| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Trojan.Generic.6760809 im Receycler und System Volume InformationWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
13.11.2012, 22:08
| #15 |
 |  Trojan.Generic.6760809 im Receycler und System Volume InformationCode:
ATTFilter 21:53:22.0796 3480 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
21:53:22.0890 3480 ============================================================
21:53:22.0890 3480 Current date / time: 2012/11/13 21:53:22.0890
21:53:22.0890 3480 SystemInfo:
21:53:22.0890 3480
21:53:22.0890 3480 OS Version: 5.1.2600 ServicePack: 3.0
21:53:22.0890 3480 Product type: Workstation
21:53:22.0890 3480 ComputerName: AIRBORNE1
21:53:22.0890 3480 UserName: Admin
21:53:22.0890 3480 Windows directory: C:\WINDOWS
21:53:22.0890 3480 System windows directory: C:\WINDOWS
21:53:22.0890 3480 Processor architecture: Intel x86
21:53:22.0890 3480 Number of processors: 1
21:53:22.0890 3480 Page size: 0x1000
21:53:22.0890 3480 Boot type: Normal boot
21:53:22.0890 3480 ============================================================
21:53:23.0984 3480 Drive \Device\Harddisk0\DR0 - Size: 0x3A7450A000 (233.82 Gb), SectorSize: 0x200, Cylinders: 0x7EAE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054
21:53:24.0015 3480 Drive \Device\Harddisk1\DR2 - Size: 0x15D50D00000 (1397.26 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
21:53:30.0953 3480 ============================================================
21:53:30.0953 3480 \Device\Harddisk0\DR0:
21:53:30.0984 3480 MBR partitions:
21:53:30.0984 3480 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D39C991
21:53:30.0984 3480 \Device\Harddisk1\DR2:
21:53:30.0984 3480 MBR partitions:
21:53:30.0984 3480 \Device\Harddisk1\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAEA86000
21:53:30.0984 3480 ============================================================
21:53:31.0000 3480 C: <-> \Device\Harddisk0\DR0\Partition1
21:53:31.0031 3480 G: <-> \Device\Harddisk1\DR2\Partition1
21:53:31.0031 3480 ============================================================
21:53:31.0031 3480 Initialize success
21:53:31.0031 3480 ============================================================
21:53:41.0703 1492 ============================================================
21:53:41.0703 1492 Scan started
21:53:41.0703 1492 Mode: Manual; SigCheck; TDLFS;
21:53:41.0703 1492 ============================================================
21:53:41.0906 1492 ================ Scan system memory ========================
21:53:41.0906 1492 System memory - ok
21:53:41.0906 1492 ================ Scan services =============================
21:53:42.0031 1492 [ 149A8F7ADF9742554DC323E290551E3E ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys
21:53:42.0218 1492 Aavmker4 - ok
21:53:42.0234 1492 Abiosdsk - ok
21:53:42.0234 1492 abp480n5 - ok
21:53:42.0281 1492 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
21:53:42.0796 1492 ACPI - ok
21:53:42.0828 1492 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
21:53:42.0968 1492 ACPIEC - ok
21:53:43.0046 1492 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
21:53:43.0062 1492 AdobeFlashPlayerUpdateSvc - ok
21:53:43.0078 1492 adpu160m - ok
21:53:43.0109 1492 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
21:53:43.0265 1492 aec - ok
21:53:43.0312 1492 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
21:53:43.0343 1492 AFD - ok
21:53:43.0375 1492 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
21:53:43.0531 1492 agp440 - ok
21:53:43.0546 1492 Aha154x - ok
21:53:43.0546 1492 aic78u2 - ok
21:53:43.0562 1492 aic78xx - ok
21:53:43.0593 1492 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll
21:53:43.0750 1492 Alerter - ok
21:53:43.0765 1492 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe
21:53:43.0890 1492 ALG - ok
21:53:43.0890 1492 AliIde - ok
21:53:43.0906 1492 amsint - ok
21:53:43.0937 1492 [ DD8D9C597AF7CD2F6B70A3D6A4A1ACEA ] androidusb C:\WINDOWS\system32\Drivers\ssadadb.sys
21:53:44.0015 1492 androidusb - ok
21:53:44.0046 1492 [ D45960BE52C3C610D361977057F98C54 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
21:53:44.0171 1492 AppMgmt - ok
21:53:44.0171 1492 asc - ok
21:53:44.0187 1492 asc3350p - ok
21:53:44.0187 1492 asc3550 - ok
21:53:44.0312 1492 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
21:53:44.0328 1492 aspnet_state - ok
21:53:44.0359 1492 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
21:53:44.0375 1492 aswFsBlk - ok
21:53:44.0421 1492 [ 84F0BE324EE111338589F448C3E8BAB2 ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys
21:53:44.0437 1492 aswMon2 - ok
21:53:44.0453 1492 [ 7C9F0A2AB17D52261A9252A2EB320884 ] AswRdr C:\WINDOWS\system32\drivers\AswRdr.sys
21:53:44.0468 1492 AswRdr - ok
21:53:44.0484 1492 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
21:53:44.0546 1492 aswSnx - ok
21:53:44.0578 1492 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
21:53:44.0609 1492 aswSP - ok
21:53:44.0640 1492 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
21:53:44.0656 1492 aswTdi - ok
21:53:44.0671 1492 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:53:44.0812 1492 AsyncMac - ok
21:53:44.0843 1492 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
21:53:44.0984 1492 atapi - ok
21:53:45.0000 1492 Atdisk - ok
21:53:45.0046 1492 [ D80A3FD3DB6F999F6D1C6D23A293851B ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
21:53:45.0125 1492 Ati HotKey Poller - ok
21:53:45.0296 1492 [ C832BF76F003999D2E91E5115583C69E ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
21:53:45.0515 1492 ati2mtag - ok
21:53:45.0546 1492 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:53:45.0671 1492 Atmarpc - ok
21:53:45.0703 1492 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
21:53:45.0843 1492 AudioSrv - ok
21:53:45.0875 1492 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
21:53:46.0000 1492 audstub - ok
21:53:46.0078 1492 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Programme\AVAST Software\Avast\AvastSvc.exe
21:53:46.0093 1492 avast! Antivirus - ok
21:53:46.0125 1492 [ 4D50B7A5AE8E67E68B7C9571769D5DDE ] b57w2k C:\WINDOWS\system32\DRIVERS\b57xp32.sys
21:53:46.0171 1492 b57w2k - ok
21:53:46.0218 1492 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
21:53:46.0343 1492 Beep - ok
21:53:46.0390 1492 [ ACC9C8C560C567FAD6F79C977AB2EA09 ] bgsvcgen C:\WINDOWS\system32\bgsvcgen.exe
21:53:46.0406 1492 bgsvcgen - ok
21:53:46.0437 1492 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll
21:53:46.0578 1492 BITS - ok
21:53:46.0609 1492 [ B71549F23736ADF83A571061C47777FD ] Browser C:\WINDOWS\System32\browser.dll
21:53:46.0656 1492 Browser - ok
21:53:46.0781 1492 catchme - ok
21:53:46.0812 1492 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
21:53:46.0937 1492 cbidf2k - ok
21:53:46.0953 1492 [ FDC06E2ADA8C468EBB161624E03976CF ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
21:53:47.0000 1492 CCDECODE - ok
21:53:47.0015 1492 cd20xrnt - ok
21:53:47.0046 1492 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
21:53:47.0187 1492 Cdaudio - ok
21:53:47.0218 1492 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
21:53:47.0343 1492 Cdfs - ok
21:53:47.0375 1492 [ E0042BD5BEF17A6A3EF1DF576BDE24D1 ] cdrbsdrv C:\WINDOWS\system32\drivers\cdrbsdrv.sys
21:53:47.0375 1492 cdrbsdrv ( UnsignedFile.Multi.Generic ) - warning
21:53:47.0375 1492 cdrbsdrv - detected UnsignedFile.Multi.Generic (1)
21:53:47.0390 1492 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
21:53:47.0531 1492 Cdrom - ok
21:53:47.0546 1492 Changer - ok
21:53:47.0578 1492 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe
21:53:47.0703 1492 CiSvc - ok
21:53:47.0750 1492 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
21:53:47.0875 1492 ClipSrv - ok
21:53:47.0937 1492 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:53:47.0953 1492 clr_optimization_v2.0.50727_32 - ok
21:53:48.0000 1492 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:53:48.0015 1492 clr_optimization_v4.0.30319_32 - ok
21:53:48.0015 1492 CmdIde - ok
21:53:48.0062 1492 [ FD40439BB258B9AA9AD314BF5948EF46 ] cmpci C:\WINDOWS\system32\drivers\cmaudio.sys
21:53:48.0125 1492 cmpci - ok
21:53:48.0125 1492 COMSysApp - ok
21:53:48.0140 1492 Cpqarray - ok
21:53:48.0171 1492 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
21:53:48.0312 1492 CryptSvc - ok
21:53:48.0328 1492 dac2w2k - ok
21:53:48.0328 1492 dac960nt - ok
21:53:48.0375 1492 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
21:53:48.0453 1492 DcomLaunch - ok
21:53:48.0500 1492 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
21:53:48.0625 1492 Dhcp - ok
21:53:48.0640 1492 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
21:53:48.0765 1492 Disk - ok
21:53:48.0781 1492 dmadmin - ok
21:53:48.0812 1492 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
21:53:48.0984 1492 dmboot - ok
21:53:49.0000 1492 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys
21:53:49.0125 1492 dmio - ok
21:53:49.0156 1492 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
21:53:49.0296 1492 dmload - ok
21:53:49.0328 1492 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll
21:53:49.0468 1492 dmserver - ok
21:53:49.0484 1492 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
21:53:49.0609 1492 DMusic - ok
