| |
| |||||||
Log-Analyse und Auswertung: GVU-Trojaner – was tun mit der Otl.txt?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
21.12.2012, 10:29
| #1 |
| |  GVU-Trojaner – was tun mit der Otl.txt? Hallo zusammen, habe mir gestern einen GVU-Trojaner eingefangen  Mein Windows XP lässt sich nicht mehr im abgesicherten Modus starten - mit OTL konnte ich die Otl.txt erstellen (siehe unten). Nun weiß ich leider nicht mehr weiter... Ist hier jemand der so lieb wäre mir zu helfen? Herzlichen Dank und schöne Grüße David Code:
ATTFilter OTL logfile created on: 12/21/2012 10:17:07 AM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 89.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 96.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 125.20 Gb Total Space | 88.82 Gb Free Space | 70.94% Space Free | Partition Type: NTFS
Drive D: | 1.86 Gb Total Space | 1.86 Gb Free Space | 99.99% Space Free | Partition Type: FAT
Drive E: | 17.98 Gb Total Space | 0.21 Gb Free Space | 1.16% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand] -- -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - File not found [Auto] -- -- (RoxLiveShare9)
SRV - File not found [Auto] -- -- (NIHardwareService)
SRV - [2012/09/12 10:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Programme\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012/07/13 06:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/10/24 15:32:00 | 000,055,144 | ---- | M] (Apple Inc.) [Auto] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/01/13 12:14:00 | 000,247,296 | ---- | M] () [Auto] -- C:\Programme\Mobile Partner Manager\AssistantServices.exe -- (UI Assistant Service)
SRV - [2009/09/08 05:05:26 | 005,779,456 | ---- | M] () [Auto] -- C:\Programme\open3A\mysql\bin\mysqld-nt.exe -- (mysql)
SRV - [2009/09/08 05:05:18 | 000,017,408 | ---- | M] (Apache Software Foundation) [Auto] -- C:\Programme\open3A\apache\bin\apache.exe -- (Apache2.2)
SRV - [2008/10/24 08:35:44 | 000,128,296 | ---- | M] () [Auto] -- C:\Programme\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe -- (AAV UpdateService)
SRV - [2007/10/11 01:45:56 | 000,051,712 | ---- | M] (ArcSoft) [Auto] -- C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2007/09/04 03:14:34 | 000,087,344 | ---- | M] (AVM Berlin) [Auto] -- C:\Programme\FRITZ!DSL\IGDCTRL.EXE -- (IGDCTRL)
SRV - [2007/05/02 12:06:00 | 000,105,632 | ---- | M] (Symantec Corporation) [Auto] -- C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2007/05/02 12:06:00 | 000,105,632 | ---- | M] (Symantec Corporation) [Auto] -- C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2007/05/02 12:06:00 | 000,105,632 | ---- | M] (Symantec Corporation) [Auto] -- C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2007/05/02 12:05:00 | 000,046,736 | ---- | M] (Symantec Corporation) [Auto] -- C:\Programme\Gemeinsame Dateien\Symantec Shared\AppCore\AppSvc32.exe -- (SymAppCore)
SRV - [2007/03/21 06:00:04 | 000,355,096 | ---- | M] (Intel Corporation) [Auto] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2007/03/01 11:21:52 | 000,024,576 | ---- | M] ( ) [Auto] -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe -- (eLockService)
SRV - [2007/01/17 04:20:10 | 000,061,440 | ---- | M] (Hewlett-Packard Company) [Auto] -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2005/11/17 08:18:52 | 001,527,900 | ---- | M] (MAGIX®) [On_Demand] -- C:\Programme\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2004/10/21 20:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2003/07/28 05:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | System] -- -- (UimBus)
DRV - File not found [Kernel | System] -- -- (Uim_IM)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand] -- -- (HTCAND32)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - [2009/12/17 04:31:42 | 000,021,504 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | System] -- C:\WINDOWS\system32\drivers\Ndisprot.sys -- (Ndisprot)
DRV - [2009/11/16 14:59:44 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2009/11/16 14:59:44 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt)
DRV - [2009/10/29 12:28:24 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2009/10/29 12:28:24 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2009/10/29 12:28:24 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2009/10/29 12:28:24 | 000,009,216 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\massfilter.sys -- (massfilter)
DRV - [2008/12/04 08:17:15 | 000,627,072 | R--- | M] (Ralink Technology, Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WUSB54GCv3.sys -- (WUSB54GCv3)
DRV - [2008/11/04 03:52:38 | 000,114,472 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s1018mdm.sys -- (s1018mdm)
DRV - [2008/11/04 03:52:38 | 000,108,328 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s1018mgmt.sys -- (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM)
DRV - [2008/11/04 03:52:38 | 000,086,696 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s1018bus.sys -- (s1018bus) Sony Ericsson Device 1018 driver (WDM)
DRV - [2008/11/04 03:52:38 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s1018nd5.sys -- (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS)
DRV - [2008/11/04 03:52:38 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s1018mdfl.sys -- (s1018mdfl)
DRV - [2008/11/04 03:52:36 | 000,109,736 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s1018unic.sys -- (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM)
DRV - [2008/11/04 03:52:36 | 000,104,616 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s1018obex.sys -- (s1018obex)
DRV - [2008/07/30 00:51:30 | 000,277,736 | ---- | M] (Protect Software GmbH) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\acedrv11.sys -- (acedrv11)
DRV - [2008/05/16 05:33:14 | 000,115,752 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s0016unic.sys -- (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM)
DRV - [2008/05/16 05:33:14 | 000,025,512 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s0016nd5.sys -- (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS)
DRV - [2008/05/16 05:33:14 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s0016mdfl.sys -- (s0016mdfl)
DRV - [2008/05/16 05:33:12 | 000,120,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s0016mdm.sys -- (s0016mdm)
DRV - [2008/05/16 05:33:12 | 000,114,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s0016mgmt.sys -- (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM)
DRV - [2008/05/16 05:33:12 | 000,110,632 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s0016obex.sys -- (s0016obex)
DRV - [2008/05/16 05:33:12 | 000,089,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s0016bus.sys -- (s0016bus) Sony Ericsson Device 0016 driver (WDM)
DRV - [2008/03/17 05:03:46 | 000,101,376 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008/01/09 06:28:34 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\seehcri.sys -- (seehcri)
DRV - [2007/12/10 10:59:36 | 000,014,544 | ---- | M] (EnTech Taiwan) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\TVicPort.sys -- (tvicport)
DRV - [2007/12/10 10:59:36 | 000,006,080 | ---- | M] (Zeal SoftStudio) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\zntport.sys -- (zntport)
DRV - [2007/12/10 10:59:34 | 000,014,120 | ---- | M] (Acer, Inc.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\int15.sys -- (int15)
DRV - [2007/10/29 07:46:42 | 000,829,096 | ---- | M] (Bison Electronics. Inc. ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\BisonC07.sys -- (Cam5607)
DRV - [2007/05/30 13:04:56 | 004,424,192 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/05/02 12:08:00 | 000,186,048 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2007/05/02 12:08:00 | 000,026,432 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2007/05/02 12:07:00 | 000,108,728 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Programme\Symantec\SYMEVENT.SYS -- (SymEvent)
DRV - [2007/05/01 20:52:00 | 000,290,816 | ---- | M] (Texas Instruments) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2007/04/30 08:37:20 | 002,206,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\NETw4x32.sys -- (NETw4x32) Intel(R)
DRV - [2007/03/31 15:02:42 | 000,876,384 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2007/03/31 15:02:40 | 000,055,352 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2007/03/23 12:50:42 | 000,067,960 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2007/03/23 12:50:24 | 000,149,123 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2007/03/23 12:50:08 | 000,037,424 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2007/03/23 12:49:54 | 000,539,072 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2007/02/21 04:16:12 | 000,012,416 | ---- | M] (Intel Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2007/02/16 08:46:00 | 000,160,256 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2006/12/22 13:56:44 | 000,988,800 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2006/12/22 13:56:00 | 000,209,664 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2006/12/22 13:55:56 | 000,730,112 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2006/04/07 10:06:38 | 000,038,496 | ---- | M] (OLYMPUS IMAGING CORP.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\VNUSB.sys -- (VNUSB)
DRV - [2005/11/02 07:32:02 | 000,032,512 | ---- | M] (CACE Technologies) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2005/04/07 11:08:46 | 000,078,208 | ---- | M] (Acer Value Labs, USA) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\epm-shd.sys -- (EpmShd)
DRV - [2005/02/23 07:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2005/01/13 07:46:16 | 000,069,632 | ---- | M] () [Kernel | On_Demand] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15.sys)
DRV - [2004/07/19 06:10:00 | 000,004,096 | ---- | M] (Acer Value Labs, USA) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\epm-psd.sys -- (EpmPsd)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://de.rd.yahoo.com/customize/ycomp/defaults/sp/*hxxp://de.yahoo.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://global.acer.com/
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch =
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\David_Franz_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://de.rd.yahoo.com/customize/ycomp/defaults/sp/*hxxp://de.yahoo.com
IE - HKU\David_Franz_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\David_Franz_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\David_Franz_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\David_Franz_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch =
IE - HKU\David_Franz_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\David_Franz_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = fritz.box;192.168.178.1;169.254.1.1;<local>;*.local
IE - HKU\David_Franz_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555
IE - HKU\LocalService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\NetworkService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Philipp_D._Franz_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\Philipp_D._Franz_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\Philipp_D._Franz_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\Philipp_D._Franz_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\Philipp_D._Franz_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKU\Philipp_D._Franz_ON_C\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\Philipp_D._Franz_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programme\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Programme\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Programme\Gemeinsame Dateien\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{9A207F60-3F1C-4ED0-972D-0A4CDFBFF803}: C:\WINDOWS\system32\01001.076 [2012/07/26 11:33:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010/05/27 08:44:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010/12/27 11:09:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.2\extensions\\Components: C:\Programme\Mozilla Thunderbird\components [2012/06/10 23:46:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.2\extensions\\Plugins: C:\Programme\Mozilla Thunderbird\plugins [2010/12/07 17:11:14 | 000,000,000 | ---D | M]
[2012/02/27 00:56:15 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2008/06/26 09:00:18 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010/12/27 11:09:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2008/06/26 09:00:20 | 000,000,000 | ---D | M] (Google Settings) -- C:\Programme\Mozilla Firefox\extensions\google-ggic@partners.mozilla.com
[2010/11/12 12:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll
[2007/12/19 07:57:38 | 000,310,272 | ---- | M] () -- C:\Programme\mozilla firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll
[2010/05/10 01:07:53 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010/05/10 01:07:53 | 000,002,344 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2010/05/10 01:07:54 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2010/05/10 01:07:54 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2010/05/10 01:07:54 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2004/08/03 22:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {184AA5E6-741D-464a-820E-94B3ABC2F3B4} - No CLSID value found.
