| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Dateien versteckt/unsichtbar wegen Virus?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
15.11.2012, 20:13
| #1 |
 |  Dateien versteckt/unsichtbar wegen Virus? Hallo zusammen  Ich habe folgendes Problem und ich hoffe ihr könnt mir weiterhelfen: Ich habe meinen MP3-Player an meinen Laptop angeschlossen und plötzlich wurde nichts mehr von mir angezeigt. Dafür waren aber neue Anwendungen da, die Namen hatten wie „sexy“ und „porn“. Ich weiß nicht wie das passieren konnte. Bei links-klick und Eigenschaften konnte ich sehen, dass meine Dateien noch auf dem MP3-Player vorhanden waren, nur unsichtbar. Das mit den komischen Dateien geschah auch mit meinen 2 USB-Sticks. Danach habe ich sie formatiert und alles war in Ordnung. Meinen Mp3-Player will ich aber nicht formatieren. Ich habe einen Virenscanner drüberlaufen lassen. Und der hat auch etwas gefunden, was ich dann auch gelöscht habe. Meine Lieder blieben aber trotzdem unsichtbar. Also habe ich bei Extras-->Ordneroptienen--> Ansicht dort dann die nötigen Häkchen aktiviert/deaktiviert nach folgender Anleitung: http://www.trojaner-board.de/59624-a...-sichtbar.html Ich habe ebenfalls unhide.exe initiiert. Dort kam dann jedoch eine Fehlermeldung. Dies waren die Ergebnisse (mein MP3-Player ist Laufwerk E): Unhide by Lawrence Abrams (Grinler) hxxp://www.bleepingcomputer.com/ Copyright 2008-2012 BleepingComputer.com More Information about Unhide.exe can be found at this link: hxxp://www.bleepingcomputer.com/forums/topic405109.html Program started at: 11/14/2012 02:04:05 PM Windows Version: Windows XP Please be patient while your files are made visible again. Processing the C:\ drive Finished processing the C:\ drive. 176439 files processed. Processing the E:\ drive Finished processing the E:\ drive. 2617 files processed. Processing the I:\ drive Finished processing the I:\ drive. 0 files processed. Processing the L:\ drive Finished processing the L:\ drive. 0 files processed. The C:\DOKUME~1\HP\LOKALE~1\Temp\smtmp\ folder does not exist!! Unhide cannot restore your missing shortcuts!! Please see this topic in order to learn how to restore default Start Menu shortcuts: hxxp://www.bleepingcomputer.com/forums/topic405109.html Searching for Windows Registry changes made by FakeHDD rogues. - Checking HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer - Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced No registry changes detected. Restarting Explorer.exe in order to apply changes. Program finished at: 11/14/2012 02:13:18 PM Execution time: 0 hours(s), 9 minute(s), and 17 seconds(s) Danach waren zwar meine Ordner und Lieder wieder da, aber nicht komplett sichtbar sondern halb sichtbar. Ich weiß nicht wie ich das beschreiben soll. Wie ein Geist wisst ihr?  Ich hoffe ihr könnt mir weiterhelfen Ich habe folgende Antivierenprogramme: Microsoft Security Essentials und Malwarebytes' Anti-Malware LG JuanCa |
|
17.11.2012, 22:37
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Dateien versteckt/unsichtbar wegen Virus? Hallo und
__________________ Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Note: Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread. Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards. Zitat:
__________________ |
|
19.11.2012, 15:03
| #3 |
| | Dateien versteckt/unsichtbar wegen Virus? Vielen Dank, dass du dich so schnell melden konntest und tut mir Leid, dass ich mich erst jetzt wieder melde, ich war am Wochenende beschäftigt.
__________________Also hier die Log-file von Mawarebyte (Hier wird keine Infektion aufgezeigt aber ich bin mir sicher, dass bei dem Scan damals etwas gefunden wurde) : Code:
ATTFilter Malwarebytes Anti-Malware 1.65.1.1000 www.malwarebytes.org Datenbank Version: v2012.10.23.04 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 HP :: NOTEBOOK-HP [Administrator] 14.11.2012 01:39:08 mbam-log-2012-11-14 (01-39-08).txt Art des Suchlaufs: Benutzerdefinierter Suchlauf (E:\|) Aktivierte Suchlaufeinstellungen: Dateisystem | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Heuristiks/Extra | P2P Durchsuchte Objekte: 2428 Laufzeit: 2 Minute(n), 10 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Hier nochmal die Ergebnisse von Unhide in Code-Tags: Code:
ATTFilter Unhide by Lawrence Abrams (Grinler)
hxxp://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Unhide.exe can be found at this link:
hxxp://www.bleepingcomputer.com/forums/topic405109.html
Program started at: 11/14/2012 02:04:05 PM
Windows Version: Windows XP
Please be patient while your files are made visible again.
Processing the C:\ drive
Finished processing the C:\ drive. 176439 files processed.
Processing the E:\ drive
Finished processing the E:\ drive. 2617 files processed.
Processing the I:\ drive
Finished processing the I:\ drive. 0 files processed.
Processing the L:\ drive
Finished processing the L:\ drive. 0 files processed.
The C:\DOKUME~1\HP\LOKALE~1\Temp\smtmp\ folder does not exist!!
Unhide cannot restore your missing shortcuts!!
Please see this topic in order to learn how to restore default
Start Menu shortcuts: hxxp://www.bleepingcomputer.com/forums/topic405109.html
Searching for Windows Registry changes made by FakeHDD rogues.
- Checking HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
- Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
No registry changes detected.
Restarting Explorer.exe in order to apply changes.
Program finished at: 11/14/2012 02:13:18 PM
Execution time: 0 hours(s), 9 minute(s), and 17 seconds(s)
|
|
19.11.2012, 15:32
| #4 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Dateien versteckt/unsichtbar wegen Virus?Zitat:
Du solltest alle Logs mit Funden posten, nur ein Log von Malwarebytes ohne Funde ist ja dann reichlich sinnfrei Außerdem was soll das, dass du das Log von unhide nochmal postest?! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.11.2012, 13:38
| #5 |
| | Dateien versteckt/unsichtbar wegen Virus? Tut mir Leid. Code:
ATTFilter Malwarebytes Anti-Malware 1.65.1.1000 www.malwarebytes.org Datenbank Version: v2012.10.23.04 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 HP :: NOTEBOOK-HP [Administrator] 26.10.2012 14:10:29 mbam-log-2012-10-26 (14-10-29).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 181093 Laufzeit: 10 Minute(n), 22 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 8 HKCR\CLSID\{25927741-5E5B-4D27-8D8B-9188FE64373F} (PUP.SearchYa) -> Keine Aktion durchgeführt. HKCR\ironsource.searchyaHlpr.1 (PUP.SearchYa) -> Keine Aktion durchgeführt. HKCR\ironsource.searchyaHlpr (PUP.SearchYa) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25927741-5E5B-4D27-8D8B-9188FE64373F} (PUP.SearchYa) -> Keine Aktion durchgeführt. HKCR\CLSID\{33AA308B-B565-4376-AC66-59EE9B6AD13E} (PUP.SearchYa) -> Keine Aktion durchgeführt. HKCR\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} (PUP.SearchYa) -> Keine Aktion durchgeführt. HKCR\ironsource.searchyadskBnd.1 (PUP.SearchYa) -> Keine Aktion durchgeführt. HKCR\ironsource.searchyadskBnd (PUP.SearchYa) -> Keine Aktion durchgeführt. Infizierte Registrierungswerte: 2 HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{33AA308B-B565-4376-AC66-59EE9B6AD13E} (PUP.SearchYa) -> Daten: SearchYa Toolbar -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{33AA308B-B565-4376-AC66-59EE9B6AD13E} (PUP.SearchYa) -> Daten: -> Keine Aktion durchgeführt. Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 2 C:\Programme\SearchYa!\1.5.25.0\bh\searchya.dll (PUP.SearchYa) -> Keine Aktion durchgeführt. C:\Programme\SearchYa!\1.5.25.0\searchyaTlbr.dll (PUP.SearchYa) -> Keine Aktion durchgeführt. (Ende) Code:
ATTFilter Malwarebytes Anti-Malware 1.65.1.1000 www.malwarebytes.org Datenbank Version: v2012.10.23.04 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 HP :: NOTEBOOK-HP [Administrator] 26.10.2012 14:27:37 mbam-log-2012-10-26 (14-27-37).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 181054 Laufzeit: 5 Minute(n), 44 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 8 HKCR\CLSID\{25927741-5E5B-4D27-8D8B-9188FE64373F} (PUP.SearchYa) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\ironsource.searchyaHlpr.1 (PUP.SearchYa) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\ironsource.searchyaHlpr (PUP.SearchYa) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25927741-5E5B-4D27-8D8B-9188FE64373F} (PUP.SearchYa) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\CLSID\{33AA308B-B565-4376-AC66-59EE9B6AD13E} (PUP.SearchYa) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} (PUP.SearchYa) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\ironsource.searchyadskBnd.1 (PUP.SearchYa) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\ironsource.searchyadskBnd (PUP.SearchYa) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Registrierungswerte: 2 HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{33AA308B-B565-4376-AC66-59EE9B6AD13E} (PUP.SearchYa) -> Daten: SearchYa Toolbar -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{33AA308B-B565-4376-AC66-59EE9B6AD13E} (PUP.SearchYa) -> Daten: -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 2 C:\Programme\SearchYa!\1.5.25.0\bh\searchya.dll (PUP.SearchYa) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Programme\SearchYa!\1.5.25.0\searchyaTlbr.dll (PUP.SearchYa) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Code:
ATTFilter Malwarebytes Anti-Malware 1.65.1.1000 www.malwarebytes.org Datenbank Version: v2012.10.23.04 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 HP :: NOTEBOOK-HP [Administrator] 31.10.2012 09:24:15 mbam-log-2012-10-31 (09-24-15).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 350573 Laufzeit: 2 Stunde(n), 43 Minute(n), 15 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) |
|
21.11.2012, 16:26
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Dateien versteckt/unsichtbar wegen Virus? Bitte nun Logs mit GMER (<<< klick für Anleitung) und aswMBR (Anleitung etwas weiter unten) erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim zweiten Mal nicht will, lass es einfach weg und führ nur aswMBR aus. aswMBR-Download => aswMBR.exe - speichere die Datei auf deinem Desktop.
Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ --> Dateien versteckt/unsichtbar wegen Virus? |
|
23.11.2012, 14:57
| #7 |
| | Dateien versteckt/unsichtbar wegen Virus? Also, hier die Logfile von Gmer: Code:
ATTFilter GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-11-23 08:22:56
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4 HTS541060G9AT00 rev.MB3OA60A
Running: o745me70.exe; Driver: C:\DOKUME~1\HP\LOKALE~1\Temp\kwroikow.sys
---- System - GMER 1.0.15 ----
INT 0x62 ? 86599CC8
INT 0x63 ? 860EBF00
INT 0x94 ? 860EBF00
INT 0xA4 ? 860EBF00
INT 0xB1 ? 862B4CC8
INT 0xB1 ? 862B4CC8
INT 0xB1 ? 862B4CC8
---- Kernel code sections - GMER 1.0.15 ----
.sptd1 C:\WINDOWS\system32\drivers\sptd.sys entry point in ".sptd1" section [0xF746C346]
.text USBPORT.SYS!DllUnload F6FBE8AC 5 Bytes JMP 860EB410
.text avboikii.SYS!A0DB34FC6FE35D429A28ADDE5467D4D7 F6CD5CA0 48 Bytes [78, 5F, 18, D3, 5A, 4E, C9, ...]
? C:\WINDOWS\System32\Drivers\avboikii.SYS suspicious PE modification
.text aiuh1wpb.SYS!A0DB34FC6FE35D429A28ADDE5467D4D7 F6C7B900 48 Bytes [2A, 1B, 6B, 45, CA, AD, 9F, ...]
? C:\WINDOWS\System32\Drivers\aiuh1wpb.SYS suspicious PE modification
---- Kernel IAT/EAT - GMER 1.0.15 ----
IAT \WINDOWS\System32\Drivers\PCIIDEX.SYS[HAL.dll!WRITE_PORT_ULONG] [F7372232] sptd.sys (SCSI Pass Through Direct Host/Duplex Secure Ltd.)
IAT \WINDOWS\System32\Drivers\PCIIDEX.SYS[HAL.dll!READ_PORT_UCHAR] [F7371730] sptd.sys (SCSI Pass Through Direct Host/Duplex Secure Ltd.)
IAT \WINDOWS\System32\Drivers\PCIIDEX.SYS[HAL.dll!WRITE_PORT_UCHAR] [F7371F12] sptd.sys (SCSI Pass Through Direct Host/Duplex Secure Ltd.)
IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [F7371730] sptd.sys (SCSI Pass Through Direct Host/Duplex Secure Ltd.)
IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [F7371914] sptd.sys (SCSI Pass Through Direct Host/Duplex Secure Ltd.)
IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [F7371856] sptd.sys (SCSI Pass Through Direct Host/Duplex Secure Ltd.)
IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [F73720F0] sptd.sys (SCSI Pass Through Direct Host/Duplex Secure Ltd.)
IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [F7371F12] sptd.sys (SCSI Pass Through Direct Host/Duplex Secure Ltd.)
IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [F7385F1E] sptd.sys (SCSI Pass Through Direct Host/Duplex Secure Ltd.)
---- Devices - GMER 1.0.15 ----
Device 865981F8
Device Ntfs.sys (NT File System Driver/Microsoft Corporation)
Device 86221430
Device Fastfat.SYS (Fast FAT File System Driver/Microsoft Corporation)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 EABFiltr.sys (QLB PS/2 Keyboard filter driver/Hewlett-Packard Company)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 EABFiltr.sys (QLB PS/2 Keyboard filter driver/Hewlett-Packard Company)
Device \Driver\PCI_PNP6904 \Device\00000050 sptd.sys (SCSI Pass Through Direct Host/Duplex Secure Ltd.)
Device \Driver\usbuhci \Device\USBPDO-0 860E1430
Device \Driver\PCI_PNP6904 \Device\00000051 sptd.sys (SCSI Pass Through Direct Host/Duplex Secure Ltd.)
Device \Driver\NetBT \Device\NetBT_Tcpip_{6CCFE584-E4DE-4548-A11B-D68B4500A499} 85C2B1F8
Device \Driver\usbuhci \Device\USBPDO-1 860E1430
Device \Driver\usbuhci \Device\USBPDO-2 860E1430
Device \Driver\usbuhci \Device\USBPDO-3 860E1430
Device \Driver\usbehci \Device\USBPDO-4 860D6430
Device \Driver\Cdrom \Device\CdRom0 860FD430
Device \Driver\atapi \Device\Ide\IdePort0 [F72BDB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 [F72BDB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c [F72BDB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\Cdrom \Device\CdRom1 860FD430
Device \Driver\Cdrom \Device\CdRom2 860FD430
Device \Driver\Cdrom \Device\CdRom3 860FD430
Device \Driver\Cdrom \Device\CdRom4 860FD430
Device \Driver\usbstor \Device\000000a9 85B2C1F8
Device \Driver\NetBT \Device\NetBt_Wins_Export 85C2B1F8
Device \Driver\NetBT \Device\NetbiosSmb 85C2B1F8
Device \Driver\PCI_PNP6904 \Device\0000004f sptd.sys (SCSI Pass Through Direct Host/Duplex Secure Ltd.)