21:53:49.0640 1492 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
21:53:49.0703 1492 Dnscache - ok
21:53:49.0734 1492 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
21:53:49.0859 1492 Dot3svc - ok
21:53:49.0875 1492 dpti2o - ok
21:53:49.0906 1492 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
21:53:50.0031 1492 drmkaud - ok
21:53:50.0046 1492 EagleXNt - ok
21:53:50.0078 1492 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll
21:53:50.0234 1492 EapHost - ok
21:53:50.0250 1492 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll
21:53:50.0390 1492 ERSvc - ok
21:53:50.0437 1492 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe
21:53:50.0468 1492 Eventlog - ok
21:53:50.0515 1492 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\System32\es.dll
21:53:50.0562 1492 EventSystem - ok
21:53:50.0593 1492 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
21:53:50.0718 1492 Fastfat - ok
21:53:50.0734 1492 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
21:53:50.0781 1492 FastUserSwitchingCompatibility - ok
21:53:50.0812 1492 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
21:53:50.0937 1492 Fdc - ok
21:53:50.0953 1492 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
21:53:51.0078 1492 Fips - ok
21:53:51.0109 1492 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
21:53:51.0234 1492 Flpydisk - ok
21:53:51.0265 1492 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
21:53:51.0390 1492 FltMgr - ok
21:53:51.0453 1492 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
21:53:51.0468 1492 FontCache3.0.0.0 - ok
21:53:51.0484 1492 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:53:51.0609 1492 Fs_Rec - ok
21:53:51.0625 1492 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:53:51.0765 1492 Ftdisk - ok
21:53:51.0781 1492 [ 065639773D8B03F33577F6CDAEA21063 ] gameenum C:\WINDOWS\system32\DRIVERS\gameenum.sys
21:53:51.0906 1492 gameenum - ok
21:53:51.0953 1492 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
21:53:52.0078 1492 Gpc - ok
21:53:52.0125 1492 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
21:53:52.0140 1492 gusvc - ok
21:53:52.0203 1492 [ FC7DCDEF8F17D3C5DECC880673EA5BD5 ] hcwPVRP2 C:\WINDOWS\system32\DRIVERS\hcwPVRP2.sys
21:53:52.0281 1492 hcwPVRP2 - ok
21:53:52.0359 1492 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
21:53:52.0500 1492 helpsvc - ok
21:53:52.0546 1492 [ B35DA85E60C0103F2E4104532DA2F12B ] HidServ C:\WINDOWS\System32\hidserv.dll
21:53:52.0687 1492 HidServ - ok
21:53:52.0703 1492 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
21:53:52.0828 1492 hidusb - ok
21:53:52.0875 1492 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
21:53:53.0000 1492 hkmsvc - ok
21:53:53.0015 1492 hpn - ok
21:53:53.0062 1492 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
21:53:53.0109 1492 HTTP - ok
21:53:53.0156 1492 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
21:53:53.0328 1492 HTTPFilter - ok
21:53:53.0343 1492 i2omgmt - ok
21:53:53.0343 1492 i2omp - ok
21:53:53.0375 1492 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
21:53:53.0500 1492 i8042prt - ok
21:53:53.0578 1492 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
21:53:53.0593 1492 IDriverT ( UnsignedFile.Multi.Generic ) - warning
21:53:53.0593 1492 IDriverT - detected UnsignedFile.Multi.Generic (1)
21:53:53.0671 1492 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:53:53.0703 1492 idsvc - ok
21:53:53.0734 1492 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
21:53:53.0859 1492 Imapi - ok
21:53:53.0906 1492 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe
21:53:54.0046 1492 ImapiService - ok
21:53:54.0062 1492 ini910u - ok
21:53:54.0078 1492 IntelIde - ok
21:53:54.0093 1492 [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
21:53:54.0234 1492 intelppm - ok
21:53:54.0281 1492 [ F7C534DEF663B4E847E44F20927F5ED2 ] IOPort C:\WINDOWS\system32\DRIVERS\IOPORT.SYS
21:53:54.0281 1492 IOPort ( UnsignedFile.Multi.Generic ) - warning
21:53:54.0281 1492 IOPort - detected UnsignedFile.Multi.Generic (1)
21:53:54.0312 1492 [ 3BB22519A194418D5FEC05D800A19AD0 ] ip6fw C:\WINDOWS\system32\drivers\ip6fw.sys
21:53:54.0437 1492 ip6fw - ok
21:53:54.0468 1492 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:53:54.0593 1492 IpFilterDriver - ok
21:53:54.0609 1492 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
21:53:54.0750 1492 IpInIp - ok
21:53:54.0781 1492 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
21:53:54.0906 1492 IpNat - ok
21:53:54.0921 1492 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
21:53:55.0046 1492 IPSec - ok
21:53:55.0078 1492 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
21:53:55.0203 1492 IRENUM - ok
21:53:55.0234 1492 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
21:53:55.0359 1492 isapnp - ok
21:53:55.0375 1492 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:53:55.0500 1492 Kbdclass - ok
21:53:55.0515 1492 [ B6D6C117D771C98130497265F26D1882 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
21:53:55.0640 1492 kbdhid - ok
21:53:55.0671 1492 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
21:53:55.0812 1492 kmixer - ok
21:53:55.0843 1492 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
21:53:55.0875 1492 KSecDD - ok
21:53:55.0921 1492 [ 2BBDCB79900990F0716DFCB714E72DE7 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
21:53:55.0984 1492 lanmanserver - ok
21:53:56.0031 1492 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
21:53:56.0062 1492 lanmanworkstation - ok
21:53:56.0093 1492 [ B7C19EC8B0DD7EFA58AD41FFEB8B8CDA ] Lbd C:\WINDOWS\system32\DRIVERS\Lbd.sys
21:53:56.0109 1492 Lbd - ok
21:53:56.0109 1492 lbrtfdc - ok
21:53:56.0156 1492 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
21:53:56.0296 1492 LmHosts - ok
21:53:56.0343 1492 [ 500D089CE760D83DA2B6CBA681AA9949 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
21:53:56.0359 1492 MBAMProtector - ok
21:53:56.0437 1492 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
21:53:56.0453 1492 MBAMScheduler - ok
21:53:56.0500 1492 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
21:53:56.0546 1492 MBAMService - ok
21:53:56.0562 1492 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll
21:53:56.0687 1492 Messenger - ok
21:53:56.0734 1492 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
21:53:56.0875 1492 mnmdd - ok
21:53:56.0921 1492 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\System32\mnmsrvc.exe
21:53:57.0046 1492 mnmsrvc - ok
21:53:57.0062 1492 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
21:53:57.0203 1492 Modem - ok
21:53:57.0234 1492 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:53:57.0375 1492 Mouclass - ok
21:53:57.0421 1492 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
21:53:57.0562 1492 mouhid - ok
21:53:57.0562 1492 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
21:53:57.0687 1492 MountMgr - ok
21:53:57.0718 1492 [ DAE3C509F33059BC4D48A8925F476FB4 ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
21:53:57.0734 1492 MozillaMaintenance - ok
21:53:57.0734 1492 mraid35x - ok
21:53:57.0750 1492 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:53:57.0875 1492 MRxDAV - ok
21:53:57.0937 1492 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:53:58.0000 1492 MRxSmb - ok
21:53:58.0031 1492 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\System32\msdtc.exe
21:53:58.0171 1492 MSDTC - ok
21:53:58.0171 1492 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
21:53:58.0312 1492 Msfs - ok
21:53:58.0312 1492 MSIServer - ok
21:53:58.0343 1492 [ 85736F804191CB420A31ACA2A7F0674F ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:53:58.0375 1492 MSKSSRV - ok
21:53:58.0406 1492 [ E943ADB93D83C5CBC0CA3F53F53B48CC ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:53:58.0468 1492 MSPCLOCK - ok
21:53:58.0500 1492 [ F6A726B8832DB1F88326B8BE98B11981 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
21:53:58.0562 1492 MSPQM - ok
21:53:58.0562 1492 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:53:58.0687 1492 mssmbios - ok
21:53:58.0718 1492 [ D5059366B361F0E1124753447AF08AA2 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
21:53:58.0765 1492 MSTEE - ok
21:53:58.0781 1492 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
21:53:58.0812 1492 Mup - ok
21:53:58.0843 1492 [ AC31B352CE5E92704056D409834BEB74 ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
21:53:58.0859 1492 NABTSFEC - ok
21:53:58.0906 1492 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll
21:53:59.0046 1492 napagent - ok
21:53:59.0062 1492 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
21:53:59.0203 1492 NDIS - ok
21:53:59.0218 1492 [ ABD7629CF2796250F315C1DD0B6CF7A0 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
21:53:59.0250 1492 NdisIP - ok
21:53:59.0296 1492 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:53:59.0328 1492 NdisTapi - ok
21:53:59.0359 1492 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:53:59.0484 1492 Ndisuio - ok
21:53:59.0500 1492 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:53:59.0625 1492 NdisWan - ok
21:53:59.0656 1492 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
21:53:59.0687 1492 NDProxy - ok
21:53:59.0718 1492 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
21:53:59.0859 1492 NetBIOS - ok
21:53:59.0890 1492 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