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {20C28584-8F10-4D92-987C-0A1008E2435A} - No CLSID value found.
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (no name) - {9A207F60-3F1C-4ED0-972D-0A4CDFBFF803} - No CLSID value found.
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll (HiTRUST)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\Philipp_D._Franz_ON_C\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll (HiTRUST)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [MSC] C:\Programme\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\Run: [DWQueuedReporting] C:\Programme\Gemeinsame Dateien\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\David_Franz_ON_C..\Run: [eNMTray.exe] File not found
O4 - HKU\Philipp_D._Franz_ON_C..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\Philipp_D._Franz_ON_C..\Run: [ISUSPM] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPropertiesMyComputer = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileAssociate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\David_Franz_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\David_Franz_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoEncryptOnMove = 0
O7 - HKU\David_Franz_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ShowDesktopVersion = 1
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Philipp_D._Franz_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Philipp_D._Franz_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKU\Philipp_D._Franz_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0
O7 - HKU\Philipp_D._Franz_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DAF7E6E6-D53A-439A-B28D-12271406B8A9} hxxp://mobileapps.blackberry.com/devicesoftware/AxLoader.cab (RIM AxLoader)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKU\David_Franz_ON_C Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKU\David_Franz_ON_C Winlogon: Shell - (C:\Dokumente und Einstellungen\David Franz\Anwendungsdaten\skype.dat) - C:\Dokumente und Einstellungen\David Franz\Anwendungsdaten\skype.dat ()
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Acertx.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Acertx.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 7 Days ==========
[2012/12/21 08:37:13 | 002,237,440 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe
[2012/12/21 08:37:05 | 000,000,000 | ---D | C] -- C:\_OTL
[2009/06/17 10:34:09 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\hpeEC.dll
[2008/08/23 08:41:10 | 000,246,272 | ---- | C] ( ) -- C:\WINDOWS\System32\Unlha32.dll
[2008/06/26 08:34:40 | 000,016,384 | ---- | C] ( ) -- C:\WINDOWS\System32\ClearEvent.exe
[2008/06/26 08:29:30 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\Interop.Shell32.dll
[2008/06/26 08:29:30 | 000,049,152 | ---- | C] ( ) -- C:\WINDOWS\System32\SysMonitor.exe
========== Files - Modified Within 7 Days ==========
[2012/12/21 03:19:06 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/12/21 03:17:11 | 000,000,012 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat
[2012/12/21 03:16:26 | 000,000,004 | ---- | M] () -- C:\Dokumente und Einstellungen\David Franz\Anwendungsdaten\skype.ini
[2012/12/21 03:16:12 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/12/21 03:15:21 | 3211,186,176 | -HS- | M] () -- C:\hiberfil.sys
[2012/12/21 02:42:00 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/12/20 15:03:22 | 000,066,792 | ---- | M] () -- C:\Dokumente und Einstellungen\David Franz\Desktop\non-nude-733.jpg
[2012/12/20 14:58:38 | 000,087,835 | ---- | M] () -- C:\Dokumente und Einstellungen\David Franz\Desktop\19pre.jpg
[2012/12/20 14:57:47 | 000,059,196 | ---- | M] () -- C:\Dokumente und Einstellungen\David Franz\Desktop\5.jpg
[2012/12/20 14:57:04 | 000,051,480 | ---- | M] () -- C:\Dokumente und Einstellungen\David Franz\Desktop\9.JPG
[2012/12/20 14:56:01 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/12/19 13:01:54 | 000,000,358 | -H-- | M] () -- C:\WINDOWS\tasks\MpIdleTask.job
========== Files Created - No Company Name ==========
[2012/12/20 15:06:22 | 000,000,004 | ---- | C] () -- C:\Dokumente und Einstellungen\David Franz\Anwendungsdaten\skype.ini
[2012/12/20 15:03:22 | 000,066,792 | ---- | C] () -- C:\Dokumente und Einstellungen\David Franz\Desktop\non-nude-733.jpg
[2012/12/20 14:58:38 | 000,087,835 | ---- | C] () -- C:\Dokumente und Einstellungen\David Franz\Desktop\19pre.jpg
[2012/12/20 14:57:47 | 000,059,196 | ---- | C] () -- C:\Dokumente und Einstellungen\David Franz\Desktop\5.jpg
[2012/12/20 14:57:08 | 000,051,480 | ---- | C] () -- C:\Dokumente und Einstellungen\David Franz\Desktop\9.JPG
[2012/02/15 01:06:33 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/12/16 10:20:52 | 000,002,167 | ---- | C] () -- C:\Dokumente und Einstellungen\David Franz\.recently-used.xbel
[2011/12/09 10:55:26 | 000,000,311 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2011/12/09 10:55:18 | 000,001,492 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ss.ini
[2010/11/20 07:20:32 | 000,011,264 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010/08/30 16:53:57 | 000,000,145 | ---- | C] () -- C:\WINDOWS\Eudcedit.ini
[2010/07/20 14:47:57 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/06/06 04:50:53 | 000,095,000 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/05/26 11:56:16 | 000,000,256 | ---- | C] () -- C:\Dokumente und Einstellungen\David Franz\pool.bin
[2010/05/15 04:54:35 | 000,000,171 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2010/05/07 01:20:05 | 000,005,740 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/04/18 11:39:15 | 000,005,407 | ---- | C] () -- C:\WINDOWS\my.ini
[2010/01/18 11:45:22 | 000,102,462 | ---- | C] () -- C:\WINDOWS\System32\DspFx.dll
[2009/11/02 10:35:44 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\mgxasio2.dll
[2009/11/02 10:35:02 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2009/11/02 10:34:42 | 000,007,119 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2009/08/20 08:31:54 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2009/08/19 10:44:54 | 000,015,312 | R--- | C] () -- C:\WINDOWS\System32\RaCoInst.dat
[2009/08/02 05:05:38 | 000,000,195 | ---- | C] () -- C:\Dokumente und Einstellungen\David Franz\default.pls
[2009/07/20 03:17:08 | 000,111,932 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2009/07/20 03:17:08 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2009/07/20 03:17:08 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2009/07/20 03:17:08 | 000,026,154 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2009/07/20 03:17:08 | 000,024,903 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2009/07/20 03:17:08 | 000,021,390 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2009/07/20 03:17:08 | 000,020,148 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2009/07/20 03:17:08 | 000,011,811 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2009/07/20 03:17:08 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2009/07/20 03:17:08 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat
[2009/07/20 03:17:08 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2009/07/20 03:17:08 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2009/07/20 03:17:08 | 000,001,136 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2009/07/20 03:17:08 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2009/07/20 03:17:08 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2009/07/20 03:17:08 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat
[2009/07/20 03:17:08 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat
[2009/07/20 03:17:08 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2009/07/20 03:17:08 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2009/07/10 08:13:56 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2009/06/26 09:42:05 | 000,116,736 | ---- | C] () -- C:\Dokumente und Einstellungen\David Franz\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/06/03 11:23:13 | 000,000,468 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2009/06/03 11:23:13 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2009/06/03 11:23:12 | 000,000,030 | ---- | C] () -- C:\WINDOWS\System32\brss01a.ini
[2009/06/03 11:22:30 | 000,000,208 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini
[2009/06/03 11:22:30 | 000,000,092 | ---- | C] () -- C:\WINDOWS\brpcfx.ini
[2009/06/03 11:22:30 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\bridf05a.dat
[2009/06/03 11:21:52 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brdfxspd.dat
[2009/05/29 04:02:07 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin
[2009/05/26 03:13:16 | 000,000,144 | ---- | C] () -- C:\Dokumente und Einstellungen\David Franz\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2009/01/22 11:47:38 | 000,000,061 | ---- | C] () -- C:\WINDOWS\asym.ini
[2009/01/01 18:00:00 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\wrkgadm.exe
[2009/01/01 18:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL
[2008/12/31 08:13:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\JeppECData.ini
[2008/08/23 07:58:02 | 001,789,952 | ---- | C] () -- C:\WINDOWS\System32\ZHP1600R.DLL
[2008/08/23 07:58:02 | 000,749,568 | ---- | C] () -- C:\WINDOWS\System32\AGI1600.DLL
[2008/08/23 07:58:02 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\zSHP1600.EXE
[2008/08/23 07:58:02 | 000,299,008 | ---- | C] () -- C:\WINDOWS\System32\ZHHP1600.EXE
[2008/07/30 16:18:46 | 004,244,744 | ---- | C] () -- C:\WINDOWS\System32\qtp-mt334.dll
[2008/07/30 16:18:46 | 000,247,560 | ---- | C] () -- C:\WINDOWS\System32\prgiso.dll
[2008/07/30 16:18:46 | 000,013,576 | ---- | C] () -- C:\WINDOWS\System32\wnaspi32.dll
[2008/06/30 08:38:42 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/06/27 14:13:10 | 000,000,060 | ---- | C] () -- C:\Dokumente und Einstellungen\Philipp D. Franz\default.pls
[2008/06/27 14:12:33 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/06/26 15:25:59 | 000,009,216 | ---- | C] () -- C:\Dokumente und Einstellungen\Philipp D. Franz\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/06/26 09:25:09 | 000,000,188 | ---- | C] () -- C:\WINDOWS\System32\eDataSecurity.dat
[2008/06/26 09:13:48 | 000,000,032 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ezsid.dat
[2008/06/26 09:06:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008/06/26 08:36:00 | 000,000,012 | ---- | C] () -- C:\WINDOWS\bthservsdp.dat
[2008/06/26 08:35:12 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\drivers\int15_64.sys
[2008/06/26 08:34:27 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2008/06/26 08:34:19 | 000,319,488 | ---- | C] () -- C:\WINDOWS\System32\AegisI5Installer.exe
