
23:07:59.0531 2680 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
23:07:59.0671 2680 audstub - ok
23:07:59.0703 2680 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
23:07:59.0843 2680 Beep - ok
23:07:59.0984 2680 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll
23:08:00.0109 2680 BITS - ok
23:08:00.0187 2680 [ B71549F23736ADF83A571061C47777FD ] Browser C:\WINDOWS\System32\browser.dll
23:08:00.0312 2680 Browser - ok
23:08:00.0578 2680 [ 885B6D0F826A216EEE4C3AD883809012 ] BTKRNL C:\WINDOWS\system32\DRIVERS\btkrnl.sys
23:08:00.0703 2680 BTKRNL - ok
23:08:00.0937 2680 [ 49E9ED37FAEC5E8C03E81FD73D3884D6 ] btwdins C:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe
23:08:00.0968 2680 btwdins - ok
23:08:01.0015 2680 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
23:08:01.0218 2680 cbidf2k - ok
23:08:01.0234 2680 cd20xrnt - ok
23:08:01.0281 2680 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
23:08:01.0578 2680 Cdaudio - ok
23:08:01.0640 2680 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
23:08:01.0796 2680 Cdfs - ok
23:08:01.0875 2680 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
23:08:02.0046 2680 Cdrom - ok
23:08:02.0046 2680 Changer - ok
23:08:02.0093 2680 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe
23:08:02.0250 2680 CiSvc - ok
23:08:02.0281 2680 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
23:08:02.0421 2680 ClipSrv - ok
23:08:02.0484 2680 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:08:02.0687 2680 clr_optimization_v2.0.50727_32 - ok
23:08:02.0734 2680 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
23:08:02.0875 2680 CmBatt - ok
23:08:02.0875 2680 CmdIde - ok
23:08:02.0906 2680 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
23:08:03.0078 2680 Compbatt - ok
23:08:03.0078 2680 COMSysApp - ok
23:08:03.0093 2680 Cpqarray - ok
23:08:03.0171 2680 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
23:08:03.0312 2680 CryptSvc - ok
23:08:03.0390 2680 [ B5ECADF7708960F1818C7FA015F4C239 ] CVirtA C:\WINDOWS\system32\DRIVERS\CVirtA.sys
23:08:03.0468 2680 CVirtA - ok
23:08:04.0000 2680 [ D4A26B0926171DC4F969955D157D1311 ] CVPND C:\Programme\Cisco Systems\VPN Client\cvpnd.exe
23:08:04.0234 2680 CVPND - ok
23:08:04.0375 2680 [ C23025AC5AE45A105D63BD6E2408EDD4 ] CVPNDRVA C:\WINDOWS\system32\Drivers\CVPNDRVA.sys
23:08:04.0406 2680 CVPNDRVA ( UnsignedFile.Multi.Generic ) - warning
23:08:04.0406 2680 CVPNDRVA - detected UnsignedFile.Multi.Generic (1)
23:08:04.0406 2680 dac2w2k - ok
23:08:04.0406 2680 dac960nt - ok
23:08:04.0500 2680 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
23:08:04.0609 2680 DcomLaunch - ok
23:08:04.0656 2680 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
23:08:04.0859 2680 Dhcp - ok
23:08:05.0203 2680 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
23:08:05.0328 2680 Disk - ok
23:08:05.0343 2680 dmadmin - ok
23:08:05.0625 2680 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
23:08:05.0921 2680 dmboot - ok
23:08:05.0968 2680 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys
23:08:06.0312 2680 dmio - ok
23:08:06.0359 2680 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
23:08:06.0515 2680 dmload - ok
23:08:06.0562 2680 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll
23:08:06.0718 2680 dmserver - ok
23:08:06.0781 2680 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
23:08:06.0921 2680 DMusic - ok
23:08:07.0000 2680 [ B5AA5AA5AC327BD7C1AEC0C58F0C1144 ] DNE C:\WINDOWS\system32\DRIVERS\dne2000.sys
23:08:07.0031 2680 DNE - ok
23:08:07.0078 2680 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
23:08:07.0359 2680 Dnscache - ok
23:08:07.0406 2680 [ 7A46D39BC347AF729366179CC177FBF1 ] DNSeFilter C:\WINDOWS\system32\drivers\SamsungEDS.sys
23:08:07.0437 2680 DNSeFilter ( UnsignedFile.Multi.Generic ) - warning
23:08:07.0437 2680 DNSeFilter - detected UnsignedFile.Multi.Generic (1)
23:08:07.0500 2680 [ 8A4CB9438571814B128B6DC30D698064 ] DOSMEMIO C:\WINDOWS\system32\MEMIO.SYS
23:08:07.0546 2680 DOSMEMIO ( UnsignedFile.Multi.Generic ) - warning
23:08:07.0546 2680 DOSMEMIO - detected UnsignedFile.Multi.Generic (1)
23:08:07.0593 2680 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
23:08:07.0812 2680 Dot3svc - ok
23:08:07.0828 2680 dpti2o - ok
23:08:07.0875 2680 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
23:08:08.0000 2680 drmkaud - ok
23:08:08.0109 2680 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll
23:08:08.0265 2680 EapHost - ok
23:08:08.0328 2680 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll
23:08:08.0468 2680 ERSvc - ok
23:08:08.0640 2680 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe
23:08:08.0703 2680 Eventlog - ok
23:08:08.0781 2680 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\system32\es.dll
23:08:08.0812 2680 EventSystem - ok
23:08:08.0890 2680 Fabs - ok
23:08:08.0937 2680 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
23:08:09.0093 2680 Fastfat - ok
23:08:09.0156 2680 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
23:08:09.0828 2680 FastUserSwitchingCompatibility - ok
23:08:09.0875 2680 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
23:08:10.0046 2680 Fdc - ok
23:08:10.0093 2680 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
23:08:10.0218 2680 Fips - ok
23:08:10.0703 2680 [ FFF1130F7C9FA01D093A1EDFC5CCE8FC ] FirebirdServerMAGIXInstance C:\Programme\Gemeinsame Dateien\MAGIX Services\Database\bin\fbserver.exe
23:08:11.0843 2680 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
23:08:11.0843 2680 FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
23:08:11.0890 2680 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
23:08:12.0187 2680 Flpydisk - ok
23:08:12.0234 2680 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
23:08:12.0390 2680 FltMgr - ok
23:08:12.0453 2680 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
23:08:12.0484 2680 FontCache3.0.0.0 - ok
23:08:12.0515 2680 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
23:08:12.0656 2680 Fs_Rec - ok
23:08:12.0687 2680 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
23:08:12.0843 2680 Ftdisk - ok
23:08:12.0906 2680 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
23:08:13.0062 2680 Gpc - ok
23:08:13.0234 2680 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Programme\Google\Update\GoogleUpdate.exe
23:08:13.0250 2680 gupdate - ok
23:08:13.0250 2680 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe
23:08:13.0265 2680 gupdatem - ok
23:08:13.0343 2680 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
23:08:13.0500 2680 HDAudBus - ok
23:08:13.0609 2680 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
23:08:13.0734 2680 helpsvc - ok
23:08:13.0765 2680 [ B35DA85E60C0103F2E4104532DA2F12B ] HidServ C:\WINDOWS\System32\hidserv.dll
23:08:13.0890 2680 HidServ - ok
23:08:13.0921 2680 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
23:08:14.0062 2680 hidusb - ok
23:08:14.0250 2680 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
23:08:14.0390 2680 hkmsvc - ok
23:08:14.0390 2680 hpn - ok
23:08:14.0468 2680 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
23:08:14.0515 2680 HTTP - ok
23:08:14.0546 2680 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
23:08:14.0687 2680 HTTPFilter - ok
23:08:14.0687 2680 i2omgmt - ok
23:08:14.0703 2680 i2omp - ok
23:08:14.0750 2680 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
23:08:14.0890 2680 i8042prt - ok
23:08:15.0359 2680 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:08:15.0500 2680 idsvc - ok
23:08:15.0531 2680 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
23:08:15.0671 2680 Imapi - ok
23:08:15.0734 2680 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe
23:08:15.0875 2680 ImapiService - ok
23:08:15.0875 2680 ini910u - ok
23:08:16.0593 2680 [ 1EBDE650D97A8ECCDC1CC4A0804647CD ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
23:08:17.0484 2680 IntcAzAudAddService - ok
23:08:17.0500 2680 IntelIde - ok
23:08:17.0546 2680 [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
23:08:17.0734 2680 intelppm - ok
23:08:17.0750 2680 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
23:08:17.0890 2680 Ip6Fw - ok
23:08:17.0953 2680 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
23:08:18.0156 2680 IpFilterDriver - ok
23:08:18.0203 2680 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
23:08:18.0343 2680 IpInIp - ok
23:08:18.0421 2680 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
23:08:18.0562 2680 IpNat - ok
23:08:18.0640 2680 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
23:08:18.0781 2680 IPSec - ok
23:08:18.0843 2680 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
23:08:18.0921 2680 IRENUM - ok
23:08:18.0953 2680 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
23:08:19.0078 2680 isapnp - ok
23:08:19.0203 2680 [ A12175F063302CD68F8FC6D572D7E5FD ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe
23:08:19.0218 2680 JavaQuickStarterService - ok
23:08:19.0265 2680 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
23:08:19.0453 2680 Kbdclass - ok
23:08:19.0500 2680 [ B6D6C117D771C98130497265F26D1882 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
23:08:19.0656 2680 kbdhid - ok
23:08:19.0796 2680 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
23:08:19.0937 2680 kmixer - ok
23:08:20.0015 2680 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
23:08:20.0218 2680 KSecDD - ok
23:08:20.0265 2680 [ 2BBDCB79900990F0716DFCB714E72DE7 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
23:08:20.0343 2680 LanmanServer - ok
23:08:20.0421 2680 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
23:08:20.0453 2680 lanmanworkstation - ok
23:08:20.0468 2680 lbrtfdc - ok
23:08:20.0546 2680 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
23:08:20.0734 2680 LmHosts - ok
23:08:21.0000 2680 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll
23:08:21.0140 2680 Messenger - ok
23:08:21.0187 2680 [ 4F169F43F932739F093AE4E659FFF26A ] MHIKEY10 C:\WINDOWS\system32\Drivers\MHIKEY10.sys
23:08:21.0296 2680 MHIKEY10 - ok
23:08:21.0390 2680 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
23:08:21.0531 2680 mnmdd - ok
23:08:21.0578 2680 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
23:08:21.0734 2680 mnmsrvc - ok
23:08:21.0765 2680 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
23:08:21.0890 2680 Modem - ok
23:08:21.0906 2680 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
23:08:22.0046 2680 Mouclass - ok
23:08:22.0078 2680 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
23:08:22.0203 2680 mouhid - ok
23:08:22.0312 2680 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
23:08:22.0437 2680 MountMgr - ok
23:08:22.0484 2680 [ 24409A2A9F0351E208E14F609340FB25 ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
23:08:22.0531 2680 MozillaMaintenance - ok
23:08:22.0531 2680 mraid35x - ok
23:08:22.0562 2680 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
23:08:22.0718 2680 MRxDAV - ok
23:08:22.0765 2680 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
23:08:22.0906 2680 MRxSmb - ok
23:08:23.0000 2680 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\system32\msdtc.exe
23:08:23.0234 2680 MSDTC - ok
23:08:23.0343 2680 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
23:08:23.0531 2680 Msfs - ok
23:08:23.0531 2680 MSIServer - ok
23:08:23.0562 2680 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
23:08:23.0687 2680 MSKSSRV - ok
23:08:23.0781 2680 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
23:08:23.0890 2680 MSPCLOCK - ok
23:08:23.0937 2680 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
23:08:24.0078 2680 MSPQM - ok
23:08:24.0093 2680 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
23:08:24.0218 2680 mssmbios - ok
23:08:24.0265 2680 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
23:08:24.0312 2680 Mup - ok
23:08:24.0328 2680 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll
23:08:24.0562 2680 napagent - ok
23:08:24.0625 2680 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
23:08:24.0734 2680 NDIS - ok
23:08:24.0828 2680 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
23:08:24.0859 2680 NdisTapi - ok
23:08:24.0890 2680 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
23:08:25.0062 2680 Ndisuio - ok
23:08:25.0109 2680 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:08:25.0265 2680 NdisWan - ok
23:08:25.0328 2680 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