Device \Driver\usbstor \Device\000000aa 85B2C1F8
Device \Driver\usbstor \Device\000000ab 85B2C1F8
Device \Driver\usbuhci \Device\USBFDO-0 860E1430
Device \Driver\usbuhci \Device\USBFDO-1 860E1430
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 85C121F8
Device \Driver\usbuhci \Device\USBFDO-2 860E1430
Device \Driver\usbuhci \Device\USBFDO-3 860E1430
Device 85C121F8
Device \Driver\usbehci \Device\USBFDO-4 860D6430
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port1Path0Target0Lun0 860D7430
Device \Driver\aiuh1wpb \Device\Scsi\aiuh1wpb1Port2Path0Target1Lun0 860DA430
Device \Driver\avboikii \Device\Scsi\avboikii1Port3Path0Target0Lun0 862A11F8
Device \Driver\aiuh1wpb \Device\Scsi\aiuh1wpb1Port2Path0Target0Lun0 860DA430
Device \Driver\avboikii \Device\Scsi\avboikii1 862A11F8
Device \Driver\dtscsi \Device\Scsi\dtscsi1 860D7430
Device \Driver\aiuh1wpb \Device\Scsi\aiuh1wpb1 860DA430
AttachedDevice fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
Device \FileSystem\Cdfs \Cdfs 85C0E1F8
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Programme\Alcohol Soft\Alcohol 120\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x4C 0xB1 0x82 0x14 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0xA0 0x02 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x97 0x07 0xB4 0xBE ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0xCE 0xF7 0x33 0xE4 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Programme\DAEMON Tools Pro\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 2
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x0B 0x4F 0x63 0x20 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0xA0 0x02 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x49 0x99 0xE0 0x64 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x39 0xF5 0x60 0x25 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0x99 0x1A 0x12 0x04 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Programme\DAEMON Tools\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xFB 0x9F 0x96 0xA2 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x7A 0xB9 0x52 0xF5 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x59 0x53 0x5B 0x38 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Programme\Alcohol Soft\Alcohol 120\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 1
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x4C 0xB1 0x82 0x14 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0xA0 0x02 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x97 0x07 0xB4 0xBE ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0xCE 0xF7 0x33 0xE4 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Programme\DAEMON Tools Pro\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 2
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x0B 0x4F 0x63 0x20 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0xA0 0x02 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x49 0x99 0xE0 0x64 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x39 0xF5 0x60 0x25 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0x99 0x1A 0x12 0x04 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Programme\DAEMON Tools\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xFB 0x9F 0x96 0xA2 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x7A 0xB9 0x52 0xF5 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x59 0x53 0x5B 0x38 ...
---- Files - GMER 1.0.15 ----
File C:\Dokumente und Einstellungen\HP\Cookies\9UA47GEL.txt 0 bytes
---- EOF - GMER 1.0.15 ----
Code:
ATTFilter aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-11-23 13:38:57
-----------------------------
13:38:57.218 OS Version: Windows 5.1.2600 Service Pack 3
13:38:57.218 Number of processors: 1 586 0xD08
13:38:57.218 ComputerName: NOTEBOOK-HP UserName: HP
13:38:57.937 Initialize success
14:34:56.921 AVAST engine defs: 12112300
14:36:12.046 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4
14:36:12.062 Disk 0 Vendor: HTS541060G9AT00 MB3OA60A Size: 57231MB BusType: 3
14:36:12.078 Disk 0 MBR read successfully
14:36:12.078 Disk 0 MBR scan
14:36:13.390 Disk 0 Windows XP default MBR code
14:36:13.406 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 57224 MB offset 63
14:36:14.640 Disk 0 scanning sectors +117195120
14:36:15.343 Disk 0 scanning C:\WINDOWS\system32\drivers
14:37:07.312 Service scanning
14:37:38.609 Service MpKslf8a477da c:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\{5615334B-8742-48CB-872D-E666E3705853}\MpKslf8a477da.sys **LOCKED** 32
14:38:12.296 Modules scanning
14:38:26.781 Disk 0 trace - called modules:
14:38:26.812 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys sptd.sys intelide.sys PCIIDEX.SYS
14:38:26.812 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86511ab8]
14:38:26.812 3 CLASSPNP.SYS[f75e7fd7] -> nt!IofCallDriver -> \Device\00000085[0x8654c3b8]
14:38:26.812 5 ACPI.sys[f7346620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-4[0x8654ad98]
14:38:29.109 AVAST engine scan C:\
14:41:06.625 Disk 0 MBR has been saved successfully to "C:\Dokumente und Einstellungen\HP\Desktop\MBR.dat"
14:41:06.640 The log file has been saved successfully to "C:\Dokumente und Einstellungen\HP\Desktop\aswMBR.txt"
Ich hatte jetzt das gleiche Problem mit meinem USB-Stick. Ich kann den Screenshot irgendwie nicht hochladen... Das sind aber die Dateien die sich auf dem Stick dann befanden: autorun.inf guuglu.exe Passwords.exe Porn.exe Secret.exe Sexy.exe x.mpeg |
|
23.11.2012, 15:48
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Dateien versteckt/unsichtbar wegen Virus? Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehlalarm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
26.11.2012, 03:06
| #9 |
| | Dateien versteckt/unsichtbar wegen Virus?Code:
ATTFilter 03:02:25.0359 0232 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
03:02:27.0265 0232 ============================================================
03:02:27.0265 0232 Current date / time: 2012/11/26 03:02:27.0265
03:02:27.0265 0232 SystemInfo:
03:02:27.0265 0232
03:02:27.0265 0232 OS Version: 5.1.2600 ServicePack: 3.0
03:02:27.0265 0232 Product type: Workstation
03:02:27.0265 0232 ComputerName: NOTEBOOK-HP
03:02:27.0265 0232 UserName: HP
03:02:27.0265 0232 Windows directory: C:\WINDOWS
03:02:27.0265 0232 System windows directory: C:\WINDOWS
03:02:27.0265 0232 Processor architecture: Intel x86
03:02:27.0265 0232 Number of processors: 1
03:02:27.0265 0232 Page size: 0x1000
03:02:27.0265 0232 Boot type: Normal boot
03:02:27.0265 0232 ============================================================
03:02:30.0453 0232 Drive \Device\Harddisk0\DR0 - Size: 0xDF8F90000 (55.89 Gb), SectorSize: 0x200, Cylinders: 0x1E48, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054
03:02:30.0468 0232 ============================================================
03:02:30.0468 0232 \Device\Harddisk0\DR0:
03:02:30.0468 0232 MBR partitions:
03:02:30.0468 0232 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x6FC4131
03:02:30.0468 0232 ============================================================
03:02:30.0484 0232 C: <-> \Device\Harddisk0\DR0\Partition1
03:02:30.0484 0232 ============================================================
03:02:30.0484 0232 Initialize success
03:02:30.0484 0232 ============================================================
03:02:47.0187 3744 ============================================================
03:02:47.0187 3744 Scan started
03:02:47.0187 3744 Mode: Manual; SigCheck; TDLFS;
03:02:47.0187 3744 ============================================================
03:02:47.0906 3744 ================ Scan system memory ========================
03:02:47.0921 3744 System memory - ok
03:02:47.0921 3744 ================ Scan services =============================
03:02:48.0031 3744 Abiosdsk - ok
03:02:48.0031 3744 abp480n5 - ok
03:02:48.0078 3744 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
03:02:48.0562 3744 ACPI - ok
03:02:48.0593 3744 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
03:02:48.0781 3744 ACPIEC - ok
03:02:48.0875 3744 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
03:02:48.0890 3744 AdobeFlashPlayerUpdateSvc - ok
03:02:48.0906 3744 adpu160m - ok
03:02:48.0937 3744 [ AD707942E4CCB28D77CEE5ED989C9E55 ] aeaudio C:\WINDOWS\system32\drivers\aeaudio.sys
03:02:49.0062 3744 aeaudio - ok
03:02:49.0093 3744 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
03:02:49.0296 3744 aec - ok
03:02:49.0328 3744 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
03:02:49.0468 3744 AFD - ok
03:02:49.0531 3744 [ 029E01CB2938BEC5AF31BF47B6AF0159 ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys
03:02:49.0703 3744 AgereSoftModem - ok
03:02:49.0718 3744 Aha154x - ok
03:02:49.0718 3744 aic78u2 - ok
03:02:49.0734 3744 aic78xx - ok
03:02:49.0750 3744 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll
03:02:49.0921 3744 Alerter - ok
03:02:49.0937 3744 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe
03:02:50.0062 3744 ALG - ok
03:02:50.0062 3744 AliIde - ok
03:02:50.0078 3744 amsint - ok
03:02:50.0125 3744 [ D45960BE52C3C610D361977057F98C54 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
03:02:50.0281 3744 AppMgmt - ok
03:02:50.0312 3744 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
03:02:50.0562 3744 Arp1394 - ok
03:02:50.0562 3744 asc - ok
03:02:50.0562 3744 asc3350p - ok
03:02:50.0578 3744 asc3550 - ok
03:02:50.0671 3744 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
03:02:50.0765 3744 aspnet_state - ok
03:02:50.0781 3744 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
03:02:51.0125 3744 AsyncMac - ok
03:02:51.0156 3744 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
03:02:51.0296 3744 atapi - ok
03:02:51.0296 3744 Atdisk - ok
03:02:51.0328 3744 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
03:02:51.0515 3744 Atmarpc - ok
03:02:51.0562 3744 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
03:02:51.0687 3744 AudioSrv - ok
03:02:51.0718 3744 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
03:02:51.0875 3744 audstub - ok
03:02:51.0937 3744 [ 7692F4B242E45870873CAF4CB85CF769 ] AxAutoMntSrv C:\Programme\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
03:02:51.0953 3744 AxAutoMntSrv - ok
03:02:52.0015 3744 [ 2DC524A5D9C4879E7A7CB7100A2D36B4 ] b57w2k C:\WINDOWS\system32\DRIVERS\b57xp32.sys
03:02:52.0171 3744 b57w2k - ok
03:02:52.0218 3744 [ 114234FAFEC7060392195170E1C4D45E ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
03:02:52.0296 3744 BCM43XX - ok
03:02:52.0328 3744 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
03:02:52.0500 3744 Beep - ok
03:02:52.0562 3744 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll
03:02:52.0843 3744 BITS - ok
03:02:52.0921 3744 [ B71549F23736ADF83A571061C47777FD ] Browser C:\WINDOWS\System32\browser.dll
03:02:53.0015 3744 Browser - ok
03:02:53.0062 3744 [ E34852EB7EBCF7B975C2C2EF9380D423 ] btaudio C:\WINDOWS\system32\drivers\btaudio.sys
03:02:53.0171 3744 btaudio ( UnsignedFile.Multi.Generic ) - warning
03:02:53.0171 3744 btaudio - detected UnsignedFile.Multi.Generic (1)
03:02:53.0187 3744 [ B708677240FDF23CCE5A26F904A1AE43 ] BTDriver C:\WINDOWS\system32\DRIVERS\btport.sys
03:02:53.0250 3744 BTDriver ( UnsignedFile.Multi.Generic ) - warning
03:02:53.0250 3744 BTDriver - detected UnsignedFile.Multi.Generic (1)
03:02:53.0343 3744 [ 5C3807E7768023A1229C73296758A361 ] BTKRNL C:\WINDOWS\system32\DRIVERS\btkrnl.sys
03:02:53.0500 3744 BTKRNL ( UnsignedFile.Multi.Generic ) - warning
03:02:53.0500 3744 BTKRNL - detected UnsignedFile.Multi.Generic (1)
03:02:53.0562 3744 [ 8DAA4A637BBD904CB3244DD2FAEF2AD1 ] btwdins C:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe
03:02:53.0640 3744 btwdins ( UnsignedFile.Multi.Generic ) - warning
03:02:53.0640 3744 btwdins - detected UnsignedFile.Multi.Generic (1)
03:02:53.0687 3744 [ B8BBC117FDB528227702637DE468BE72 ] BTWDNDIS C:\WINDOWS\system32\DRIVERS\btwdndis.sys
03:02:53.0796 3744 BTWDNDIS ( UnsignedFile.Multi.Generic ) - warning
03:02:53.0796 3744 BTWDNDIS - detected UnsignedFile.Multi.Generic (1)
03:02:53.0843 3744 [ 7024E11DAB9410B31A37547575249DD7 ] BTWUSB C:\WINDOWS\system32\Drivers\btwusb.sys
03:02:53.0953 3744 BTWUSB ( UnsignedFile.Multi.Generic ) - warning
03:02:53.0953 3744 BTWUSB - detected UnsignedFile.Multi.Generic (1)
03:02:54.0000 3744 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
03:02:54.0328 3744 cbidf2k - ok
03:02:54.0328 3744 cd20xrnt - ok
03:02:54.0359 3744 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
03:02:54.0546 3744 Cdaudio - ok
03:02:54.0578 3744 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
03:02:54.0781 3744 Cdfs - ok
03:02:54.0828 3744 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
03:02:55.0015 3744 Cdrom - ok
03:02:55.0031 3744 Changer - ok
03:02:55.0109 3744 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe
03:02:55.0296 3744 CiSvc - ok
03:02:55.0328 3744 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
03:02:55.0531 3744 ClipSrv - ok
03:02:55.0625 3744 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
03:02:55.0750 3744 clr_optimization_v2.0.50727_32 - ok
03:02:55.0781 3744 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
03:02:55.0953 3744 CmBatt - ok
03:02:55.0953 3744 CmdIde - ok
03:02:55.0968 3744 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
03:02:56.0125 3744 Compbatt - ok
03:02:56.0125 3744 COMSysApp - ok
03:02:56.0140 3744 Cpqarray - ok
03:02:56.0156 3744 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
03:02:56.0312 3744 CryptSvc - ok
03:02:56.0312 3744 dac2w2k - ok
03:02:56.0312 3744 dac960nt - ok
03:02:56.0437 3744 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
03:02:56.0531 3744 DcomLaunch - ok
03:02:56.0578 3744 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
03:02:56.0703 3744 Dhcp - ok
03:02:56.0718 3744 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
03:02:56.0875 3744 Disk - ok
03:02:56.0890 3744 dmadmin - ok
03:02:56.0953 3744 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