[2008/06/26 08:33:13 | 000,888,832 | ---- | C] () -- C:\WINDOWS\System32\WirelessMgr.dll
[2008/06/26 08:31:47 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\NATTraversal.dll
[2008/06/26 08:29:30 | 000,331,776 | ---- | C] () -- C:\WINDOWS\System32\ScrollBarLib.dll
[2008/06/26 08:27:29 | 000,015,190 | ---- | C] () -- C:\WINDOWS\M3000Twn.ini
[2008/06/26 08:21:28 | 000,000,149 | ---- | C] () -- C:\Dokumente und Einstellungen\Philipp D. Franz\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2008/03/19 19:24:59 | 000,000,038 | ---- | C] () -- C:\WINDOWS\PreLaunch.ini
[2007/08/10 06:44:22 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2007/08/10 06:43:54 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007/08/10 06:33:36 | 000,464,894 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2007/08/10 06:33:36 | 000,446,190 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2007/08/10 06:33:36 | 000,087,098 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2007/08/10 06:33:36 | 000,073,396 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2007/08/10 06:28:16 | 000,382,424 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2007/08/10 05:43:24 | 000,000,146 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2007/08/10 05:40:22 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIBUN4.dll
[2007/08/10 05:39:48 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMPEG2.dll
[2007/08/10 05:39:48 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMP3.dll
[2007/08/10 05:39:48 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTICDMK7.dll
[2007/06/05 09:24:14 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4837.dll
[2007/06/05 08:48:58 | 000,910,464 | ---- | C] () -- C:\WINDOWS\System32\igmedkrn.dll
[2007/05/28 08:56:14 | 001,411,584 | ---- | C] () -- C:\WINDOWS\System32\UIVCL.dll
[2007/05/28 08:55:06 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\APISlice.dll
[2007/05/28 08:54:32 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\InstallCheck.dll
[2007/04/01 02:00:28 | 002,842,624 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2007/04/01 01:41:52 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2007/03/22 13:59:10 | 000,071,680 | ---- | C] () -- C:\WINDOWS\System32\HTCA_SelfExtract.bin
[2007/01/04 08:10:22 | 000,003,218 | ---- | C] () -- C:\WINDOWS\System32\drivers\WINIO.sys
[2006/12/05 03:27:04 | 000,184,320 | ---- | C] () -- C:\WINDOWS\System32\SatSrv.exe
[2006/08/28 12:30:04 | 000,013,952 | ---- | C] () -- C:\WINDOWS\System32\drivers\UBHelper.sys
[2006/08/01 08:02:32 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2006/03/10 07:18:16 | 000,017,935 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004/09/06 03:39:48 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/09/06 03:37:18 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/03 22:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/03 22:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/03 22:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2004/08/03 22:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/03 22:00:00 | 000,122,368 | ---- | C] () -- C:\Dokumente und Einstellungen\David Franz\Anwendungsdaten\skype.dat
[2004/08/03 22:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/03 22:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2004/08/03 22:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/03 22:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/03 22:00:00 | 000,003,776 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/03 22:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/03 22:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/05/14 06:04:36 | 000,049,152 | ---- | C] () -- C:\WINDOWS\XMLaunch.exe
[2003/11/24 08:55:48 | 000,743,424 | ---- | C] () -- C:\WINDOWS\libxml2.dll
[2003/11/24 08:55:32 | 000,872,448 | ---- | C] () -- C:\WINDOWS\iconv.dll
[2003/02/20 10:53:42 | 000,005,702 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/09/12 15:41:26 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2002/09/12 15:41:26 | 000,004,524 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/12/26 09:12:30 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\multiplex_vcd.dll
[2001/11/14 06:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[2001/09/03 16:46:38 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\Hmpg12.dll
[2001/07/30 09:33:56 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.dll
[2001/07/23 15:04:36 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_MMX.dll
========== LOP Check ==========
[2008/06/27 06:15:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Bytemobile
[2009/03/21 15:24:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Vodafone
[2011/12/20 14:19:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\David Franz\Anwendungsdaten\Amazon
[2010/05/26 12:00:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\David Franz\Anwendungsdaten\Blackberry Desktop
[2009/06/15 12:12:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\David Franz\Anwendungsdaten\Engelmann Media
[2010/08/21 02:05:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\David Franz\Anwendungsdaten\EPSON
[2009/08/26 11:45:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\David Franz\Anwendungsdaten\FRITZ!
[2010/03/10 09:42:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\David Franz\Anwendungsdaten\GARMIN
[2010/07/07 15:06:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\David Franz\Anwendungsdaten\gtk-2.0
[2009/12/07 11:29:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\David Franz\Anwendungsdaten\ICQ
[2009/06/15 10:53:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\David Franz\Anwendungsdaten\LogoMaker
[2009/11/02 10:41:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\David Franz\Anwendungsdaten\MAGIX
[2010/09/03 09:04:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\David Franz\Anwendungsdaten\Outlook
[2009/07/20 03:17:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\David Franz\Anwendungsdaten\Panasonic
[2009/09/08 10:03:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\David Franz\Anwendungsdaten\PandoraRecovery
[2010/09/18 12:27:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\David Franz\Anwendungsdaten\Research In Motion
[2009/06/17 10:36:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\David Franz\Anwendungsdaten\Sony
[2010/09/09 12:07:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\David Franz\Anwendungsdaten\Thunderbird
[2009/05/26 03:14:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\David Franz\Anwendungsdaten\Vodafone
[2008/12/27 14:56:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Philipp D. Franz\Anwendungsdaten\AAV
[2008/11/12 12:11:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Philipp D. Franz\Anwendungsdaten\ASCOMP Software
[2009/03/10 11:06:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Philipp D. Franz\Anwendungsdaten\FlightPlanner
[2009/05/26 03:06:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Philipp D. Franz\Anwendungsdaten\GMX
[2008/08/04 06:27:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Philipp D. Franz\Anwendungsdaten\Nvu
[2008/06/28 15:19:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Philipp D. Franz\Anwendungsdaten\Steganos
[2008/07/15 14:12:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Philipp D. Franz\Anwendungsdaten\Thunderbird
[2009/03/21 15:24:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Philipp D. Franz\Anwendungsdaten\Vodafone
[2008/12/27 15:04:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AAV
[2010/11/20 07:15:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Deskshare
[2009/12/28 10:31:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EPSON
[2011/12/09 10:55:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\FreeRIP
[2010/09/15 12:05:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\IsolatedStorage
[2008/08/19 01:20:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\LightScribe
[2009/11/02 10:35:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MAGIX
[2008/12/27 15:09:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Muzzy Lane Software
[2010/01/08 16:33:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Native Instruments
[2010/09/18 12:00:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Research In Motion
[2010/11/20 12:29:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2010/11/20 12:24:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\VideoConverter
[2009/08/03 03:53:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Vodafone
[2011/12/09 08:20:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/05/29 03:31:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2012/12/19 13:01:54 | 000,000,358 | -H-- | M] () -- C:\WINDOWS\Tasks\MpIdleTask.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 122 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:6152D44C
< End of report >
|
|
21.12.2012, 12:57
| #2 |
| /// Malware-holic   | GVU-Trojaner – was tun mit der Otl.txt? Hi,
__________________auf deinem zweiten pc gehe auf start, programme zubehör editor, kopiere dort rein: Code:
ATTFilter :OTL
O20 - HKU\David_Franz_ON_C Winlogon: Shell - (C:\Dokumente und Einstellungen\David Franz\Anwendungsdaten\skype.dat) - C:\Dokumente und Einstellungen\David
Franz\Anwendungsdaten\skype.dat ()
[2012/12/21 03:16:26 | 000,000,004 | ---- | M] () -- C:\Dokumente und Einstellungen\David Franz\Anwendungsdaten\skype.ini
:Files
:Commands
[EMPTYFLASH]
[emptytemp]
dieses speicherst du auf nem usb stick als fix.txt nutze nun wieder OTLPENet.exe (starte also von der erstellten cd) und hake alles an, wie es bereits im post zu OTLPENet.exe beschrieben ist. • Klicke nun bitte auf den Fix Button. es sollte nun eine meldung ähnlich dieser: "load fix from file" erscheinen, lade also die fix.txt von deinem stick. wenn dies nicht funktioniert, bitte den fix manuell eintragen. dann klicke erneut den fix buton. pc startet evtl. neu. wenn ja, nimm die cd aus dem laufwerk, windows sollte nun normal starten und die otl.txt öffnen, log posten bitte. falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang in den Thread posten! Drücke bitte die  + E Taste.
__________________ |
|
21.12.2012, 13:26
| #3 |
| | GVU-Trojaner – was tun mit der Otl.txt? Hallo,
__________________nach "Run Fix" ist folgende Log gekommen: Code:
ATTFilter ========== OTL ==========
Registry value HKEY_USERS\David_Franz_ON_C\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:C:\Dokumente und Einstellungen\David Franz\Anwendungsdaten\skype.dat deleted successfully.
File C:\Dokumente und Einstellungen\David not found.
C:\Dokumente und Einstellungen\David Franz\Anwendungsdaten\skype.ini moved successfully.