23:08:25.0406 2680 NDProxy - ok
23:08:25.0421 2680 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
23:08:25.0546 2680 NetBIOS - ok
23:08:25.0578 2680 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
23:08:25.0703 2680 NetBT - ok
23:08:25.0750 2680 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe
23:08:25.0859 2680 NetDDE - ok
23:08:25.0875 2680 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
23:08:25.0984 2680 NetDDEdsdm - ok
23:08:26.0140 2680 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe
23:08:26.0281 2680 Netlogon - ok
23:08:26.0421 2680 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll
23:08:26.0578 2680 Netman - ok
23:08:26.0625 2680 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:08:26.0656 2680 NetTcpPortSharing - ok
23:08:26.0718 2680 [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla C:\WINDOWS\System32\mswsock.dll
23:08:26.0750 2680 Nla - ok
23:08:26.0859 2680 [ 7AEA4DF1CA68FD45DD4BBE1F0243CE7F ] NMSAccess C:\Programme\CDBurnerXP\NMSAccessU.exe
23:08:26.0875 2680 NMSAccess - ok
23:08:26.0906 2680 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
23:08:27.0015 2680 Npfs - ok
23:08:27.0140 2680 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
23:08:27.0296 2680 Ntfs - ok
23:08:27.0406 2680 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
23:08:27.0984 2680 NtLmSsp - ok
23:08:28.0093 2680 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
23:08:28.0625 2680 NtmsSvc - ok
23:08:28.0640 2680 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
23:08:28.0781 2680 Null - ok
23:08:28.0906 2680 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
23:08:29.0015 2680 NwlnkFlt - ok
23:08:29.0078 2680 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
23:08:29.0234 2680 NwlnkFwd - ok
23:08:29.0359 2680 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
23:08:29.0375 2680 ose - ok
23:08:29.0437 2680 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\drivers\Parport.sys
23:08:29.0546 2680 Parport - ok
23:08:29.0578 2680 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
23:08:29.0718 2680 PartMgr - ok
23:08:29.0750 2680 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
23:08:29.0937 2680 ParVdm - ok
23:08:30.0000 2680 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
23:08:30.0125 2680 PCI - ok
23:08:30.0125 2680 PCIDump - ok
23:08:30.0187 2680 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
23:08:30.0328 2680 PCIIde - ok
23:08:30.0406 2680 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
23:08:30.0531 2680 Pcmcia - ok
23:08:30.0640 2680 PDCOMP - ok
23:08:30.0640 2680 PDFRAME - ok
23:08:30.0656 2680 PDRELI - ok
23:08:30.0656 2680 PDRFRAME - ok
23:08:30.0656 2680 perc2 - ok
23:08:30.0671 2680 perc2hib - ok
23:08:30.0765 2680 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe
23:08:30.0812 2680 PlugPlay - ok
23:08:30.0828 2680 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
23:08:30.0953 2680 PolicyAgent - ok
23:08:30.0984 2680 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
23:08:31.0125 2680 PptpMiniport - ok
23:08:31.0281 2680 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
23:08:31.0406 2680 ProtectedStorage - ok
23:08:31.0546 2680 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
23:08:31.0671 2680 PSched - ok
23:08:31.0750 2680 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
23:08:31.0875 2680 Ptilink - ok
23:08:31.0937 2680 [ 153D02480A0A2F45785522E814C634B6 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
23:08:31.0968 2680 PxHelp20 - ok
23:08:31.0968 2680 ql1080 - ok
23:08:31.0968 2680 Ql10wnt - ok
23:08:31.0968 2680 ql12160 - ok
23:08:31.0984 2680 ql1240 - ok
23:08:31.0984 2680 ql1280 - ok
23:08:32.0046 2680 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
23:08:32.0187 2680 RasAcd - ok
23:08:32.0296 2680 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll
23:08:32.0437 2680 RasAuto - ok
23:08:32.0500 2680 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
23:08:32.0625 2680 Rasl2tp - ok
23:08:32.0750 2680 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll
23:08:32.0875 2680 RasMan - ok
23:08:32.0906 2680 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
23:08:33.0062 2680 RasPppoe - ok
23:08:33.0062 2680 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
23:08:33.0203 2680 Raspti - ok
23:08:33.0328 2680 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
23:08:33.0453 2680 Rdbss - ok
23:08:33.0468 2680 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
23:08:33.0593 2680 RDPCDD - ok
23:08:33.0703 2680 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
23:08:33.0828 2680 rdpdr - ok
23:08:33.0875 2680 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
23:08:33.0921 2680 RDPWD - ok
23:08:34.0031 2680 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
23:08:34.0187 2680 RDSessMgr - ok
23:08:34.0296 2680 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
23:08:34.0828 2680 redbook - ok
23:08:34.0859 2680 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
23:08:35.0109 2680 RemoteAccess - ok
23:08:35.0171 2680 [ E4CD1F3D84E1C2CA0B8CF7501E201593 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
23:08:35.0296 2680 RemoteRegistry - ok
23:08:35.0437 2680 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\system32\locator.exe
23:08:35.0578 2680 RpcLocator - ok
23:08:35.0656 2680 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs C:\WINDOWS\system32\rpcss.dll
23:08:35.0687 2680 RpcSs - ok
23:08:35.0703 2680 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\system32\rsvp.exe
23:08:35.0843 2680 RSVP - ok
23:08:35.0890 2680 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe
23:08:36.0000 2680 SamSs - ok
23:08:36.0312 2680 [ A0540477B5283DD06642A184756C63FF ] SAVAdminService C:\Programme\Sophos\Sophos Anti-Virus\SAVAdminService.exe
23:08:36.0328 2680 SAVAdminService - ok
23:08:36.0375 2680 [ 8BCF84AEC77AEB4567116502D105162F ] SAVOnAccessControl C:\WINDOWS\system32\DRIVERS\savonaccesscontrol.sys
23:08:36.0421 2680 SAVOnAccessControl - ok
23:08:36.0531 2680 [ 8DFE54F1965C3B49C599CBB186C1EE8F ] SAVOnAccessFilter C:\WINDOWS\system32\DRIVERS\savonaccessfilter.sys
23:08:36.0578 2680 SAVOnAccessFilter - ok
23:08:36.0609 2680 [ B8A272D4E91EFB366E16BEA0FA42D7EE ] SAVService C:\Programme\Sophos\Sophos Anti-Virus\SavService.exe
23:08:36.0625 2680 SAVService - ok
23:08:36.0656 2680 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
23:08:36.0796 2680 SCardSvr - ok
23:08:36.0828 2680 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll
23:08:36.0984 2680 Schedule - ok
23:08:37.0015 2680 [ 4F21774E1259A546B992D9EAACDFD778 ] sdcfilter C:\WINDOWS\system32\DRIVERS\sdcfilter.sys
23:08:37.0046 2680 sdcfilter - ok
23:08:37.0203 2680 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
23:08:37.0265 2680 Secdrv - ok
23:08:37.0390 2680 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll
23:08:37.0531 2680 seclogon - ok
23:08:37.0562 2680 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll
23:08:37.0703 2680 SENS - ok
23:08:37.0796 2680 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\drivers\Serial.sys
23:08:37.0921 2680 Serial - ok
23:08:37.0968 2680 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
23:08:38.0156 2680 Sfloppy - ok
23:08:38.0234 2680 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
23:08:38.0390 2680 SharedAccess - ok
23:08:38.0406 2680 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
23:08:38.0468 2680 ShellHWDetection - ok
23:08:38.0468 2680 Simbad - ok
23:08:38.0500 2680 [ E407A8EEA2FD4BF560C05C0EBF1793B3 ] SKMScan C:\WINDOWS\system32\DRIVERS\skmscan.sys
23:08:38.0515 2680 SKMScan - ok
23:08:38.0640 2680 [ A44FAD36D97FB5FF5B57CCEB581EB29F ] SNM WLAN Service C:\Programme\samsung\Samsung Network Manager\SNMWLANService.exe
23:08:38.0671 2680 SNM WLAN Service ( UnsignedFile.Multi.Generic ) - warning
23:08:38.0671 2680 SNM WLAN Service - detected UnsignedFile.Multi.Generic (1)
23:08:38.0718 2680 [ 8A12AB5DE877B8F97D5EE70E16A5C9B2 ] Sophos AutoUpdate Service C:\Programme\Sophos\AutoUpdate\ALsvc.exe
23:08:38.0734 2680 Sophos AutoUpdate Service - ok
23:08:38.0875 2680 [ BD03374253F79CE7A716A870DC85BD84 ] Sophos Web Control Service C:\Programme\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
23:08:38.0906 2680 Sophos Web Control Service - ok
23:08:39.0015 2680 [ 3BDF94E0827D13E44249A646F6C0EB7C ] SophosBootDriver C:\WINDOWS\system32\DRIVERS\SophosBootDriver.sys
23:08:39.0062 2680 SophosBootDriver - ok
23:08:39.0062 2680 Sparrow - ok
23:08:39.0203 2680 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
23:08:39.0328 2680 splitter - ok
23:08:39.0359 2680 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
23:08:39.0406 2680 Spooler - ok
23:08:39.0484 2680 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
23:08:39.0687 2680 sr - ok
23:08:40.0015 2680 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll
23:08:40.0218 2680 srservice - ok
23:08:40.0656 2680 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
23:08:40.0843 2680 Srv - ok
23:08:41.0234 2680 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
23:08:41.0328 2680 SSDPSRV - ok
23:08:41.0640 2680 [ F92254B0BCFCD10CAAC7BCCC7CB7F467 ] StarOpen C:\WINDOWS\system32\drivers\StarOpen.sys
23:08:41.0703 2680 StarOpen ( UnsignedFile.Multi.Generic ) - warning
23:08:41.0703 2680 StarOpen - detected UnsignedFile.Multi.Generic (1)
23:08:41.0796 2680 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll
23:08:42.0171 2680 stisvc - ok
23:08:42.0390 2680 [ C0137B5947AE3D3FC1C17BA6FDFB3DAD ] SUEPD C:\WINDOWS\system32\DRIVERS\SUE_PD.sys
23:08:42.0468 2680 SUEPD ( UnsignedFile.Multi.Generic ) - warning
23:08:42.0468 2680 SUEPD - detected UnsignedFile.Multi.Generic (1)
23:08:42.0484 2680 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
23:08:42.0718 2680 swenum - ok
23:08:44.0453 2680 [ 6A91F997BB4B569BF993801017E7122C ] swi_service C:\Programme\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
23:08:45.0203 2680 swi_service - ok
23:08:47.0515 2680 [ B4882758DFBF19E33E50F503AD3C26B9 ] swi_update C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sophos\Web Intelligence\swi_update.exe
23:08:47.0875 2680 swi_update - ok
23:08:47.0906 2680 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
23:08:48.0093 2680 swmidi - ok
23:08:48.0093 2680 SwPrv - ok
23:08:48.0093 2680 symc810 - ok
23:08:48.0109 2680 symc8xx - ok
23:08:48.0109 2680 sym_hi - ok
23:08:48.0109 2680 sym_u3 - ok
23:08:48.0187 2680 [ AAF5E46AE0FB391AD94850AC00707330 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
23:08:48.0453 2680 SynTP - ok
23:08:48.0578 2680 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
23:08:48.0750 2680 sysaudio - ok
23:08:48.0968 2680 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
23:08:49.0171 2680 SysmonLog - ok
23:08:49.0687 2680 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
23:08:49.0859 2680 TapiSrv - ok
23:08:50.0265 2680 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
23:08:50.0343 2680 Tcpip - ok
23:08:50.0562 2680 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
23:08:50.0687 2680 TDPIPE - ok
23:08:50.0968 2680 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
23:08:51.0125 2680 TDTCP - ok
23:08:51.0234 2680 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
23:08:51.0390 2680 TermDD - ok
23:08:51.0890 2680 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll
23:08:52.0031 2680 TermService - ok
23:08:52.0296 2680 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll
23:08:52.0359 2680 Themes - ok
23:08:52.0562 2680 [ 03681A1CE77F51586903869A5AB1DEAB ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
23:08:52.0687 2680 TlntSvr - ok
23:08:52.0703 2680 TosIde - ok
23:08:53.0062 2680 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll
23:08:53.0203 2680 TrkWks - ok
23:08:53.0484 2680 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
23:08:53.0656 2680 Udfs - ok
23:08:53.0656 2680 ultra - ok
23:08:53.0796 2680 [ AB0A7CA90D9E3D6A193905DC1715DED0 ] UMWdf C:\WINDOWS\system32\wdfmgr.exe
23:08:53.0906 2680 UMWdf - ok
23:08:54.0437 2680 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
23:08:54.0812 2680 Update - ok
23:08:55.0000 2680 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll
23:08:55.0156 2680 upnphost - ok
23:08:55.0250 2680 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe
23:08:55.0390 2680 UPS - ok
23:08:55.0703 2680 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