03:02:57.0187 3744 dmboot - ok
03:02:57.0203 3744 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys
03:02:57.0406 3744 dmio - ok
03:02:57.0437 3744 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
03:02:57.0625 3744 dmload - ok
03:02:57.0703 3744 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll
03:02:57.0859 3744 dmserver - ok
03:02:57.0906 3744 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
03:02:58.0078 3744 DMusic - ok
03:02:58.0156 3744 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
03:02:58.0218 3744 Dnscache - ok
03:02:58.0265 3744 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
03:02:58.0421 3744 Dot3svc - ok
03:02:58.0437 3744 dpti2o - ok
03:02:58.0437 3744 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
03:02:58.0593 3744 drmkaud - ok
03:02:58.0640 3744 [ 12ACA694B50EA53563C1E7C99E7BB27D ] dtscsi C:\WINDOWS\System32\Drivers\dtscsi.sys
03:02:58.0718 3744 dtscsi - ok
03:02:58.0750 3744 [ 81B7808D3B5892388F33273119C2DC31 ] eabfiltr C:\WINDOWS\system32\drivers\EABFiltr.sys
03:02:58.0796 3744 eabfiltr ( UnsignedFile.Multi.Generic ) - warning
03:02:58.0796 3744 eabfiltr - detected UnsignedFile.Multi.Generic (1)
03:02:58.0828 3744 [ 1BA14DA377B66278335D4B9E8824CD42 ] eabusb C:\WINDOWS\system32\drivers\eabusb.sys
03:02:58.0859 3744 eabusb ( UnsignedFile.Multi.Generic ) - warning
03:02:58.0859 3744 eabusb - detected UnsignedFile.Multi.Generic (1)
03:02:58.0890 3744 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll
03:02:59.0078 3744 EapHost - ok
03:02:59.0093 3744 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll
03:02:59.0281 3744 ERSvc - ok
03:02:59.0328 3744 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe
03:02:59.0359 3744 Eventlog - ok
03:02:59.0406 3744 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\system32\es.dll
03:02:59.0453 3744 EventSystem - ok
03:02:59.0515 3744 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
03:02:59.0765 3744 Fastfat - ok
03:02:59.0828 3744 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
03:02:59.0890 3744 FastUserSwitchingCompatibility - ok
03:02:59.0906 3744 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
03:03:00.0171 3744 Fdc - ok
03:03:00.0203 3744 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
03:03:00.0453 3744 Fips - ok
03:03:00.0593 3744 [ BB0667B0171B632B97EA759515476F07 ] FLEXnet Licensing Service C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
03:03:00.0843 3744 FLEXnet Licensing Service - ok
03:03:00.0859 3744 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
03:03:01.0109 3744 Flpydisk - ok
03:03:01.0187 3744 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
03:03:01.0421 3744 FltMgr - ok
03:03:01.0484 3744 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
03:03:01.0562 3744 FontCache3.0.0.0 - ok
03:03:01.0578 3744 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
03:03:01.0875 3744 Fs_Rec - ok
03:03:01.0875 3744 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
03:03:02.0125 3744 Ftdisk - ok
03:03:02.0140 3744 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
03:03:02.0328 3744 Gpc - ok
03:03:02.0406 3744 [ CA835331825599B938E37525796D3549 ] GTIPCI21 C:\WINDOWS\system32\DRIVERS\gtipci21.sys
03:03:02.0515 3744 GTIPCI21 - ok
03:03:02.0765 3744 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
03:03:02.0906 3744 helpsvc - ok
03:03:02.0906 3744 HidServ - ok
03:03:02.0937 3744 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
03:03:03.0156 3744 HidUsb - ok
03:03:03.0203 3744 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
03:03:03.0375 3744 hkmsvc - ok
03:03:03.0390 3744 hpn - ok
03:03:03.0421 3744 [ 61556FA814F907BCED618B64DA66212A ] hpqwmi C:\Programme\HPQ\SHARED\HPQWMI.exe
03:03:03.0500 3744 hpqwmi ( UnsignedFile.Multi.Generic ) - warning
03:03:03.0500 3744 hpqwmi - detected UnsignedFile.Multi.Generic (1)
03:03:03.0546 3744 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
03:03:03.0593 3744 HTTP - ok
03:03:03.0640 3744 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
03:03:03.0812 3744 HTTPFilter - ok
03:03:03.0812 3744 i2omgmt - ok
03:03:03.0828 3744 i2omp - ok
03:03:03.0906 3744 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
03:03:04.0093 3744 i8042prt - ok
03:03:04.0203 3744 [ 9E52A1C2E2D7660612C52BC282259852 ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
03:03:04.0421 3744 ialm - ok
03:03:04.0531 3744 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
03:03:04.0796 3744 idsvc - ok
03:03:04.0812 3744 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
03:03:05.0062 3744 Imapi - ok
03:03:05.0109 3744 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe
03:03:05.0281 3744 ImapiService - ok
03:03:05.0296 3744 ini910u - ok
03:03:05.0312 3744 [ 69C4E3C9E67A1F103B94E14FDD5F3213 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
03:03:05.0484 3744 IntelIde - ok
03:03:05.0531 3744 [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
03:03:05.0656 3744 intelppm - ok
03:03:05.0671 3744 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
03:03:05.0843 3744 Ip6Fw - ok
03:03:05.0875 3744 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
03:03:06.0015 3744 IpFilterDriver - ok
03:03:06.0031 3744 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
03:03:06.0203 3744 IpInIp - ok
03:03:06.0234 3744 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
03:03:06.0375 3744 IpNat - ok
03:03:06.0406 3744 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
03:03:06.0609 3744 IPSec - ok
03:03:06.0718 3744 [ ACA5E7B54409F9CB5EED97ED0C81120E ] irda C:\WINDOWS\system32\DRIVERS\irda.sys
03:03:06.0812 3744 irda - ok
03:03:06.0859 3744 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
03:03:06.0937 3744 IRENUM - ok
03:03:06.0953 3744 [ 2EFE1DB1EC58A26B0C14BFDA122E246F ] Irmon C:\WINDOWS\System32\irmon.dll
03:03:07.0015 3744 Irmon - ok
03:03:07.0062 3744 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
03:03:07.0250 3744 isapnp - ok
03:03:07.0281 3744 [ 2F03CEB28307983F3B36216D35FFA5AA ] ISODrive C:\Programme\UltraISO\drivers\ISODrive.sys
03:03:07.0406 3744 ISODrive - ok
03:03:07.0468 3744 [ B591E761161D1EF547D76EF236EAA6A5 ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe
03:03:07.0484 3744 JavaQuickStarterService - ok
03:03:07.0500 3744 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
03:03:07.0703 3744 Kbdclass - ok
03:03:07.0796 3744 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
03:03:07.0968 3744 kmixer - ok
03:03:08.0000 3744 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
03:03:08.0250 3744 KSecDD - ok
03:03:08.0281 3744 [ 2BBDCB79900990F0716DFCB714E72DE7 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
03:03:08.0343 3744 LanmanServer - ok
03:03:08.0390 3744 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
03:03:08.0421 3744 lanmanworkstation - ok
03:03:08.0437 3744 lbrtfdc - ok
03:03:08.0468 3744 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
03:03:08.0656 3744 LmHosts - ok
03:03:08.0703 3744 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll
03:03:08.0953 3744 Messenger - ok
03:03:09.0031 3744 Microsoft SharePoint Workspace Audit Service - ok
03:03:09.0046 3744 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
03:03:09.0281 3744 mnmdd - ok
03:03:09.0312 3744 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
03:03:09.0593 3744 mnmsrvc - ok
03:03:09.0687 3744 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
03:03:09.0890 3744 Modem - ok
03:03:09.0906 3744 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
03:03:10.0156 3744 Mouclass - ok
03:03:10.0203 3744 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
03:03:10.0390 3744 mouhid - ok
03:03:10.0437 3744 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
03:03:10.0593 3744 MountMgr - ok
03:03:10.0703 3744 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
03:03:10.0812 3744 MozillaMaintenance - ok
03:03:10.0828 3744 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys
03:03:10.0921 3744 MpFilter - ok
03:03:11.0062 3744 [ A69630D039C38018689190234F866D77 ] MpKsl273cf8ae c:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\{C2B98449-ECDF-44CF-B76D-BDAADCE31445}\MpKsl273cf8ae.sys
03:03:11.0078 3744 MpKsl273cf8ae - ok
03:03:11.0093 3744 mraid35x - ok
03:03:11.0140 3744 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
03:03:11.0343 3744 MRxDAV - ok
03:03:11.0437 3744 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
03:03:11.0562 3744 MRxSmb - ok
03:03:11.0593 3744 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\system32\msdtc.exe
03:03:11.0734 3744 MSDTC - ok
03:03:11.0750 3744 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
03:03:11.0984 3744 Msfs - ok
03:03:11.0984 3744 MSIServer - ok
03:03:12.0093 3744 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
03:03:12.0265 3744 MSKSSRV - ok
03:03:12.0328 3744 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc c:\Programme\Microsoft Security Client\MsMpEng.exe
03:03:12.0343 3744 MsMpSvc - ok
03:03:12.0359 3744 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
03:03:12.0500 3744 MSPCLOCK - ok
03:03:12.0500 3744 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
03:03:12.0687 3744 MSPQM - ok
03:03:12.0812 3744 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
03:03:12.0937 3744 mssmbios - ok
03:03:12.0953 3744 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
03:03:13.0031 3744 Mup - ok
03:03:13.0062 3744 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll
03:03:13.0312 3744 napagent - ok
03:03:13.0375 3744 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
03:03:13.0609 3744 NDIS - ok
03:03:13.0671 3744 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
03:03:13.0734 3744 NdisTapi - ok
03:03:13.0781 3744 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
03:03:13.0984 3744 Ndisuio - ok
03:03:14.0078 3744 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
03:03:14.0312 3744 NdisWan - ok
03:03:14.0375 3744 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
03:03:14.0515 3744 NDProxy - ok
03:03:14.0546 3744 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
03:03:14.0765 3744 NetBIOS - ok
03:03:14.0796 3744 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
03:03:14.0968 3744 NetBT - ok
03:03:15.0031 3744 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe
03:03:15.0281 3744 NetDDE - ok
03:03:15.0296 3744 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
03:03:15.0421 3744 NetDDEdsdm - ok
03:03:15.0453 3744 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe
03:03:15.0562 3744 Netlogon - ok
03:03:15.0593 3744 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll
03:03:15.0734 3744 Netman - ok
03:03:15.0781 3744 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
03:03:15.0828 3744 NetTcpPortSharing - ok
03:03:15.0859 3744 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
03:03:16.0015 3744 NIC1394 - ok
03:03:16.0062 3744 [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla C:\WINDOWS\System32\mswsock.dll
03:03:16.0078 3744 Nla - ok
03:03:16.0093 3744 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
03:03:16.0234 3744 Npfs - ok
03:03:16.0281 3744 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
03:03:16.0468 3744 Ntfs - ok
03:03:16.0468 3744 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
03:03:16.0593 3744 NtLmSsp - ok
03:03:16.0640 3744 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
03:03:16.0843 3744 NtmsSvc - ok
03:03:16.0875 3744 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
03:03:17.0031 3744 Null - ok
03:03:17.0062 3744 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
03:03:17.0265 3744 NwlnkFlt - ok
03:03:17.0265 3744 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
03:03:17.0437 3744 NwlnkFwd - ok
03:03:17.0468 3744 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
03:03:17.0593 3744 ohci1394 - ok
03:03:17.0671 3744 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
03:03:17.0750 3744 ose - ok
03:03:18.0000 3744 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
03:03:18.0703 3744 osppsvc - ok
03:03:18.0734 3744 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
03:03:18.0937 3744 Parport - ok
03:03:18.0953 3744 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
03:03:19.0171 3744 PartMgr - ok
03:03:19.0218 3744 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
03:03:19.0390 3744 ParVdm - ok
03:03:19.0421 3744 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
03:03:19.0625 3744 PCI - ok
03:03:19.0640 3744 PCIDump - ok
03:03:19.0656 3744 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINDOWS\system32\drivers\PCIIde.sys
03:03:19.0812 3744 PCIIde - ok
03:03:19.0843 3744 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
03:03:20.0000 3744 Pcmcia - ok
03:03:20.0000 3744 PDCOMP - ok
03:03:20.0015 3744 PDFRAME - ok
03:03:20.0031 3744 PDRELI - ok
03:03:20.0031 3744 PDRFRAME - ok
03:03:20.0046 3744 perc2 - ok
03:03:20.0062 3744 perc2hib - ok
03:03:20.0171 3744 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe
03:03:20.0187 3744 PlugPlay - ok
03:03:20.0187 3744 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
03:03:20.0312 3744 PolicyAgent - ok
03:03:20.0359 3744 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
03:03:20.0515 3744 PptpMiniport - ok
03:03:20.0718 3744 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
03:03:20.0843 3744 ProtectedStorage - ok
03:03:20.0859 3744 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
03:03:21.0046 3744 PSched - ok
03:03:21.0046 3744 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
03:03:21.0234 3744 Ptilink - ok
03:03:21.0250 3744 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
03:03:21.0312 3744 PxHelp20 - ok
03:03:21.0328 3744 ql1080 - ok
03:03:21.0328 3744 Ql10wnt - ok
03:03:21.0343 3744 ql12160 - ok
03:03:21.0343 3744 ql1240 - ok
03:03:21.0359 3744 ql1280 - ok
03:03:21.0375 3744 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
03:03:21.0546 3744 RasAcd - ok