========== FILES ==========
========== COMMANDS ==========
[EMPTYFLASH]
User: Administrator
->Temp folder emptied: 15205844 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: All Users
User: David Franz
->Temp folder emptied: 707575374 bytes
->Temporary Internet Files folder emptied: 53572819 bytes
->Java cache emptied: 725624 bytes
->FireFox cache emptied: 109340391 bytes
->Google Chrome cache emptied: 514672420 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 204059 bytes
User: Default User
->Temp folder emptied: 15205844 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56587 bytes
User: LocalService
->Temp folder emptied: 82513 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 1023876 bytes
->Temporary Internet Files folder emptied: 1037303 bytes
->Flash cache emptied: 1722 bytes
User: Philipp D. Franz
->Temp folder emptied: 20086643 bytes
->Temporary Internet Files folder emptied: 14854962 bytes
->Java cache emptied: 7640138 bytes
->FireFox cache emptied: 25851540 bytes
->Flash cache emptied: 4086 bytes
Total Flash Files Cleaned = 1,418.00 mb
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: All Users
User: David Franz
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Philipp D. Franz
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2131 bytes
Total Files Cleaned = 0.00 mb
OTLPE by OldTimer - Version 3.1.48.0 log created on 12212012_132044
die Datei MovedFiles.zip habe ich im Upload Chanel abgelegt... |
|
21.12.2012, 15:13
| #4 |
| /// Malware-holic | GVU-Trojaner – was tun mit der Otl.txt? Danke download tdss killer: http://www.trojaner-board.de/82358-t...entfernen.html Klicke auf Change parameters • Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system • Klick auf OK und anschließend auf Start scan - bei funden erst mal immer skip wählen, log posten
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
21.12.2012, 22:18
| #5 |
| | GVU-Trojaner – was tun mit der Otl.txt? Vielen Dank! Hier das Ergebnis des Scan: Code:
ATTFilter 22:14:03.0327 1956 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
22:14:03.0717 1956 ============================================================
22:14:03.0717 1956 Current date / time: 2012/12/21 22:14:03.0717
22:14:03.0717 1956 SystemInfo:
22:14:03.0717 1956
22:14:03.0717 1956 OS Version: 5.1.2600 ServicePack: 3.0
22:14:03.0717 1956 Product type: Workstation
22:14:03.0717 1956 ComputerName: NOTEBOOK
22:14:03.0717 1956 UserName: David Franz
22:14:03.0717 1956 Windows directory: C:\WINDOWS
22:14:03.0717 1956 System windows directory: C:\WINDOWS
22:14:03.0717 1956 Processor architecture: Intel x86
22:14:03.0717 1956 Number of processors: 2
22:14:03.0717 1956 Page size: 0x1000
22:14:03.0717 1956 Boot type: Normal boot
22:14:03.0717 1956 ============================================================
22:14:07.0608 1956 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
22:14:07.0624 1956 ============================================================
22:14:07.0624 1956 \Device\Harddisk0\DR0:
22:14:07.0624 1956 MBR partitions:
22:14:07.0624 1956 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xBB86BD, BlocksNum 0xFA671D8
22:14:07.0624 1956 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xC, StartLBA 0x1061F895, BlocksNum 0x23F922C
22:14:07.0624 1956 ============================================================
22:14:07.0811 1956 C: <-> \Device\Harddisk0\DR0\Partition1
22:14:07.0827 1956 D: <-> \Device\Harddisk0\DR0\Partition2
22:14:07.0827 1956 ============================================================
22:14:07.0827 1956 Initialize success
22:14:07.0827 1956 ============================================================
22:14:41.0842 2628 ============================================================
22:14:41.0842 2628 Scan started
22:14:41.0842 2628 Mode: Manual; SigCheck; TDLFS;
22:14:41.0842 2628 ============================================================
22:14:42.0030 2628 ================ Scan system memory ========================
22:14:42.0030 2628 System memory - ok
22:14:42.0030 2628 ================ Scan services =============================
22:14:42.0124 2628 [ 7EEB488346FBFA3731276C3EE8A8FD9E ] AAV UpdateService C:\Programme\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
22:14:42.0374 2628 AAV UpdateService - ok
22:14:42.0514 2628 Abiosdsk - ok
22:14:42.0545 2628 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
22:14:43.0280 2628 abp480n5 - ok
22:14:43.0374 2628 [ 419C06524DC5A79BAAD9A67339C1C65C ] ACDaemon C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe
22:14:43.0452 2628 ACDaemon - ok
22:14:43.0483 2628 [ 27F954120BABB8A00F8745D8F5BC9B82 ] acedrv11 C:\WINDOWS\system32\drivers\acedrv11.sys
22:14:43.0717 2628 acedrv11 - ok
22:14:43.0780 2628 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
22:14:44.0030 2628 ACPI - ok
22:14:44.0092 2628 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
22:14:44.0295 2628 ACPIEC - ok
22:14:44.0311 2628 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
22:14:44.0530 2628 adpu160m - ok
22:14:44.0624 2628 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
22:14:44.0842 2628 aec - ok
22:14:44.0936 2628 [ 375EB0B97E3950ADEF3633C27A82438B ] AegisP C:\WINDOWS\system32\DRIVERS\AegisP.sys
22:14:45.0045 2628 AegisP ( UnsignedFile.Multi.Generic ) - warning
22:14:45.0045 2628 AegisP - detected UnsignedFile.Multi.Generic (1)
22:14:45.0092 2628 [ A7B8A3A79D35215D798A300DF49ED23F ] Afc C:\WINDOWS\system32\drivers\Afc.sys
22:14:45.0108 2628 Afc ( UnsignedFile.Multi.Generic ) - warning
22:14:45.0108 2628 Afc - detected UnsignedFile.Multi.Generic (1)
22:14:45.0170 2628 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
22:14:45.0280 2628 AFD - ok
22:14:45.0311 2628 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
22:14:45.0530 2628 agp440 - ok
22:14:45.0624 2628 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
22:14:45.0827 2628 agpCPQ - ok
22:14:45.0889 2628 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
22:14:45.0999 2628 Aha154x - ok
22:14:46.0014 2628 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
22:14:46.0233 2628 aic78u2 - ok
22:14:46.0264 2628 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
22:14:46.0467 2628 aic78xx - ok
22:14:46.0545 2628 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll
22:14:46.0780 2628 Alerter - ok
22:14:46.0842 2628 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe
22:14:46.0952 2628 ALG - ok
22:14:46.0983 2628 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
22:14:47.0202 2628 AliIde - ok
22:14:47.0217 2628 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
22:14:47.0436 2628 alim1541 - ok
22:14:47.0467 2628 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
22:14:47.0702 2628 amdagp - ok
22:14:47.0764 2628 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
22:14:47.0874 2628 amsint - ok
22:14:47.0967 2628 [ 90B2413AC639CBADBD6CF166375E39C0 ] Apache2.2 C:\Programme\open3A\apache\bin\apache.exe
22:14:47.0983 2628 Apache2.2 ( UnsignedFile.Multi.Generic ) - warning
22:14:47.0983 2628 Apache2.2 - detected UnsignedFile.Multi.Generic (1)
22:14:48.0092 2628 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:14:48.0124 2628 Apple Mobile Device - ok
22:14:48.0170 2628 [ D45960BE52C3C610D361977057F98C54 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
22:14:48.0280 2628 AppMgmt - ok
22:14:48.0327 2628 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
22:14:48.0545 2628 Arp1394 - ok
22:14:48.0592 2628 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
22:14:48.0811 2628 asc - ok
22:14:48.0827 2628 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
22:14:48.0952 2628 asc3350p - ok
22:14:48.0952 2628 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
22:14:49.0170 2628 asc3550 - ok
22:14:49.0311 2628 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
22:14:49.0405 2628 aspnet_state - ok
22:14:49.0452 2628 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:14:49.0686 2628 AsyncMac - ok
22:14:49.0780 2628 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
22:14:49.0999 2628 atapi - ok
22:14:50.0014 2628 Atdisk - ok
22:14:50.0092 2628 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
22:14:50.0311 2628 Atmarpc - ok
22:14:50.0358 2628 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
22:14:50.0561 2628 AudioSrv - ok
22:14:50.0608 2628 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
22:14:50.0811 2628 audstub - ok
22:14:50.0874 2628 [ F96038AA1EC4013A93D2420FC689D1E9 ] b57w2k C:\WINDOWS\system32\DRIVERS\b57xp32.sys
22:14:50.0983 2628 b57w2k - ok
22:14:51.0030 2628 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
22:14:51.0249 2628 Beep - ok
22:14:51.0311 2628 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll
22:14:51.0624 2628 BITS - ok
22:14:51.0795 2628 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Programme\Bonjour\mDNSResponder.exe
22:14:51.0874 2628 Bonjour Service - ok
22:14:51.0920 2628 [ D3FACB34FFF5DB91ADB70987838F8BA7 ] Brother XP spl Service C:\WINDOWS\system32\brsvc01a.exe
22:14:51.0983 2628 Brother XP spl Service - ok
22:14:52.0030 2628 [ B71549F23736ADF83A571061C47777FD ] Browser C:\WINDOWS\System32\browser.dll
22:14:52.0124 2628 Browser - ok
22:14:52.0155 2628 [ 92A964547B96D697E5E9ED43B4297F5A ] BrScnUsb C:\WINDOWS\system32\Drivers\BrScnUsb.sys
22:14:52.0217 2628 BrScnUsb - ok
22:14:52.0311 2628 [ ECDC40CC54603C711E1A7A1C9255184A ] btaudio C:\WINDOWS\system32\drivers\btaudio.sys
22:14:52.0374 2628 btaudio - ok
22:14:52.0389 2628 [ 58A49BD10E08D3D4333A60DEDCB1CED8 ] BTDriver C:\WINDOWS\system32\DRIVERS\btport.sys
22:14:52.0405 2628 BTDriver - ok
22:14:52.0452 2628 [ B279426E3C0C344893ED78A613A73BDE ] BthEnum C:\WINDOWS\system32\DRIVERS\BthEnum.sys
22:14:52.0686 2628 BthEnum - ok
22:14:52.0749 2628 [ 80602B8746D3738F5886CE3D67EF06B6 ] BthPan C:\WINDOWS\system32\DRIVERS\bthpan.sys
22:14:52.0967 2628 BthPan - ok
22:14:53.0077 2628 [ 592E1CEDBE314D0EF184DC6F46141E76 ] BTHPORT C:\WINDOWS\system32\Drivers\BTHport.sys
22:14:53.0139 2628 BTHPORT - ok
22:14:53.0170 2628 [ 26C601EF7525E31379744ABFC6F35A1B ] BthServ C:\WINDOWS\System32\bthserv.dll
22:14:53.0420 2628 BthServ - ok
22:14:53.0483 2628 [ 61364CD71EF63B0F038B7E9DF00F1EFA ] BTHUSB C:\WINDOWS\system32\Drivers\BTHUSB.sys
22:14:53.0702 2628 BTHUSB - ok
22:14:53.0827 2628 [ 885B6D0F826A216EEE4C3AD883809012 ] BTKRNL C:\WINDOWS\system32\DRIVERS\btkrnl.sys