23:08:55.0921 2680 usbccgp - ok
23:08:56.0578 2680 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
23:08:56.0859 2680 usbehci - ok
23:08:56.0953 2680 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
23:08:57.0125 2680 usbhub - ok
23:08:57.0265 2680 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
23:08:57.0406 2680 usbohci - ok
23:08:57.0531 2680 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
23:08:57.0687 2680 usbprint - ok
23:08:57.0984 2680 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
23:08:58.0140 2680 USBSTOR - ok
23:08:58.0296 2680 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
23:08:58.0515 2680 VgaSave - ok
23:08:58.0515 2680 ViaIde - ok
23:08:58.0609 2680 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
23:08:58.0734 2680 VolSnap - ok
23:08:59.0312 2680 [ 0354BA3A5BA5E28CC247EB5F5DD8793C ] vsdatant C:\WINDOWS\system32\vsdatant.sys
23:08:59.0453 2680 vsdatant - ok
23:08:59.0656 2680 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe
23:08:59.0843 2680 VSS - ok
23:09:00.0046 2680 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll
23:09:00.0328 2680 W32Time - ok
23:09:00.0359 2680 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
23:09:00.0531 2680 Wanarp - ok
23:09:00.0531 2680 WDICA - ok
23:09:00.0578 2680 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
23:09:00.0734 2680 wdmaud - ok
23:09:00.0859 2680 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll
23:09:01.0000 2680 WebClient - ok
23:09:02.0296 2680 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
23:09:02.0437 2680 winmgmt - ok
23:09:02.0578 2680 [ 140EF97B64F560FD78643CAE2CDAD838 ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
23:09:02.0640 2680 WmdmPmSN - ok
23:09:03.0093 2680 [ FFA4D901D46D07A5BAB2D8307FBB51A6 ] Wmi C:\WINDOWS\System32\advapi32.dll
23:09:03.0234 2680 Wmi - ok
23:09:03.0421 2680 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
23:09:03.0578 2680 WmiApSrv - ok
23:09:03.0750 2680 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINDOWS\system32\wscsvc.dll
23:09:03.0875 2680 wscsvc - ok
23:09:03.0968 2680 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
23:09:04.0109 2680 wuauserv - ok
23:09:04.0500 2680 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
23:09:04.0703 2680 WZCSVC - ok
23:09:05.0031 2680 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
23:09:05.0234 2680 xmlprov - ok
23:09:05.0625 2680 [ 4322C32CED8C4772E039616DCBF01D3F ] yukonwxp C:\WINDOWS\system32\DRIVERS\yk51x86.sys
23:09:05.0734 2680 yukonwxp - ok
23:09:05.0734 2680 ================ Scan global ===============================
23:09:05.0859 2680 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
23:09:06.0312 2680 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
23:09:06.0453 2680 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
23:09:06.0468 2680 [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe
23:09:06.0468 2680 [Global] - ok
23:09:06.0468 2680 ================ Scan MBR ==================================
23:09:06.0500 2680 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
23:09:21.0875 2680 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
23:09:21.0875 2680 \Device\Harddisk0\DR0 - detected TDSS File System (1)
23:09:21.0875 2680 ================ Scan VBR ==================================
23:09:21.0890 2680 [ E62DA0FEB333605314BAA0572A2DC848 ] \Device\Harddisk0\DR0\Partition1
23:09:21.0921 2680 \Device\Harddisk0\DR0\Partition1 - ok
23:09:22.0000 2680 [ 4CB0C3C97C2F2D6D4A46E798F0B8A1F5 ] \Device\Harddisk0\DR0\Partition2
23:09:22.0046 2680 \Device\Harddisk0\DR0\Partition2 - ok
23:09:22.0046 2680 ============================================================
23:09:22.0046 2680 Scan finished
23:09:22.0046 2680 ============================================================
23:09:22.0187 0744 Detected object count: 8
23:09:22.0187 0744 Actual detected object count: 8
|
|
15.10.2012, 13:24
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | mystart by incredibar im Firefox Log ist unvollständig die untere Zusammenfassung fehlt
__________________ Logfiles bitte immer in CODE-Tags posten |
|
15.10.2012, 13:28
| #27 |
| | mystart by incredibar im Firefox Oh sorry, hier nochmal das ganze Log: Code:
ATTFilter 23:06:52.0296 3740 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
23:06:52.0375 3740 ============================================================
23:06:52.0375 3740 Current date / time: 2012/10/14 23:06:52.0375
23:06:52.0375 3740 SystemInfo:
23:06:52.0375 3740
23:06:52.0375 3740 OS Version: 5.1.2600 ServicePack: 3.0
23:06:52.0375 3740 Product type: Workstation
23:06:52.0375 3740 ComputerName: SAMSUNG
23:06:52.0375 3740 UserName: MeinName
23:06:52.0375 3740 Windows directory: C:\WINDOWS
23:06:52.0375 3740 System windows directory: C:\WINDOWS
23:06:52.0375 3740 Processor architecture: Intel x86
23:06:52.0375 3740 Number of processors: 2
23:06:52.0375 3740 Page size: 0x1000
23:06:52.0375 3740 Boot type: Normal boot
23:06:52.0375 3740 ============================================================
23:06:54.0156 3740 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
23:06:54.0156 3740 ============================================================
23:06:54.0156 3740 \Device\Harddisk0\DR0:
23:06:54.0156 3740 MBR partitions:
23:06:54.0156 3740 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1400800, BlocksNum 0x8A19000
23:06:54.0156 3740 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x9E19800, BlocksNum 0x8BFF800
23:06:54.0156 3740 ============================================================
23:06:54.0171 3740 C: <-> \Device\Harddisk0\DR0\Partition1
23:06:54.0265 3740 D: <-> \Device\Harddisk0\DR0\Partition2
23:06:54.0265 3740 ============================================================
23:06:54.0265 3740 Initialize success
23:06:54.0265 3740 ============================================================
23:07:45.0187 2680 ============================================================
23:07:45.0187 2680 Scan started
23:07:45.0187 2680 Mode: Manual; SigCheck; TDLFS;
23:07:45.0187 2680 ============================================================
23:07:46.0375 2680 ================ Scan system memory ========================
23:07:49.0062 2680 System memory - ok
23:07:49.0062 2680 ================ Scan services =============================
23:07:49.0921 2680 Abiosdsk - ok
23:07:49.0921 2680 abp480n5 - ok
23:07:50.0000 2680 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
23:07:54.0359 2680 ACPI - ok
23:07:54.0406 2680 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
23:07:54.0640 2680 ACPIEC - ok
23:07:54.0750 2680 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
23:07:54.0796 2680 AdobeFlashPlayerUpdateSvc - ok
23:07:54.0796 2680 adpu160m - ok
23:07:54.0859 2680 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
23:07:55.0171 2680 aec - ok
23:07:55.0234 2680 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
23:07:55.0375 2680 AFD - ok
23:07:55.0453 2680 [ 39E435C90C9C4F780FA0ED05CA3C3A1B ] AgereModemAudio C:\WINDOWS\system32\agrsmsvc.exe
23:07:55.0500 2680 AgereModemAudio - ok
23:07:55.0625 2680 [ CE91B158FA490CF4C4D487A4130F4660 ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys
23:07:55.0781 2680 AgereSoftModem - ok
23:07:55.0781 2680 Aha154x - ok
23:07:55.0796 2680 aic78u2 - ok
23:07:55.0796 2680 aic78xx - ok
23:07:55.0890 2680 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll
23:07:56.0125 2680 Alerter - ok
23:07:56.0156 2680 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe
23:07:56.0234 2680 ALG - ok
23:07:56.0234 2680 AliIde - ok
23:07:56.0234 2680 amsint - ok
23:07:56.0406 2680 [ D45960BE52C3C610D361977057F98C54 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
23:07:56.0484 2680 AppMgmt - ok
23:07:56.0812 2680 [ C413E2E549488A5F1969DECB5B03187A ] AR5416 C:\WINDOWS\system32\DRIVERS\athw.sys
23:07:57.0062 2680 AR5416 - ok
23:07:57.0078 2680 asc - ok
23:07:57.0078 2680 asc3350p - ok
23:07:57.0078 2680 asc3550 - ok
23:07:57.0359 2680 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
23:07:57.0375 2680 aspnet_state - ok
23:07:57.0437 2680 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
23:07:57.0640 2680 AsyncMac - ok
23:07:57.0718 2680 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
23:07:57.0843 2680 atapi - ok
23:07:57.0859 2680 Atdisk - ok
23:07:57.0937 2680 [ 814A264F3D5ADF7B5CC531C0BB0A5C94 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
23:07:58.0078 2680 Ati HotKey Poller - ok
23:07:58.0468 2680 [ D06F84AEC48E1D9E7ECEDAF8DA0948D7 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
23:07:58.0859 2680 ati2mtag - ok
23:07:58.0937 2680 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
23:07:59.0093 2680 Atmarpc - ok
23:07:59.0218 2680 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
23:07:59.0453 2680 AudioSrv - ok
23:07:59.0531 2680 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
23:07:59.0671 2680 audstub - ok
23:07:59.0703 2680 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
23:07:59.0843 2680 Beep - ok
23:07:59.0984 2680 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll
23:08:00.0109 2680 BITS - ok
23:08:00.0187 2680 [ B71549F23736ADF83A571061C47777FD ] Browser C:\WINDOWS\System32\browser.dll
23:08:00.0312 2680 Browser - ok
23:08:00.0578 2680 [ 885B6D0F826A216EEE4C3AD883809012 ] BTKRNL C:\WINDOWS\system32\DRIVERS\btkrnl.sys
23:08:00.0703 2680 BTKRNL - ok
23:08:00.0937 2680 [ 49E9ED37FAEC5E8C03E81FD73D3884D6 ] btwdins C:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe
23:08:00.0968 2680 btwdins - ok
23:08:01.0015 2680 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
23:08:01.0218 2680 cbidf2k - ok
23:08:01.0234 2680 cd20xrnt - ok
23:08:01.0281 2680 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
23:08:01.0578 2680 Cdaudio - ok
23:08:01.0640 2680 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
23:08:01.0796 2680 Cdfs - ok
23:08:01.0875 2680 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
23:08:02.0046 2680 Cdrom - ok
23:08:02.0046 2680 Changer - ok
23:08:02.0093 2680 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe
23:08:02.0250 2680 CiSvc - ok
23:08:02.0281 2680 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
23:08:02.0421 2680 ClipSrv - ok
23:08:02.0484 2680 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:08:02.0687 2680 clr_optimization_v2.0.50727_32 - ok
23:08:02.0734 2680 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
23:08:02.0875 2680 CmBatt - ok
23:08:02.0875 2680 CmdIde - ok
23:08:02.0906 2680 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
23:08:03.0078 2680 Compbatt - ok
23:08:03.0078 2680 COMSysApp - ok
23:08:03.0093 2680 Cpqarray - ok
23:08:03.0171 2680 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
23:08:03.0312 2680 CryptSvc - ok
23:08:03.0390 2680 [ B5ECADF7708960F1818C7FA015F4C239 ] CVirtA C:\WINDOWS\system32\DRIVERS\CVirtA.sys
23:08:03.0468 2680 CVirtA - ok
23:08:04.0000 2680 [ D4A26B0926171DC4F969955D157D1311 ] CVPND C:\Programme\Cisco Systems\VPN Client\cvpnd.exe
23:08:04.0234 2680 CVPND - ok
23:08:04.0375 2680 [ C23025AC5AE45A105D63BD6E2408EDD4 ] CVPNDRVA C:\WINDOWS\system32\Drivers\CVPNDRVA.sys
23:08:04.0406 2680 CVPNDRVA ( UnsignedFile.Multi.Generic ) - warning
23:08:04.0406 2680 CVPNDRVA - detected UnsignedFile.Multi.Generic (1)
23:08:04.0406 2680 dac2w2k - ok
23:08:04.0406 2680 dac960nt - ok
23:08:04.0500 2680 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
23:08:04.0609 2680 DcomLaunch - ok
23:08:04.0656 2680 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
23:08:04.0859 2680 Dhcp - ok
23:08:05.0203 2680 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
23:08:05.0328 2680 Disk - ok
23:08:05.0343 2680 dmadmin - ok
23:08:05.0625 2680 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
23:08:05.0921 2680 dmboot - ok
23:08:05.0968 2680 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys
23:08:06.0312 2680 dmio - ok
23:08:06.0359 2680 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
23:08:06.0515 2680 dmload - ok
23:08:06.0562 2680 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll
23:08:06.0718 2680 dmserver - ok
23:08:06.0781 2680 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
23:08:06.0921 2680 DMusic - ok
23:08:07.0000 2680 [ B5AA5AA5AC327BD7C1AEC0C58F0C1144 ] DNE C:\WINDOWS\system32\DRIVERS\dne2000.sys
23:08:07.0031 2680 DNE - ok
23:08:07.0078 2680 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