03:03:21.0578 3744 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll
03:03:21.0734 3744 RasAuto - ok
03:03:21.0765 3744 [ 0207D26DDF796A193CCD9F83047BB5FC ] Rasirda C:\WINDOWS\system32\DRIVERS\rasirda.sys
03:03:21.0890 3744 Rasirda - ok
03:03:21.0890 3744 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
03:03:22.0078 3744 Rasl2tp - ok
03:03:22.0187 3744 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll
03:03:22.0359 3744 RasMan - ok
03:03:22.0375 3744 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
03:03:22.0531 3744 RasPppoe - ok
03:03:22.0546 3744 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
03:03:22.0687 3744 Raspti - ok
03:03:22.0781 3744 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
03:03:22.0937 3744 Rdbss - ok
03:03:22.0937 3744 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
03:03:23.0109 3744 RDPCDD - ok
03:03:23.0171 3744 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
03:03:23.0312 3744 rdpdr - ok
03:03:23.0359 3744 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
03:03:23.0500 3744 RDPWD - ok
03:03:23.0546 3744 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
03:03:23.0765 3744 RDSessMgr - ok
03:03:23.0796 3744 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
03:03:24.0000 3744 redbook - ok
03:03:24.0093 3744 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
03:03:24.0312 3744 RemoteAccess - ok
03:03:24.0343 3744 [ E4CD1F3D84E1C2CA0B8CF7501E201593 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
03:03:24.0500 3744 RemoteRegistry - ok
03:03:24.0578 3744 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\system32\locator.exe
03:03:24.0843 3744 RpcLocator - ok
03:03:24.0890 3744 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs C:\WINDOWS\system32\rpcss.dll
03:03:24.0953 3744 RpcSs - ok
03:03:25.0062 3744 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\system32\rsvp.exe
03:03:25.0250 3744 RSVP - ok
03:03:25.0265 3744 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe
03:03:25.0375 3744 SamSs - ok
03:03:25.0406 3744 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
03:03:25.0546 3744 SCardSvr - ok
03:03:25.0593 3744 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll
03:03:25.0734 3744 Schedule - ok
03:03:25.0765 3744 [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys
03:03:25.0906 3744 sdbus - ok
03:03:25.0937 3744 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
03:03:26.0015 3744 Secdrv - ok
03:03:26.0046 3744 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll
03:03:26.0187 3744 seclogon - ok
03:03:26.0187 3744 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll
03:03:26.0328 3744 SENS - ok
03:03:26.0343 3744 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
03:03:26.0484 3744 serenum - ok
03:03:26.0484 3744 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
03:03:26.0703 3744 Serial - ok
03:03:26.0750 3744 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
03:03:26.0906 3744 Sfloppy - ok
03:03:26.0937 3744 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
03:03:27.0078 3744 SharedAccess - ok
03:03:27.0171 3744 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
03:03:27.0218 3744 ShellHWDetection - ok
03:03:27.0218 3744 Simbad - ok
03:03:27.0265 3744 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Programme\Skype\Updater\Updater.exe
03:03:27.0281 3744 SkypeUpdate - ok
03:03:27.0343 3744 [ D03A4CDB1B089E3F6C23501339506E5E ] SMCIRDA C:\WINDOWS\system32\DRIVERS\smcirda.sys
03:03:27.0437 3744 SMCIRDA - ok
03:03:27.0484 3744 [ 858934C454BDC6664C752BF0CD3EAEAE ] smwdm C:\WINDOWS\system32\drivers\smwdm.sys
03:03:27.0500 3744 smwdm - ok
03:03:27.0531 3744 [ 3978F082274F723AD5A0A8058C2417DD ] SoundMAX Agent Service (default) C:\Programme\Analog Devices\SoundMAX\SMAgent.exe
03:03:27.0531 3744 SoundMAX Agent Service (default) ( UnsignedFile.Multi.Generic ) - warning
03:03:27.0531 3744 SoundMAX Agent Service (default) - detected UnsignedFile.Multi.Generic (1)
03:03:27.0531 3744 Sparrow - ok
03:03:27.0562 3744 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
03:03:27.0718 3744 splitter - ok
03:03:27.0750 3744 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
03:03:27.0812 3744 Spooler - ok
03:03:27.0859 3744 [ 68103A2B441BBF3908EBB587F0704D6C ] sptd C:\WINDOWS\System32\Drivers\sptd.sys
03:03:28.0484 3744 sptd - ok
03:03:28.0500 3744 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
03:03:28.0609 3744 sr - ok
03:03:28.0625 3744 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll
03:03:28.0718 3744 srservice - ok
03:03:28.0750 3744 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
03:03:28.0781 3744 Srv - ok
03:03:28.0812 3744 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
03:03:28.0875 3744 SSDPSRV - ok
03:03:28.0906 3744 [ E5C796B621F6FBA8616511063D7F0FFE ] StarWindServiceAE C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
03:03:28.0968 3744 StarWindServiceAE ( UnsignedFile.Multi.Generic ) - warning
03:03:28.0968 3744 StarWindServiceAE - detected UnsignedFile.Multi.Generic (1)
03:03:29.0015 3744 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll
03:03:29.0187 3744 stisvc - ok
03:03:29.0218 3744 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
03:03:29.0359 3744 swenum - ok
03:03:29.0375 3744 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
03:03:29.0562 3744 swmidi - ok
03:03:29.0562 3744 SwPrv - ok
03:03:29.0578 3744 symc810 - ok
03:03:29.0578 3744 symc8xx - ok
03:03:29.0593 3744 sym_hi - ok
03:03:29.0593 3744 sym_u3 - ok
03:03:29.0671 3744 [ 0F332C0BA9B968EBC8CBB906416F8597 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
03:03:29.0750 3744 SynTP - ok
03:03:29.0781 3744 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
03:03:29.0953 3744 sysaudio - ok
03:03:29.0968 3744 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
03:03:30.0171 3744 SysmonLog - ok
03:03:30.0203 3744 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
03:03:30.0343 3744 TapiSrv - ok
03:03:30.0406 3744 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
03:03:30.0500 3744 Tcpip - ok
03:03:30.0531 3744 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
03:03:30.0671 3744 TDPIPE - ok
03:03:30.0765 3744 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
03:03:30.0937 3744 TDTCP - ok
03:03:30.0937 3744 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
03:03:31.0140 3744 TermDD - ok
03:03:31.0187 3744 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll
03:03:31.0375 3744 TermService - ok
03:03:31.0453 3744 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll
03:03:31.0468 3744 Themes - ok
03:03:31.0515 3744 [ F779BA4CD37963AB4600C9871B7752A3 ] tifm21 C:\WINDOWS\system32\drivers\tifm21.sys
03:03:31.0625 3744 tifm21 - ok
03:03:31.0656 3744 [ 03681A1CE77F51586903869A5AB1DEAB ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
03:03:31.0796 3744 TlntSvr - ok
03:03:31.0796 3744 TosIde - ok
03:03:31.0828 3744 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll
03:03:31.0984 3744 TrkWks - ok
03:03:32.0062 3744 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
03:03:32.0312 3744 Udfs - ok
03:03:32.0312 3744 ultra - ok
03:03:32.0359 3744 [ AB0A7CA90D9E3D6A193905DC1715DED0 ] UMWdf C:\WINDOWS\system32\wdfmgr.exe
03:03:32.0421 3744 UMWdf - ok
03:03:32.0468 3744 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
03:03:32.0828 3744 Update - ok
03:03:32.0875 3744 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll
03:03:33.0031 3744 upnphost - ok
03:03:33.0062 3744 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe
03:03:33.0359 3744 UPS - ok
03:03:33.0390 3744 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
03:03:33.0593 3744 usbccgp - ok
03:03:33.0625 3744 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
03:03:33.0796 3744 usbehci - ok
03:03:33.0812 3744 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
03:03:33.0984 3744 usbhub - ok
03:03:34.0015 3744 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
03:03:34.0171 3744 usbscan - ok
03:03:34.0187 3744 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
03:03:34.0343 3744 usbstor - ok
03:03:34.0359 3744 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
03:03:34.0500 3744 usbuhci - ok
03:03:34.0515 3744 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
03:03:34.0671 3744 VgaSave - ok
03:03:34.0671 3744 ViaIde - ok
03:03:34.0718 3744 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
03:03:34.0875 3744 VolSnap - ok
03:03:34.0906 3744 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe
03:03:35.0031 3744 VSS - ok
03:03:35.0062 3744 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll
03:03:35.0187 3744 W32Time - ok
03:03:35.0218 3744 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
03:03:35.0375 3744 Wanarp - ok
03:03:35.0375 3744 WDICA - ok
03:03:35.0421 3744 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
03:03:35.0593 3744 wdmaud - ok
03:03:35.0625 3744 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll
03:03:35.0765 3744 WebClient - ok
03:03:35.0875 3744 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
03:03:36.0031 3744 winmgmt - ok
03:03:36.0078 3744 [ 140EF97B64F560FD78643CAE2CDAD838 ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
03:03:36.0156 3744 WmdmPmSN - ok
03:03:36.0218 3744 [ FFA4D901D46D07A5BAB2D8307FBB51A6 ] Wmi C:\WINDOWS\System32\advapi32.dll
03:03:36.0265 3744 Wmi - ok
03:03:36.0328 3744 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
03:03:36.0515 3744 WmiAcpi - ok
03:03:36.0531 3744 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
03:03:36.0734 3744 WmiApSrv - ok
03:03:36.0781 3744 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINDOWS\system32\wscsvc.dll
03:03:37.0000 3744 wscsvc - ok
03:03:37.0078 3744 [ 06C4AC100F78FBAE5D2D2C6B3AAC7C0B ] WTGService C:\Programme\Orangenet\WTGService.exe
03:03:37.0109 3744 WTGService - ok
03:03:37.0156 3744 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
03:03:37.0359 3744 wuauserv - ok
03:03:37.0390 3744 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
03:03:37.0703 3744 WZCSVC - ok
03:03:37.0734 3744 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
03:03:37.0953 3744 xmlprov - ok
03:03:37.0984 3744 [ B31932DC33072CA98A8DBF76F866F22E ] ZTEusbMB C:\WINDOWS\system32\DRIVERS\ZTEusbnmeaext2.sys
03:03:38.0078 3744 ZTEusbMB - ok
03:03:38.0078 3744 [ B31932DC33072CA98A8DBF76F866F22E ] ZTEusbmdm6k C:\WINDOWS\system32\DRIVERS\ZTEusbmdm6k.sys
03:03:38.0156 3744 ZTEusbmdm6k - ok
03:03:38.0187 3744 [ AFFB019346A4498DAE672663FBD0B716 ] ZTEusbnet C:\WINDOWS\system32\DRIVERS\ZTEusbnet.sys
03:03:38.0250 3744 ZTEusbnet - ok
03:03:38.0281 3744 [ B31932DC33072CA98A8DBF76F866F22E ] ZTEusbnmea C:\WINDOWS\system32\DRIVERS\ZTEusbnmea.sys
03:03:38.0328 3744 ZTEusbnmea - ok
03:03:38.0343 3744 [ B31932DC33072CA98A8DBF76F866F22E ] ZTEusbnmeaext C:\WINDOWS\system32\DRIVERS\ZTEusbnmeaext.sys
03:03:38.0390 3744 ZTEusbnmeaext - ok
03:03:38.0421 3744 [ B31932DC33072CA98A8DBF76F866F22E ] ZTEusbser6k C:\WINDOWS\system32\DRIVERS\ZTEusbser6k.sys
03:03:38.0468 3744 ZTEusbser6k - ok
03:03:38.0500 3744 [ 92FDFDCAB300856AABEECB5CD130FAC2 ] ZTEWMSD_637 C:\WINDOWS\system32\Drivers\ZTEWMSD_637.sys
03:03:38.0531 3744 ZTEWMSD_637 - ok
03:03:38.0562 3744 ================ Scan global ===============================
03:03:38.0578 3744 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
03:03:38.0640 3744 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
03:03:38.0656 3744 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
03:03:38.0671 3744 [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe
03:03:38.0687 3744 [Global] - ok
03:03:38.0687 3744 ================ Scan MBR ==================================
03:03:38.0703 3744 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
03:03:38.0953 3744 \Device\Harddisk0\DR0 - ok
03:03:38.0953 3744 ================ Scan VBR ==================================
03:03:38.0953 3744 [ 36D15A6215D6455466239F3555CE373B ] \Device\Harddisk0\DR0\Partition1
03:03:38.0953 3744 \Device\Harddisk0\DR0\Partition1 - ok
03:03:38.0953 3744 ============================================================
03:03:38.0953 3744 Scan finished
03:03:38.0953 3744 ============================================================
03:03:39.0062 3752 Detected object count: 11
03:03:39.0062 3752 Actual detected object count: 11
03:03:42.0140 3752 btaudio ( UnsignedFile.Multi.Generic ) - skipped by user
03:03:42.0140 3752 btaudio ( UnsignedFile.Multi.Generic ) - User select action: Skip
03:03:42.0140 3752 BTDriver ( UnsignedFile.Multi.Generic ) - skipped by user
03:03:42.0140 3752 BTDriver ( UnsignedFile.Multi.Generic ) - User select action: Skip
03:03:42.0140 3752 BTKRNL ( UnsignedFile.Multi.Generic ) - skipped by user
03:03:42.0140 3752 BTKRNL ( UnsignedFile.Multi.Generic ) - User select action: Skip
03:03:42.0140 3752 btwdins ( UnsignedFile.Multi.Generic ) - skipped by user
03:03:42.0140 3752 btwdins ( UnsignedFile.Multi.Generic ) - User select action: Skip
03:03:42.0140 3752 BTWDNDIS ( UnsignedFile.Multi.Generic ) - skipped by user
03:03:42.0140 3752 BTWDNDIS ( UnsignedFile.Multi.Generic ) - User select action: Skip
03:03:42.0140 3752 BTWUSB ( UnsignedFile.Multi.Generic ) - skipped by user
03:03:42.0140 3752 BTWUSB ( UnsignedFile.Multi.Generic ) - User select action: Skip
03:03:42.0156 3752 eabfiltr ( UnsignedFile.Multi.Generic ) - skipped by user
03:03:42.0156 3752 eabfiltr ( UnsignedFile.Multi.Generic ) - User select action: Skip
03:03:42.0156 3752 eabusb ( UnsignedFile.Multi.Generic ) - skipped by user
03:03:42.0156 3752 eabusb ( UnsignedFile.Multi.Generic ) - User select action: Skip
03:03:42.0156 3752 hpqwmi ( UnsignedFile.Multi.Generic ) - skipped by user
03:03:42.0156 3752 hpqwmi ( UnsignedFile.Multi.Generic ) - User select action: Skip
03:03:42.0156 3752 SoundMAX Agent Service (default) ( UnsignedFile.Multi.Generic ) - skipped by user
03:03:42.0156 3752 SoundMAX Agent Service (default) ( UnsignedFile.Multi.Generic ) - User select action: Skip