22:14:53.0936 2628 BTKRNL - ok
22:14:53.0983 2628 [ 49E9ED37FAEC5E8C03E81FD73D3884D6 ] btwdins C:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe
22:14:54.0014 2628 btwdins - ok
22:14:54.0045 2628 [ B1D350F3F13CF340FCE93912D2BA1EBF ] BTWDNDIS C:\WINDOWS\system32\DRIVERS\btwdndis.sys
22:14:54.0139 2628 BTWDNDIS - ok
22:14:54.0155 2628 [ E48668B4A6A5CF68B33AECAD18EE8E1E ] btwhid C:\WINDOWS\system32\DRIVERS\btwhid.sys
22:14:54.0186 2628 btwhid - ok
22:14:54.0217 2628 [ 57E91E9925976BBC98984EEBAAF1D84C ] BTWUSB C:\WINDOWS\system32\Drivers\btwusb.sys
22:14:54.0311 2628 BTWUSB - ok
22:14:54.0389 2628 [ 4B999349156C3E203E0728ACA4274359 ] Cam5607 C:\WINDOWS\system32\Drivers\BisonC07.sys
22:14:54.0514 2628 Cam5607 - ok
22:14:54.0530 2628 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
22:14:54.0764 2628 cbidf - ok
22:14:54.0780 2628 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
22:14:54.0983 2628 cbidf2k - ok
22:14:55.0077 2628 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
22:14:55.0342 2628 CCDECODE - ok
22:14:55.0483 2628 [ 15C40B3E236C98C3C31F802881713064 ] ccEvtMgr C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe
22:14:55.0514 2628 ccEvtMgr - ok
22:14:55.0545 2628 [ 15C40B3E236C98C3C31F802881713064 ] ccSetMgr C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe
22:14:55.0561 2628 ccSetMgr - ok
22:14:55.0624 2628 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
22:14:55.0749 2628 cd20xrnt - ok
22:14:55.0764 2628 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
22:14:55.0999 2628 Cdaudio - ok
22:14:56.0092 2628 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
22:14:56.0311 2628 Cdfs - ok
22:14:56.0389 2628 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
22:14:56.0608 2628 Cdrom - ok
22:14:56.0624 2628 Changer - ok
22:14:56.0717 2628 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe
22:14:56.0936 2628 CiSvc - ok
22:14:57.0014 2628 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
22:14:57.0217 2628 ClipSrv - ok
22:14:57.0264 2628 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:14:57.0420 2628 clr_optimization_v2.0.50727_32 - ok
22:14:57.0436 2628 [ 15C40B3E236C98C3C31F802881713064 ] CLTNetCnService C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe
22:14:57.0467 2628 CLTNetCnService - ok
22:14:57.0514 2628 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
22:14:57.0717 2628 CmBatt - ok
22:14:57.0780 2628 [ C687F81290303D90099B027A6474F99F ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
22:14:57.0999 2628 CmdIde - ok
22:14:58.0014 2628 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
22:14:58.0264 2628 Compbatt - ok
22:14:58.0280 2628 COMSysApp - ok
22:14:58.0327 2628 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
22:14:58.0592 2628 Cpqarray - ok
22:14:58.0686 2628 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
22:14:58.0905 2628 CryptSvc - ok
22:14:58.0999 2628 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
22:14:59.0233 2628 dac2w2k - ok
22:14:59.0249 2628 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
22:14:59.0436 2628 dac960nt - ok
22:14:59.0530 2628 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
22:14:59.0624 2628 DcomLaunch - ok
22:14:59.0655 2628 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
22:14:59.0889 2628 Dhcp - ok
22:14:59.0983 2628 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\DISK.SYS
22:15:00.0186 2628 Disk - ok
22:15:00.0202 2628 dmadmin - ok
22:15:00.0264 2628 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
22:15:00.0530 2628 dmboot - ok
22:15:00.0592 2628 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys
22:15:00.0811 2628 dmio - ok
22:15:00.0827 2628 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
22:15:01.0092 2628 dmload - ok
22:15:01.0186 2628 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll
22:15:01.0405 2628 dmserver - ok
22:15:01.0467 2628 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
22:15:01.0686 2628 DMusic - ok
22:15:01.0780 2628 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
22:15:01.0889 2628 Dnscache - ok
22:15:01.0936 2628 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
22:15:02.0186 2628 Dot3svc - ok
22:15:02.0249 2628 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
22:15:02.0467 2628 dpti2o - ok
22:15:02.0530 2628 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
22:15:02.0733 2628 drmkaud - ok
22:15:02.0795 2628 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll
22:15:03.0014 2628 EapHost - ok
22:15:03.0155 2628 [ D33EC04D1F0B5F388DE86CCC3333A59F ] eLockService C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
22:15:03.0186 2628 eLockService ( UnsignedFile.Multi.Generic ) - warning
22:15:03.0186 2628 eLockService - detected UnsignedFile.Multi.Generic (1)
22:15:03.0217 2628 [ D68564FCFBDFC04280CDBBB37CF7EF7F ] EpmPsd C:\WINDOWS\system32\drivers\epm-psd.sys
22:15:03.0280 2628 EpmPsd ( UnsignedFile.Multi.Generic ) - warning
22:15:03.0280 2628 EpmPsd - detected UnsignedFile.Multi.Generic (1)
22:15:03.0295 2628 [ 2D0C4A7077F6C68449479F5444C580A7 ] EpmShd C:\WINDOWS\system32\drivers\epm-shd.sys
22:15:03.0342 2628 EpmShd ( UnsignedFile.Multi.Generic ) - warning
22:15:03.0342 2628 EpmShd - detected UnsignedFile.Multi.Generic (1)
22:15:03.0358 2628 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll
22:15:03.0577 2628 ERSvc - ok
22:15:03.0670 2628 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe
22:15:03.0733 2628 Eventlog - ok
22:15:03.0780 2628 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\system32\es.dll
22:15:03.0905 2628 EventSystem - ok
22:15:03.0999 2628 [ 4C6FA3FD55087B7C35707068723A1710 ] EvtEng C:\Programme\Intel\Wireless\Bin\EvtEng.exe
22:15:04.0061 2628 EvtEng ( UnsignedFile.Multi.Generic ) - warning
22:15:04.0061 2628 EvtEng - detected UnsignedFile.Multi.Generic (1)
22:15:04.0139 2628 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
22:15:04.0342 2628 Fastfat - ok
22:15:04.0389 2628 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
22:15:04.0530 2628 FastUserSwitchingCompatibility - ok
22:15:04.0592 2628 [ 08B8B302AF0D1B3B8543429BBAC8F21F ] Fax C:\WINDOWS\system32\fxssvc.exe
22:15:04.0811 2628 Fax - ok
22:15:04.0858 2628 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
22:15:05.0061 2628 Fdc - ok
22:15:05.0139 2628 [ E9648254056BCE81A85380C0C3647DC4 ] FETNDIS C:\WINDOWS\system32\DRIVERS\fetnd5.sys
22:15:05.0374 2628 FETNDIS - ok
22:15:05.0405 2628 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
22:15:05.0624 2628 Fips - ok
22:15:05.0811 2628 [ 167D24A045499EBEF438F231976158DF ] FirebirdServerMAGIXInstance C:\Programme\MAGIX\Common\Database\bin\fbserver.exe
22:15:06.0014 2628 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
22:15:06.0014 2628 FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
22:15:06.0077 2628 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
22:15:06.0295 2628 Flpydisk - ok
22:15:06.0358 2628 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
22:15:06.0577 2628 FltMgr - ok
22:15:06.0670 2628 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
22:15:06.0702 2628 FontCache3.0.0.0 - ok
22:15:06.0749 2628 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:15:06.0967 2628 Fs_Rec - ok
22:15:07.0030 2628 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
22:15:07.0264 2628 Ftdisk - ok
22:15:07.0280 2628 [ 3A74C423CF6BCCA6982715878F450A3B ] gagp30kx C:\WINDOWS\system32\DRIVERS\gagp30kx.sys
22:15:07.0530 2628 gagp30kx - ok
22:15:07.0624 2628 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
22:15:07.0639 2628 GEARAspiWDM - ok
22:15:07.0686 2628 [ 007AEA2E06E7CEF7372E40C277163959 ] ggflt C:\WINDOWS\system32\DRIVERS\ggflt.sys
22:15:07.0717 2628 ggflt - ok
22:15:07.0749 2628 [ C73DE35960CA75C5AB4AE636B127C64E ] ggsemc C:\WINDOWS\system32\DRIVERS\ggsemc.sys
22:15:07.0764 2628 ggsemc - ok
22:15:07.0811 2628 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
22:15:08.0030 2628 Gpc - ok
22:15:08.0170 2628 [ 626A24ED1228580B9518C01930936DF9 ] gupdate C:\Programme\Google\Update\GoogleUpdate.exe
22:15:08.0202 2628 gupdate - ok
22:15:08.0202 2628 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe
22:15:08.0233 2628 gupdatem - ok
22:15:08.0295 2628 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
22:15:08.0499 2628 HDAudBus - ok
22:15:08.0592 2628 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
22:15:08.0811 2628 helpsvc - ok
22:15:08.0874 2628 [ B35DA85E60C0103F2E4104532DA2F12B ] HidServ C:\WINDOWS\System32\hidserv.dll
22:15:09.0092 2628 HidServ - ok
22:15:09.0170 2628 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
22:15:09.0374 2628 HidUsb - ok
22:15:09.0405 2628 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
22:15:09.0639 2628 hkmsvc - ok
22:15:09.0717 2628 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
22:15:09.0920 2628 hpn - ok
22:15:09.0999 2628 [ 6A5C4732D6803F84E2987EDD8E4359CE ] HSFHWAZL C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
22:15:10.0092 2628 HSFHWAZL - ok
22:15:10.0155 2628 [ 21C31273C6CC4826E74BE8AE3B09D4A8 ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
22:15:10.0514 2628 HSF_DPV - ok
22:15:10.0530 2628 HTCAND32 - ok
22:15:10.0592 2628 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
22:15:10.0686 2628 HTTP - ok
22:15:10.0717 2628 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
22:15:10.0920 2628 HTTPFilter - ok
22:15:10.0967 2628 [ 07853191B1BDEE5B39BE4CFCFE3B9AD4 ] hwdatacard C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
22:15:11.0077 2628 hwdatacard - ok
22:15:11.0124 2628 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
22:15:11.0358 2628 i2omgmt - ok
22:15:11.0389 2628 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
22:15:11.0608 2628 i2omp - ok
22:15:11.0655 2628 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
22:15:11.0874 2628 i8042prt - ok
22:15:11.0999 2628 [ AE38A12F79A4980DDB88F36514F8A1DA ] IAANTMON C:\Programme\Intel\Intel Matrix Storage Manager\Iaantmon.exe
22:15:12.0077 2628 IAANTMON - ok
22:15:12.0374 2628 [ 12C7F8D581C4A9F126F5F8F5683A1C29 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
22:15:12.0889 2628 ialm - ok
22:15:12.0936 2628 [ 997E8F5939F2D12CD9F2E6B395724C16 ] iaStor C:\WINDOWS\system32\DRIVERS\iaStor.sys
22:15:12.0999 2628 iaStor - ok
22:15:13.0077 2628 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe
22:15:13.0092 2628 IDriverT ( UnsignedFile.Multi.Generic ) - warning
22:15:13.0092 2628 IDriverT - detected UnsignedFile.Multi.Generic (1)
22:15:13.0170 2628 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:15:13.0264 2628 idsvc - ok
22:15:13.0358 2628 [ E28602C9E17B0DDCE9F5DEB3B3E2A635 ] IGDCTRL C:\Programme\FRITZ!DSL\IGDCTRL.EXE
22:15:13.0389 2628 IGDCTRL - ok
22:15:13.0436 2628 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
22:15:13.0655 2628 Imapi - ok
22:15:13.0749 2628 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe
22:15:13.0967 2628 ImapiService - ok
22:15:14.0014 2628 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
22:15:14.0233 2628 ini910u - ok
22:15:14.0264 2628 [ F8F75594C17FE7BCE1B4045BB7199868 ] int15 C:\WINDOWS\system32\drivers\int15.sys
22:15:14.0295 2628 int15 - ok
22:15:14.0389 2628 [ 4D8D5B1C895EA0F2A721B98A7CE198F1 ] int15.sys C:\Acer\Empowering Technology\eRecovery\int15.sys
22:15:14.0467 2628 int15.sys ( UnsignedFile.Multi.Generic ) - warning
22:15:14.0467 2628 int15.sys - detected UnsignedFile.Multi.Generic (1)
22:15:14.0717 2628 [ B45A576AD280DD4F605F58B24CDAAFE1 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
22:15:15.0202 2628 IntcAzAudAddService - ok
22:15:15.0233 2628 [ 69C4E3C9E67A1F103B94E14FDD5F3213 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
22:15:15.0467 2628 IntelIde - ok
22:15:15.0514 2628 [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
22:15:15.0733 2628 intelppm - ok
22:15:15.0811 2628 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
22:15:16.0014 2628 Ip6Fw - ok
22:15:16.0092 2628 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:15:16.0311 2628 IpFilterDriver - ok
22:15:16.0374 2628 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
22:15:16.0592 2628 IpInIp - ok
22:15:16.0655 2628 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
22:15:16.0874 2628 IpNat - ok
22:15:16.0999 2628 [ CA1972397B845B2F53F5DC63C22FD98A ] iPod Service C:\Programme\iPod\bin\iPodService.exe
22:15:17.0092 2628 iPod Service - ok
22:15:17.0124 2628 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
22:15:17.0327 2628 IPSec - ok
22:15:17.0342 2628 [ ACA5E7B54409F9CB5EED97ED0C81120E ] irda C:\WINDOWS\system32\DRIVERS\irda.sys
22:15:17.0483 2628 irda - ok
22:15:17.0514 2628 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
22:15:17.0639 2628 IRENUM - ok
22:15:17.0670 2628 [ 2EFE1DB1EC58A26B0C14BFDA122E246F ] Irmon C:\WINDOWS\System32\irmon.dll
22:15:17.0795 2628 Irmon - ok
22:15:17.0842 2628 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
22:15:18.0061 2628 isapnp - ok
22:15:18.0249 2628 [ E731921DB2E17DCD3DB472FAD5549C57 ] JavaQuickStarterService C:\Programme\Java\jre6\bin\jqs.exe
22:15:18.0295 2628 JavaQuickStarterService - ok
22:15:18.0342 2628 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
22:15:18.0561 2628 Kbdclass - ok
22:15:18.0592 2628 [ B6D6C117D771C98130497265F26D1882 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
22:15:18.0827 2628 kbdhid - ok
22:15:18.0889 2628 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
22:15:19.0108 2628 kmixer - ok
22:15:19.0202 2628 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
22:15:19.0342 2628 KSecDD - ok
22:15:19.0389 2628 [ 2BBDCB79900990F0716DFCB714E72DE7 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
22:15:19.0514 2628 lanmanserver - ok
22:15:19.0561 2628 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
22:15:19.0608 2628 lanmanworkstation - ok
22:15:19.0608 2628 lbrtfdc - ok
22:15:19.0717 2628 [ 793FF718477345CD5D232C50BED1E452 ] LightScribeService C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
22:15:19.0733 2628 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
22:15:19.0733 2628 LightScribeService - detected UnsignedFile.Multi.Generic (1)
22:15:19.0780 2628 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
22:15:20.0014 2628 LmHosts - ok
22:15:20.0092 2628 [ 09721F2C56681A83C93ECDFAB8B102A9 ] massfilter C:\WINDOWS\system32\drivers\massfilter.sys
22:15:20.0139 2628 massfilter - ok
22:15:20.0186 2628 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
22:15:20.0233 2628 mdmxsdk - ok
22:15:20.0264 2628 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll
22:15:20.0483 2628 Messenger - ok
22:15:20.0577 2628 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
22:15:20.0780 2628 mnmdd - ok
22:15:20.0858 2628 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
22:15:21.0077 2628 mnmsrvc - ok
22:15:21.0155 2628 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
22:15:21.0358 2628 Modem - ok
22:15:21.0389 2628 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
22:15:21.0608 2628 Mouclass - ok
22:15:21.0670 2628 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
22:15:21.0889 2628 mouhid - ok
22:15:21.0952 2628 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
22:15:22.0186 2628 MountMgr - ok
22:15:22.0233 2628 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys
22:15:22.0295 2628 MpFilter - ok
22:15:22.0436 2628 [ A69630D039C38018689190234F866D77 ] MpKsld10e397d c:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\{87CC0BD6-40AC-4F23-9944-A8E82430314A}\MpKsld10e397d.sys
22:15:22.0467 2628 MpKsld10e397d - ok
22:15:22.0467 2628 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
22:15:22.0686 2628 mraid35x - ok
22:15:22.0749 2628 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
22:15:22.0983 2628 MRxDAV - ok
22:15:23.0092 2628 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:15:23.0186 2628 MRxSmb - ok
22:15:23.0233 2628 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\system32\msdtc.exe
22:15:23.0467 2628 MSDTC - ok
22:15:23.0499 2628 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
22:15:23.0702 2628 Msfs - ok
22:15:23.0717 2628 MSIServer - ok
22:15:23.0749 2628 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:15:23.0952 2628 MSKSSRV - ok
22:15:24.0014 2628 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc c:\Programme\Microsoft Security Client\MsMpEng.exe
22:15:24.0061 2628 MsMpSvc - ok
22:15:24.0092 2628 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:15:24.0295 2628 MSPCLOCK - ok
22:15:24.0311 2628 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
22:15:24.0530 2628 MSPQM - ok
22:15:24.0624 2628 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
22:15:24.0827 2628 mssmbios - ok
22:15:24.0905 2628 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
22:15:25.0139 2628 MSTEE - ok
22:15:25.0217 2628 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
22:15:25.0295 2628 Mup - ok
22:15:25.0342 2628 mysql - ok
22:15:25.0389 2628 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
22:15:25.0608 2628 NABTSFEC - ok
22:15:25.0655 2628 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll
22:15:25.0874 2628 napagent - ok
22:15:25.0967 2628 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
22:15:26.0202 2628 NDIS - ok
22:15:26.0233 2628 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
22:15:26.0436 2628 NdisIP - ok
22:15:26.0483 2628 [ E94265636D893314463CB650E43C3EB5 ] Ndisprot C:\WINDOWS\system32\DRIVERS\ndisprot.sys
22:15:26.0577 2628 Ndisprot ( UnsignedFile.Multi.Generic ) - warning
22:15:26.0577 2628 Ndisprot - detected UnsignedFile.Multi.Generic (1)
22:15:26.0624 2628 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:15:26.0702 2628 NdisTapi - ok
22:15:26.0749 2628 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:15:26.0967 2628 Ndisuio - ok
22:15:26.0983 2628 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:15:27.0186 2628 NdisWan - ok
22:15:27.0249 2628 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
22:15:27.0311 2628 NDProxy - ok
22:15:27.0358 2628 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
22:15:27.0577 2628 NetBIOS - ok
22:15:27.0624 2628 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
22:15:27.0827 2628 NetBT - ok
22:15:27.0889 2628 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe
22:15:28.0124 2628 NetDDE - ok
22:15:28.0202 2628 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
22:15:28.0405 2628 NetDDEdsdm - ok
22:15:28.0452 2628 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe
22:15:28.0655 2628 Netlogon - ok
22:15:28.0733 2628 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll
22:15:28.0967 2628 Netman - ok
22:15:29.0061 2628 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:15:29.0092 2628 NetTcpPortSharing - ok
22:15:29.0233 2628 [ 18B2D3E11ED7A3C898ADE6A6692B6929 ] NETw4x32 C:\WINDOWS\system32\DRIVERS\NETw4x32.sys
22:15:29.0530 2628 NETw4x32 - ok
22:15:29.0545 2628 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
22:15:29.0764 2628 NIC1394 - ok
22:15:29.0858 2628 NIHardwareService - ok
22:15:29.0905 2628 [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla C:\WINDOWS\System32\mswsock.dll
22:15:29.0967 2628 Nla - ok
22:15:29.0983 2628 [ D21FEE8DB254BA762656878168AC1DB6 ] NPF C:\WINDOWS\system32\drivers\npf.sys
22:15:29.0999 2628 NPF ( UnsignedFile.Multi.Generic ) - warning
22:15:29.0999 2628 NPF - detected UnsignedFile.Multi.Generic (1)
22:15:30.0045 2628 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
22:15:30.0280 2628 Npfs - ok
22:15:30.0311 2628 [ 2ADC0CA9945C65284B3D19BC18765974 ] NSCIRDA C:\WINDOWS\system32\DRIVERS\nscirda.sys
22:15:30.0420 2628 NSCIRDA - ok
22:15:30.0467 2628 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
22:15:30.0702 2628 Ntfs - ok
22:15:30.0764 2628 [ 7F1C1F78D709C4A54CBB46EDE7E0B48D ] NTIDrvr C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys
22:15:30.0811 2628 NTIDrvr ( UnsignedFile.Multi.Generic ) - warning
22:15:30.0811 2628 NTIDrvr - detected UnsignedFile.Multi.Generic (1)
22:15:30.0842 2628 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
22:15:31.0045 2628 NtLmSsp - ok
22:15:31.0139 2628 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
22:15:31.0389 2628 NtmsSvc - ok
22:15:31.0452 2628 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
22:15:31.0655 2628 Null - ok
22:15:31.0717 2628 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
22:15:31.0936 2628 NwlnkFlt - ok
22:15:31.0999 2628 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
22:15:32.0217 2628 NwlnkFwd - ok
22:15:32.0264 2628 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
22:15:32.0483 2628 ohci1394 - ok