23:08:07.0359 2680 Dnscache - ok
23:08:07.0406 2680 [ 7A46D39BC347AF729366179CC177FBF1 ] DNSeFilter C:\WINDOWS\system32\drivers\SamsungEDS.sys
23:08:07.0437 2680 DNSeFilter ( UnsignedFile.Multi.Generic ) - warning
23:08:07.0437 2680 DNSeFilter - detected UnsignedFile.Multi.Generic (1)
23:08:07.0500 2680 [ 8A4CB9438571814B128B6DC30D698064 ] DOSMEMIO C:\WINDOWS\system32\MEMIO.SYS
23:08:07.0546 2680 DOSMEMIO ( UnsignedFile.Multi.Generic ) - warning
23:08:07.0546 2680 DOSMEMIO - detected UnsignedFile.Multi.Generic (1)
23:08:07.0593 2680 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
23:08:07.0812 2680 Dot3svc - ok
23:08:07.0828 2680 dpti2o - ok
23:08:07.0875 2680 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
23:08:08.0000 2680 drmkaud - ok
23:08:08.0109 2680 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll
23:08:08.0265 2680 EapHost - ok
23:08:08.0328 2680 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll
23:08:08.0468 2680 ERSvc - ok
23:08:08.0640 2680 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe
23:08:08.0703 2680 Eventlog - ok
23:08:08.0781 2680 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\system32\es.dll
23:08:08.0812 2680 EventSystem - ok
23:08:08.0890 2680 Fabs - ok
23:08:08.0937 2680 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
23:08:09.0093 2680 Fastfat - ok
23:08:09.0156 2680 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
23:08:09.0828 2680 FastUserSwitchingCompatibility - ok
23:08:09.0875 2680 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
23:08:10.0046 2680 Fdc - ok
23:08:10.0093 2680 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
23:08:10.0218 2680 Fips - ok
23:08:10.0703 2680 [ FFF1130F7C9FA01D093A1EDFC5CCE8FC ] FirebirdServerMAGIXInstance C:\Programme\Gemeinsame Dateien\MAGIX Services\Database\bin\fbserver.exe
23:08:11.0843 2680 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
23:08:11.0843 2680 FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
23:08:11.0890 2680 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
23:08:12.0187 2680 Flpydisk - ok
23:08:12.0234 2680 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
23:08:12.0390 2680 FltMgr - ok
23:08:12.0453 2680 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
23:08:12.0484 2680 FontCache3.0.0.0 - ok
23:08:12.0515 2680 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
23:08:12.0656 2680 Fs_Rec - ok
23:08:12.0687 2680 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
23:08:12.0843 2680 Ftdisk - ok
23:08:12.0906 2680 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
23:08:13.0062 2680 Gpc - ok
23:08:13.0234 2680 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Programme\Google\Update\GoogleUpdate.exe
23:08:13.0250 2680 gupdate - ok
23:08:13.0250 2680 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe
23:08:13.0265 2680 gupdatem - ok
23:08:13.0343 2680 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
23:08:13.0500 2680 HDAudBus - ok
23:08:13.0609 2680 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
23:08:13.0734 2680 helpsvc - ok
23:08:13.0765 2680 [ B35DA85E60C0103F2E4104532DA2F12B ] HidServ C:\WINDOWS\System32\hidserv.dll
23:08:13.0890 2680 HidServ - ok
23:08:13.0921 2680 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
23:08:14.0062 2680 hidusb - ok
23:08:14.0250 2680 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
23:08:14.0390 2680 hkmsvc - ok
23:08:14.0390 2680 hpn - ok
23:08:14.0468 2680 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
23:08:14.0515 2680 HTTP - ok
23:08:14.0546 2680 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
23:08:14.0687 2680 HTTPFilter - ok
23:08:14.0687 2680 i2omgmt - ok
23:08:14.0703 2680 i2omp - ok
23:08:14.0750 2680 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
23:08:14.0890 2680 i8042prt - ok
23:08:15.0359 2680 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:08:15.0500 2680 idsvc - ok
23:08:15.0531 2680 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
23:08:15.0671 2680 Imapi - ok
23:08:15.0734 2680 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe
23:08:15.0875 2680 ImapiService - ok
23:08:15.0875 2680 ini910u - ok
23:08:16.0593 2680 [ 1EBDE650D97A8ECCDC1CC4A0804647CD ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
23:08:17.0484 2680 IntcAzAudAddService - ok
23:08:17.0500 2680 IntelIde - ok
23:08:17.0546 2680 [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
23:08:17.0734 2680 intelppm - ok
23:08:17.0750 2680 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
23:08:17.0890 2680 Ip6Fw - ok
23:08:17.0953 2680 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
23:08:18.0156 2680 IpFilterDriver - ok
23:08:18.0203 2680 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
23:08:18.0343 2680 IpInIp - ok
23:08:18.0421 2680 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
23:08:18.0562 2680 IpNat - ok
23:08:18.0640 2680 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
23:08:18.0781 2680 IPSec - ok
23:08:18.0843 2680 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
23:08:18.0921 2680 IRENUM - ok
23:08:18.0953 2680 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
23:08:19.0078 2680 isapnp - ok
23:08:19.0203 2680 [ A12175F063302CD68F8FC6D572D7E5FD ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe
23:08:19.0218 2680 JavaQuickStarterService - ok
23:08:19.0265 2680 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
23:08:19.0453 2680 Kbdclass - ok
23:08:19.0500 2680 [ B6D6C117D771C98130497265F26D1882 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
23:08:19.0656 2680 kbdhid - ok
23:08:19.0796 2680 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
23:08:19.0937 2680 kmixer - ok
23:08:20.0015 2680 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
23:08:20.0218 2680 KSecDD - ok
23:08:20.0265 2680 [ 2BBDCB79900990F0716DFCB714E72DE7 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
23:08:20.0343 2680 LanmanServer - ok
23:08:20.0421 2680 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
23:08:20.0453 2680 lanmanworkstation - ok
23:08:20.0468 2680 lbrtfdc - ok
23:08:20.0546 2680 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
23:08:20.0734 2680 LmHosts - ok
23:08:21.0000 2680 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll
23:08:21.0140 2680 Messenger - ok
23:08:21.0187 2680 [ 4F169F43F932739F093AE4E659FFF26A ] MHIKEY10 C:\WINDOWS\system32\Drivers\MHIKEY10.sys
23:08:21.0296 2680 MHIKEY10 - ok
23:08:21.0390 2680 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
23:08:21.0531 2680 mnmdd - ok
23:08:21.0578 2680 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
23:08:21.0734 2680 mnmsrvc - ok
23:08:21.0765 2680 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
23:08:21.0890 2680 Modem - ok
23:08:21.0906 2680 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
23:08:22.0046 2680 Mouclass - ok
23:08:22.0078 2680 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
23:08:22.0203 2680 mouhid - ok
23:08:22.0312 2680 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
23:08:22.0437 2680 MountMgr - ok
23:08:22.0484 2680 [ 24409A2A9F0351E208E14F609340FB25 ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
23:08:22.0531 2680 MozillaMaintenance - ok
23:08:22.0531 2680 mraid35x - ok
23:08:22.0562 2680 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
23:08:22.0718 2680 MRxDAV - ok
23:08:22.0765 2680 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
23:08:22.0906 2680 MRxSmb - ok
23:08:23.0000 2680 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\system32\msdtc.exe
23:08:23.0234 2680 MSDTC - ok
23:08:23.0343 2680 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
23:08:23.0531 2680 Msfs - ok
23:08:23.0531 2680 MSIServer - ok
23:08:23.0562 2680 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
23:08:23.0687 2680 MSKSSRV - ok
23:08:23.0781 2680 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
23:08:23.0890 2680 MSPCLOCK - ok
23:08:23.0937 2680 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
23:08:24.0078 2680 MSPQM - ok
23:08:24.0093 2680 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
23:08:24.0218 2680 mssmbios - ok
23:08:24.0265 2680 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
23:08:24.0312 2680 Mup - ok
23:08:24.0328 2680 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll
23:08:24.0562 2680 napagent - ok
23:08:24.0625 2680 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
23:08:24.0734 2680 NDIS - ok
23:08:24.0828 2680 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
23:08:24.0859 2680 NdisTapi - ok
23:08:24.0890 2680 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
23:08:25.0062 2680 Ndisuio - ok
23:08:25.0109 2680 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:08:25.0265 2680 NdisWan - ok
23:08:25.0328 2680 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
23:08:25.0406 2680 NDProxy - ok
23:08:25.0421 2680 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
23:08:25.0546 2680 NetBIOS - ok
23:08:25.0578 2680 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
23:08:25.0703 2680 NetBT - ok
23:08:25.0750 2680 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe
23:08:25.0859 2680 NetDDE - ok
23:08:25.0875 2680 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
23:08:25.0984 2680 NetDDEdsdm - ok
23:08:26.0140 2680 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe
23:08:26.0281 2680 Netlogon - ok
23:08:26.0421 2680 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll
23:08:26.0578 2680 Netman - ok
23:08:26.0625 2680 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:08:26.0656 2680 NetTcpPortSharing - ok
23:08:26.0718 2680 [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla C:\WINDOWS\System32\mswsock.dll
23:08:26.0750 2680 Nla - ok
23:08:26.0859 2680 [ 7AEA4DF1CA68FD45DD4BBE1F0243CE7F ] NMSAccess C:\Programme\CDBurnerXP\NMSAccessU.exe
23:08:26.0875 2680 NMSAccess - ok
23:08:26.0906 2680 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
23:08:27.0015 2680 Npfs - ok
23:08:27.0140 2680 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
23:08:27.0296 2680 Ntfs - ok
23:08:27.0406 2680 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
23:08:27.0984 2680 NtLmSsp - ok
23:08:28.0093 2680 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
23:08:28.0625 2680 NtmsSvc - ok
23:08:28.0640 2680 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
23:08:28.0781 2680 Null - ok
23:08:28.0906 2680 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
23:08:29.0015 2680 NwlnkFlt - ok
23:08:29.0078 2680 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
23:08:29.0234 2680 NwlnkFwd - ok
23:08:29.0359 2680 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
23:08:29.0375 2680 ose - ok
23:08:29.0437 2680 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\drivers\Parport.sys
23:08:29.0546 2680 Parport - ok
23:08:29.0578 2680 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
23:08:29.0718 2680 PartMgr - ok
23:08:29.0750 2680 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
23:08:29.0937 2680 ParVdm - ok
23:08:30.0000 2680 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
23:08:30.0125 2680 PCI - ok
23:08:30.0125 2680 PCIDump - ok
23:08:30.0187 2680 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
23:08:30.0328 2680 PCIIde - ok
23:08:30.0406 2680 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
23:08:30.0531 2680 Pcmcia - ok
23:08:30.0640 2680 PDCOMP - ok
23:08:30.0640 2680 PDFRAME - ok
23:08:30.0656 2680 PDRELI - ok
23:08:30.0656 2680 PDRFRAME - ok
23:08:30.0656 2680 perc2 - ok
23:08:30.0671 2680 perc2hib - ok
23:08:30.0765 2680 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe
23:08:30.0812 2680 PlugPlay - ok
23:08:30.0828 2680 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
23:08:30.0953 2680 PolicyAgent - ok
23:08:30.0984 2680 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
23:08:31.0125 2680 PptpMiniport - ok
23:08:31.0281 2680 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
23:08:31.0406 2680 ProtectedStorage - ok
23:08:31.0546 2680 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
23:08:31.0671 2680 PSched - ok
23:08:31.0750 2680 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
23:08:31.0875 2680 Ptilink - ok
23:08:31.0937 2680 [ 153D02480A0A2F45785522E814C634B6 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
23:08:31.0968 2680 PxHelp20 - ok
23:08:31.0968 2680 ql1080 - ok
23:08:31.0968 2680 Ql10wnt - ok
23:08:31.0968 2680 ql12160 - ok