03:03:42.0156 3752 StarWindServiceAE ( UnsignedFile.Multi.Generic ) - skipped by user
03:03:42.0156 3752 StarWindServiceAE ( UnsignedFile.Multi.Generic ) - User select action: Skip
03:04:04.0562 3020 ============================================================
03:04:04.0562 3020 Scan started
03:04:04.0562 3020 Mode: Manual; SigCheck; TDLFS;
03:04:04.0562 3020 ============================================================
03:04:05.0109 3020 ================ Scan system memory ========================
03:04:05.0109 3020 System memory - ok
03:04:05.0125 3020 ================ Scan services =============================
03:04:05.0234 3020 Abiosdsk - ok
03:04:05.0250 3020 abp480n5 - ok
03:04:05.0296 3020 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
03:04:05.0578 3020 ACPI - ok
03:04:05.0609 3020 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
03:04:05.0718 3020 ACPIEC - ok
03:04:05.0781 3020 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
03:04:05.0796 3020 AdobeFlashPlayerUpdateSvc - ok
03:04:05.0796 3020 adpu160m - ok
03:04:05.0843 3020 [ AD707942E4CCB28D77CEE5ED989C9E55 ] aeaudio C:\WINDOWS\system32\drivers\aeaudio.sys
03:04:05.0875 3020 aeaudio - ok
03:04:05.0906 3020 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
03:04:06.0015 3020 aec - ok
03:04:06.0062 3020 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
03:04:06.0093 3020 AFD - ok
03:04:06.0218 3020 [ 029E01CB2938BEC5AF31BF47B6AF0159 ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys
03:04:06.0296 3020 AgereSoftModem - ok
03:04:06.0312 3020 Aha154x - ok
03:04:06.0312 3020 aic78u2 - ok
03:04:06.0328 3020 aic78xx - ok
03:04:06.0406 3020 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll
03:04:06.0593 3020 Alerter - ok
03:04:06.0671 3020 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe
03:04:06.0765 3020 ALG - ok
03:04:06.0781 3020 AliIde - ok
03:04:06.0796 3020 amsint - ok
03:04:06.0828 3020 [ D45960BE52C3C610D361977057F98C54 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
03:04:06.0921 3020 AppMgmt - ok
03:04:06.0953 3020 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
03:04:07.0140 3020 Arp1394 - ok
03:04:07.0156 3020 asc - ok
03:04:07.0156 3020 asc3350p - ok
03:04:07.0171 3020 asc3550 - ok
03:04:07.0265 3020 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
03:04:07.0281 3020 aspnet_state - ok
03:04:07.0296 3020 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
03:04:07.0500 3020 AsyncMac - ok
03:04:07.0578 3020 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
03:04:07.0750 3020 atapi - ok
03:04:07.0750 3020 Atdisk - ok
03:04:07.0796 3020 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
03:04:08.0000 3020 Atmarpc - ok
03:04:08.0078 3020 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
03:04:08.0250 3020 AudioSrv - ok
03:04:08.0281 3020 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
03:04:08.0453 3020 audstub - ok
03:04:08.0515 3020 [ 7692F4B242E45870873CAF4CB85CF769 ] AxAutoMntSrv C:\Programme\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
03:04:08.0531 3020 AxAutoMntSrv - ok
03:04:08.0593 3020 [ 2DC524A5D9C4879E7A7CB7100A2D36B4 ] b57w2k C:\WINDOWS\system32\DRIVERS\b57xp32.sys
03:04:08.0625 3020 b57w2k - ok
03:04:08.0687 3020 [ 114234FAFEC7060392195170E1C4D45E ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
03:04:08.0750 3020 BCM43XX - ok
03:04:08.0781 3020 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
03:04:08.0984 3020 Beep - ok
03:04:09.0031 3020 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll
03:04:09.0281 3020 BITS - ok
03:04:09.0328 3020 [ B71549F23736ADF83A571061C47777FD ] Browser C:\WINDOWS\System32\browser.dll
03:04:09.0343 3020 Browser - ok
03:04:09.0390 3020 [ E34852EB7EBCF7B975C2C2EF9380D423 ] btaudio C:\WINDOWS\system32\drivers\btaudio.sys
03:04:09.0406 3020 btaudio ( UnsignedFile.Multi.Generic ) - warning
03:04:09.0406 3020 btaudio - detected UnsignedFile.Multi.Generic (1)
03:04:09.0437 3020 [ B708677240FDF23CCE5A26F904A1AE43 ] BTDriver C:\WINDOWS\system32\DRIVERS\btport.sys
03:04:09.0453 3020 BTDriver ( UnsignedFile.Multi.Generic ) - warning
03:04:09.0453 3020 BTDriver - detected UnsignedFile.Multi.Generic (1)
03:04:09.0531 3020 [ 5C3807E7768023A1229C73296758A361 ] BTKRNL C:\WINDOWS\system32\DRIVERS\btkrnl.sys
03:04:09.0640 3020 BTKRNL ( UnsignedFile.Multi.Generic ) - warning
03:04:09.0640 3020 BTKRNL - detected UnsignedFile.Multi.Generic (1)
03:04:09.0703 3020 [ 8DAA4A637BBD904CB3244DD2FAEF2AD1 ] btwdins C:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe
03:04:09.0703 3020 btwdins ( UnsignedFile.Multi.Generic ) - warning
03:04:09.0703 3020 btwdins - detected UnsignedFile.Multi.Generic (1)
03:04:09.0734 3020 [ B8BBC117FDB528227702637DE468BE72 ] BTWDNDIS C:\WINDOWS\system32\DRIVERS\btwdndis.sys
03:04:09.0734 3020 BTWDNDIS ( UnsignedFile.Multi.Generic ) - warning
03:04:09.0734 3020 BTWDNDIS - detected UnsignedFile.Multi.Generic (1)
03:04:09.0765 3020 [ 7024E11DAB9410B31A37547575249DD7 ] BTWUSB C:\WINDOWS\system32\Drivers\btwusb.sys
03:04:09.0781 3020 BTWUSB ( UnsignedFile.Multi.Generic ) - warning
03:04:09.0781 3020 BTWUSB - detected UnsignedFile.Multi.Generic (1)
03:04:09.0828 3020 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
03:04:10.0046 3020 cbidf2k - ok
03:04:10.0062 3020 cd20xrnt - ok
03:04:10.0078 3020 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
03:04:10.0265 3020 Cdaudio - ok
03:04:10.0312 3020 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
03:04:10.0453 3020 Cdfs - ok
03:04:10.0500 3020 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
03:04:10.0625 3020 Cdrom - ok
03:04:10.0640 3020 Changer - ok
03:04:10.0671 3020 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe
03:04:10.0781 3020 CiSvc - ok
03:04:10.0796 3020 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
03:04:10.0937 3020 ClipSrv - ok
03:04:10.0984 3020 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
03:04:11.0000 3020 clr_optimization_v2.0.50727_32 - ok
03:04:11.0046 3020 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
03:04:11.0156 3020 CmBatt - ok
03:04:11.0171 3020 CmdIde - ok
03:04:11.0171 3020 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
03:04:11.0281 3020 Compbatt - ok
03:04:11.0296 3020 COMSysApp - ok
03:04:11.0312 3020 Cpqarray - ok
03:04:11.0343 3020 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
03:04:11.0453 3020 CryptSvc - ok
03:04:11.0468 3020 dac2w2k - ok
03:04:11.0468 3020 dac960nt - ok
03:04:11.0515 3020 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
03:04:11.0546 3020 DcomLaunch - ok
03:04:11.0578 3020 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
03:04:11.0703 3020 Dhcp - ok
03:04:11.0703 3020 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
03:04:11.0828 3020 Disk - ok
03:04:11.0828 3020 dmadmin - ok
03:04:11.0921 3020 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
03:04:12.0218 3020 dmboot - ok
03:04:12.0265 3020 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys
03:04:12.0453 3020 dmio - ok
03:04:12.0468 3020 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
03:04:12.0625 3020 dmload - ok
03:04:12.0640 3020 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll
03:04:12.0765 3020 dmserver - ok
03:04:12.0781 3020 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
03:04:12.0921 3020 DMusic - ok
03:04:12.0968 3020 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
03:04:12.0984 3020 Dnscache - ok
03:04:13.0015 3020 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
03:04:13.0125 3020 Dot3svc - ok
03:04:13.0140 3020 dpti2o - ok
03:04:13.0187 3020 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
03:04:13.0296 3020 drmkaud - ok
03:04:13.0343 3020 [ 12ACA694B50EA53563C1E7C99E7BB27D ] dtscsi C:\WINDOWS\System32\Drivers\dtscsi.sys
03:04:13.0359 3020 dtscsi - ok
03:04:13.0390 3020 [ 81B7808D3B5892388F33273119C2DC31 ] eabfiltr C:\WINDOWS\system32\drivers\EABFiltr.sys
03:04:13.0390 3020 eabfiltr ( UnsignedFile.Multi.Generic ) - warning
03:04:13.0390 3020 eabfiltr - detected UnsignedFile.Multi.Generic (1)
03:04:13.0437 3020 [ 1BA14DA377B66278335D4B9E8824CD42 ] eabusb C:\WINDOWS\system32\drivers\eabusb.sys
03:04:13.0437 3020 eabusb ( UnsignedFile.Multi.Generic ) - warning
03:04:13.0437 3020 eabusb - detected UnsignedFile.Multi.Generic (1)
03:04:13.0500 3020 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll
03:04:13.0625 3020 EapHost - ok
03:04:13.0656 3020 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll
03:04:13.0796 3020 ERSvc - ok
03:04:13.0843 3020 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe
03:04:13.0859 3020 Eventlog - ok
03:04:13.0890 3020 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\system32\es.dll
03:04:13.0921 3020 EventSystem - ok
03:04:13.0984 3020 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
03:04:14.0109 3020 Fastfat - ok
03:04:14.0187 3020 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
03:04:14.0203 3020 FastUserSwitchingCompatibility - ok
03:04:14.0218 3020 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
03:04:14.0328 3020 Fdc - ok
03:04:14.0343 3020 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
03:04:14.0515 3020 Fips - ok
03:04:14.0609 3020 [ BB0667B0171B632B97EA759515476F07 ] FLEXnet Licensing Service C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
03:04:14.0656 3020 FLEXnet Licensing Service - ok
03:04:14.0656 3020 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
03:04:14.0843 3020 Flpydisk - ok
03:04:14.0890 3020 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
03:04:15.0031 3020 FltMgr - ok
03:04:15.0093 3020 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
03:04:15.0109 3020 FontCache3.0.0.0 - ok
03:04:15.0125 3020 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
03:04:15.0296 3020 Fs_Rec - ok
03:04:15.0312 3020 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
03:04:15.0453 3020 Ftdisk - ok
03:04:15.0484 3020 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
03:04:15.0609 3020 Gpc - ok
03:04:15.0640 3020 [ CA835331825599B938E37525796D3549 ] GTIPCI21 C:\WINDOWS\system32\DRIVERS\gtipci21.sys
03:04:15.0671 3020 GTIPCI21 - ok
03:04:15.0718 3020 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
03:04:15.0828 3020 helpsvc - ok
03:04:15.0843 3020 HidServ - ok
03:04:15.0875 3020 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
03:04:15.0984 3020 HidUsb - ok
03:04:16.0031 3020 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
03:04:16.0140 3020 hkmsvc - ok
03:04:16.0140 3020 hpn - ok
03:04:16.0187 3020 [ 61556FA814F907BCED618B64DA66212A ] hpqwmi C:\Programme\HPQ\SHARED\HPQWMI.exe
03:04:16.0203 3020 hpqwmi ( UnsignedFile.Multi.Generic ) - warning
03:04:16.0203 3020 hpqwmi - detected UnsignedFile.Multi.Generic (1)
03:04:16.0265 3020 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
03:04:16.0281 3020 HTTP - ok
03:04:16.0312 3020 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
03:04:16.0437 3020 HTTPFilter - ok
03:04:16.0437 3020 i2omgmt - ok
03:04:16.0453 3020 i2omp - ok
03:04:16.0468 3020 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
03:04:16.0593 3020 i8042prt - ok
03:04:16.0687 3020 [ 9E52A1C2E2D7660612C52BC282259852 ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
03:04:16.0750 3020 ialm - ok
03:04:16.0859 3020 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
03:04:16.0921 3020 idsvc - ok
03:04:16.0968 3020 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
03:04:17.0093 3020 Imapi - ok
03:04:17.0156 3020 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe
03:04:17.0359 3020 ImapiService - ok
03:04:17.0375 3020 ini910u - ok
03:04:17.0406 3020 [ 69C4E3C9E67A1F103B94E14FDD5F3213 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
03:04:17.0609 3020 IntelIde - ok
03:04:17.0656 3020 [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
03:04:17.0812 3020 intelppm - ok
03:04:17.0843 3020 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
03:04:18.0015 3020 Ip6Fw - ok
03:04:18.0062 3020 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
03:04:18.0218 3020 IpFilterDriver - ok
03:04:18.0234 3020 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
03:04:18.0406 3020 IpInIp - ok
03:04:18.0437 3020 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
03:04:18.0609 3020 IpNat - ok
03:04:18.0640 3020 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
03:04:18.0765 3020 IPSec - ok
03:04:18.0781 3020 [ ACA5E7B54409F9CB5EED97ED0C81120E ] irda C:\WINDOWS\system32\DRIVERS\irda.sys
03:04:18.0843 3020 irda - ok
03:04:18.0890 3020 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
03:04:18.0937 3020 IRENUM - ok
03:04:18.0953 3020 [ 2EFE1DB1EC58A26B0C14BFDA122E246F ] Irmon C:\WINDOWS\System32\irmon.dll
03:04:19.0015 3020 Irmon - ok
03:04:19.0031 3020 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
03:04:19.0140 3020 isapnp - ok
03:04:19.0187 3020 [ 2F03CEB28307983F3B36216D35FFA5AA ] ISODrive C:\Programme\UltraISO\drivers\ISODrive.sys
03:04:19.0203 3020 ISODrive - ok
03:04:19.0250 3020 [ B591E761161D1EF547D76EF236EAA6A5 ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe
03:04:19.0265 3020 JavaQuickStarterService - ok
03:04:19.0281 3020 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
03:04:19.0406 3020 Kbdclass - ok
03:04:19.0437 3020 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
03:04:19.0562 3020 kmixer - ok
03:04:19.0609 3020 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
03:04:19.0640 3020 KSecDD - ok
03:04:19.0687 3020 [ 2BBDCB79900990F0716DFCB714E72DE7 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
03:04:19.0703 3020 LanmanServer - ok
03:04:19.0718 3020 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
03:04:19.0734 3020 lanmanworkstation - ok
03:04:19.0734 3020 lbrtfdc - ok
03:04:19.0765 3020 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
03:04:19.0906 3020 LmHosts - ok
03:04:19.0937 3020 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll
03:04:20.0078 3020 Messenger - ok