22:15:32.0608 2628 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
22:15:32.0655 2628 ose - ok
22:15:32.0686 2628 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
22:15:32.0905 2628 Parport - ok
22:15:32.0967 2628 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
22:15:33.0186 2628 PartMgr - ok
22:15:33.0217 2628 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
22:15:33.0436 2628 ParVdm - ok
22:15:33.0483 2628 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
22:15:33.0686 2628 PCI - ok
22:15:33.0702 2628 PCIDump - ok
22:15:33.0733 2628 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
22:15:33.0952 2628 PCIIde - ok
22:15:33.0967 2628 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
22:15:34.0217 2628 Pcmcia - ok
22:15:34.0233 2628 PDCOMP - ok
22:15:34.0233 2628 PDFRAME - ok
22:15:34.0249 2628 PDRELI - ok
22:15:34.0264 2628 PDRFRAME - ok
22:15:34.0311 2628 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
22:15:34.0530 2628 perc2 - ok
22:15:34.0530 2628 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
22:15:34.0733 2628 perc2hib - ok
22:15:34.0811 2628 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe
22:15:34.0858 2628 PlugPlay - ok
22:15:34.0858 2628 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
22:15:35.0061 2628 PolicyAgent - ok
22:15:35.0155 2628 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
22:15:35.0374 2628 PptpMiniport - ok
22:15:35.0405 2628 [ 2CB55427C58679F49AD600FCCBA76360 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
22:15:35.0624 2628 Processor - ok
22:15:35.0686 2628 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
22:15:35.0889 2628 ProtectedStorage - ok
22:15:35.0967 2628 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
22:15:36.0186 2628 PSched - ok
22:15:36.0233 2628 [ 32338659E9DA79055406F2157CD0E1DF ] psdfilter C:\WINDOWS\system32\Drivers\psdfilter.sys
22:15:36.0295 2628 psdfilter ( UnsignedFile.Multi.Generic ) - warning
22:15:36.0295 2628 psdfilter - detected UnsignedFile.Multi.Generic (1)
22:15:36.0327 2628 [ 4C7947014674DF40B7AF52342A9157D0 ] psdvdisk C:\WINDOWS\system32\Drivers\psdvdisk.sys
22:15:36.0561 2628 psdvdisk ( UnsignedFile.Multi.Generic ) - warning
22:15:36.0561 2628 psdvdisk - detected UnsignedFile.Multi.Generic (1)
22:15:36.0592 2628 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
22:15:36.0811 2628 Ptilink - ok
22:15:36.0889 2628 [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
22:15:36.0920 2628 PxHelp20 - ok
22:15:36.0936 2628 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
22:15:37.0155 2628 ql1080 - ok
22:15:37.0170 2628 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
22:15:37.0389 2628 Ql10wnt - ok
22:15:37.0405 2628 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
22:15:37.0624 2628 ql12160 - ok
22:15:37.0639 2628 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
22:15:37.0874 2628 ql1240 - ok
22:15:37.0967 2628 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
22:15:38.0170 2628 ql1280 - ok
22:15:38.0202 2628 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:15:38.0420 2628 RasAcd - ok
22:15:38.0499 2628 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll
22:15:38.0702 2628 RasAuto - ok
22:15:38.0749 2628 [ 0207D26DDF796A193CCD9F83047BB5FC ] Rasirda C:\WINDOWS\system32\DRIVERS\rasirda.sys
22:15:38.0874 2628 Rasirda - ok
22:15:38.0889 2628 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
22:15:39.0108 2628 Rasl2tp - ok
22:15:39.0186 2628 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll
22:15:39.0405 2628 RasMan - ok
22:15:39.0452 2628 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:15:39.0655 2628 RasPppoe - ok
22:15:39.0717 2628 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
22:15:39.0920 2628 Raspti - ok
22:15:39.0983 2628 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:15:40.0202 2628 Rdbss - ok
22:15:40.0233 2628 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
22:15:40.0452 2628 RDPCDD - ok
22:15:40.0530 2628 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
22:15:40.0733 2628 rdpdr - ok
22:15:40.0780 2628 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
22:15:40.0858 2628 RDPWD - ok
22:15:40.0905 2628 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
22:15:41.0124 2628 RDSessMgr - ok
22:15:41.0217 2628 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
22:15:41.0420 2628 redbook - ok
22:15:41.0467 2628 [ 8AC155995F5D10FC0D3AD949A1A68075 ] RegSrvc C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
22:15:41.0514 2628 RegSrvc ( UnsignedFile.Multi.Generic ) - warning
22:15:41.0514 2628 RegSrvc - detected UnsignedFile.Multi.Generic (1)
22:15:41.0561 2628 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
22:15:41.0780 2628 RemoteAccess - ok
22:15:41.0827 2628 [ E4CD1F3D84E1C2CA0B8CF7501E201593 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
22:15:42.0061 2628 RemoteRegistry - ok
22:15:42.0108 2628 [ 851C30DF2807FCFA21E4C681A7D6440E ] RFCOMM C:\WINDOWS\system32\DRIVERS\rfcomm.sys
22:15:42.0327 2628 RFCOMM - ok
22:15:42.0452 2628 [ 2AF094B1CE4725E4551F38FDA2348637 ] RichVideo C:\Programme\CyberLink\Shared Files\RichVideo.exe
22:15:42.0467 2628 RichVideo ( UnsignedFile.Multi.Generic ) - warning
22:15:42.0467 2628 RichVideo - detected UnsignedFile.Multi.Generic (1)
22:15:42.0514 2628 [ F17713D108ACA124A139FDE877EEF68A ] RimUsb C:\WINDOWS\system32\Drivers\RimUsb.sys
22:15:42.0592 2628 RimUsb - ok
22:15:42.0624 2628 [ 2C4FB2E9F039287767C384E46EE91030 ] RimVSerPort C:\WINDOWS\system32\DRIVERS\RimSerial.sys
22:15:42.0702 2628 RimVSerPort - ok
22:15:42.0717 2628 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys
22:15:42.0936 2628 ROOTMODEM - ok
22:15:43.0045 2628 RoxLiveShare9 - ok
22:15:43.0092 2628 [ 67C607857CCD6EBFFE768DAD5B2CA239 ] rpcapd C:\Programme\WinPcap\rpcapd.exe
22:15:43.0108 2628 rpcapd ( UnsignedFile.Multi.Generic ) - warning
22:15:43.0108 2628 rpcapd - detected UnsignedFile.Multi.Generic (1)
22:15:43.0155 2628 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\system32\locator.exe
22:15:43.0358 2628 RpcLocator - ok
22:15:43.0405 2628 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs C:\WINDOWS\system32\rpcss.dll
22:15:43.0483 2628 RpcSs - ok
22:15:43.0545 2628 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\system32\rsvp.exe
22:15:43.0780 2628 RSVP - ok
22:15:43.0858 2628 [ 59509AD6CBC28F2C73056268985B3E48 ] s0016bus C:\WINDOWS\system32\DRIVERS\s0016bus.sys
22:15:43.0905 2628 s0016bus - ok
22:15:43.0936 2628 [ B98C3A6F91F4FBA285AF9606A240C6B4 ] s0016mdfl C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys
22:15:43.0967 2628 s0016mdfl - ok
22:15:43.0999 2628 [ 8A83426F4FB7B5212825D9DE76368B1A ] s0016mdm C:\WINDOWS\system32\DRIVERS\s0016mdm.sys
22:15:44.0030 2628 s0016mdm - ok
22:15:44.0045 2628 [ 7A78BBA97FEB5E6D24C49E93A3BF7287 ] s0016mgmt C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys
22:15:44.0077 2628 s0016mgmt - ok
22:15:44.0092 2628 [ 34EF7B5F611957B73E7219DD5A222AD1 ] s0016nd5 C:\WINDOWS\system32\DRIVERS\s0016nd5.sys
22:15:44.0124 2628 s0016nd5 - ok
22:15:44.0139 2628 [ 36792935847143E4A3CDA0DC87248487 ] s0016obex C:\WINDOWS\system32\DRIVERS\s0016obex.sys
22:15:44.0170 2628 s0016obex - ok
22:15:44.0202 2628 [ 927208754FB27FC3E7A659E77500C5D1 ] s0016unic C:\WINDOWS\system32\DRIVERS\s0016unic.sys
22:15:44.0233 2628 s0016unic - ok
22:15:44.0264 2628 [ 12A851F30853A5A8E7B50341FA4B0FFB ] s1018bus C:\WINDOWS\system32\DRIVERS\s1018bus.sys
22:15:44.0295 2628 s1018bus - ok
22:15:44.0327 2628 [ A0141D5DC689A892B3F30446CBE52575 ] s1018mdfl C:\WINDOWS\system32\DRIVERS\s1018mdfl.sys
22:15:44.0358 2628 s1018mdfl - ok
22:15:44.0405 2628 [ 07D430E4B2BFDE6B07F31F1DA6E7CAB0 ] s1018mdm C:\WINDOWS\system32\DRIVERS\s1018mdm.sys
22:15:44.0436 2628 s1018mdm - ok
22:15:44.0467 2628 [ D73C20D3F0F825C8FD23F841CDCB14C0 ] s1018mgmt C:\WINDOWS\system32\DRIVERS\s1018mgmt.sys
22:15:44.0499 2628 s1018mgmt - ok
22:15:44.0545 2628 [ 895A1A2812DBD5AFDD5CA4686A89A33C ] s1018nd5 C:\WINDOWS\system32\DRIVERS\s1018nd5.sys
22:15:44.0561 2628 s1018nd5 - ok
22:15:44.0592 2628 [ A986E9683C74FA06456FD2AD34BA1490 ] s1018obex C:\WINDOWS\system32\DRIVERS\s1018obex.sys
22:15:44.0624 2628 s1018obex - ok
22:15:44.0639 2628 [ DA83525924C23F30F37AC1D1F11D6F15 ] s1018unic C:\WINDOWS\system32\DRIVERS\s1018unic.sys
22:15:44.0670 2628 s1018unic - ok
22:15:44.0749 2628 [ 131D50F081D2E29EBD1365B21F6B9736 ] S24EventMonitor C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
22:15:44.0827 2628 S24EventMonitor ( UnsignedFile.Multi.Generic ) - warning
22:15:44.0827 2628 S24EventMonitor - detected UnsignedFile.Multi.Generic (1)
22:15:44.0858 2628 [ E2C6ABCBEFB1D44F6AAEB1CD5D6062D4 ] s24trans C:\WINDOWS\system32\DRIVERS\s24trans.sys
22:15:44.0889 2628 s24trans ( UnsignedFile.Multi.Generic ) - warning
22:15:44.0889 2628 s24trans - detected UnsignedFile.Multi.Generic (1)
22:15:44.0952 2628 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe
22:15:45.0139 2628 SamSs - ok
22:15:45.0217 2628 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
22:15:45.0452 2628 SCardSvr - ok
22:15:45.0499 2628 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll
22:15:45.0702 2628 Schedule - ok
22:15:45.0811 2628 [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys
22:15:46.0014 2628 sdbus - ok
22:15:46.0108 2628 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
22:15:46.0217 2628 Secdrv - ok
22:15:46.0264 2628 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll
22:15:46.0483 2628 seclogon - ok
22:15:46.0592 2628 [ E5B56569A9F79B70314FEDE6C953641E ] seehcri C:\WINDOWS\system32\DRIVERS\seehcri.sys
22:15:46.0655 2628 seehcri - ok
22:15:46.0717 2628 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll
22:15:46.0936 2628 SENS - ok
22:15:47.0030 2628 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\drivers\Serial.sys
22:15:47.0217 2628 Serial - ok
22:15:47.0264 2628 [ 0FA803C64DF0914B41F807EA276BF2A6 ] sffdisk C:\WINDOWS\system32\DRIVERS\sffdisk.sys
22:15:47.0483 2628 sffdisk - ok
22:15:47.0561 2628 [ C17C331E435ED8737525C86A7557B3AC ] sffp_sd C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
22:15:47.0764 2628 sffp_sd - ok
22:15:47.0842 2628 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\DRIVERS\sfloppy.sys
22:15:48.0061 2628 Sfloppy - ok
22:15:48.0155 2628 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
22:15:48.0389 2628 SharedAccess - ok