21:54:00.0015 1492 NetBT - ok
21:54:00.0062 1492 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe
21:54:00.0187 1492 NetDDE - ok
21:54:00.0203 1492 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
21:54:00.0328 1492 NetDDEdsdm - ok
21:54:00.0359 1492 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe
21:54:00.0500 1492 Netlogon - ok
21:54:00.0546 1492 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll
21:54:00.0687 1492 Netman - ok
21:54:00.0734 1492 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:54:00.0750 1492 NetTcpPortSharing - ok
21:54:00.0765 1492 [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla C:\WINDOWS\System32\mswsock.dll
21:54:00.0796 1492 Nla - ok
21:54:00.0875 1492 [ 7AEA4DF1CA68FD45DD4BBE1F0243CE7F ] NMSAccess C:\Programme\CDBurnerXP\NMSAccessU.exe
21:54:00.0890 1492 NMSAccess - ok
21:54:00.0937 1492 [ B48DC6ABCD3AEFF8618350CCBDC6B09A ] NPF C:\WINDOWS\system32\drivers\npf.sys
21:54:00.0953 1492 NPF - ok
21:54:00.0968 1492 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
21:54:01.0109 1492 Npfs - ok
21:54:01.0140 1492 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
21:54:01.0281 1492 Ntfs - ok
21:54:01.0296 1492 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\System32\lsass.exe
21:54:01.0421 1492 NtLmSsp - ok
21:54:01.0453 1492 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
21:54:01.0625 1492 NtmsSvc - ok
21:54:01.0640 1492 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
21:54:01.0781 1492 Null - ok
21:54:01.0812 1492 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:54:01.0937 1492 NwlnkFlt - ok
21:54:01.0953 1492 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:54:02.0078 1492 NwlnkFwd - ok
21:54:02.0125 1492 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
21:54:02.0250 1492 Parport - ok
21:54:02.0265 1492 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
21:54:02.0390 1492 PartMgr - ok
21:54:02.0437 1492 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
21:54:02.0562 1492 ParVdm - ok
21:54:02.0578 1492 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
21:54:02.0703 1492 PCI - ok
21:54:02.0718 1492 PCIDump - ok
21:54:02.0734 1492 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
21:54:02.0875 1492 PCIIde - ok
21:54:02.0921 1492 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
21:54:03.0062 1492 Pcmcia - ok
21:54:03.0078 1492 PDCOMP - ok
21:54:03.0078 1492 PDFRAME - ok
21:54:03.0093 1492 PDRELI - ok
21:54:03.0109 1492 PDRFRAME - ok
21:54:03.0109 1492 perc2 - ok
21:54:03.0125 1492 perc2hib - ok
21:54:03.0156 1492 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe
21:54:03.0187 1492 PlugPlay - ok
21:54:03.0187 1492 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
21:54:03.0312 1492 PolicyAgent - ok
21:54:03.0359 1492 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:54:03.0500 1492 PptpMiniport - ok
21:54:03.0515 1492 [ 2CB55427C58679F49AD600FCCBA76360 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
21:54:03.0625 1492 Processor - ok
21:54:03.0640 1492 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
21:54:03.0765 1492 ProtectedStorage - ok
21:54:03.0781 1492 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
21:54:03.0906 1492 PSched - ok
21:54:03.0937 1492 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
21:54:04.0093 1492 Ptilink - ok
21:54:04.0125 1492 [ 153D02480A0A2F45785522E814C634B6 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
21:54:04.0140 1492 PxHelp20 - ok
21:54:04.0140 1492 ql1080 - ok
21:54:04.0156 1492 Ql10wnt - ok
21:54:04.0156 1492 ql12160 - ok
21:54:04.0171 1492 ql1240 - ok
21:54:04.0171 1492 ql1280 - ok
21:54:04.0203 1492 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:54:04.0328 1492 RasAcd - ok
21:54:04.0375 1492 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll
21:54:04.0500 1492 RasAuto - ok
21:54:04.0531 1492 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:54:04.0640 1492 Rasl2tp - ok
21:54:04.0671 1492 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll
21:54:04.0828 1492 RasMan - ok
21:54:04.0843 1492 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:54:04.0968 1492 RasPppoe - ok
21:54:05.0000 1492 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
21:54:05.0140 1492 Raspti - ok
21:54:05.0140 1492 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:54:05.0281 1492 Rdbss - ok
21:54:05.0296 1492 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:54:05.0421 1492 RDPCDD - ok
21:54:05.0453 1492 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
21:54:05.0578 1492 rdpdr - ok
21:54:05.0625 1492 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
21:54:05.0671 1492 RDPWD - ok
21:54:05.0703 1492 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
21:54:05.0843 1492 RDSessMgr - ok
21:54:05.0890 1492 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
21:54:06.0000 1492 redbook - ok
21:54:06.0046 1492 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
21:54:06.0171 1492 RemoteAccess - ok
21:54:06.0203 1492 [ E4CD1F3D84E1C2CA0B8CF7501E201593 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
21:54:06.0343 1492 RemoteRegistry - ok
21:54:06.0390 1492 [ B60F58F175DE20A6739194E85B035178 ] rpcapd C:\Programme\WinPcap\rpcapd.exe
21:54:06.0406 1492 rpcapd - ok
21:54:06.0421 1492 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\System32\locator.exe
21:54:06.0578 1492 RpcLocator - ok
21:54:06.0593 1492 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs C:\WINDOWS\System32\rpcss.dll
21:54:06.0625 1492 RpcSs - ok
21:54:06.0671 1492 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\System32\rsvp.exe
21:54:06.0828 1492 RSVP - ok
21:54:06.0843 1492 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe
21:54:06.0953 1492 SamSs - ok
21:54:06.0968 1492 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
21:54:07.0125 1492 SCardSvr - ok
21:54:07.0156 1492 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll
21:54:07.0296 1492 Schedule - ok
21:54:07.0343 1492 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
21:54:07.0468 1492 Secdrv - ok
21:54:07.0468 1492 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll
21:54:07.0609 1492 seclogon - ok
21:54:07.0625 1492 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll
21:54:07.0750 1492 SENS - ok
21:54:07.0765 1492 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
21:54:07.0890 1492 serenum - ok
21:54:07.0921 1492 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
21:54:08.0031 1492 Serial - ok
21:54:08.0093 1492 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
21:54:08.0218 1492 Sfloppy - ok
21:54:08.0250 1492 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
21:54:08.0375 1492 SharedAccess - ok
21:54:08.0406 1492 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
21:54:08.0437 1492 ShellHWDetection - ok
21:54:08.0484 1492 [ 4AABD176758CDBCFB834A72BD01CD02F ] silabenm C:\WINDOWS\system32\DRIVERS\silabenm.sys
21:54:08.0500 1492 silabenm ( UnsignedFile.Multi.Generic ) - warning
21:54:08.0500 1492 silabenm - detected UnsignedFile.Multi.Generic (1)
21:54:08.0515 1492 [ F5460535EDE7ADEB0721BC56587554EA ] silabser C:\WINDOWS\system32\DRIVERS\silabser.sys
21:54:08.0531 1492 silabser ( UnsignedFile.Multi.Generic ) - warning
21:54:08.0531 1492 silabser - detected UnsignedFile.Multi.Generic (1)
21:54:08.0546 1492 Simbad - ok
21:54:08.0546 1492 [ 1FFC44D6787EC1EA9A2B1440A90FA5C1 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
21:54:08.0593 1492 SLIP - ok
21:54:08.0609 1492 Sparrow - ok
21:54:08.0640 1492 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
21:54:08.0765 1492 splitter - ok
21:54:08.0812 1492 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
21:54:08.0843 1492 Spooler - ok
21:54:08.0859 1492 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
21:54:08.0984 1492 sr - ok
21:54:09.0000 1492 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll
21:54:09.0140 1492 srservice - ok
21:54:09.0187 1492 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
21:54:09.0234 1492 Srv - ok
21:54:09.0281 1492 [ 64E44ACD8C238FCBBB78F0BA4BDC4B05 ] ssadbus C:\WINDOWS\system32\DRIVERS\ssadbus.sys
21:54:09.0312 1492 ssadbus - ok
21:54:09.0328 1492 [ BB2C84A15C765DA89FD832B0E73F26CE ] ssadmdfl C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys
21:54:09.0359 1492 ssadmdfl - ok
21:54:09.0375 1492 [ 6D0D132DDC6F43EDA00DCED6D8B1CA31 ] ssadmdm C:\WINDOWS\system32\DRIVERS\ssadmdm.sys
21:54:09.0406 1492 ssadmdm - ok
21:54:09.0421 1492 [ 1A5A397BC459F346AB56492B61EF79F6 ] ssadserd C:\WINDOWS\system32\DRIVERS\ssadserd.sys
21:54:09.0468 1492 ssadserd - ok
21:54:09.0484 1492 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
21:54:09.0640 1492 SSDPSRV - ok
21:54:09.0671 1492 [ E57B778208C783D8DEBAB320C16A1B82 ] StarOpen C:\WINDOWS\system32\drivers\StarOpen.sys
21:54:09.0687 1492 StarOpen ( UnsignedFile.Multi.Generic ) - warning
21:54:09.0687 1492 StarOpen - detected UnsignedFile.Multi.Generic (1)
21:54:09.0734 1492 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll
21:54:09.0890 1492 stisvc - ok
21:54:09.0921 1492 [ A9F9FD0212E572B84EDB9EB661F6BC04 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
21:54:09.0937 1492 streamip - ok
21:54:09.0968 1492 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
21:54:10.0093 1492 swenum - ok