03:04:20.0109 3020 Microsoft SharePoint Workspace Audit Service - ok
03:04:20.0156 3020 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
03:04:20.0296 3020 mnmdd - ok
03:04:20.0328 3020 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
03:04:20.0484 3020 mnmsrvc - ok
03:04:20.0515 3020 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
03:04:20.0687 3020 Modem - ok
03:04:20.0703 3020 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
03:04:20.0875 3020 Mouclass - ok
03:04:20.0921 3020 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
03:04:21.0062 3020 mouhid - ok
03:04:21.0078 3020 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
03:04:21.0203 3020 MountMgr - ok
03:04:21.0250 3020 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
03:04:21.0265 3020 MozillaMaintenance - ok
03:04:21.0312 3020 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys
03:04:21.0343 3020 MpFilter - ok
03:04:21.0484 3020 [ A69630D039C38018689190234F866D77 ] MpKsl273cf8ae c:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\{C2B98449-ECDF-44CF-B76D-BDAADCE31445}\MpKsl273cf8ae.sys
03:04:21.0500 3020 MpKsl273cf8ae - ok
03:04:21.0515 3020 mraid35x - ok
03:04:21.0531 3020 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
03:04:21.0671 3020 MRxDAV - ok
03:04:21.0718 3020 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
03:04:21.0781 3020 MRxSmb - ok
03:04:21.0828 3020 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\system32\msdtc.exe
03:04:22.0015 3020 MSDTC - ok
03:04:22.0046 3020 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
03:04:22.0234 3020 Msfs - ok
03:04:22.0234 3020 MSIServer - ok
03:04:22.0281 3020 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
03:04:22.0453 3020 MSKSSRV - ok
03:04:22.0500 3020 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc c:\Programme\Microsoft Security Client\MsMpEng.exe
03:04:22.0531 3020 MsMpSvc - ok
03:04:22.0546 3020 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
03:04:22.0703 3020 MSPCLOCK - ok
03:04:22.0718 3020 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
03:04:22.0906 3020 MSPQM - ok
03:04:22.0953 3020 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
03:04:23.0125 3020 mssmbios - ok
03:04:23.0156 3020 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
03:04:23.0187 3020 Mup - ok
03:04:23.0218 3020 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll
03:04:23.0421 3020 napagent - ok
03:04:23.0468 3020 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
03:04:23.0640 3020 NDIS - ok
03:04:23.0656 3020 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
03:04:23.0671 3020 NdisTapi - ok
03:04:23.0703 3020 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
03:04:23.0890 3020 Ndisuio - ok
03:04:23.0906 3020 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
03:04:24.0078 3020 NdisWan - ok
03:04:24.0109 3020 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
03:04:24.0140 3020 NDProxy - ok
03:04:24.0187 3020 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
03:04:24.0359 3020 NetBIOS - ok
03:04:24.0375 3020 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
03:04:24.0546 3020 NetBT - ok
03:04:24.0578 3020 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe
03:04:24.0687 3020 NetDDE - ok
03:04:24.0703 3020 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
03:04:24.0812 3020 NetDDEdsdm - ok
03:04:24.0843 3020 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe
03:04:25.0000 3020 Netlogon - ok
03:04:25.0031 3020 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll
03:04:25.0140 3020 Netman - ok
03:04:25.0187 3020 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
03:04:25.0203 3020 NetTcpPortSharing - ok
03:04:25.0234 3020 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
03:04:25.0359 3020 NIC1394 - ok
03:04:25.0390 3020 [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla C:\WINDOWS\System32\mswsock.dll
03:04:25.0437 3020 Nla - ok
03:04:25.0453 3020 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
03:04:25.0562 3020 Npfs - ok
03:04:25.0609 3020 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
03:04:25.0734 3020 Ntfs - ok
03:04:25.0750 3020 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
03:04:25.0859 3020 NtLmSsp - ok
03:04:25.0906 3020 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
03:04:26.0093 3020 NtmsSvc - ok
03:04:26.0109 3020 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
03:04:26.0218 3020 Null - ok
03:04:26.0234 3020 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
03:04:26.0375 3020 NwlnkFlt - ok
03:04:26.0375 3020 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
03:04:26.0500 3020 NwlnkFwd - ok
03:04:26.0515 3020 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
03:04:26.0640 3020 ohci1394 - ok
03:04:26.0703 3020 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
03:04:26.0718 3020 ose - ok
03:04:26.0953 3020 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
03:04:27.0218 3020 osppsvc - ok
03:04:27.0250 3020 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
03:04:27.0484 3020 Parport - ok
03:04:27.0531 3020 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
03:04:27.0687 3020 PartMgr - ok
03:04:27.0718 3020 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
03:04:27.0875 3020 ParVdm - ok
03:04:27.0906 3020 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
03:04:28.0015 3020 PCI - ok
03:04:28.0015 3020 PCIDump - ok
03:04:28.0031 3020 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINDOWS\system32\drivers\PCIIde.sys
03:04:28.0171 3020 PCIIde - ok
03:04:28.0234 3020 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
03:04:28.0359 3020 Pcmcia - ok
03:04:28.0359 3020 PDCOMP - ok
03:04:28.0375 3020 PDFRAME - ok
03:04:28.0375 3020 PDRELI - ok
03:04:28.0390 3020 PDRFRAME - ok
03:04:28.0390 3020 perc2 - ok
03:04:28.0406 3020 perc2hib - ok
03:04:28.0437 3020 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe
03:04:28.0453 3020 PlugPlay - ok
03:04:28.0468 3020 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
03:04:28.0578 3020 PolicyAgent - ok
03:04:28.0593 3020 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
03:04:28.0703 3020 PptpMiniport - ok
03:04:28.0718 3020 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
03:04:28.0828 3020 ProtectedStorage - ok
03:04:28.0843 3020 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
03:04:28.0968 3020 PSched - ok
03:04:28.0984 3020 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
03:04:29.0093 3020 Ptilink - ok
03:04:29.0125 3020 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
03:04:29.0140 3020 PxHelp20 - ok
03:04:29.0140 3020 ql1080 - ok
03:04:29.0156 3020 Ql10wnt - ok
03:04:29.0156 3020 ql12160 - ok
03:04:29.0171 3020 ql1240 - ok
03:04:29.0187 3020 ql1280 - ok
03:04:29.0203 3020 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
03:04:29.0343 3020 RasAcd - ok
03:04:29.0375 3020 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll
03:04:29.0484 3020 RasAuto - ok
03:04:29.0531 3020 [ 0207D26DDF796A193CCD9F83047BB5FC ] Rasirda C:\WINDOWS\system32\DRIVERS\rasirda.sys
03:04:29.0578 3020 Rasirda - ok
03:04:29.0593 3020 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
03:04:29.0703 3020 Rasl2tp - ok
03:04:29.0734 3020 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll
03:04:29.0875 3020 RasMan - ok
03:04:29.0890 3020 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
03:04:30.0000 3020 RasPppoe - ok
03:04:30.0015 3020 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
03:04:30.0140 3020 Raspti - ok
03:04:30.0156 3020 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
03:04:30.0281 3020 Rdbss - ok
03:04:30.0281 3020 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
03:04:30.0406 3020 RDPCDD - ok
03:04:30.0437 3020 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
03:04:30.0546 3020 rdpdr - ok
03:04:30.0593 3020 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
03:04:30.0609 3020 RDPWD - ok
03:04:30.0656 3020 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
03:04:30.0765 3020 RDSessMgr - ok
03:04:30.0796 3020 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
03:04:30.0937 3020 redbook - ok
03:04:30.0984 3020 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
03:04:31.0109 3020 RemoteAccess - ok
03:04:31.0156 3020 [ E4CD1F3D84E1C2CA0B8CF7501E201593 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
03:04:31.0281 3020 RemoteRegistry - ok
03:04:31.0328 3020 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\system32\locator.exe
03:04:31.0453 3020 RpcLocator - ok
03:04:31.0500 3020 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs C:\WINDOWS\system32\rpcss.dll
03:04:31.0515 3020 RpcSs - ok
03:04:31.0546 3020 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\system32\rsvp.exe
03:04:31.0671 3020 RSVP - ok
03:04:31.0687 3020 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe
03:04:31.0796 3020 SamSs - ok
03:04:31.0828 3020 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
03:04:31.0968 3020 SCardSvr - ok
03:04:32.0015 3020 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll
03:04:32.0156 3020 Schedule - ok
03:04:32.0187 3020 [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys
03:04:32.0296 3020 sdbus - ok
03:04:32.0328 3020 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
03:04:32.0375 3020 Secdrv - ok
03:04:32.0421 3020 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll
03:04:32.0531 3020 seclogon - ok
03:04:32.0531 3020 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll
03:04:32.0656 3020 SENS - ok
03:04:32.0671 3020 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
03:04:32.0781 3020 serenum - ok
03:04:32.0796 3020 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
03:04:32.0906 3020 Serial - ok
03:04:32.0937 3020 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
03:04:33.0062 3020 Sfloppy - ok
03:04:33.0109 3020 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
03:04:33.0234 3020 SharedAccess - ok
03:04:33.0265 3020 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
03:04:33.0281 3020 ShellHWDetection - ok
03:04:33.0281 3020 Simbad - ok
03:04:33.0328 3020 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Programme\Skype\Updater\Updater.exe
03:04:33.0343 3020 SkypeUpdate - ok
03:04:33.0343 3020 [ D03A4CDB1B089E3F6C23501339506E5E ] SMCIRDA C:\WINDOWS\system32\DRIVERS\smcirda.sys
03:04:33.0406 3020 SMCIRDA - ok
03:04:33.0484 3020 [ 858934C454BDC6664C752BF0CD3EAEAE ] smwdm C:\WINDOWS\system32\drivers\smwdm.sys
03:04:33.0500 3020 smwdm - ok
03:04:33.0531 3020 [ 3978F082274F723AD5A0A8058C2417DD ] SoundMAX Agent Service (default) C:\Programme\Analog Devices\SoundMAX\SMAgent.exe
03:04:33.0531 3020 SoundMAX Agent Service (default) ( UnsignedFile.Multi.Generic ) - warning
03:04:33.0531 3020 SoundMAX Agent Service (default) - detected UnsignedFile.Multi.Generic (1)
03:04:33.0546 3020 Sparrow - ok
03:04:33.0562 3020 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
03:04:33.0703 3020 splitter - ok
03:04:33.0750 3020 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
03:04:33.0781 3020 Spooler - ok
03:04:33.0828 3020 [ 68103A2B441BBF3908EBB587F0704D6C ] sptd C:\WINDOWS\System32\Drivers\sptd.sys
03:04:33.0859 3020 sptd - ok
03:04:33.0906 3020 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
03:04:33.0968 3020 sr - ok
03:04:33.0984 3020 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll
03:04:34.0093 3020 srservice - ok
03:04:34.0125 3020 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
03:04:34.0156 3020 Srv - ok
03:04:34.0187 3020 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
03:04:34.0265 3020 SSDPSRV - ok
03:04:34.0312 3020 [ E5C796B621F6FBA8616511063D7F0FFE ] StarWindServiceAE C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
03:04:34.0359 3020 StarWindServiceAE ( UnsignedFile.Multi.Generic ) - warning
03:04:34.0359 3020 StarWindServiceAE - detected UnsignedFile.Multi.Generic (1)
03:04:34.0406 3020 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll
03:04:34.0562 3020 stisvc - ok
03:04:34.0578 3020 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
03:04:34.0718 3020 swenum - ok
03:04:34.0734 3020 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
03:04:34.0906 3020 swmidi - ok
03:04:34.0921 3020 SwPrv - ok
03:04:34.0921 3020 symc810 - ok
03:04:34.0937 3020 symc8xx - ok
03:04:34.0953 3020 sym_hi - ok
03:04:34.0953 3020 sym_u3 - ok
03:04:35.0000 3020 [ 0F332C0BA9B968EBC8CBB906416F8597 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
03:04:35.0031 3020 SynTP - ok
03:04:35.0046 3020 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
03:04:35.0281 3020 sysaudio - ok
03:04:35.0296 3020 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
03:04:35.0421 3020 SysmonLog - ok
03:04:35.0453 3020 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
03:04:35.0578 3020 TapiSrv - ok
03:04:35.0640 3020 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
03:04:35.0687 3020 Tcpip - ok
03:04:35.0734 3020 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
03:04:35.0843 3020 TDPIPE - ok
03:04:35.0859 3020 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
03:04:35.0984 3020 TDTCP - ok
03:04:36.0000 3020 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
03:04:36.0125 3020 TermDD - ok
03:04:36.0171 3020 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll
03:04:36.0281 3020 TermService - ok
03:04:36.0312 3020 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll
03:04:36.0328 3020 Themes - ok
03:04:36.0359 3020 [ F779BA4CD37963AB4600C9871B7752A3 ] tifm21 C:\WINDOWS\system32\drivers\tifm21.sys
03:04:36.0375 3020 tifm21 - ok
03:04:36.0390 3020 [ 03681A1CE77F51586903869A5AB1DEAB ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
03:04:36.0453 3020 TlntSvr - ok
03:04:36.0468 3020 TosIde - ok
03:04:36.0484 3020 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll
03:04:36.0609 3020 TrkWks - ok
03:04:36.0640 3020 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