23:08:31.0984 2680 ql1240 - ok
23:08:31.0984 2680 ql1280 - ok
23:08:32.0046 2680 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
23:08:32.0187 2680 RasAcd - ok
23:08:32.0296 2680 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll
23:08:32.0437 2680 RasAuto - ok
23:08:32.0500 2680 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
23:08:32.0625 2680 Rasl2tp - ok
23:08:32.0750 2680 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll
23:08:32.0875 2680 RasMan - ok
23:08:32.0906 2680 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
23:08:33.0062 2680 RasPppoe - ok
23:08:33.0062 2680 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
23:08:33.0203 2680 Raspti - ok
23:08:33.0328 2680 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
23:08:33.0453 2680 Rdbss - ok
23:08:33.0468 2680 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
23:08:33.0593 2680 RDPCDD - ok
23:08:33.0703 2680 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
23:08:33.0828 2680 rdpdr - ok
23:08:33.0875 2680 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
23:08:33.0921 2680 RDPWD - ok
23:08:34.0031 2680 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
23:08:34.0187 2680 RDSessMgr - ok
23:08:34.0296 2680 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
23:08:34.0828 2680 redbook - ok
23:08:34.0859 2680 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
23:08:35.0109 2680 RemoteAccess - ok
23:08:35.0171 2680 [ E4CD1F3D84E1C2CA0B8CF7501E201593 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
23:08:35.0296 2680 RemoteRegistry - ok
23:08:35.0437 2680 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\system32\locator.exe
23:08:35.0578 2680 RpcLocator - ok
23:08:35.0656 2680 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs C:\WINDOWS\system32\rpcss.dll
23:08:35.0687 2680 RpcSs - ok
23:08:35.0703 2680 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\system32\rsvp.exe
23:08:35.0843 2680 RSVP - ok
23:08:35.0890 2680 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe
23:08:36.0000 2680 SamSs - ok
23:08:36.0312 2680 [ A0540477B5283DD06642A184756C63FF ] SAVAdminService C:\Programme\Sophos\Sophos Anti-Virus\SAVAdminService.exe
23:08:36.0328 2680 SAVAdminService - ok
23:08:36.0375 2680 [ 8BCF84AEC77AEB4567116502D105162F ] SAVOnAccessControl C:\WINDOWS\system32\DRIVERS\savonaccesscontrol.sys
23:08:36.0421 2680 SAVOnAccessControl - ok
23:08:36.0531 2680 [ 8DFE54F1965C3B49C599CBB186C1EE8F ] SAVOnAccessFilter C:\WINDOWS\system32\DRIVERS\savonaccessfilter.sys
23:08:36.0578 2680 SAVOnAccessFilter - ok
23:08:36.0609 2680 [ B8A272D4E91EFB366E16BEA0FA42D7EE ] SAVService C:\Programme\Sophos\Sophos Anti-Virus\SavService.exe
23:08:36.0625 2680 SAVService - ok
23:08:36.0656 2680 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
23:08:36.0796 2680 SCardSvr - ok
23:08:36.0828 2680 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll
23:08:36.0984 2680 Schedule - ok
23:08:37.0015 2680 [ 4F21774E1259A546B992D9EAACDFD778 ] sdcfilter C:\WINDOWS\system32\DRIVERS\sdcfilter.sys
23:08:37.0046 2680 sdcfilter - ok
23:08:37.0203 2680 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
23:08:37.0265 2680 Secdrv - ok
23:08:37.0390 2680 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll
23:08:37.0531 2680 seclogon - ok
23:08:37.0562 2680 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll
23:08:37.0703 2680 SENS - ok
23:08:37.0796 2680 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\drivers\Serial.sys
23:08:37.0921 2680 Serial - ok
23:08:37.0968 2680 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
23:08:38.0156 2680 Sfloppy - ok
23:08:38.0234 2680 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
23:08:38.0390 2680 SharedAccess - ok
23:08:38.0406 2680 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
23:08:38.0468 2680 ShellHWDetection - ok
23:08:38.0468 2680 Simbad - ok
23:08:38.0500 2680 [ E407A8EEA2FD4BF560C05C0EBF1793B3 ] SKMScan C:\WINDOWS\system32\DRIVERS\skmscan.sys
23:08:38.0515 2680 SKMScan - ok
23:08:38.0640 2680 [ A44FAD36D97FB5FF5B57CCEB581EB29F ] SNM WLAN Service C:\Programme\samsung\Samsung Network Manager\SNMWLANService.exe
23:08:38.0671 2680 SNM WLAN Service ( UnsignedFile.Multi.Generic ) - warning
23:08:38.0671 2680 SNM WLAN Service - detected UnsignedFile.Multi.Generic (1)
23:08:38.0718 2680 [ 8A12AB5DE877B8F97D5EE70E16A5C9B2 ] Sophos AutoUpdate Service C:\Programme\Sophos\AutoUpdate\ALsvc.exe
23:08:38.0734 2680 Sophos AutoUpdate Service - ok
23:08:38.0875 2680 [ BD03374253F79CE7A716A870DC85BD84 ] Sophos Web Control Service C:\Programme\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
23:08:38.0906 2680 Sophos Web Control Service - ok
23:08:39.0015 2680 [ 3BDF94E0827D13E44249A646F6C0EB7C ] SophosBootDriver C:\WINDOWS\system32\DRIVERS\SophosBootDriver.sys
23:08:39.0062 2680 SophosBootDriver - ok
23:08:39.0062 2680 Sparrow - ok
23:08:39.0203 2680 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
23:08:39.0328 2680 splitter - ok
23:08:39.0359 2680 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
23:08:39.0406 2680 Spooler - ok
23:08:39.0484 2680 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
23:08:39.0687 2680 sr - ok
23:08:40.0015 2680 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll
23:08:40.0218 2680 srservice - ok
23:08:40.0656 2680 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
23:08:40.0843 2680 Srv - ok
23:08:41.0234 2680 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
23:08:41.0328 2680 SSDPSRV - ok
23:08:41.0640 2680 [ F92254B0BCFCD10CAAC7BCCC7CB7F467 ] StarOpen C:\WINDOWS\system32\drivers\StarOpen.sys
23:08:41.0703 2680 StarOpen ( UnsignedFile.Multi.Generic ) - warning
23:08:41.0703 2680 StarOpen - detected UnsignedFile.Multi.Generic (1)
23:08:41.0796 2680 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll
23:08:42.0171 2680 stisvc - ok
23:08:42.0390 2680 [ C0137B5947AE3D3FC1C17BA6FDFB3DAD ] SUEPD C:\WINDOWS\system32\DRIVERS\SUE_PD.sys
23:08:42.0468 2680 SUEPD ( UnsignedFile.Multi.Generic ) - warning
23:08:42.0468 2680 SUEPD - detected UnsignedFile.Multi.Generic (1)
23:08:42.0484 2680 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
23:08:42.0718 2680 swenum - ok
23:08:44.0453 2680 [ 6A91F997BB4B569BF993801017E7122C ] swi_service C:\Programme\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
23:08:45.0203 2680 swi_service - ok
23:08:47.0515 2680 [ B4882758DFBF19E33E50F503AD3C26B9 ] swi_update C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sophos\Web Intelligence\swi_update.exe
23:08:47.0875 2680 swi_update - ok
23:08:47.0906 2680 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
23:08:48.0093 2680 swmidi - ok
23:08:48.0093 2680 SwPrv - ok
23:08:48.0093 2680 symc810 - ok
23:08:48.0109 2680 symc8xx - ok
23:08:48.0109 2680 sym_hi - ok
23:08:48.0109 2680 sym_u3 - ok
23:08:48.0187 2680 [ AAF5E46AE0FB391AD94850AC00707330 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
23:08:48.0453 2680 SynTP - ok
23:08:48.0578 2680 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
23:08:48.0750 2680 sysaudio - ok
23:08:48.0968 2680 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
23:08:49.0171 2680 SysmonLog - ok
23:08:49.0687 2680 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
23:08:49.0859 2680 TapiSrv - ok
23:08:50.0265 2680 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
23:08:50.0343 2680 Tcpip - ok
23:08:50.0562 2680 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
23:08:50.0687 2680 TDPIPE - ok
23:08:50.0968 2680 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
23:08:51.0125 2680 TDTCP - ok
23:08:51.0234 2680 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
23:08:51.0390 2680 TermDD - ok
23:08:51.0890 2680 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll
23:08:52.0031 2680 TermService - ok
23:08:52.0296 2680 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll
23:08:52.0359 2680 Themes - ok
23:08:52.0562 2680 [ 03681A1CE77F51586903869A5AB1DEAB ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
23:08:52.0687 2680 TlntSvr - ok
23:08:52.0703 2680 TosIde - ok
23:08:53.0062 2680 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll
23:08:53.0203 2680 TrkWks - ok
23:08:53.0484 2680 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
23:08:53.0656 2680 Udfs - ok
23:08:53.0656 2680 ultra - ok
23:08:53.0796 2680 [ AB0A7CA90D9E3D6A193905DC1715DED0 ] UMWdf C:\WINDOWS\system32\wdfmgr.exe
23:08:53.0906 2680 UMWdf - ok
23:08:54.0437 2680 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
23:08:54.0812 2680 Update - ok
23:08:55.0000 2680 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll
23:08:55.0156 2680 upnphost - ok
23:08:55.0250 2680 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe
23:08:55.0390 2680 UPS - ok
23:08:55.0703 2680 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
23:08:55.0921 2680 usbccgp - ok
23:08:56.0578 2680 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
23:08:56.0859 2680 usbehci - ok
23:08:56.0953 2680 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
23:08:57.0125 2680 usbhub - ok
23:08:57.0265 2680 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
23:08:57.0406 2680 usbohci - ok
23:08:57.0531 2680 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
23:08:57.0687 2680 usbprint - ok
23:08:57.0984 2680 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
23:08:58.0140 2680 USBSTOR - ok
23:08:58.0296 2680 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
23:08:58.0515 2680 VgaSave - ok
23:08:58.0515 2680 ViaIde - ok
23:08:58.0609 2680 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
23:08:58.0734 2680 VolSnap - ok
23:08:59.0312 2680 [ 0354BA3A5BA5E28CC247EB5F5DD8793C ] vsdatant C:\WINDOWS\system32\vsdatant.sys
23:08:59.0453 2680 vsdatant - ok
23:08:59.0656 2680 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe
23:08:59.0843 2680 VSS - ok
23:09:00.0046 2680 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll
23:09:00.0328 2680 W32Time - ok
23:09:00.0359 2680 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
23:09:00.0531 2680 Wanarp - ok
23:09:00.0531 2680 WDICA - ok
23:09:00.0578 2680 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
23:09:00.0734 2680 wdmaud - ok
23:09:00.0859 2680 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll
23:09:01.0000 2680 WebClient - ok
23:09:02.0296 2680 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
23:09:02.0437 2680 winmgmt - ok
23:09:02.0578 2680 [ 140EF97B64F560FD78643CAE2CDAD838 ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
23:09:02.0640 2680 WmdmPmSN - ok
23:09:03.0093 2680 [ FFA4D901D46D07A5BAB2D8307FBB51A6 ] Wmi C:\WINDOWS\System32\advapi32.dll
23:09:03.0234 2680 Wmi - ok
23:09:03.0421 2680 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
23:09:03.0578 2680 WmiApSrv - ok
23:09:03.0750 2680 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINDOWS\system32\wscsvc.dll
23:09:03.0875 2680 wscsvc - ok
23:09:03.0968 2680 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
23:09:04.0109 2680 wuauserv - ok
23:09:04.0500 2680 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
23:09:04.0703 2680 WZCSVC - ok
23:09:05.0031 2680 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
23:09:05.0234 2680 xmlprov - ok
23:09:05.0625 2680 [ 4322C32CED8C4772E039616DCBF01D3F ] yukonwxp C:\WINDOWS\system32\DRIVERS\yk51x86.sys
23:09:05.0734 2680 yukonwxp - ok
23:09:05.0734 2680 ================ Scan global ===============================
23:09:05.0859 2680 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
23:09:06.0312 2680 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
23:09:06.0453 2680 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
23:09:06.0468 2680 [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe
23:09:06.0468 2680 [Global] - ok
23:09:06.0468 2680 ================ Scan MBR ==================================
23:09:06.0500 2680 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
23:09:21.0875 2680 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
23:09:21.0875 2680 \Device\Harddisk0\DR0 - detected TDSS File System (1)
23:09:21.0875 2680 ================ Scan VBR ==================================
23:09:21.0890 2680 [ E62DA0FEB333605314BAA0572A2DC848 ] \Device\Harddisk0\DR0\Partition1
23:09:21.0921 2680 \Device\Harddisk0\DR0\Partition1 - ok
23:09:22.0000 2680 [ 4CB0C3C97C2F2D6D4A46E798F0B8A1F5 ] \Device\Harddisk0\DR0\Partition2
23:09:22.0046 2680 \Device\Harddisk0\DR0\Partition2 - ok