21:54:10.0125 1492 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
21:54:10.0250 1492 swmidi - ok
21:54:10.0250 1492 SwPrv - ok
21:54:10.0265 1492 symc810 - ok
21:54:10.0281 1492 symc8xx - ok
21:54:10.0281 1492 sym_hi - ok
21:54:10.0296 1492 sym_u3 - ok
21:54:10.0343 1492 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
21:54:10.0468 1492 sysaudio - ok
21:54:10.0500 1492 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
21:54:10.0640 1492 SysmonLog - ok
21:54:10.0671 1492 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
21:54:10.0796 1492 TapiSrv - ok
21:54:10.0859 1492 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:54:10.0875 1492 Tcpip - ok
21:54:10.0906 1492 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
21:54:11.0015 1492 TDPIPE - ok
21:54:11.0046 1492 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
21:54:11.0171 1492 TDTCP - ok
21:54:11.0203 1492 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
21:54:11.0328 1492 TermDD - ok
21:54:11.0343 1492 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll
21:54:11.0500 1492 TermService - ok
21:54:11.0515 1492 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll
21:54:11.0546 1492 Themes - ok
21:54:11.0593 1492 [ 03681A1CE77F51586903869A5AB1DEAB ] TlntSvr C:\WINDOWS\System32\tlntsvr.exe
21:54:11.0718 1492 TlntSvr - ok
21:54:11.0734 1492 TosIde - ok
21:54:11.0750 1492 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll
21:54:11.0875 1492 TrkWks - ok
21:54:11.0906 1492 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
21:54:12.0031 1492 Udfs - ok
21:54:12.0046 1492 ultra - ok
21:54:12.0093 1492 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
21:54:12.0250 1492 Update - ok
21:54:12.0281 1492 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll
21:54:12.0421 1492 upnphost - ok
21:54:12.0453 1492 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe
21:54:12.0578 1492 UPS - ok
21:54:12.0609 1492 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
21:54:12.0734 1492 usbaudio - ok
21:54:12.0765 1492 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
21:54:12.0890 1492 usbccgp - ok
21:54:12.0906 1492 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
21:54:13.0031 1492 usbehci - ok
21:54:13.0031 1492 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:54:13.0187 1492 usbhub - ok
21:54:13.0218 1492 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
21:54:13.0359 1492 usbprint - ok
21:54:13.0406 1492 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
21:54:13.0531 1492 usbscan - ok
21:54:13.0546 1492 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:54:13.0687 1492 USBSTOR - ok
21:54:13.0718 1492 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
21:54:13.0843 1492 usbuhci - ok
21:54:13.0875 1492 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
21:54:14.0000 1492 usbvideo - ok
21:54:14.0031 1492 [ 8AFFFDA081CFF3057391FEDBBB483601 ] UTSCSI C:\WINDOWS\system32\UTSCSI.EXE
21:54:14.0078 1492 UTSCSI ( UnsignedFile.Multi.Generic ) - warning
21:54:14.0078 1492 UTSCSI - detected UnsignedFile.Multi.Generic (1)
21:54:14.0093 1492 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
21:54:14.0218 1492 VgaSave - ok
21:54:14.0218 1492 ViaIde - ok
21:54:14.0265 1492 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
21:54:14.0390 1492 VolSnap - ok
21:54:14.0406 1492 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe
21:54:14.0546 1492 VSS - ok
21:54:14.0578 1492 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll
21:54:14.0703 1492 W32Time - ok
21:54:14.0765 1492 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:54:14.0906 1492 Wanarp - ok
21:54:14.0937 1492 [ BBCFEAB7E871CDDAC2D397EE7FA91FDC ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
21:54:14.0968 1492 Wdf01000 - ok
21:54:14.0968 1492 WDICA - ok
21:54:15.0000 1492 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
21:54:15.0140 1492 wdmaud - ok
21:54:15.0156 1492 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll
21:54:15.0296 1492 WebClient - ok
21:54:15.0375 1492 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
21:54:15.0515 1492 winmgmt - ok
21:54:15.0562 1492 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
21:54:15.0609 1492 WmdmPmSN - ok
21:54:15.0640 1492 [ FFA4D901D46D07A5BAB2D8307FBB51A6 ] Wmi C:\WINDOWS\System32\advapi32.dll
21:54:15.0687 1492 Wmi - ok
21:54:15.0718 1492 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\System32\wbem\wmiapsrv.exe
21:54:15.0843 1492 WmiApSrv - ok
21:54:15.0859 1492 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
21:54:15.0875 1492 WpdUsb - ok
21:54:15.0968 1492 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
21:54:16.0000 1492 WPFFontCache_v0400 - ok
21:54:16.0031 1492 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
21:54:16.0171 1492 WS2IFSL - ok
21:54:16.0203 1492 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINDOWS\system32\wscsvc.dll
21:54:16.0343 1492 wscsvc - ok
21:54:16.0375 1492 [ 233CDD1C06942115802EB7CE6669E099 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
21:54:16.0390 1492 WSTCODEC - ok
21:54:16.0421 1492 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
21:54:16.0562 1492 wuauserv - ok
21:54:16.0593 1492 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
21:54:16.0625 1492 WudfPf - ok
21:54:16.0640 1492 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
21:54:16.0671 1492 WudfRd - ok
21:54:16.0703 1492 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
21:54:16.0750 1492 WudfSvc - ok
21:54:16.0796 1492 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
21:54:16.0968 1492 WZCSVC - ok
21:54:17.0000 1492 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
21:54:17.0156 1492 xmlprov - ok
21:54:17.0171 1492 ================ Scan global ===============================
21:54:17.0187 1492 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
21:54:17.0234 1492 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
21:54:17.0265 1492 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
21:54:17.0296 1492 [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe
21:54:17.0312 1492 [Global] - ok
21:54:17.0312 1492 ================ Scan MBR ==================================
21:54:17.0328 1492 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
21:54:17.0531 1492 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
21:54:17.0531 1492 \Device\Harddisk0\DR0 - detected TDSS File System (1)
21:54:17.0546 1492 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR2
21:54:17.0718 1492 \Device\Harddisk1\DR2 - ok
21:54:17.0734 1492 ================ Scan VBR ==================================
21:54:17.0734 1492 [ D964B52BD354518261E5B697C98E79D1 ] \Device\Harddisk0\DR0\Partition1
21:54:17.0734 1492 \Device\Harddisk0\DR0\Partition1 - ok
21:54:17.0750 1492 [ F17264F44C7DBECAC0FD14C51ED6F082 ] \Device\Harddisk1\DR2\Partition1
21:54:17.0750 1492 \Device\Harddisk1\DR2\Partition1 - ok
21:54:17.0750 1492 ============================================================
21:54:17.0750 1492 Scan finished
21:54:17.0750 1492 ============================================================
21:54:17.0859 0516 Detected object count: 8
21:54:17.0859 0516 Actual detected object count: 8
21:54:28.0828 0516 cdrbsdrv ( UnsignedFile.Multi.Generic ) - skipped by user
21:54:28.0828 0516 cdrbsdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:54:28.0828 0516 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
21:54:28.0828 0516 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:54:28.0828 0516 IOPort ( UnsignedFile.Multi.Generic ) - skipped by user
21:54:28.0828 0516 IOPort ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:54:28.0828 0516 silabenm ( UnsignedFile.Multi.Generic ) - skipped by user
21:54:28.0828 0516 silabenm ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:54:28.0828 0516 silabser ( UnsignedFile.Multi.Generic ) - skipped by user
21:54:28.0828 0516 silabser ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:54:28.0828 0516 StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
21:54:28.0828 0516 StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:54:28.0843 0516 UTSCSI ( UnsignedFile.Multi.Generic ) - skipped by user
21:54:28.0843 0516 UTSCSI ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:54:28.0875 0516 \Device\Harddisk0\DR0\TDLFS\cfg.ini - copied to quarantine
21:54:28.0875 0516 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine
21:54:28.0875 0516 \Device\Harddisk0\DR0\TDLFS\bckfg.tmp - copied to quarantine
21:54:28.0890 0516 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
21:54:28.0937 0516 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
21:54:28.0937 0516 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
21:54:44.0656 0516 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
21:54:44.0781 0516 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
21:54:44.0859 0516 \Device\Harddisk0\DR0\TDLFS\keywords - copied to quarantine
21:54:44.0859 0516 \Device\Harddisk0\DR0\TDLFS - deleted
21:54:44.0859 0516 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete
Code:
ATTFilter 22:02:59.0562 3584 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
22:02:59.0578 3584 ============================================================
22:02:59.0578 3584 Current date / time: 2012/11/13 22:02:59.0578
22:02:59.0578 3584 SystemInfo:
22:02:59.0578 3584
22:02:59.0578 3584 OS Version: 5.1.2600 ServicePack: 3.0
22:02:59.0578 3584 Product type: Workstation
22:02:59.0578 3584 ComputerName: AIRBORNE1
22:02:59.0578 3584 UserName: Admin
22:02:59.0578 3584 Windows directory: C:\WINDOWS
22:02:59.0578 3584 System windows directory: C:\WINDOWS
22:02:59.0578 3584 Processor architecture: Intel x86
22:02:59.0578 3584 Number of processors: 1
22:02:59.0578 3584 Page size: 0x1000
22:02:59.0578 3584 Boot type: Normal boot
22:02:59.0578 3584 ============================================================
22:03:00.0734 3584 Drive \Device\Harddisk0\DR0 - Size: 0x3A7450A000 (233.82 Gb), SectorSize: 0x200, Cylinders: 0x7EAE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054
22:03:00.0765 3584 Drive \Device\Harddisk1\DR2 - Size: 0x15D50D00000 (1397.26 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
22:03:00.0796 3584 ============================================================
22:03:00.0796 3584 \Device\Harddisk0\DR0:
22:03:00.0796 3584 MBR partitions:
22:03:00.0796 3584 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D39C991
22:03:00.0796 3584 \Device\Harddisk1\DR2:
22:03:00.0796 3584 MBR partitions:
22:03:00.0796 3584 \Device\Harddisk1\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAEA86000
22:03:00.0796 3584 ============================================================
22:03:00.0890 3584 C: <-> \Device\Harddisk0\DR0\Partition1
22:03:00.0906 3584 G: <-> \Device\Harddisk1\DR2\Partition1
22:03:00.0937 3584 ============================================================
22:03:00.0937 3584 Initialize success
22:03:00.0937 3584 ============================================================
22:03:05.0968 3648 ============================================================
22:03:05.0968 3648 Scan started
22:03:05.0968 3648 Mode: Manual; SigCheck; TDLFS;
22:03:05.0968 3648 ============================================================
22:03:07.0031 3648 ================ Scan system memory ========================
22:03:07.0031 3648 System memory - ok
22:03:07.0031 3648 ================ Scan services =============================
22:03:07.0156 3648 [ 149A8F7ADF9742554DC323E290551E3E ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys
22:03:07.0281 3648 Aavmker4 - ok
22:03:07.0296 3648 Abiosdsk - ok
22:03:07.0296 3648 abp480n5 - ok
22:03:07.0328 3648 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
22:03:07.0546 3648 ACPI - ok
22:03:07.0562 3648 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
22:03:07.0703 3648 ACPIEC - ok
22:03:07.0781 3648 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
22:03:07.0796 3648 AdobeFlashPlayerUpdateSvc - ok
22:03:07.0812 3648 adpu160m - ok
22:03:07.0843 3648 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
22:03:07.0984 3648 aec - ok
22:03:08.0031 3648 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
22:03:08.0093 3648 AFD - ok
22:03:08.0125 3648 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
22:03:08.0265 3648 agp440 - ok
22:03:08.0281 3648 Aha154x - ok
22:03:08.0281 3648 aic78u2 - ok
22:03:08.0296 3648 aic78xx - ok
22:03:08.0328 3648 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll
22:03:08.0484 3648 Alerter - ok
22:03:08.0500 3648 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe
22:03:08.0640 3648 ALG - ok
22:03:08.0640 3648 AliIde - ok
22:03:08.0656 3648 amsint - ok
22:03:08.0687 3648 [ DD8D9C597AF7CD2F6B70A3D6A4A1ACEA ] androidusb C:\WINDOWS\system32\Drivers\ssadadb.sys
22:03:08.0750 3648 androidusb - ok
22:03:08.0781 3648 [ D45960BE52C3C610D361977057F98C54 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
22:03:08.0921 3648 AppMgmt - ok
22:03:08.0937 3648 asc - ok
22:03:08.0937 3648 asc3350p - ok
22:03:08.0953 3648 asc3550 - ok
22:03:09.0062 3648 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
22:03:09.0109 3648 aspnet_state - ok
22:03:09.0140 3648 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
22:03:09.0156 3648 aswFsBlk - ok
22:03:09.0203 3648 [ 84F0BE324EE111338589F448C3E8BAB2 ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys
22:03:09.0218 3648 aswMon2 - ok
22:03:09.0250 3648 [ 7C9F0A2AB17D52261A9252A2EB320884 ] AswRdr C:\WINDOWS\system32\drivers\AswRdr.sys
22:03:09.0265 3648 AswRdr - ok
22:03:09.0312 3648 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
22:03:09.0343 3648 aswSnx - ok
22:03:09.0375 3648 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
22:03:09.0390 3648 aswSP - ok
22:03:09.0421 3648 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
22:03:09.0437 3648 aswTdi - ok
22:03:09.0453 3648 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:03:09.0593 3648 AsyncMac - ok
22:03:09.0640 3648 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
22:03:09.0765 3648 atapi - ok
22:03:09.0796 3648 Atdisk - ok
22:03:09.0843 3648 [ D80A3FD3DB6F999F6D1C6D23A293851B ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
22:03:09.0968 3648 Ati HotKey Poller - ok
22:03:10.0156 3648 [ C832BF76F003999D2E91E5115583C69E ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
22:03:10.0359 3648 ati2mtag - ok
22:03:10.0406 3648 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
22:03:10.0531 3648 Atmarpc - ok
22:03:10.0562 3648 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
22:03:10.0703 3648 AudioSrv - ok
22:03:10.0734 3648 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
22:03:10.0843 3648 audstub - ok
22:03:10.0937 3648 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Programme\AVAST Software\Avast\AvastSvc.exe
22:03:10.0953 3648 avast! Antivirus - ok
22:03:11.0000 3648 [ 4D50B7A5AE8E67E68B7C9571769D5DDE ] b57w2k C:\WINDOWS\system32\DRIVERS\b57xp32.sys
22:03:11.0062 3648 b57w2k - ok
22:03:11.0125 3648 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
22:03:11.0250 3648 Beep - ok
22:03:11.0281 3648 [ ACC9C8C560C567FAD6F79C977AB2EA09 ] bgsvcgen C:\WINDOWS\system32\bgsvcgen.exe
22:03:11.0312 3648 bgsvcgen - ok
22:03:11.0390 3648 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll
22:03:11.0828 3648 BITS - ok
22:03:11.0859 3648 [ B71549F23736ADF83A571061C47777FD ] Browser C:\WINDOWS\System32\browser.dll
22:03:12.0031 3648 Browser - ok
22:03:12.0171 3648 catchme - ok
22:03:12.0187 3648 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
22:03:12.0343 3648 cbidf2k - ok
22:03:12.0375 3648 [ FDC06E2ADA8C468EBB161624E03976CF ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
22:03:12.0484 3648 CCDECODE - ok
22:03:12.0484 3648 cd20xrnt - ok
22:03:12.0515 3648 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
22:03:12.0687 3648 Cdaudio - ok
22:03:12.0734 3648 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
22:03:12.0937 3648 Cdfs - ok
22:03:12.0984 3648 [ E0042BD5BEF17A6A3EF1DF576BDE24D1 ] cdrbsdrv C:\WINDOWS\system32\drivers\cdrbsdrv.sys
22:03:13.0046 3648 cdrbsdrv ( UnsignedFile.Multi.Generic ) - warning
22:03:13.0046 3648 cdrbsdrv - detected UnsignedFile.Multi.Generic (1)
22:03:13.0062 3648 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
22:03:13.0234 3648 Cdrom - ok
22:03:13.0234 3648 Changer - ok
22:03:13.0265 3648 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe
22:03:13.0453 3648 CiSvc - ok
22:03:13.0500 3648 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
22:03:13.0687 3648 ClipSrv - ok
22:03:13.0734 3648 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:03:13.0796 3648 clr_optimization_v2.0.50727_32 - ok
22:03:13.0828 3648 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:03:13.0890 3648 clr_optimization_v4.0.30319_32 - ok
22:03:13.0906 3648 CmdIde - ok
22:03:13.0937 3648 [ FD40439BB258B9AA9AD314BF5948EF46 ] cmpci C:\WINDOWS\system32\drivers\cmaudio.sys
22:03:14.0031 3648 cmpci - ok
22:03:14.0046 3648 COMSysApp - ok
22:03:14.0062 3648 Cpqarray - ok
22:03:14.0093 3648 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
22:03:14.0234 3648 CryptSvc - ok
22:03:14.0234 3648 dac2w2k - ok
22:03:14.0250 3648 dac960nt - ok
22:03:14.0281 3648 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
22:03:14.0359 3648 DcomLaunch - ok
22:03:14.0390 3648 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
22:03:14.0531 3648 Dhcp - ok
22:03:14.0562 3648 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
22:03:14.0703 3648 Disk - ok
22:03:14.0703 3648 dmadmin - ok
22:03:14.0796 3648 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
22:03:15.0093 3648 dmboot - ok
22:03:15.0093 3648 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys
22:03:15.0234 3648 dmio - ok
22:03:15.0265 3648 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
22:03:15.0406 3648 dmload - ok
22:03:15.0437 3648 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll
22:03:15.0578 3648 dmserver - ok
22:03:15.0609 3648 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
22:03:15.0718 3648 DMusic - ok
22:03:15.0765 3648 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
22:03:15.0890 3648 Dnscache - ok
22:03:15.0921 3648 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
22:03:16.0046 3648 Dot3svc - ok
22:03:16.0062 3648 dpti2o - ok
22:03:16.0093 3648 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
22:03:16.0218 3648 drmkaud - ok
22:03:16.0218 3648 EagleXNt - ok
22:03:16.0250 3648 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll
22:03:16.0406 3648 EapHost - ok
22:03:16.0437 3648 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll
22:03:16.0578 3648 ERSvc - ok
22:03:16.0625 3648 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe
22:03:16.0671 3648 Eventlog - ok
22:03:16.0734 3648 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\System32\es.dll
22:03:16.0796 3648 EventSystem - ok
22:03:16.0843 3648 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
22:03:16.0984 3648 Fastfat - ok
22:03:17.0015 3648 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
22:03:17.0109 3648 FastUserSwitchingCompatibility - ok
22:03:17.0125 3648 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
22:03:17.0250 3648 Fdc - ok
22:03:17.0281 3648 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
22:03:17.0406 3648 Fips - ok
22:03:17.0453 3648 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
22:03:17.0578 3648 Flpydisk - ok
22:03:17.0625 3648 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
22:03:17.0750 3648 FltMgr - ok
22:03:17.0796 3648 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
22:03:17.0812 3648 FontCache3.0.0.0 - ok
22:03:17.0828 3648 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:03:17.0953 3648 Fs_Rec - ok
22:03:17.0968 3648 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
22:03:18.0093 3648 Ftdisk - ok
22:03:18.0140 3648 [ 065639773D8B03F33577F6CDAEA21063 ] gameenum C:\WINDOWS\system32\DRIVERS\gameenum.sys
22:03:18.0250 3648 gameenum - ok
22:03:18.0281 3648 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
22:03:18.0421 3648 Gpc - ok
22:03:18.0468 3648 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
22:03:18.0484 3648 gusvc - ok
22:03:18.0531 3648 [ FC7DCDEF8F17D3C5DECC880673EA5BD5 ] hcwPVRP2 C:\WINDOWS\system32\DRIVERS\hcwPVRP2.sys
22:03:18.0640 3648 hcwPVRP2 - ok
22:03:18.0734 3648 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
22:03:18.0859 3648 helpsvc - ok
22:03:18.0906 3648 [ B35DA85E60C0103F2E4104532DA2F12B ] HidServ C:\WINDOWS\System32\hidserv.dll
22:03:19.0031 3648 HidServ - ok
22:03:19.0062 3648 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
22:03:19.0187 3648 hidusb - ok
22:03:19.0250 3648 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
22:03:19.0375 3648 hkmsvc - ok
22:03:19.0375 3648 hpn - ok
22:03:19.0421 3648 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
22:03:19.0453 3648 HTTP - ok
22:03:19.0484 3648 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
22:03:19.0640 3648 HTTPFilter - ok
22:03:19.0640 3648 i2omgmt - ok
22:03:19.0656 3648 i2omp - ok
22:03:19.0671 3648 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
22:03:19.0796 3648 i8042prt - ok
22:03:19.0859 3648 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
22:03:19.0906 3648 IDriverT ( UnsignedFile.Multi.Generic ) - warning
22:03:19.0906 3648 IDriverT - detected UnsignedFile.Multi.Generic (1)
22:03:19.0984 3648 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:03:20.0031 3648 idsvc - ok
22:03:20.0062 3648 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
22:03:20.0187 3648 Imapi - ok
22:03:20.0218 3648 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe
22:03:20.0359 3648 ImapiService - ok
22:03:20.0375 3648 ini910u - ok
22:03:20.0390 3648 IntelIde - ok
22:03:20.0421 3648 [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
22:03:20.0562 3648 intelppm - ok
22:03:20.0593 3648 [ F7C534DEF663B4E847E44F20927F5ED2 ] IOPort C:\WINDOWS\system32\DRIVERS\IOPORT.SYS
22:03:20.0609 3648 IOPort ( UnsignedFile.Multi.Generic ) - warning
22:03:20.0609 3648 IOPort - detected UnsignedFile.Multi.Generic (1)
22:03:20.0625 3648 [ 3BB22519A194418D5FEC05D800A19AD0 ] ip6fw C:\WINDOWS\system32\drivers\ip6fw.sys
22:03:20.0765 3648 ip6fw - ok
22:03:20.0796 3648 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:03:20.0921 3648 IpFilterDriver - ok
22:03:20.0937 3648 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
22:03:21.0062 3648 IpInIp - ok
22:03:21.0078 3648 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
22:03:21.0218 3648 IpNat - ok
22:03:21.0234 3648 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
22:03:21.0359 3648 IPSec - ok
22:03:21.0390 3648 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
22:03:21.0500 3648 IRENUM - ok
22:03:21.0531 3648 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
22:03:21.0656 3648 isapnp - ok
22:03:21.0671 3648 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
22:03:21.0796 3648 Kbdclass - ok
22:03:21.0796 3648 [ B6D6C117D771C98130497265F26D1882 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
22:03:21.0937 3648 kbdhid - ok
22:03:21.0953 3648 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
22:03:22.0093 3648 kmixer - ok
22:03:22.0125 3648 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
22:03:22.0187 3648 KSecDD - ok
22:03:22.0234 3648 [ 2BBDCB79900990F0716DFCB714E72DE7 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
22:03:22.0296 3648 lanmanserver - ok
22:03:22.0343 3648 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
22:03:22.0421 3648 lanmanworkstation - ok
22:03:22.0453 3648 [ B7C19EC8B0DD7EFA58AD41FFEB8B8CDA ] Lbd C:\WINDOWS\system32\DRIVERS\Lbd.sys
22:03:22.0468 3648 Lbd - ok
22:03:22.0468 3648 lbrtfdc - ok
22:03:22.0515 3648 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
22:03:22.0656 3648 LmHosts - ok
22:03:22.0687 3648 [ 500D089CE760D83DA2B6CBA681AA9949 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
22:03:22.0703 3648 MBAMProtector - ok
22:03:22.0781 3648 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
22:03:22.0796 3648 MBAMScheduler - ok
22:03:22.0843 3648 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
22:03:22.0875 3648 MBAMService - ok
22:03:22.0890 3648 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll
22:03:23.0015 3648 Messenger - ok
22:03:23.0062 3648 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
22:03:23.0187 3648 mnmdd - ok
22:03:23.0218 3648 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\System32\mnmsrvc.exe
22:03:23.0359 3648 mnmsrvc - ok
22:03:23.0406 3648 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
22:03:23.0546 3648 Modem - ok
22:03:23.0578 3648 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
22:03:23.0703 3648 Mouclass - ok
22:03:23.0750 3648 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
22:03:23.0875 3648 mouhid - ok
22:03:23.0890 3648 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
22:03:24.0000 3648 MountMgr - ok
22:03:24.0031 3648 [ DAE3C509F33059BC4D48A8925F476FB4 ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
22:03:24.0046 3648 MozillaMaintenance - ok
22:03:24.0062 3648 mraid35x - ok
22:03:24.0078 3648 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
22:03:24.0203 3648 MRxDAV - ok
22:03:24.0250 3648 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:03:24.0328 3648 MRxSmb - ok
22:03:24.0359 3648 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\System32\msdtc.exe
22:03:24.0500 3648 MSDTC - ok
22:03:24.0531 3648 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
22:03:24.0656 3648 Msfs - ok
22:03:24.0656 3648 MSIServer - ok
22:03:24.0687 3648 [ 85736F804191CB420A31ACA2A7F0674F ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:03:24.0718 3648 MSKSSRV - ok
22:03:24.0750 3648 [ E943ADB93D83C5CBC0CA3F53F53B48CC ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:03:24.0796 3648 MSPCLOCK - ok
22:03:24.0828 3648 [ F6A726B8832DB1F88326B8BE98B11981 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
22:03:24.0890 3648 MSPQM - ok
22:03:24.0921 3648 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
22:03:25.0031 3648 mssmbios - ok
22:03:25.0046 3648 [ D5059366B361F0E1124753447AF08AA2 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
22:03:25.0093 3648 MSTEE - ok
22:03:25.0109 3648 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
22:03:25.0140 3648 Mup - ok
22:03:25.0156 3648 [ AC31B352CE5E92704056D409834BEB74 ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
22:03:25.0187 3648 NABTSFEC - ok
22:03:25.0218 3648 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll
22:03:25.0375 3648 napagent - ok
22:03:25.0390 3648 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
22:03:25.0515 3648 NDIS - ok
22:03:25.0546 3648 [ ABD7629CF2796250F315C1DD0B6CF7A0 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
22:03:25.0578 3648 NdisIP - ok
22:03:25.0625 3648 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:03:25.0703 3648 NdisTapi - ok
22:03:25.0734 3648 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:03:25.0859 3648 Ndisuio - ok
22:03:25.0875 3648 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:03:25.0984 3648 NdisWan - ok
22:03:26.0015 3648 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
22:03:26.0046 3648 NDProxy - ok
22:03:26.0078 3648 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
22:03:26.0203 3648 NetBIOS - ok
22:03:26.0234 3648 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
22:03:26.0359 3648 NetBT - ok
22:03:26.0406 3648 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe
22:03:26.0531 3648 NetDDE - ok
22:03:26.0546 3648 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
22:03:26.0671 3648 NetDDEdsdm - ok
22:03:26.0703 3648 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe
22:03:26.0843 3648 Netlogon - ok
22:03:26.0890 3648 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll
22:03:27.0031 3648 Netman - ok