03:04:36.0781 3020 Udfs - ok
03:04:36.0781 3020 ultra - ok
03:04:36.0812 3020 [ AB0A7CA90D9E3D6A193905DC1715DED0 ] UMWdf C:\WINDOWS\system32\wdfmgr.exe
03:04:36.0843 3020 UMWdf - ok
03:04:36.0906 3020 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
03:04:37.0031 3020 Update - ok
03:04:37.0062 3020 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll
03:04:37.0140 3020 upnphost - ok
03:04:37.0171 3020 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe
03:04:37.0281 3020 UPS - ok
03:04:37.0328 3020 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
03:04:37.0437 3020 usbccgp - ok
03:04:37.0468 3020 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
03:04:37.0593 3020 usbehci - ok
03:04:37.0593 3020 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
03:04:37.0718 3020 usbhub - ok
03:04:37.0765 3020 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
03:04:37.0875 3020 usbscan - ok
03:04:37.0890 3020 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
03:04:38.0000 3020 usbstor - ok
03:04:38.0015 3020 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
03:04:38.0125 3020 usbuhci - ok
03:04:38.0171 3020 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
03:04:38.0281 3020 VgaSave - ok
03:04:38.0281 3020 ViaIde - ok
03:04:38.0312 3020 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
03:04:38.0437 3020 VolSnap - ok
03:04:38.0484 3020 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe
03:04:38.0546 3020 VSS - ok
03:04:38.0593 3020 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll
03:04:38.0718 3020 W32Time - ok
03:04:38.0734 3020 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
03:04:38.0859 3020 Wanarp - ok
03:04:38.0875 3020 WDICA - ok
03:04:38.0921 3020 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
03:04:39.0046 3020 wdmaud - ok
03:04:39.0078 3020 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll
03:04:39.0218 3020 WebClient - ok
03:04:39.0281 3020 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
03:04:39.0421 3020 winmgmt - ok
03:04:39.0468 3020 [ 140EF97B64F560FD78643CAE2CDAD838 ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
03:04:39.0484 3020 WmdmPmSN - ok
03:04:39.0546 3020 [ FFA4D901D46D07A5BAB2D8307FBB51A6 ] Wmi C:\WINDOWS\System32\advapi32.dll
03:04:39.0593 3020 Wmi - ok
03:04:39.0625 3020 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
03:04:39.0750 3020 WmiAcpi - ok
03:04:39.0781 3020 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
03:04:39.0921 3020 WmiApSrv - ok
03:04:39.0968 3020 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINDOWS\system32\wscsvc.dll
03:04:40.0109 3020 wscsvc - ok
03:04:40.0203 3020 [ 06C4AC100F78FBAE5D2D2C6B3AAC7C0B ] WTGService C:\Programme\Orangenet\WTGService.exe
03:04:40.0218 3020 WTGService - ok
03:04:40.0265 3020 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
03:04:40.0375 3020 wuauserv - ok
03:04:40.0406 3020 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
03:04:40.0593 3020 WZCSVC - ok
03:04:40.0625 3020 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
03:04:40.0765 3020 xmlprov - ok
03:04:40.0781 3020 [ B31932DC33072CA98A8DBF76F866F22E ] ZTEusbMB C:\WINDOWS\system32\DRIVERS\ZTEusbnmeaext2.sys
03:04:40.0812 3020 ZTEusbMB - ok
03:04:40.0812 3020 [ B31932DC33072CA98A8DBF76F866F22E ] ZTEusbmdm6k C:\WINDOWS\system32\DRIVERS\ZTEusbmdm6k.sys
03:04:40.0828 3020 ZTEusbmdm6k - ok
03:04:40.0859 3020 [ AFFB019346A4498DAE672663FBD0B716 ] ZTEusbnet C:\WINDOWS\system32\DRIVERS\ZTEusbnet.sys
03:04:40.0875 3020 ZTEusbnet - ok
03:04:40.0890 3020 [ B31932DC33072CA98A8DBF76F866F22E ] ZTEusbnmea C:\WINDOWS\system32\DRIVERS\ZTEusbnmea.sys
03:04:40.0906 3020 ZTEusbnmea - ok
03:04:40.0921 3020 [ B31932DC33072CA98A8DBF76F866F22E ] ZTEusbnmeaext C:\WINDOWS\system32\DRIVERS\ZTEusbnmeaext.sys
03:04:40.0937 3020 ZTEusbnmeaext - ok
03:04:40.0968 3020 [ B31932DC33072CA98A8DBF76F866F22E ] ZTEusbser6k C:\WINDOWS\system32\DRIVERS\ZTEusbser6k.sys
03:04:40.0984 3020 ZTEusbser6k - ok
03:04:41.0000 3020 [ 92FDFDCAB300856AABEECB5CD130FAC2 ] ZTEWMSD_637 C:\WINDOWS\system32\Drivers\ZTEWMSD_637.sys
03:04:41.0000 3020 ZTEWMSD_637 - ok
03:04:41.0031 3020 ================ Scan global ===============================
03:04:41.0046 3020 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
03:04:41.0109 3020 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
03:04:41.0125 3020 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
03:04:41.0156 3020 [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe
03:04:41.0156 3020 [Global] - ok
03:04:41.0171 3020 ================ Scan MBR ==================================
03:04:41.0187 3020 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
03:04:41.0421 3020 \Device\Harddisk0\DR0 - ok
03:04:41.0421 3020 ================ Scan VBR ==================================
03:04:41.0421 3020 [ 36D15A6215D6455466239F3555CE373B ] \Device\Harddisk0\DR0\Partition1
03:04:41.0421 3020 \Device\Harddisk0\DR0\Partition1 - ok
03:04:41.0421 3020 ============================================================
03:04:41.0421 3020 Scan finished
03:04:41.0421 3020 ============================================================
03:04:41.0437 2952 Detected object count: 11
03:04:41.0437 2952 Actual detected object count: 11
03:05:07.0421 2952 btaudio ( UnsignedFile.Multi.Generic ) - skipped by user
03:05:07.0421 2952 btaudio ( UnsignedFile.Multi.Generic ) - User select action: Skip
03:05:07.0421 2952 BTDriver ( UnsignedFile.Multi.Generic ) - skipped by user
03:05:07.0421 2952 BTDriver ( UnsignedFile.Multi.Generic ) - User select action: Skip
03:05:07.0421 2952 BTKRNL ( UnsignedFile.Multi.Generic ) - skipped by user
03:05:07.0421 2952 BTKRNL ( UnsignedFile.Multi.Generic ) - User select action: Skip
03:05:07.0421 2952 btwdins ( UnsignedFile.Multi.Generic ) - skipped by user
03:05:07.0421 2952 btwdins ( UnsignedFile.Multi.Generic ) - User select action: Skip
03:05:07.0437 2952 BTWDNDIS ( UnsignedFile.Multi.Generic ) - skipped by user
03:05:07.0437 2952 BTWDNDIS ( UnsignedFile.Multi.Generic ) - User select action: Skip
03:05:07.0437 2952 BTWUSB ( UnsignedFile.Multi.Generic ) - skipped by user
03:05:07.0437 2952 BTWUSB ( UnsignedFile.Multi.Generic ) - User select action: Skip
03:05:07.0437 2952 eabfiltr ( UnsignedFile.Multi.Generic ) - skipped by user
03:05:07.0437 2952 eabfiltr ( UnsignedFile.Multi.Generic ) - User select action: Skip
03:05:07.0437 2952 eabusb ( UnsignedFile.Multi.Generic ) - skipped by user
03:05:07.0437 2952 eabusb ( UnsignedFile.Multi.Generic ) - User select action: Skip
03:05:07.0437 2952 hpqwmi ( UnsignedFile.Multi.Generic ) - skipped by user
03:05:07.0437 2952 hpqwmi ( UnsignedFile.Multi.Generic ) - User select action: Skip
03:05:07.0437 2952 SoundMAX Agent Service (default) ( UnsignedFile.Multi.Generic ) - skipped by user
03:05:07.0437 2952 SoundMAX Agent Service (default) ( UnsignedFile.Multi.Generic ) - User select action: Skip
03:05:07.0437 2952 StarWindServiceAE ( UnsignedFile.Multi.Generic ) - skipped by user
03:05:07.0453 2952 StarWindServiceAE ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
26.11.2012, 17:09
| #10 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Dateien versteckt/unsichtbar wegen Virus? Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
30.11.2012, 04:05
| #11 |
| | Dateien versteckt/unsichtbar wegen Virus?Code:
ATTFilter ComboFix 12-11-26.02 - HP 30.11.2012 3:41.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.49.1031.18.1015.667 [GMT 1:00]
ausgeführt von:: c:\dokumente und einstellungen\HP\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\dokumente und einstellungen\HP\Anwendungsdaten\Mozilla\Firefox\Profiles\vn024bks.default\extensions\ffxtlbr@searchya.com
c:\dokumente und einstellungen\HP\Anwendungsdaten\Mozilla\Firefox\Profiles\vn024bks.default\extensions\ffxtlbr@searchya.com\chrome.manifest
c:\dokumente und einstellungen\HP\Anwendungsdaten\Mozilla\Firefox\Profiles\vn024bks.default\extensions\ffxtlbr@searchya.com\content\imgs\arwDwn.gif
c:\dokumente und einstellungen\HP\Anwendungsdaten\Mozilla\Firefox\Profiles\vn024bks.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\ae.png
c:\dokumente und einstellungen\HP\Anwendungsdaten\Mozilla\Firefox\Profiles\vn024bks.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\bg.png
c:\dokumente und einstellungen\HP\Anwendungsdaten\Mozilla\Firefox\Profiles\vn024bks.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\ch.png
c:\dokumente und einstellungen\HP\Anwendungsdaten\Mozilla\Firefox\Profiles\vn024bks.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\cn.png
c:\dokumente und einstellungen\HP\Anwendungsdaten\Mozilla\Firefox\Profiles\vn024bks.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\cz.png
c:\dokumente und einstellungen\HP\Anwendungsdaten\Mozilla\Firefox\Profiles\vn024bks.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\de.png
c:\dokumente und einstellungen\HP\Anwendungsdaten\Mozilla\Firefox\Profiles\vn024bks.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\eg.png
c:\dokumente und einstellungen\HP\Anwendungsdaten\Mozilla\Firefox\Profiles\vn024bks.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\en.png
c:\dokumente und einstellungen\HP\Anwendungsdaten\Mozilla\Firefox\Profiles\vn024bks.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\es.png
c:\dokumente und einstellungen\HP\Anwendungsdaten\Mozilla\Firefox\Profiles\vn024bks.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\fr.png
c:\dokumente und einstellungen\HP\Anwendungsdaten\Mozilla\Firefox\Profiles\vn024bks.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\gr.png
c:\dokumente und einstellungen\HP\Anwendungsdaten\Mozilla\Firefox\Profiles\vn024bks.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\he.png
c:\dokumente und einstellungen\HP\Anwendungsdaten\Mozilla\Firefox\Profiles\vn024bks.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\il.png
c:\dokumente und einstellungen\HP\Anwendungsdaten\Mozilla\Firefox\Profiles\vn024bks.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\it.png
c:\dokumente und einstellungen\HP\Anwendungsdaten\Mozilla\Firefox\Profiles\vn024bks.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\ja.png
c:\dokumente und einstellungen\HP\Anwendungsdaten\Mozilla\Firefox\Profiles\vn024bks.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\jp.png
c:\dokumente und einstellungen\HP\Anwendungsdaten\Mozilla\Firefox\Profiles\vn024bks.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\nl.png
c:\dokumente und einstellungen\HP\Anwendungsdaten\Mozilla\Firefox\Profiles\vn024bks.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\no.png
c:\dokumente und einstellungen\HP\Anwendungsdaten\Mozilla\Firefox\Profiles\vn024bks.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\pl.png
c:\dokumente und einstellungen\HP\Anwendungsdaten\Mozilla\Firefox\Profiles\vn024bks.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\pt.png
c:\dokumente und einstellungen\HP\Anwendungsdaten\Mozilla\Firefox\Profiles\vn024bks.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\ro.png
c:\dokumente und einstellungen\HP\Anwendungsdaten\Mozilla\Firefox\Profiles\vn024bks.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\ru.png
c:\dokumente und einstellungen\HP\Anwendungsdaten\Mozilla\Firefox\Profiles\vn024bks.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\sa.png
c:\dokumente und einstellungen\HP\Anwendungsdaten\Mozilla\Firefox\Profiles\vn024bks.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\se.png
c:\dokumente und einstellungen\HP\Anwendungsdaten\Mozilla\Firefox\Profiles\vn024bks.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\sv.png
c:\dokumente und einstellungen\HP\Anwendungsdaten\Mozilla\Firefox\Profiles\vn024bks.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\tr.png
c:\dokumente und einstellungen\HP\Anwendungsdaten\Mozilla\Firefox\Profiles\vn024bks.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\ua.png
c:\dokumente und einstellungen\HP\Anwendungsdaten\Mozilla\Firefox\Profiles\vn024bks.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\us.png
c:\dokumente und einstellungen\HP\Anwendungsdaten\Mozilla\Firefox\Profiles\vn024bks.default\extensions\ffxtlbr@searchya.com\content\imgs\help_16.gif
c:\dokumente und einstellungen\HP\Anwendungsdaten\Mozilla\Firefox\Profiles\vn024bks.default\extensions\ffxtlbr@searchya.com\content\imgs\home.gif
c:\dokumente und einstellungen\HP\Anwendungsdaten\Mozilla\Firefox\Profiles\vn024bks.default\extensions\ffxtlbr@searchya.com\content\imgs\icon_seperator.png
c:\dokumente und einstellungen\HP\Anwendungsdaten\Mozilla\Firefox\Profiles\vn024bks.default\extensions\ffxtlbr@searchya.com\content\imgs\logo.PNG
c:\dokumente und einstellungen\HP\Anwendungsdaten\Mozilla\Firefox\Profiles\vn024bks.default\extensions\ffxtlbr@searchya.com\content\imgs\privecy_16_hot.gif
c:\dokumente und einstellungen\HP\Anwendungsdaten\Mozilla\Firefox\Profiles\vn024bks.default\extensions\ffxtlbr@searchya.com\content\imgs\specialoffer.gif
c:\dokumente und einstellungen\HP\Anwendungsdaten\Mozilla\Firefox\Profiles\vn024bks.default\extensions\ffxtlbr@searchya.com\content\imgs\tellafriend.gif
c:\dokumente und einstellungen\HP\Anwendungsdaten\Mozilla\Firefox\Profiles\vn024bks.default\extensions\ffxtlbr@searchya.com\content\mtstart.js
c:\dokumente und einstellungen\HP\Anwendungsdaten\Mozilla\Firefox\Profiles\vn024bks.default\extensions\ffxtlbr@searchya.com\content\searchya.css
c:\dokumente und einstellungen\HP\Anwendungsdaten\Mozilla\Firefox\Profiles\vn024bks.default\extensions\ffxtlbr@searchya.com\content\searchya.xul
c:\dokumente und einstellungen\HP\Anwendungsdaten\Mozilla\Firefox\Profiles\vn024bks.default\extensions\ffxtlbr@searchya.com\content\tmplt.js
c:\dokumente und einstellungen\HP\Anwendungsdaten\Mozilla\Firefox\Profiles\vn024bks.default\extensions\ffxtlbr@searchya.com\install.rdf
c:\dokumente und einstellungen\HP\Anwendungsdaten\MSoft
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-10-28 bis 2012-11-30 ))))))))))))))))))))))))))))))
.
.