23:09:22.0046 2680 ============================================================
23:09:22.0046 2680 Scan finished
23:09:22.0046 2680 ============================================================
23:09:22.0187 0744 Detected object count: 8
23:09:22.0187 0744 Actual detected object count: 8
23:12:56.0578 0744 CVPNDRVA ( UnsignedFile.Multi.Generic ) - skipped by user
23:12:56.0578 0744 CVPNDRVA ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:12:56.0578 0744 DNSeFilter ( UnsignedFile.Multi.Generic ) - skipped by user
23:12:56.0578 0744 DNSeFilter ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:12:56.0578 0744 DOSMEMIO ( UnsignedFile.Multi.Generic ) - skipped by user
23:12:56.0578 0744 DOSMEMIO ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:12:56.0578 0744 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
23:12:56.0578 0744 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:12:56.0578 0744 SNM WLAN Service ( UnsignedFile.Multi.Generic ) - skipped by user
23:12:56.0578 0744 SNM WLAN Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:12:56.0593 0744 StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
23:12:56.0593 0744 StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:12:56.0609 0744 SUEPD ( UnsignedFile.Multi.Generic ) - skipped by user
23:12:56.0609 0744 SUEPD ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:12:56.0625 0744 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
23:12:56.0625 0744 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
23:13:15.0562 4072 Deinitialize success
|
|
15.10.2012, 15:12
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | mystart by incredibar im FirefoxCode:
ATTFilter \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
Um das zu tun musst du den TDSS-Killer neu starten und einen neuen Scan machen. Wenn du danach die Ergebnisse siehst, stellst du bitte diesen Eintrag auf CURE bzw. DELETE (je nachdem was dir angeboten wird, alle anderen bitte auf SKIP lassen! ) und klickst dann unten rechts auf continue Starte Windows danach neu und mach wieder ein komplett neues Log mit dem TDSS-Killer. Wie immer wieder in CODE-Tags posten.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
15.10.2012, 15:44
| #29 |
| | mystart by incredibar im Firefox OK, ich habe - bei gleichen Einstellungen wie oben beschrieben - den einen Eintrag gelöscht, neu gestartet und hier ein neues Log erstellen lassen: Code:
ATTFilter 16:35:39.0937 1580 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
16:35:40.0093 1580 ============================================================
16:35:40.0093 1580 Current date / time: 2012/10/15 16:35:40.0093
16:35:40.0093 1580 SystemInfo:
16:35:40.0093 1580
16:35:40.0093 1580 OS Version: 5.1.2600 ServicePack: 3.0
16:35:40.0093 1580 Product type: Workstation
16:35:40.0093 1580 ComputerName: SAMSUNG
16:35:40.0093 1580 UserName: MeinName
16:35:40.0093 1580 Windows directory: C:\WINDOWS
16:35:40.0093 1580 System windows directory: C:\WINDOWS
16:35:40.0093 1580 Processor architecture: Intel x86
16:35:40.0093 1580 Number of processors: 2
16:35:40.0093 1580 Page size: 0x1000
16:35:40.0093 1580 Boot type: Normal boot
16:35:40.0093 1580 ============================================================
16:35:42.0359 1580 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
16:35:42.0359 1580 ============================================================
16:35:42.0359 1580 \Device\Harddisk0\DR0:
16:35:42.0359 1580 MBR partitions:
16:35:42.0359 1580 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1400800, BlocksNum 0x8A19000
16:35:42.0359 1580 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x9E19800, BlocksNum 0x8BFF800
16:35:42.0359 1580 ============================================================
16:35:42.0375 1580 C: <-> \Device\Harddisk0\DR0\Partition1
16:35:42.0468 1580 D: <-> \Device\Harddisk0\DR0\Partition2
16:35:42.0468 1580 ============================================================
16:35:42.0468 1580 Initialize success
16:35:42.0468 1580 ============================================================
16:35:47.0921 2972 ============================================================
16:35:47.0921 2972 Scan started
16:35:47.0921 2972 Mode: Manual; SigCheck; TDLFS;
16:35:47.0921 2972 ============================================================
16:35:48.0281 2972 ================ Scan system memory ========================
16:35:49.0296 2972 System memory - ok
16:35:49.0296 2972 ================ Scan services =============================
16:35:49.0406 2972 Abiosdsk - ok
16:35:49.0421 2972 abp480n5 - ok
16:35:49.0453 2972 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
16:35:51.0453 2972 ACPI - ok
16:35:51.0500 2972 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
16:35:51.0671 2972 ACPIEC - ok
16:35:51.0781 2972 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
16:35:51.0875 2972 AdobeFlashPlayerUpdateSvc - ok
16:35:51.0875 2972 adpu160m - ok
16:35:51.0906 2972 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
16:35:52.0031 2972 aec - ok
16:35:52.0078 2972 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
16:35:52.0218 2972 AFD - ok
16:35:52.0265 2972 [ 39E435C90C9C4F780FA0ED05CA3C3A1B ] AgereModemAudio C:\WINDOWS\system32\agrsmsvc.exe
16:35:52.0296 2972 AgereModemAudio - ok
16:35:52.0343 2972 [ CE91B158FA490CF4C4D487A4130F4660 ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys
16:35:52.0453 2972 AgereSoftModem - ok
16:35:52.0453 2972 Aha154x - ok
16:35:52.0468 2972 aic78u2 - ok
16:35:52.0468 2972 aic78xx - ok
16:35:52.0500 2972 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll
16:35:52.0656 2972 Alerter - ok
16:35:52.0671 2972 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe
16:35:52.0718 2972 ALG - ok
16:35:52.0734 2972 AliIde - ok
16:35:52.0734 2972 amsint - ok
16:35:52.0750 2972 [ D45960BE52C3C610D361977057F98C54 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
16:35:52.0828 2972 AppMgmt - ok
16:35:52.0906 2972 [ C413E2E549488A5F1969DECB5B03187A ] AR5416 C:\WINDOWS\system32\DRIVERS\athw.sys
16:35:53.0046 2972 AR5416 - ok
16:35:53.0046 2972 asc - ok
16:35:53.0062 2972 asc3350p - ok
16:35:53.0062 2972 asc3550 - ok
16:35:53.0156 2972 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
16:35:53.0250 2972 aspnet_state - ok
16:35:53.0281 2972 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
16:35:53.0406 2972 AsyncMac - ok
16:35:53.0453 2972 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
16:35:53.0578 2972 atapi - ok
16:35:53.0593 2972 Atdisk - ok
16:35:53.0625 2972 [ 814A264F3D5ADF7B5CC531C0BB0A5C94 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
16:35:53.0687 2972 Ati HotKey Poller - ok
16:35:53.0765 2972 [ D06F84AEC48E1D9E7ECEDAF8DA0948D7 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
16:35:53.0890 2972 ati2mtag - ok
16:35:53.0921 2972 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
16:35:54.0078 2972 Atmarpc - ok
16:35:54.0109 2972 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
16:35:54.0218 2972 AudioSrv - ok
16:35:54.0265 2972 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
16:35:54.0406 2972 audstub - ok
16:35:54.0437 2972 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
16:35:54.0578 2972 Beep - ok
16:35:54.0609 2972 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll
16:35:54.0859 2972 BITS - ok
16:35:54.0890 2972 [ B71549F23736ADF83A571061C47777FD ] Browser C:\WINDOWS\System32\browser.dll
16:35:54.0968 2972 Browser - ok
16:35:55.0031 2972 [ 885B6D0F826A216EEE4C3AD883809012 ] BTKRNL C:\WINDOWS\system32\DRIVERS\btkrnl.sys
16:35:55.0234 2972 BTKRNL - ok
16:35:55.0281 2972 [ 49E9ED37FAEC5E8C03E81FD73D3884D6 ] btwdins C:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe
16:35:55.0296 2972 btwdins - ok
16:35:55.0343 2972 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
16:35:55.0484 2972 cbidf2k - ok
16:35:55.0500 2972 cd20xrnt - ok
16:35:55.0531 2972 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
16:35:55.0656 2972 Cdaudio - ok
16:35:55.0687 2972 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
16:35:55.0828 2972 Cdfs - ok
16:35:55.0875 2972 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
16:35:56.0000 2972 Cdrom - ok
16:35:56.0000 2972 Changer - ok
16:35:56.0015 2972 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe
16:35:56.0140 2972 CiSvc - ok
16:35:56.0171 2972 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
16:35:56.0296 2972 ClipSrv - ok
16:35:56.0343 2972 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:35:56.0453 2972 clr_optimization_v2.0.50727_32 - ok
16:35:56.0500 2972 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
16:35:56.0640 2972 CmBatt - ok
16:35:56.0640 2972 CmdIde - ok
16:35:56.0671 2972 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
16:35:56.0796 2972 Compbatt - ok
16:35:56.0796 2972 COMSysApp - ok
16:35:56.0812 2972 Cpqarray - ok
16:35:56.0843 2972 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
16:35:56.0968 2972 CryptSvc - ok
16:35:57.0000 2972 [ B5ECADF7708960F1818C7FA015F4C239 ] CVirtA C:\WINDOWS\system32\DRIVERS\CVirtA.sys
16:35:57.0062 2972 CVirtA - ok
16:35:57.0156 2972 [ D4A26B0926171DC4F969955D157D1311 ] CVPND C:\Programme\Cisco Systems\VPN Client\cvpnd.exe
16:35:57.0250 2972 CVPND - ok
16:35:57.0296 2972 [ C23025AC5AE45A105D63BD6E2408EDD4 ] CVPNDRVA C:\WINDOWS\system32\Drivers\CVPNDRVA.sys
16:35:57.0312 2972 CVPNDRVA ( UnsignedFile.Multi.Generic ) - warning
16:35:57.0312 2972 CVPNDRVA - detected UnsignedFile.Multi.Generic (1)
16:35:57.0328 2972 dac2w2k - ok
16:35:57.0328 2972 dac960nt - ok
16:35:57.0375 2972 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
16:35:57.0421 2972 DcomLaunch - ok
16:35:57.0453 2972 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
16:35:57.0578 2972 Dhcp - ok
16:35:57.0609 2972 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
16:35:57.0734 2972 Disk - ok
16:35:57.0734 2972 dmadmin - ok
16:35:57.0796 2972 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
16:35:58.0015 2972 dmboot - ok
16:35:58.0031 2972 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys
16:35:58.0171 2972 dmio - ok
16:35:58.0187 2972 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
16:35:58.0312 2972 dmload - ok
16:35:58.0343 2972 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll
16:35:58.0468 2972 dmserver - ok
16:35:58.0500 2972 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
16:35:58.0625 2972 DMusic - ok
16:35:58.0687 2972 [ B5AA5AA5AC327BD7C1AEC0C58F0C1144 ] DNE C:\WINDOWS\system32\DRIVERS\dne2000.sys
16:35:58.0718 2972 DNE - ok
16:35:58.0781 2972 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
16:35:58.0906 2972 Dnscache - ok
16:35:58.0953 2972 [ 7A46D39BC347AF729366179CC177FBF1 ] DNSeFilter C:\WINDOWS\system32\drivers\SamsungEDS.sys
16:35:58.0968 2972 DNSeFilter ( UnsignedFile.Multi.Generic ) - warning
16:35:58.0968 2972 DNSeFilter - detected UnsignedFile.Multi.Generic (1)
16:35:59.0000 2972 [ 8A4CB9438571814B128B6DC30D698064 ] DOSMEMIO C:\WINDOWS\system32\MEMIO.SYS
16:35:59.0015 2972 DOSMEMIO ( UnsignedFile.Multi.Generic ) - warning
16:35:59.0015 2972 DOSMEMIO - detected UnsignedFile.Multi.Generic (1)
16:35:59.0046 2972 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
16:35:59.0171 2972 Dot3svc - ok
16:35:59.0187 2972 dpti2o - ok
16:35:59.0203 2972 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
16:35:59.0312 2972 drmkaud - ok
16:35:59.0343 2972 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll
16:35:59.0484 2972 EapHost - ok
16:35:59.0500 2972 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll
16:35:59.0609 2972 ERSvc - ok
16:35:59.0640 2972 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe
16:35:59.0671 2972 Eventlog - ok
16:35:59.0718 2972 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\system32\es.dll
16:35:59.0734 2972 EventSystem - ok
16:35:59.0781 2972 Fabs - ok
16:35:59.0812 2972 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
16:35:59.0937 2972 Fastfat - ok
16:35:59.0984 2972 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
16:36:00.0046 2972 FastUserSwitchingCompatibility - ok
16:36:00.0046 2972 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
16:36:00.0171 2972 Fdc - ok
16:36:00.0203 2972 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
16:36:00.0328 2972 Fips - ok
16:36:00.0578 2972 [ FFF1130F7C9FA01D093A1EDFC5CCE8FC ] FirebirdServerMAGIXInstance C:\Programme\Gemeinsame Dateien\MAGIX Services\Database\bin\fbserver.exe