22:03:27.0078 3648 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:03:27.0140 3648 NetTcpPortSharing - ok
22:03:27.0171 3648 [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla C:\WINDOWS\System32\mswsock.dll
22:03:27.0234 3648 Nla - ok
22:03:27.0281 3648 [ 7AEA4DF1CA68FD45DD4BBE1F0243CE7F ] NMSAccess C:\Programme\CDBurnerXP\NMSAccessU.exe
22:03:27.0281 3648 NMSAccess - ok
22:03:27.0328 3648 [ B48DC6ABCD3AEFF8618350CCBDC6B09A ] NPF C:\WINDOWS\system32\drivers\npf.sys
22:03:27.0359 3648 NPF - ok
22:03:27.0375 3648 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
22:03:27.0484 3648 Npfs - ok
22:03:27.0531 3648 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
22:03:27.0703 3648 Ntfs - ok
22:03:27.0703 3648 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\System32\lsass.exe
22:03:27.0828 3648 NtLmSsp - ok
22:03:27.0875 3648 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
22:03:28.0046 3648 NtmsSvc - ok
22:03:28.0078 3648 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
22:03:28.0203 3648 Null - ok
22:03:28.0218 3648 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
22:03:28.0375 3648 NwlnkFlt - ok
22:03:28.0406 3648 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
22:03:28.0515 3648 NwlnkFwd - ok
22:03:28.0546 3648 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
22:03:28.0671 3648 Parport - ok
22:03:28.0687 3648 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
22:03:28.0812 3648 PartMgr - ok
22:03:28.0843 3648 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
22:03:28.0984 3648 ParVdm - ok
22:03:29.0000 3648 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
22:03:29.0125 3648 PCI - ok
22:03:29.0140 3648 PCIDump - ok
22:03:29.0156 3648 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
22:03:29.0281 3648 PCIIde - ok
22:03:29.0312 3648 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
22:03:29.0437 3648 Pcmcia - ok
22:03:29.0453 3648 PDCOMP - ok
22:03:29.0453 3648 PDFRAME - ok
22:03:29.0468 3648 PDRELI - ok
22:03:29.0484 3648 PDRFRAME - ok
22:03:29.0484 3648 perc2 - ok
22:03:29.0500 3648 perc2hib - ok
22:03:29.0531 3648 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe
22:03:29.0562 3648 PlugPlay - ok
22:03:29.0578 3648 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
22:03:29.0703 3648 PolicyAgent - ok
22:03:29.0718 3648 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
22:03:29.0843 3648 PptpMiniport - ok
22:03:29.0859 3648 [ 2CB55427C58679F49AD600FCCBA76360 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
22:03:29.0968 3648 Processor - ok
22:03:29.0984 3648 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
22:03:30.0093 3648 ProtectedStorage - ok
22:03:30.0109 3648 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
22:03:30.0234 3648 PSched - ok
22:03:30.0250 3648 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
22:03:30.0390 3648 Ptilink - ok
22:03:30.0437 3648 [ 153D02480A0A2F45785522E814C634B6 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
22:03:30.0453 3648 PxHelp20 - ok
22:03:30.0453 3648 ql1080 - ok
22:03:30.0468 3648 Ql10wnt - ok
22:03:30.0484 3648 ql12160 - ok
22:03:30.0484 3648 ql1240 - ok
22:03:30.0500 3648 ql1280 - ok
22:03:30.0515 3648 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:03:30.0640 3648 RasAcd - ok
22:03:30.0687 3648 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll
22:03:30.0812 3648 RasAuto - ok
22:03:30.0812 3648 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
22:03:30.0937 3648 Rasl2tp - ok
22:03:30.0984 3648 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll
22:03:31.0125 3648 RasMan - ok
22:03:31.0125 3648 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:03:31.0250 3648 RasPppoe - ok
22:03:31.0281 3648 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
22:03:31.0421 3648 Raspti - ok
22:03:31.0437 3648 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:03:31.0546 3648 Rdbss - ok
22:03:31.0562 3648 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
22:03:31.0687 3648 RDPCDD - ok
22:03:31.0718 3648 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
22:03:31.0843 3648 rdpdr - ok
22:03:31.0890 3648 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
22:03:31.0968 3648 RDPWD - ok
22:03:32.0015 3648 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
22:03:32.0156 3648 RDSessMgr - ok
22:03:32.0171 3648 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
22:03:32.0281 3648 redbook - ok
22:03:32.0312 3648 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
22:03:32.0453 3648 RemoteAccess - ok
22:03:32.0484 3648 [ E4CD1F3D84E1C2CA0B8CF7501E201593 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
22:03:32.0625 3648 RemoteRegistry - ok
22:03:32.0671 3648 [ B60F58F175DE20A6739194E85B035178 ] rpcapd C:\Programme\WinPcap\rpcapd.exe
22:03:32.0687 3648 rpcapd - ok
22:03:32.0703 3648 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\System32\locator.exe
22:03:32.0843 3648 RpcLocator - ok
22:03:32.0859 3648 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs C:\WINDOWS\System32\rpcss.dll
22:03:32.0906 3648 RpcSs - ok
22:03:32.0937 3648 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\System32\rsvp.exe
22:03:33.0078 3648 RSVP - ok
22:03:33.0093 3648 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe
22:03:33.0218 3648 SamSs - ok
22:03:33.0250 3648 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
22:03:33.0390 3648 SCardSvr - ok
22:03:33.0437 3648 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll
22:03:33.0562 3648 Schedule - ok
22:03:33.0593 3648 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
22:03:33.0703 3648 Secdrv - ok
22:03:33.0750 3648 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll
22:03:33.0875 3648 seclogon - ok
22:03:33.0890 3648 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll
22:03:34.0015 3648 SENS - ok
22:03:34.0046 3648 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
22:03:34.0171 3648 serenum - ok
22:03:34.0203 3648 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
22:03:34.0328 3648 Serial - ok
22:03:34.0375 3648 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
22:03:34.0500 3648 Sfloppy - ok
22:03:34.0546 3648 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
22:03:34.0687 3648 SharedAccess - ok
22:03:34.0718 3648 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
22:03:34.0750 3648 ShellHWDetection - ok
22:03:34.0796 3648 [ 4AABD176758CDBCFB834A72BD01CD02F ] silabenm C:\WINDOWS\system32\DRIVERS\silabenm.sys
22:03:34.0812 3648 silabenm ( UnsignedFile.Multi.Generic ) - warning
22:03:34.0812 3648 silabenm - detected UnsignedFile.Multi.Generic (1)
22:03:34.0859 3648 [ F5460535EDE7ADEB0721BC56587554EA ] silabser C:\WINDOWS\system32\DRIVERS\silabser.sys
22:03:34.0875 3648 silabser ( UnsignedFile.Multi.Generic ) - warning
22:03:34.0875 3648 silabser - detected UnsignedFile.Multi.Generic (1)
22:03:34.0890 3648 Simbad - ok
22:03:34.0906 3648 [ 1FFC44D6787EC1EA9A2B1440A90FA5C1 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
22:03:34.0921 3648 SLIP - ok
22:03:34.0953 3648 Sparrow - ok
22:03:34.0984 3648 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
22:03:35.0109 3648 splitter - ok
22:03:35.0140 3648 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
22:03:35.0171 3648 Spooler - ok
22:03:35.0218 3648 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
22:03:35.0328 3648 sr - ok
22:03:35.0375 3648 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll
22:03:35.0515 3648 srservice - ok
22:03:35.0546 3648 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
22:03:35.0593 3648 Srv - ok
22:03:35.0640 3648 [ 64E44ACD8C238FCBBB78F0BA4BDC4B05 ] ssadbus C:\WINDOWS\system32\DRIVERS\ssadbus.sys
22:03:35.0703 3648 ssadbus - ok
22:03:35.0718 3648 [ BB2C84A15C765DA89FD832B0E73F26CE ] ssadmdfl C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys
22:03:35.0734 3648 ssadmdfl - ok
22:03:35.0750 3648 [ 6D0D132DDC6F43EDA00DCED6D8B1CA31 ] ssadmdm C:\WINDOWS\system32\DRIVERS\ssadmdm.sys
22:03:35.0781 3648 ssadmdm - ok
22:03:35.0812 3648 [ 1A5A397BC459F346AB56492B61EF79F6 ] ssadserd C:\WINDOWS\system32\DRIVERS\ssadserd.sys
22:03:35.0843 3648 ssadserd - ok
22:03:35.0890 3648 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
22:03:36.0031 3648 SSDPSRV - ok
22:03:36.0062 3648 [ E57B778208C783D8DEBAB320C16A1B82 ] StarOpen C:\WINDOWS\system32\drivers\StarOpen.sys
22:03:36.0078 3648 StarOpen ( UnsignedFile.Multi.Generic ) - warning
22:03:36.0078 3648 StarOpen - detected UnsignedFile.Multi.Generic (1)
22:03:36.0125 3648 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll
22:03:36.0281 3648 stisvc - ok
22:03:36.0328 3648 [ A9F9FD0212E572B84EDB9EB661F6BC04 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
22:03:36.0343 3648 streamip - ok
22:03:36.0390 3648 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
22:03:36.0515 3648 swenum - ok
22:03:36.0531 3648 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
22:03:36.0640 3648 swmidi - ok
22:03:36.0656 3648 SwPrv - ok
22:03:36.0671 3648 symc810 - ok
22:03:36.0671 3648 symc8xx - ok
22:03:36.0687 3648 sym_hi - ok
22:03:36.0687 3648 sym_u3 - ok
22:03:36.0718 3648 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
22:03:36.0843 3648 sysaudio - ok
22:03:36.0890 3648 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
22:03:37.0031 3648 SysmonLog - ok