2012-11-30 02:23 . 2012-11-30 02:23 -------- d-----w- c:\dokumente und einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\PCHealth
2012-11-29 03:00 . 2012-11-29 03:03 -------- d-----w- c:\programme\Counter-Strike
2012-11-26 18:35 . 2012-11-08 18:00 6812136 ----a-w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\{C0BD5279-5C6D-43C9-A5AF-104C8756C37E}\mpengine.dll
2012-11-26 02:07 . 2012-11-08 18:00 6812136 ----a-w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-11-24 21:45 . 2012-11-24 21:45 -------- d--h--w- c:\windows\PIF
2012-11-24 21:07 . 2012-11-24 21:07 -------- d-----w- C:\GAMES
2012-11-21 13:21 . 2012-09-24 22:16 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-11-16 17:58 . 2012-11-16 17:58 -------- d-----w- c:\dokumente und einstellungen\HP\Lokale Einstellungen\Anwendungsdaten\Google
2012-11-16 17:58 . 2012-11-16 17:58 -------- d-----w- c:\dokumente und einstellungen\HP\Lokale Einstellungen\Anwendungsdaten\CRE
2012-11-16 17:58 . 2012-11-16 17:58 -------- d-----w- c:\programme\Conduit
2012-11-16 17:57 . 2012-11-19 19:29 -------- d-----w- c:\dokumente und einstellungen\HP\Lokale Einstellungen\Anwendungsdaten\Conduit
2012-11-16 17:57 . 2012-11-16 17:57 -------- d-----w- c:\programme\uTorrent
2012-11-16 17:56 . 2012-11-29 18:15 -------- d-----w- c:\dokumente und einstellungen\HP\Anwendungsdaten\uTorrent
2012-11-11 21:53 . 2012-11-19 19:31 -------- d-----w- c:\dokumente und einstellungen\HP\Anwendungsdaten\DAEMON Tools Pro
2012-11-11 21:53 . 2012-11-11 21:53 -------- d-----w- c:\programme\DAEMON Tools Pro
2012-11-11 21:52 . 2012-11-11 21:59 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\DAEMON Tools Pro
2012-11-11 19:59 . 2012-11-11 19:59 98304 ----a-w- c:\windows\system32\CmdLineExt.dll
2012-11-11 19:39 . 2012-11-11 19:39 -------- d-----w- c:\programme\Eidos
2012-11-11 19:39 . 2005-11-13 22:19 5632 ----a-w- c:\programme\Gemeinsame Dateien\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe
2012-11-11 19:25 . 2012-11-11 19:57 45056 ----a-r- c:\dokumente und einstellungen\HP\Anwendungsdaten\Microsoft\Installer\{F7C1C17E-70E3-475F-BD52-EA554391F15D}\GameShadow.exe1_0A3DE514292C4EBA987823B82B0B2BA2.exe
2012-11-11 19:25 . 2012-11-11 19:57 45056 ----a-r- c:\dokumente und einstellungen\HP\Anwendungsdaten\Microsoft\Installer\{F7C1C17E-70E3-475F-BD52-EA554391F15D}\GameShadow.exe_0A3DE514292C4EBA987823B82B0B2BA2.exe
2012-11-11 19:25 . 2012-11-11 19:57 45056 ----a-r- c:\dokumente und einstellungen\HP\Anwendungsdaten\Microsoft\Installer\{F7C1C17E-70E3-475F-BD52-EA554391F15D}\ARPPRODUCTICON.exe
2012-11-11 19:25 . 2012-11-11 19:25 -------- d-----w- c:\programme\GameShadow
2012-11-11 19:10 . 2006-02-07 14:40 204800 ----a-w- c:\programme\Gemeinsame Dateien\InstallShield\Professional\RunTime\11\50\Intel32\iuser.dll
2012-11-11 19:10 . 2006-02-07 14:40 69715 ----a-w- c:\programme\Gemeinsame Dateien\InstallShield\Professional\RunTime\11\50\Intel32\ctor.dll
2012-11-11 19:10 . 2006-02-07 14:40 274432 ----a-w- c:\programme\Gemeinsame Dateien\InstallShield\Professional\RunTime\11\50\Intel32\iscript.dll
2012-11-11 19:10 . 2006-02-07 14:45 757760 ----a-w- c:\programme\Gemeinsame Dateien\InstallShield\Professional\RunTime\11\50\Intel32\iKernel.dll
2012-11-11 19:10 . 2012-11-11 19:10 200836 ----a-w- c:\programme\Gemeinsame Dateien\InstallShield\Professional\RunTime\11\50\Intel32\iGdi.dll
2012-11-11 19:10 . 2012-11-11 19:10 331908 ----a-w- c:\programme\Gemeinsame Dateien\InstallShield\Professional\RunTime\11\50\Intel32\setup.dll
2012-11-11 19:06 . 2012-11-11 19:06 -------- d-----w- c:\programme\Alcohol Soft
2012-11-11 18:27 . 2012-11-11 18:27 -------- d-----w- c:\programme\DaemonTools_WhenUSaveNow_Installer
2012-11-11 18:27 . 2012-11-11 18:29 223128 ----a-w- c:\windows\system32\drivers\dtscsi.sys
2012-11-11 18:27 . 2012-11-11 18:29 -------- d-----w- c:\programme\DAEMON Tools
2012-11-11 18:23 . 2012-11-11 18:23 -------- d-----w- c:\dokumente und einstellungen\HP\Lokale Einstellungen\Anwendungsdaten\Thinstall
2012-11-11 18:23 . 2012-11-11 18:23 -------- d-----w- c:\dokumente und einstellungen\HP\Anwendungsdaten\Thinstall
2012-11-11 18:05 . 2012-11-11 21:53 466008 ----a-w- c:\windows\system32\drivers\sptd.sys
2012-11-02 14:07 . 2012-01-31 12:44 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-11-02 13:48 . 2012-11-02 13:49 -------- d-----w- c:\programme\Microsoft Security Client
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-14 12:35 . 2012-08-31 10:54 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-11-14 12:35 . 2012-08-31 10:54 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-10-22 20:02 . 2012-10-22 20:02 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2012-10-22 20:02 . 2012-10-22 20:02 1060864 ----a-w- c:\windows\system32\mfc71.dll
2012-10-22 19:56 . 2008-04-14 12:00 1866496 ----a-w- c:\windows\system32\win32k.sys
2012-10-02 18:04 . 2008-04-14 12:00 58368 ----a-w- c:\windows\system32\synceng.dll
2012-09-29 17:54 . 2012-10-24 07:48 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-18 16:21 . 2012-09-18 16:21 15360 ----a-w- c:\windows\system32\drivers\ZTEWMSD_637.sys
2012-09-18 16:21 . 2012-09-18 16:21 105088 ----a-w- c:\windows\system32\drivers\ZTEusbser6k.sys
2012-09-18 16:21 . 2012-09-18 16:21 105088 ----a-w- c:\windows\system32\drivers\ZTEusbnmeaext2.sys
2012-09-18 16:21 . 2012-09-18 16:21 114688 ----a-w- c:\windows\system32\drivers\ZTEusbnet.sys
2012-09-18 16:21 . 2012-09-18 16:21 105088 ----a-w- c:\windows\system32\drivers\ZTEusbnmeaext.sys
2012-09-18 16:21 . 2012-09-18 16:21 105088 ----a-w- c:\windows\system32\drivers\ZTEusbnmea.sys
2012-09-18 16:21 . 2012-09-18 16:21 105088 ----a-w- c:\windows\system32\drivers\ZTEusbmdm6k.sys
2012-09-09 22:41 . 2012-09-09 22:41 348160 ----a-w- c:\windows\system32\msvcr71.dll
2012-09-06 01:26 . 2012-09-28 06:42 266720 ----a-w- c:\programme\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\programme\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-10-14 1388544]
"AGRSMMSG"="AGRSMMSG.exe" [2005-04-13 88209]
"SynTPStart"="c:\programme\Synaptics\SynTP\SynTPStart.exe" [2007-09-15 102400]
"Adobe ARM"="c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"SunJavaUpdateSched"="c:\programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [2012-07-03 252848]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2007-06-19 101144]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2007-06-19 84760]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2007-06-19 125720]
"eabconfg.cpl"="c:\programme\HPQ\Quick Launch Buttons\EabServr.exe" [2004-12-03 290816]
"MSC"="c:\programme\Microsoft Security Client\msseces.exe" [2012-09-12 947176]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\GEMEIN~1\MICROS~1\DW\dwtrig20.exe" [2010-12-20 519584]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^BTTray.lnk]
path=c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\BTTray.lnk
backup=c:\windows\pss\BTTray.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Launcher.lnk]
path=c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\Launcher.lnk
backup=c:\windows\pss\Launcher.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
2012-01-05 15:42 75624 ----a-w- c:\programme\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
2005-12-10 14:57 133016 ----a-w- c:\programme\DAEMON Tools\daemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent]
2012-10-23 08:25 3108480 ----a-w- c:\programme\DAEMON Tools Pro\DTAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-07-28 23:08 1259376 ----a-w- c:\programme\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2012-07-13 11:33 17418928 ----a-r- c:\programme\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2012-11-16 17:57 968592 ----a-w- c:\programme\uTorrent\uTorrent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2012-06-20 16:13 74752 ----a-w- c:\programme\Winamp\winampa.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programme\\Microsoft Office\\Office14\\GROOVE.EXE"=
"c:\\Programme\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Programme\\Microsoft Office\\Office14\\OUTLOOK.EXE"=
"c:\\Programme\\Winamp\\winamp.exe"=
"c:\\Programme\\Skype\\Phone\\Skype.exe"=
"c:\\Programme\\Orbitdownloader\\orbitdm.exe"=
"c:\\Programme\\Orbitdownloader\\orbitnet.exe"=
"c:\\Programme\\Rosetta Stone\\Rosetta Stone Version 3\\support\\bin\\win\\RosettaStoneLtdServices.exe"=
"c:\\Programme\\Rosetta Stone\\Rosetta Stone Version 3\\RosettaStoneVersion3.exe"=
"c:\\Programme\\Java\\jre7\\bin\\javaw.exe"=
"c:\\Programme\\SRWare Iron\\iron.exe"=
"c:\\Programme\\uTorrent\\uTorrent.exe"=
"c:\\Dokumente und Einstellungen\\HP\\Eigene Dateien\\Games\\Age Of Empires 2\\age2_x1\\age2_x1_1.0c.exe"=
"c:\\Dokumente und Einstellungen\\HP\\Eigene Dateien\\Games\\Age Of Empires 2\\age2_x1\\age2_x1_1.0.exe"=
"c:\\Programme\\Counter-Strike\\cstrike.exe"=
.
R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R2 WTGService;WTGService;c:\programme\Orangenet\WTGService.exe [18.09.2012 17:21 312784]
R3 GTIPCI21;GTIPCI21;c:\windows\system32\drivers\gtipci21.sys [31.08.2012 12:00 88192]
R3 ZTEusbMB;ZTE NMEAExt2 Port;c:\windows\system32\drivers\ZTEusbnmeaext2.sys [18.09.2012 17:21 105088]
R3 ZTEusbnmeaext;ZTE NMEAExt Port;c:\windows\system32\drivers\ZTEusbnmeaext.sys [18.09.2012 17:21 105088]
S2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;c:\programme\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [05.01.2012 16:42 75624]
S2 SkypeUpdate;Skype Updater;c:\programme\Skype\Updater\Updater.exe [13.07.2012 12:28 160944]
S3 ZTEusbnet;ZTE USB-NDIS miniport;c:\windows\system32\drivers\ZTEusbnet.sys [18.09.2012 17:21 114688]
S3 ZTEWMSD_637;ZTE WCDMA 637 Dummy MSD Device;c:\windows\system32\drivers\ZTEWMSD_637.sys [18.09.2012 17:21 15360]
.
Inhalt des "geplante Tasks" Ordners
.
2012-11-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-31 12:35]
.
2012-11-30 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job
- c:\programme\Microsoft Security Client\MpCmdRun.exe [2012-09-12 16:25]
.
2012-11-30 c:\windows\Tasks\MpIdleTask.job
- c:\programme\Microsoft Security Client\MpCmdRun.exe [2012-09-12 16:25]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
IE: &Download by Orbit - c:\programme\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\programme\Orbitdownloader\orbitmxt.dll/204
IE: An OneNote s&enden - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Do&wnload selected by Orbit - c:\programme\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\programme\Orbitdownloader\orbitmxt.dll/202
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Senden an &Bluetooth - c:\programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
TCP: Interfaces\{9802C295-455F-4346-9216-BA38852E7C66}: NameServer = 190.124.65.245 190.124.65.246
FF - ProfilePath - c:\dokumente und einstellungen\HP\Anwendungsdaten\Mozilla\Firefox\Profiles\vn024bks.default\
FF - ExtSQL: 2012-10-01 22:12; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - ExtSQL: 2012-10-04 14:35; {23fcfd51-4958-4f00-80a3-ae97e717ed8b}; c:\programme\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF - ExtSQL: 2012-10-27 08:11; ffxtlbr@searchya.com; c:\dokumente und einstellungen\HP\Anwendungsdaten\Mozilla\Firefox\Profiles\vn024bks.default\extensions\ffxtlbr@searchya.com
FF - ExtSQL: 2012-11-16 18:58; {c840e246-6b95-475e-9bd7-caa1c7eca9f2}; c:\dokumente und einstellungen\HP\Anwendungsdaten\Mozilla\Firefox\Profiles\vn024bks.default\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}
FF - user.js: extensions.searchya.hmpg - false
FF - user.js: extensions.searchya.hmpgUrl - hxxp://www.searchya.com/?s=0&a=foxtab&chnl=tc-100&cd=2XzuyEtN2Y1L1QzutDtDzytDyE0B0FzyzztB0C0Fzz0CtC0EtN0D0Tzu0StByByEtN1L2XzutBtFtBtFtDtFtAyEyE&cr=203706965
FF - user.js: extensions.searchya.dfltSrch - false
FF - user.js: extensions.searchya.srchPrvdr - Search
FF - user.js: extensions.searchya.dnsErr - true
FF - user.js: extensions.searchya_i.newTab - false
FF - user.js: extensions.searchya.newTabUrl - hxxp://www.searchya.com/?s=2&a=foxtab&chnl=tc-100&cd=2XzuyEtN2Y1L1QzutDtDzytDyE0B0FzyzztB0C0Fzz0CtC0EtN0D0Tzu0StByByEtN1L2XzutBtFtBtFtDtFtAyEyE&cr=203706965
FF - user.js: extensions.searchya.tlbrSrchUrl - hxxp://www.searchya.com/?s=3&a=foxtab&chnl=tc-100&cd=2XzuyEtN2Y1L1QzutDtDzytDyE0B0FzyzztB0C0Fzz0CtC0EtN0D0Tzu0StByByEtN1L2XzutBtFtBtFtDtFtAyEyE&cr=203706965&q=
FF - user.js: extensions.searchya.id - 00904BF982CF8C1E
FF - user.js: extensions.searchya.instlDay - 15615
FF - user.js: extensions.searchya.vrsn - 1.5.25.0
FF - user.js: extensions.searchya.vrsni - 1.5.25.0
FF - user.js: extensions.searchya_i.vrsnTs - 1.5.25.08:42
FF - user.js: extensions.searchya.prtnrId - searchya
FF - user.js: extensions.searchya.prdct - searchya
FF - user.js: extensions.searchya.aflt - foxtab
FF - user.js: extensions.searchya_i.smplGrp - none
FF - user.js: extensions.searchya.tlbrId - base
FF - user.js: extensions.searchya.instlRef - tc-100
FF - user.js: extensions.searchya.dfltLng -
FF - user.js: extensions.searchya.excTlbr - false
FF - user.js: extensions.searchya.autoRvrt - false
FF - user.js: extensions.searchya.envrmnt - production
FF - user.js: extensions.searchya.isdcmntcmplt - true
FF - user.js: extensions.searchya.mntrvrsn - 1.3.0
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
MSConfigStartUp-APSDaemon - c:\programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2012-11-30 03:50
Windows 5.1.2600 Service Pack 3 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Zeit der Fertigstellung: 2012-11-30 03:52:35
ComboFix-quarantined-files.txt 2012-11-30 02:52
.
Vor Suchlauf: 6.958.211.072 Bytes frei
Nach Suchlauf: 7.058.763.776 Bytes frei
.
WindowsXP-KB310994-SP2-Pro-BootDisk-DEU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn
.
- - End Of File - - F23FF704AA46237A7AB0620487DC7EA4
|
|
30.11.2012, 09:56
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Dateien versteckt/unsichtbar wegen Virus? adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren Downloade Dir bitte AdwCleaner auf deinen Desktop. Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
30.11.2012, 13:30
| #13 |
| | Dateien versteckt/unsichtbar wegen Virus? Okay mache ich, danke Ist denn schon bei den anderen Suchläufen was bei raus gekommen? |
|
30.11.2012, 13:33
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Dateien versteckt/unsichtbar wegen Virus? Was erwartest du jetzt für eine Antwort? Soll ich ich jede Zeile con CF kommentieren? 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
30.11.2012, 13:48
| #15 |
| | Dateien versteckt/unsichtbar wegen Virus? Wieso siehst du das denn als Kritik an? Ich wollte nur wissen ob du vielleicht weißt womit ich es da zu tun habe. Code:
ATTFilter # AdwCleaner v2.010 - Datei am 30/11/2012 um 13:44:10 erstellt
# Aktualisiert am 29/11/2012 von Xplode
# Betriebssystem : Microsoft Windows XP Service Pack 3 (32 bits)
# Benutzer : HP - NOTEBOOK-HP
# Bootmodus : Normal
# Ausgeführt unter : C:\Dokumente und Einstellungen\HP\Desktop\adwcleaner.exe
# Option [Suche]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Ordner Gefunden : C:\Programme\Conduit
***** [Registrierungsdatenbank] *****
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{15F6BCB7-BB0F-4A66-8762-4765B05597EB}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{1973277F-87B0-4EA3-9ED2-470A91D284CF}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\esrv.searchyaESrvc
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\esrv.searchyaESrvc.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar.CT2851647
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{15F6BCB7-BB0F-4A66-8762-4765B05597EB}
Schlüssel Gefunden : HKLM\Software\Conduit
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{819DC4CA-4FFF-4C2E-800D-F346471D99BC}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\searchya
Schlüssel Gefunden : HKU\S-1-5-21-606747145-1580436667-1417001333-1003\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
***** [Internet Browser] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Die Registrierungsdatenbank ist sauber.
*************************
AdwCleaner[R1].txt - [2352 octets] - [30/11/2012 13:44:10]
########## EOF - C:\AdwCleaner[R1].txt - [2412 octets] ##########
|
|
| Themen zu Dateien versteckt/unsichtbar wegen Virus? |
| about, anleitung, anwendungen, dateien, explorer.exe, folge, gelöscht, laptop, laufwerk, malwarebytes, microsoft, mp3-player, namen, neue, not, problem, programme, registry, scan, security, software, temp, virenscanner, virus, virus? |
Linear-Darstellung