16:36:01.0312 2972 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
16:36:01.0312 2972 FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
16:36:01.0343 2972 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
16:36:01.0468 2972 Flpydisk - ok
16:36:01.0515 2972 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
16:36:01.0656 2972 FltMgr - ok
16:36:01.0703 2972 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
16:36:01.0781 2972 FontCache3.0.0.0 - ok
16:36:01.0781 2972 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
16:36:01.0921 2972 Fs_Rec - ok
16:36:01.0937 2972 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
16:36:02.0062 2972 Ftdisk - ok
16:36:02.0109 2972 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
16:36:02.0250 2972 Gpc - ok
16:36:02.0296 2972 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Programme\Google\Update\GoogleUpdate.exe
16:36:02.0312 2972 gupdate - ok
16:36:02.0328 2972 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe
16:36:02.0328 2972 gupdatem - ok
16:36:02.0359 2972 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
16:36:02.0484 2972 HDAudBus - ok
16:36:02.0546 2972 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
16:36:02.0656 2972 helpsvc - ok
16:36:02.0687 2972 [ B35DA85E60C0103F2E4104532DA2F12B ] HidServ C:\WINDOWS\System32\hidserv.dll
16:36:02.0812 2972 HidServ - ok
16:36:02.0812 2972 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
16:36:02.0953 2972 hidusb - ok
16:36:02.0984 2972 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
16:36:03.0109 2972 hkmsvc - ok
16:36:03.0125 2972 hpn - ok
16:36:03.0187 2972 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
16:36:03.0234 2972 HTTP - ok
16:36:03.0265 2972 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
16:36:03.0421 2972 HTTPFilter - ok
16:36:03.0437 2972 i2omgmt - ok
16:36:03.0437 2972 i2omp - ok
16:36:03.0468 2972 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
16:36:03.0609 2972 i8042prt - ok
16:36:03.0687 2972 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:36:03.0906 2972 idsvc - ok
16:36:03.0953 2972 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
16:36:04.0078 2972 Imapi - ok
16:36:04.0109 2972 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe
16:36:04.0234 2972 ImapiService - ok
16:36:04.0234 2972 ini910u - ok
16:36:04.0406 2972 [ 1EBDE650D97A8ECCDC1CC4A0804647CD ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
16:36:04.0640 2972 IntcAzAudAddService - ok
16:36:04.0640 2972 IntelIde - ok
16:36:04.0671 2972 [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
16:36:04.0796 2972 intelppm - ok
16:36:04.0812 2972 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
16:36:04.0937 2972 Ip6Fw - ok
16:36:04.0984 2972 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
16:36:05.0109 2972 IpFilterDriver - ok
16:36:05.0125 2972 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
16:36:05.0250 2972 IpInIp - ok
16:36:05.0281 2972 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
16:36:05.0390 2972 IpNat - ok
16:36:05.0406 2972 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
16:36:05.0546 2972 IPSec - ok
16:36:05.0593 2972 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
16:36:05.0703 2972 IRENUM - ok
16:36:05.0718 2972 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
16:36:05.0843 2972 isapnp - ok
16:36:05.0906 2972 [ A12175F063302CD68F8FC6D572D7E5FD ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe
16:36:05.0921 2972 JavaQuickStarterService - ok
16:36:05.0953 2972 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
16:36:06.0093 2972 Kbdclass - ok
16:36:06.0125 2972 [ B6D6C117D771C98130497265F26D1882 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
16:36:06.0265 2972 kbdhid - ok
16:36:06.0296 2972 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
16:36:06.0406 2972 kmixer - ok
16:36:06.0421 2972 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
16:36:06.0500 2972 KSecDD - ok
16:36:06.0546 2972 [ 2BBDCB79900990F0716DFCB714E72DE7 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
16:36:06.0609 2972 LanmanServer - ok
16:36:06.0656 2972 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
16:36:06.0671 2972 lanmanworkstation - ok
16:36:06.0687 2972 lbrtfdc - ok
16:36:06.0718 2972 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
16:36:06.0843 2972 LmHosts - ok
16:36:06.0859 2972 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll
16:36:06.0984 2972 Messenger - ok
16:36:07.0015 2972 [ 4F169F43F932739F093AE4E659FFF26A ] MHIKEY10 C:\WINDOWS\system32\Drivers\MHIKEY10.sys
16:36:07.0078 2972 MHIKEY10 - ok
16:36:07.0109 2972 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
16:36:07.0265 2972 mnmdd - ok
16:36:07.0281 2972 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
16:36:07.0437 2972 mnmsrvc - ok
16:36:07.0437 2972 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
16:36:07.0562 2972 Modem - ok
16:36:07.0562 2972 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
16:36:07.0703 2972 Mouclass - ok
16:36:07.0718 2972 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
16:36:07.0859 2972 mouhid - ok
16:36:07.0875 2972 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
16:36:08.0000 2972 MountMgr - ok
16:36:08.0046 2972 [ 24409A2A9F0351E208E14F609340FB25 ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
16:36:08.0093 2972 MozillaMaintenance - ok
16:36:08.0093 2972 mraid35x - ok
16:36:08.0109 2972 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
16:36:08.0218 2972 MRxDAV - ok
16:36:08.0265 2972 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
16:36:08.0343 2972 MRxSmb - ok
16:36:08.0375 2972 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\system32\msdtc.exe
16:36:08.0500 2972 MSDTC - ok
16:36:08.0531 2972 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
16:36:08.0656 2972 Msfs - ok
16:36:08.0671 2972 MSIServer - ok
16:36:08.0703 2972 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
16:36:08.0828 2972 MSKSSRV - ok
16:36:08.0859 2972 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
16:36:08.0984 2972 MSPCLOCK - ok
16:36:09.0000 2972 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
16:36:09.0125 2972 MSPQM - ok
16:36:09.0171 2972 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
16:36:09.0281 2972 mssmbios - ok
16:36:09.0343 2972 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
16:36:09.0375 2972 Mup - ok
16:36:09.0406 2972 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll
16:36:09.0562 2972 napagent - ok
16:36:09.0578 2972 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
16:36:09.0718 2972 NDIS - ok
16:36:09.0750 2972 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
16:36:09.0796 2972 NdisTapi - ok
16:36:09.0843 2972 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
16:36:09.0968 2972 Ndisuio - ok
16:36:10.0015 2972 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:36:10.0156 2972 NdisWan - ok
16:36:10.0187 2972 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
16:36:10.0265 2972 NDProxy - ok
16:36:10.0281 2972 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
16:36:10.0406 2972 NetBIOS - ok
16:36:10.0437 2972 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
16:36:10.0562 2972 NetBT - ok
16:36:10.0609 2972 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe
16:36:10.0765 2972 NetDDE - ok
16:36:10.0765 2972 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
16:36:10.0875 2972 NetDDEdsdm - ok
16:36:10.0906 2972 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe
16:36:11.0031 2972 Netlogon - ok
16:36:11.0046 2972 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll
16:36:11.0171 2972 Netman - ok
16:36:11.0203 2972 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:36:11.0343 2972 NetTcpPortSharing - ok
16:36:11.0359 2972 [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla C:\WINDOWS\System32\mswsock.dll
16:36:11.0375 2972 Nla - ok
16:36:11.0437 2972 [ 7AEA4DF1CA68FD45DD4BBE1F0243CE7F ] NMSAccess C:\Programme\CDBurnerXP\NMSAccessU.exe
16:36:11.0453 2972 NMSAccess - ok
16:36:11.0453 2972 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
16:36:11.0578 2972 Npfs - ok
16:36:11.0625 2972 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
16:36:11.0796 2972 Ntfs - ok
16:36:11.0812 2972 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
16:36:11.0921 2972 NtLmSsp - ok
16:36:11.0968 2972 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
16:36:12.0218 2972 NtmsSvc - ok
16:36:12.0250 2972 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
16:36:12.0406 2972 Null - ok
16:36:12.0421 2972 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
16:36:12.0562 2972 NwlnkFlt - ok
16:36:12.0578 2972 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
16:36:12.0718 2972 NwlnkFwd - ok
16:36:12.0781 2972 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
16:36:12.0828 2972 ose - ok
16:36:12.0859 2972 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\drivers\Parport.sys
16:36:12.0968 2972 Parport - ok
16:36:13.0000 2972 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
16:36:13.0125 2972 PartMgr - ok
16:36:13.0156 2972 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
16:36:13.0281 2972 ParVdm - ok
16:36:13.0296 2972 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
16:36:13.0421 2972 PCI - ok
16:36:13.0421 2972 PCIDump - ok
16:36:13.0437 2972 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
16:36:13.0578 2972 PCIIde - ok
16:36:13.0609 2972 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
16:36:13.0734 2972 Pcmcia - ok
16:36:13.0734 2972 PDCOMP - ok
16:36:13.0750 2972 PDFRAME - ok
16:36:13.0750 2972 PDRELI - ok
16:36:13.0750 2972 PDRFRAME - ok
16:36:13.0765 2972 perc2 - ok
16:36:13.0765 2972 perc2hib - ok
16:36:13.0812 2972 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe
16:36:13.0828 2972 PlugPlay - ok
16:36:13.0843 2972 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
16:36:13.0953 2972 PolicyAgent - ok
16:36:13.0968 2972 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
16:36:14.0109 2972 PptpMiniport - ok
16:36:14.0125 2972 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
16:36:14.0234 2972 ProtectedStorage - ok
16:36:14.0250 2972 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
16:36:14.0390 2972 PSched - ok
16:36:14.0421 2972 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
16:36:14.0562 2972 Ptilink - ok
16:36:14.0593 2972 [ 153D02480A0A2F45785522E814C634B6 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
16:36:14.0625 2972 PxHelp20 - ok
16:36:14.0640 2972 ql1080 - ok
16:36:14.0640 2972 Ql10wnt - ok
16:36:14.0640 2972 ql12160 - ok
16:36:14.0656 2972 ql1240 - ok
16:36:14.0656 2972 ql1280 - ok
16:36:14.0656 2972 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
16:36:14.0796 2972 RasAcd - ok
16:36:14.0828 2972 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll
16:36:14.0968 2972 RasAuto - ok
16:36:14.0984 2972 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
16:36:15.0125 2972 Rasl2tp - ok
16:36:15.0156 2972 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll
16:36:15.0281 2972 RasMan - ok
16:36:15.0296 2972 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
16:36:15.0437 2972 RasPppoe - ok
16:36:15.0437 2972 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
16:36:15.0562 2972 Raspti - ok
16:36:15.0593 2972 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
16:36:15.0718 2972 Rdbss - ok
16:36:15.0718 2972 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
16:36:15.0859 2972 RDPCDD - ok
16:36:15.0906 2972 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
16:36:16.0031 2972 rdpdr - ok
16:36:16.0078 2972 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
16:36:16.0125 2972 RDPWD - ok
16:36:16.0140 2972 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
16:36:16.0281 2972 RDSessMgr - ok
16:36:16.0296 2972 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
16:36:16.0437 2972 redbook - ok
16:36:16.0500 2972 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
16:36:16.0640 2972 RemoteAccess - ok
16:36:16.0656 2972 [ E4CD1F3D84E1C2CA0B8CF7501E201593 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
16:36:16.0781 2972 RemoteRegistry - ok
16:36:16.0796 2972 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\system32\locator.exe
16:36:16.0937 2972 RpcLocator - ok
16:36:16.0968 2972 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs C:\WINDOWS\system32\rpcss.dll
16:36:17.0015 2972 RpcSs - ok