22:03:37.0062 3648 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
22:03:37.0203 3648 TapiSrv - ok
22:03:37.0250 3648 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:03:37.0296 3648 Tcpip - ok
22:03:37.0328 3648 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
22:03:37.0437 3648 TDPIPE - ok
22:03:37.0468 3648 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
22:03:37.0578 3648 TDTCP - ok
22:03:37.0625 3648 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
22:03:37.0750 3648 TermDD - ok
22:03:37.0765 3648 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll
22:03:37.0906 3648 TermService - ok
22:03:37.0921 3648 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll
22:03:37.0953 3648 Themes - ok
22:03:38.0000 3648 [ 03681A1CE77F51586903869A5AB1DEAB ] TlntSvr C:\WINDOWS\System32\tlntsvr.exe
22:03:38.0125 3648 TlntSvr - ok
22:03:38.0140 3648 TosIde - ok
22:03:38.0156 3648 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll
22:03:38.0281 3648 TrkWks - ok
22:03:38.0312 3648 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
22:03:38.0437 3648 Udfs - ok
22:03:38.0453 3648 ultra - ok
22:03:38.0484 3648 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
22:03:38.0625 3648 Update - ok
22:03:38.0656 3648 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll
22:03:38.0796 3648 upnphost - ok
22:03:38.0812 3648 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe
22:03:38.0937 3648 UPS - ok
22:03:38.0968 3648 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
22:03:39.0093 3648 usbaudio - ok
22:03:39.0140 3648 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
22:03:39.0265 3648 usbccgp - ok
22:03:39.0296 3648 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
22:03:39.0406 3648 usbehci - ok
22:03:39.0421 3648 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
22:03:39.0546 3648 usbhub - ok
22:03:39.0593 3648 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
22:03:39.0718 3648 usbprint - ok
22:03:39.0765 3648 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
22:03:39.0890 3648 usbscan - ok
22:03:39.0906 3648 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
22:03:40.0046 3648 USBSTOR - ok
22:03:40.0078 3648 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
22:03:40.0203 3648 usbuhci - ok
22:03:40.0265 3648 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
22:03:40.0375 3648 usbvideo - ok
22:03:40.0421 3648 [ 8AFFFDA081CFF3057391FEDBBB483601 ] UTSCSI C:\WINDOWS\system32\UTSCSI.EXE
22:03:40.0437 3648 UTSCSI ( UnsignedFile.Multi.Generic ) - warning
22:03:40.0437 3648 UTSCSI - detected UnsignedFile.Multi.Generic (1)
22:03:40.0468 3648 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
22:03:40.0593 3648 VgaSave - ok
22:03:40.0609 3648 ViaIde - ok
22:03:40.0656 3648 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
22:03:40.0781 3648 VolSnap - ok
22:03:40.0796 3648 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe
22:03:40.0937 3648 VSS - ok
22:03:40.0968 3648 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll
22:03:41.0109 3648 W32Time - ok
22:03:41.0218 3648 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:03:41.0375 3648 Wanarp - ok
22:03:41.0421 3648 [ BBCFEAB7E871CDDAC2D397EE7FA91FDC ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
22:03:41.0468 3648 Wdf01000 - ok
22:03:41.0468 3648 WDICA - ok
22:03:41.0500 3648 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
22:03:41.0625 3648 wdmaud - ok
22:03:41.0640 3648 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll
22:03:41.0765 3648 WebClient - ok
22:03:41.0843 3648 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
22:03:41.0968 3648 winmgmt - ok
22:03:42.0031 3648 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
22:03:42.0078 3648 WmdmPmSN - ok
22:03:42.0109 3648 [ FFA4D901D46D07A5BAB2D8307FBB51A6 ] Wmi C:\WINDOWS\System32\advapi32.dll
22:03:42.0187 3648 Wmi - ok
22:03:42.0218 3648 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\System32\wbem\wmiapsrv.exe
22:03:42.0375 3648 WmiApSrv - ok
22:03:42.0390 3648 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
22:03:42.0406 3648 WpdUsb - ok
22:03:42.0484 3648 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
22:03:42.0531 3648 WPFFontCache_v0400 - ok
22:03:42.0562 3648 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
22:03:42.0687 3648 WS2IFSL - ok
22:03:42.0734 3648 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINDOWS\system32\wscsvc.dll
22:03:42.0875 3648 wscsvc - ok
22:03:42.0890 3648 [ 233CDD1C06942115802EB7CE6669E099 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
22:03:42.0906 3648 WSTCODEC - ok
22:03:42.0953 3648 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
22:03:43.0093 3648 wuauserv - ok
22:03:43.0125 3648 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
22:03:43.0156 3648 WudfPf - ok
22:03:43.0171 3648 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
22:03:43.0187 3648 WudfRd - ok
22:03:43.0218 3648 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
22:03:43.0265 3648 WudfSvc - ok
22:03:43.0312 3648 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
22:03:43.0500 3648 WZCSVC - ok
22:03:43.0531 3648 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
22:03:43.0687 3648 xmlprov - ok
22:03:43.0703 3648 ================ Scan global ===============================
22:03:43.0734 3648 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
22:03:43.0765 3648 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
22:03:43.0796 3648 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
22:03:43.0828 3648 [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe
22:03:43.0828 3648 [Global] - ok
22:03:43.0843 3648 ================ Scan MBR ==================================
22:03:43.0859 3648 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
22:03:44.0093 3648 \Device\Harddisk0\DR0 - ok
22:03:44.0093 3648 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR2
22:03:44.0265 3648 \Device\Harddisk1\DR2 - ok
22:03:44.0265 3648 ================ Scan VBR ==================================
22:03:44.0265 3648 [ D964B52BD354518261E5B697C98E79D1 ] \Device\Harddisk0\DR0\Partition1
22:03:44.0265 3648 \Device\Harddisk0\DR0\Partition1 - ok
22:03:44.0281 3648 [ F17264F44C7DBECAC0FD14C51ED6F082 ] \Device\Harddisk1\DR2\Partition1
22:03:44.0281 3648 \Device\Harddisk1\DR2\Partition1 - ok
22:03:44.0281 3648 ============================================================
22:03:44.0281 3648 Scan finished
22:03:44.0281 3648 ============================================================
22:03:44.0390 3640 Detected object count: 7
22:03:44.0390 3640 Actual detected object count: 7
22:04:00.0015 3640 cdrbsdrv ( UnsignedFile.Multi.Generic ) - skipped by user
22:04:00.0015 3640 cdrbsdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:04:00.0015 3640 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
22:04:00.0015 3640 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:04:00.0031 3640 IOPort ( UnsignedFile.Multi.Generic ) - skipped by user
22:04:00.0031 3640 IOPort ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:04:00.0031 3640 silabenm ( UnsignedFile.Multi.Generic ) - skipped by user
22:04:00.0031 3640 silabenm ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:04:00.0031 3640 silabser ( UnsignedFile.Multi.Generic ) - skipped by user
22:04:00.0031 3640 silabser ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:04:00.0031 3640 StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
22:04:00.0031 3640 StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:04:00.0031 3640 UTSCSI ( UnsignedFile.Multi.Generic ) - skipped by user
22:04:00.0031 3640 UTSCSI ( UnsignedFile.Multi.Generic ) - User select action: Skip
anbei noch das Ergebnis eines nächtlichen ESET Online Scan: C:\Programme\PDFCreator\Toolbar\pdfforge Toolbar_setup.exe Win32/Toolbar.Widgi Anwendung Gesäubert durch Löschen - in Quarantäne kopiert C:\System Volume Information\_restore{BE8EECC4-C1BB-45D6-8C2A-F88C1C98C680}\RP7\A0001239.exe Win32/Toolbar.Widgi Anwendung Gesäubert durch Löschen - in Quarantäne kopiert C:\TDSSKiller_Quarantine\13.11.2012_21.53.22\tdlfs0000\tsk0003.dta Variante von Win32/Olmarik.ADZ Trojaner Gesäubert durch Löschen - in Quarantäne kopiert C:\TDSSKiller_Quarantine\13.11.2012_21.53.22\tdlfs0000\tsk0004.dta möglicherweise Variante von Win32/Agent.FJFPNNI Trojaner Gesäubert durch Löschen - in Quarantäne kopiert Thomas ... und Malewarebytes Code:
ATTFilter Malwarebytes Anti-Malware 1.65.1.1000 www.malwarebytes.org Database version: v2012.11.14.01 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Admin :: AIRBORNE1 [administrator] 14.11.2012 06:00:19 mbam-log-2012-11-14 (06-00-19).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P Scan options disabled: Objects scanned: 242923 Time elapsed: 4 minute(s), 9 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) |
| Themen zu Trojan.Generic.6760809 im Receycler und System Volume Information |
| 7-zip, ad-aware, adobe, antivirus, application/pdf:, avast, bho, einstellungen, error, explorer, firefox, firewall, flash player, ftp, google, helper, icreinstall, index, intranet, logfile, mozilla, panda usb vaccine, pdfforge toolbar, plug-in, prozess, registry, rundll, security, software, system, temp, tracker, trojan.generic., udp, virus, virus total, win32/installcore.d, windows internet |
Baum-Darstellung