16:36:17.0031 2972 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\system32\rsvp.exe
16:36:17.0203 2972 RSVP - ok
16:36:17.0218 2972 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe
16:36:17.0328 2972 SamSs - ok
16:36:17.0390 2972 [ A0540477B5283DD06642A184756C63FF ] SAVAdminService C:\Programme\Sophos\Sophos Anti-Virus\SAVAdminService.exe
16:36:17.0406 2972 SAVAdminService - ok
16:36:17.0453 2972 [ 8BCF84AEC77AEB4567116502D105162F ] SAVOnAccessControl C:\WINDOWS\system32\DRIVERS\savonaccesscontrol.sys
16:36:17.0531 2972 SAVOnAccessControl - ok
16:36:17.0531 2972 [ 8DFE54F1965C3B49C599CBB186C1EE8F ] SAVOnAccessFilter C:\WINDOWS\system32\DRIVERS\savonaccessfilter.sys
16:36:17.0578 2972 SAVOnAccessFilter - ok
16:36:17.0625 2972 [ B8A272D4E91EFB366E16BEA0FA42D7EE ] SAVService C:\Programme\Sophos\Sophos Anti-Virus\SavService.exe
16:36:17.0640 2972 SAVService - ok
16:36:17.0671 2972 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
16:36:17.0828 2972 SCardSvr - ok
16:36:17.0859 2972 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll
16:36:17.0984 2972 Schedule - ok
16:36:18.0015 2972 [ 4F21774E1259A546B992D9EAACDFD778 ] sdcfilter C:\WINDOWS\system32\DRIVERS\sdcfilter.sys
16:36:18.0078 2972 sdcfilter - ok
16:36:18.0093 2972 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
16:36:18.0156 2972 Secdrv - ok
16:36:18.0187 2972 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll
16:36:18.0312 2972 seclogon - ok
16:36:18.0328 2972 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll
16:36:18.0468 2972 SENS - ok
16:36:18.0484 2972 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\drivers\Serial.sys
16:36:18.0609 2972 Serial - ok
16:36:18.0640 2972 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
16:36:18.0796 2972 Sfloppy - ok
16:36:18.0828 2972 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
16:36:18.0984 2972 SharedAccess - ok
16:36:19.0000 2972 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
16:36:19.0031 2972 ShellHWDetection - ok
16:36:19.0031 2972 Simbad - ok
16:36:19.0062 2972 [ E407A8EEA2FD4BF560C05C0EBF1793B3 ] SKMScan C:\WINDOWS\system32\DRIVERS\skmscan.sys
16:36:19.0093 2972 SKMScan - ok
16:36:19.0140 2972 [ A44FAD36D97FB5FF5B57CCEB581EB29F ] SNM WLAN Service C:\Programme\samsung\Samsung Network Manager\SNMWLANService.exe
16:36:19.0156 2972 SNM WLAN Service ( UnsignedFile.Multi.Generic ) - warning
16:36:19.0156 2972 SNM WLAN Service - detected UnsignedFile.Multi.Generic (1)
16:36:19.0218 2972 [ 8A12AB5DE877B8F97D5EE70E16A5C9B2 ] Sophos AutoUpdate Service C:\Programme\Sophos\AutoUpdate\ALsvc.exe
16:36:19.0234 2972 Sophos AutoUpdate Service - ok
16:36:19.0281 2972 [ BD03374253F79CE7A716A870DC85BD84 ] Sophos Web Control Service C:\Programme\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
16:36:19.0312 2972 Sophos Web Control Service - ok
16:36:19.0343 2972 [ 3BDF94E0827D13E44249A646F6C0EB7C ] SophosBootDriver C:\WINDOWS\system32\DRIVERS\SophosBootDriver.sys
16:36:19.0406 2972 SophosBootDriver - ok
16:36:19.0421 2972 Sparrow - ok
16:36:19.0453 2972 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
16:36:19.0562 2972 splitter - ok
16:36:19.0609 2972 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
16:36:19.0671 2972 Spooler - ok
16:36:19.0703 2972 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
16:36:19.0781 2972 sr - ok
16:36:19.0796 2972 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll
16:36:19.0859 2972 srservice - ok
16:36:19.0906 2972 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
16:36:19.0953 2972 Srv - ok
16:36:19.0984 2972 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
16:36:20.0046 2972 SSDPSRV - ok
16:36:20.0093 2972 [ F92254B0BCFCD10CAAC7BCCC7CB7F467 ] StarOpen C:\WINDOWS\system32\drivers\StarOpen.sys
16:36:20.0109 2972 StarOpen ( UnsignedFile.Multi.Generic ) - warning
16:36:20.0109 2972 StarOpen - detected UnsignedFile.Multi.Generic (1)
16:36:20.0140 2972 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll
16:36:20.0265 2972 stisvc - ok
16:36:20.0296 2972 [ C0137B5947AE3D3FC1C17BA6FDFB3DAD ] SUEPD C:\WINDOWS\system32\DRIVERS\SUE_PD.sys
16:36:20.0328 2972 SUEPD ( UnsignedFile.Multi.Generic ) - warning
16:36:20.0328 2972 SUEPD - detected UnsignedFile.Multi.Generic (1)
16:36:20.0328 2972 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
16:36:20.0453 2972 swenum - ok
16:36:20.0703 2972 [ 6A91F997BB4B569BF993801017E7122C ] swi_service C:\Programme\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
16:36:20.0906 2972 swi_service - ok
16:36:21.0062 2972 [ B4882758DFBF19E33E50F503AD3C26B9 ] swi_update C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sophos\Web Intelligence\swi_update.exe
16:36:21.0234 2972 swi_update - ok
16:36:21.0250 2972 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
16:36:21.0375 2972 swmidi - ok
16:36:21.0390 2972 SwPrv - ok
16:36:21.0390 2972 symc810 - ok
16:36:21.0390 2972 symc8xx - ok
16:36:21.0406 2972 sym_hi - ok
16:36:21.0406 2972 sym_u3 - ok
16:36:21.0437 2972 [ AAF5E46AE0FB391AD94850AC00707330 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
16:36:21.0531 2972 SynTP - ok
16:36:21.0562 2972 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
16:36:21.0687 2972 sysaudio - ok
16:36:21.0734 2972 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
16:36:21.0875 2972 SysmonLog - ok
16:36:21.0906 2972 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
16:36:22.0031 2972 TapiSrv - ok
16:36:22.0078 2972 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
16:36:22.0156 2972 Tcpip - ok
16:36:22.0171 2972 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
16:36:22.0296 2972 TDPIPE - ok
16:36:22.0312 2972 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
16:36:22.0437 2972 TDTCP - ok
16:36:22.0468 2972 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
16:36:22.0578 2972 TermDD - ok
16:36:22.0609 2972 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll
16:36:22.0734 2972 TermService - ok
16:36:22.0750 2972 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll
16:36:22.0765 2972 Themes - ok
16:36:22.0796 2972 [ 03681A1CE77F51586903869A5AB1DEAB ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
16:36:22.0953 2972 TlntSvr - ok
16:36:22.0953 2972 TosIde - ok
16:36:22.0984 2972 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll
16:36:23.0109 2972 TrkWks - ok
16:36:23.0125 2972 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
16:36:23.0250 2972 Udfs - ok
16:36:23.0250 2972 ultra - ok
16:36:23.0296 2972 [ AB0A7CA90D9E3D6A193905DC1715DED0 ] UMWdf C:\WINDOWS\system32\wdfmgr.exe
16:36:23.0328 2972 UMWdf - ok
16:36:23.0359 2972 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
16:36:23.0531 2972 Update - ok
16:36:23.0578 2972 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll
16:36:23.0671 2972 upnphost - ok
16:36:23.0671 2972 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe
16:36:23.0812 2972 UPS - ok
16:36:23.0843 2972 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
16:36:23.0984 2972 usbccgp - ok
16:36:23.0984 2972 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
16:36:24.0125 2972 usbehci - ok
16:36:24.0140 2972 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
16:36:24.0281 2972 usbhub - ok
16:36:24.0312 2972 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
16:36:24.0437 2972 usbohci - ok
16:36:24.0468 2972 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
16:36:24.0625 2972 usbprint - ok
16:36:24.0640 2972 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
16:36:24.0781 2972 USBSTOR - ok
16:36:24.0796 2972 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
16:36:24.0921 2972 VgaSave - ok
16:36:24.0921 2972 ViaIde - ok
16:36:24.0953 2972 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
16:36:25.0062 2972 VolSnap - ok
16:36:25.0109 2972 [ 0354BA3A5BA5E28CC247EB5F5DD8793C ] vsdatant C:\WINDOWS\system32\vsdatant.sys
16:36:25.0453 2972 vsdatant - ok
16:36:25.0500 2972 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe
16:36:25.0578 2972 VSS - ok
16:36:25.0609 2972 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll
16:36:25.0734 2972 W32Time - ok
16:36:25.0750 2972 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:36:25.0890 2972 Wanarp - ok
16:36:25.0906 2972 WDICA - ok
16:36:25.0937 2972 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
16:36:26.0046 2972 wdmaud - ok
16:36:26.0046 2972 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll
16:36:26.0156 2972 WebClient - ok
16:36:26.0218 2972 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
16:36:26.0343 2972 winmgmt - ok
16:36:26.0390 2972 [ 140EF97B64F560FD78643CAE2CDAD838 ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
16:36:26.0437 2972 WmdmPmSN - ok
16:36:26.0484 2972 [ FFA4D901D46D07A5BAB2D8307FBB51A6 ] Wmi C:\WINDOWS\System32\advapi32.dll
16:36:26.0546 2972 Wmi - ok
16:36:26.0562 2972 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
16:36:26.0687 2972 WmiApSrv - ok
16:36:26.0734 2972 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINDOWS\system32\wscsvc.dll
16:36:26.0859 2972 wscsvc - ok
16:36:26.0906 2972 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
16:36:27.0046 2972 wuauserv - ok
16:36:27.0078 2972 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
16:36:27.0218 2972 WZCSVC - ok
16:36:27.0234 2972 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
16:36:27.0390 2972 xmlprov - ok
16:36:27.0421 2972 [ 4322C32CED8C4772E039616DCBF01D3F ] yukonwxp C:\WINDOWS\system32\DRIVERS\yk51x86.sys
16:36:27.0484 2972 yukonwxp - ok
16:36:27.0484 2972 ================ Scan global ===============================
16:36:27.0515 2972 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
16:36:27.0562 2972 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
16:36:27.0593 2972 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
16:36:27.0609 2972 [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe
16:36:27.0609 2972 [Global] - ok
16:36:27.0609 2972 ================ Scan MBR ==================================
16:36:27.0625 2972 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
16:36:28.0000 2972 \Device\Harddisk0\DR0 - ok
16:36:28.0000 2972 ================ Scan VBR ==================================
16:36:28.0000 2972 [ E62DA0FEB333605314BAA0572A2DC848 ] \Device\Harddisk0\DR0\Partition1
16:36:28.0000 2972 \Device\Harddisk0\DR0\Partition1 - ok
16:36:28.0031 2972 [ 4CB0C3C97C2F2D6D4A46E798F0B8A1F5 ] \Device\Harddisk0\DR0\Partition2
16:36:28.0031 2972 \Device\Harddisk0\DR0\Partition2 - ok
16:36:28.0031 2972 ============================================================
16:36:28.0031 2972 Scan finished
16:36:28.0031 2972 ============================================================
16:36:28.0156 2968 Detected object count: 7
16:36:28.0156 2968 Actual detected object count: 7
16:41:48.0281 2968 CVPNDRVA ( UnsignedFile.Multi.Generic ) - skipped by user
16:41:48.0281 2968 CVPNDRVA ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:41:48.0281 2968 DNSeFilter ( UnsignedFile.Multi.Generic ) - skipped by user
16:41:48.0281 2968 DNSeFilter ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:41:48.0281 2968 DOSMEMIO ( UnsignedFile.Multi.Generic ) - skipped by user
16:41:48.0281 2968 DOSMEMIO ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:41:48.0281 2968 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
16:41:48.0281 2968 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:41:48.0281 2968 SNM WLAN Service ( UnsignedFile.Multi.Generic ) - skipped by user
16:41:48.0281 2968 SNM WLAN Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:41:48.0281 2968 StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
16:41:48.0281 2968 StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:41:48.0281 2968 SUEPD ( UnsignedFile.Multi.Generic ) - skipped by user
16:41:48.0281 2968 SUEPD ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:41:56.0265 2704 Deinitialize success
|
|
15.10.2012, 15:53
| #30 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | mystart by incredibar im Firefox Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu mystart by incredibar im Firefox |
| about, administrator, anti-malware, autostart, code, dateien, downloader, entfernen, escan, eset, explorer, firefox, gen, home, installation, mbam, mozilla, problem, seite, service pack 3, speicher, startseite, suche, suchmaschine, super, system |
Textbox von OTL - wenn OTL auf deutsch ist wird sie mit 
beschriftet
.
Linear-Darstellung