22:15:48.0420 2628 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
22:15:48.0452 2628 ShellHWDetection - ok
22:15:48.0467 2628 Simbad - ok
22:15:48.0483 2628 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
22:15:48.0686 2628 sisagp - ok
22:15:48.0780 2628 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Programme\Skype\Updater\Updater.exe
22:15:48.0811 2628 SkypeUpdate - ok
22:15:48.0827 2628 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
22:15:49.0045 2628 SLIP - ok
22:15:49.0139 2628 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
22:15:49.0249 2628 Sparrow - ok
22:15:49.0295 2628 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
22:15:49.0514 2628 splitter - ok
22:15:49.0608 2628 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
22:15:49.0655 2628 Spooler - ok
22:15:49.0702 2628 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
22:15:49.0811 2628 sr - ok
22:15:49.0874 2628 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll
22:15:50.0014 2628 srservice - ok
22:15:50.0061 2628 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
22:15:50.0139 2628 Srv - ok
22:15:50.0170 2628 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
22:15:50.0311 2628 SSDPSRV - ok
22:15:50.0374 2628 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll
22:15:50.0577 2628 stisvc - ok
22:15:50.0608 2628 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
22:15:50.0827 2628 streamip - ok
22:15:50.0858 2628 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
22:15:51.0061 2628 swenum - ok
22:15:51.0124 2628 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
22:15:51.0342 2628 swmidi - ok
22:15:51.0358 2628 SwPrv - ok
22:15:51.0436 2628 [ CE045B180D34404FF3017C18D308E9C1 ] SymAppCore C:\Programme\Gemeinsame Dateien\Symantec Shared\AppCore\AppSvc32.exe
22:15:51.0467 2628 SymAppCore - ok
22:15:51.0514 2628 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
22:15:51.0717 2628 symc810 - ok
22:15:51.0717 2628 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
22:15:51.0983 2628 symc8xx - ok
22:15:52.0061 2628 [ 46908BD52789F85ABB0207C553857FDF ] SymEvent C:\Programme\Symantec\SYMEVENT.SYS
22:15:52.0092 2628 SymEvent - ok
22:15:52.0139 2628 [ 8D663525791EB438A71DF7D96227B398 ] SYMREDRV C:\WINDOWS\System32\Drivers\SYMREDRV.SYS
22:15:52.0170 2628 SYMREDRV - ok
22:15:52.0202 2628 [ 4A294BF8A1A11485DA5CB79216E3291B ] SYMTDI C:\WINDOWS\System32\Drivers\SYMTDI.SYS
22:15:52.0233 2628 SYMTDI - ok
22:15:52.0264 2628 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
22:15:52.0467 2628 sym_hi - ok
22:15:52.0530 2628 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
22:15:52.0717 2628 sym_u3 - ok
22:15:52.0842 2628 [ CC5DA243CFDAC58FC0408F7CE24084C5 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
22:15:52.0905 2628 SynTP - ok
22:15:52.0952 2628 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
22:15:53.0186 2628 sysaudio - ok
22:15:53.0249 2628 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
22:15:53.0467 2628 SysmonLog - ok
22:15:53.0499 2628 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
22:15:53.0733 2628 TapiSrv - ok
22:15:53.0827 2628 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:15:53.0874 2628 Tcpip - ok
22:15:53.0920 2628 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
22:15:54.0124 2628 TDPIPE - ok
22:15:54.0139 2628 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
22:15:54.0327 2628 TDTCP - ok
22:15:54.0389 2628 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
22:15:54.0608 2628 TermDD - ok
22:15:54.0670 2628 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll
22:15:54.0874 2628 TermService - ok
22:15:54.0920 2628 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll
22:15:54.0952 2628 Themes - ok
22:15:55.0014 2628 [ 78213F01CE781F93180BEF5EB5B3AD81 ] tifm21 C:\WINDOWS\system32\drivers\tifm21.sys
22:15:55.0077 2628 tifm21 - ok
22:15:55.0124 2628 [ 03681A1CE77F51586903869A5AB1DEAB ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
22:15:55.0249 2628 TlntSvr - ok
22:15:55.0311 2628 [ D213A9247DC347F305A2D4CC9B951487 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
22:15:55.0545 2628 TosIde - ok
22:15:55.0624 2628 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll
22:15:55.0842 2628 TrkWks - ok
22:15:55.0936 2628 [ 97DD70FECA64FB4F63DE7BB7E66A80B1 ] tvicport C:\WINDOWS\system32\drivers\tvicport.sys
22:15:55.0952 2628 tvicport ( UnsignedFile.Multi.Generic ) - warning
22:15:55.0952 2628 tvicport - detected UnsignedFile.Multi.Generic (1)
22:15:55.0999 2628 [ E0C67BE430C6DE490D6CCAECFA071F9E ] UBHelper C:\WINDOWS\system32\drivers\UBHelper.sys
22:15:56.0045 2628 UBHelper ( UnsignedFile.Multi.Generic ) - warning
22:15:56.0045 2628 UBHelper - detected UnsignedFile.Multi.Generic (1)
22:15:56.0077 2628 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
22:15:56.0280 2628 Udfs - ok
22:15:56.0358 2628 [ 0CA9E659B7053D398052776AC936B167 ] UI Assistant Service C:\Programme\Mobile Partner Manager\AssistantServices.exe
22:15:56.0389 2628 UI Assistant Service ( UnsignedFile.Multi.Generic ) - warning
22:15:56.0389 2628 UI Assistant Service - detected UnsignedFile.Multi.Generic (1)
22:15:56.0405 2628 UimBus - ok
22:15:56.0420 2628 Uim_IM - ok
22:15:56.0436 2628 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
22:15:56.0577 2628 ultra - ok
22:15:56.0639 2628 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
22:15:56.0858 2628 Update - ok
22:15:56.0952 2628 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll
22:15:57.0061 2628 upnphost - ok
22:15:57.0108 2628 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe
22:15:57.0311 2628 UPS - ok
22:15:57.0358 2628 [ 83CAFCB53201BBAC04D822F32438E244 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
22:15:57.0436 2628 USBAAPL - ok
22:15:57.0483 2628 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
22:15:57.0686 2628 usbccgp - ok
22:15:57.0780 2628 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
22:15:57.0983 2628 usbehci - ok
22:15:58.0077 2628 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
22:15:58.0295 2628 usbhub - ok
22:15:58.0311 2628 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
22:15:58.0514 2628 usbohci - ok
22:15:58.0545 2628 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
22:15:58.0749 2628 usbprint - ok
22:15:58.0827 2628 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
22:15:59.0045 2628 usbscan - ok
22:15:59.0124 2628 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
22:15:59.0342 2628 usbstor - ok
22:15:59.0374 2628 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
22:15:59.0577 2628 usbuhci - ok
22:15:59.0670 2628 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
22:15:59.0874 2628 usbvideo - ok
22:15:59.0967 2628 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
22:16:00.0170 2628 VgaSave - ok
22:16:00.0233 2628 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
22:16:00.0420 2628 viaagp - ok
22:16:00.0436 2628 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
22:16:00.0655 2628 ViaIde - ok
22:16:00.0717 2628 [ AE01E1ED5A81E0D268B91B4A6DE5A872 ] VNUSB C:\WINDOWS\system32\DRIVERS\VNUSB.sys
22:16:00.0780 2628 VNUSB ( UnsignedFile.Multi.Generic ) - warning
22:16:00.0780 2628 VNUSB - detected UnsignedFile.Multi.Generic (1)
22:16:00.0827 2628 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
22:16:01.0045 2628 VolSnap - ok
22:16:01.0389 2628 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe
22:16:01.0530 2628 VSS - ok
22:16:02.0155 2628 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll
22:16:02.0374 2628 W32Time - ok
22:16:02.0405 2628 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:16:02.0624 2628 Wanarp - ok
22:16:02.0717 2628 [ BBCFEAB7E871CDDAC2D397EE7FA91FDC ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
22:16:02.0780 2628 Wdf01000 - ok
22:16:02.0780 2628 WDICA - ok
22:16:02.0827 2628 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
22:16:03.0045 2628 wdmaud - ok
22:16:03.0124 2628 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll
22:16:03.0342 2628 WebClient - ok
22:16:03.0436 2628 [ 307D248F97835B6879BDD361086924FE ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
22:16:03.0545 2628 winachsf - ok
22:16:03.0655 2628 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
22:16:03.0858 2628 winmgmt - ok
22:16:03.0967 2628 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
22:16:04.0045 2628 WmdmPmSN - ok
22:16:04.0108 2628 [ FFA4D901D46D07A5BAB2D8307FBB51A6 ] Wmi C:\WINDOWS\System32\advapi32.dll
22:16:04.0202 2628 Wmi - ok
22:16:04.0264 2628 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
22:16:04.0452 2628 WmiAcpi - ok
22:16:04.0514 2628 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
22:16:04.0717 2628 WmiApSrv - ok
22:16:04.0780 2628 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
22:16:04.0827 2628 WpdUsb - ok
22:16:04.0858 2628 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
22:16:05.0061 2628 WS2IFSL - ok
22:16:05.0155 2628 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINDOWS\system32\wscsvc.dll
22:16:05.0374 2628 wscsvc - ok
22:16:05.0405 2628 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
22:16:05.0624 2628 WSTCODEC - ok
22:16:05.0717 2628 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
22:16:05.0936 2628 wuauserv - ok
22:16:06.0030 2628 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
22:16:06.0108 2628 WudfPf - ok
22:16:06.0124 2628 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
22:16:06.0170 2628 WudfRd - ok
22:16:06.0217 2628 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
22:16:06.0249 2628 WudfSvc - ok
22:16:06.0311 2628 [ 326C012C7FE573829871FE9C9E41CF9B ] WUSB54GCv3 C:\WINDOWS\system32\DRIVERS\WUSB54GCv3.sys
22:16:06.0389 2628 WUSB54GCv3 - ok
22:16:06.0452 2628 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
22:16:06.0764 2628 WZCSVC - ok
22:16:06.0842 2628 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
22:16:07.0061 2628 xmlprov - ok
22:16:07.0139 2628 [ 40AC8590CC9006DBB99FFCB37879D4C6 ] zntport C:\WINDOWS\system32\drivers\zntport.sys
22:16:07.0139 2628 zntport ( UnsignedFile.Multi.Generic ) - warning
22:16:07.0139 2628 zntport - detected UnsignedFile.Multi.Generic (1)
22:16:07.0186 2628 [ 616B411BFC0E9F535A436759F19B79D8 ] ZTEusbmdm6k C:\WINDOWS\system32\DRIVERS\ZTEusbmdm6k.sys
22:16:07.0342 2628 ZTEusbmdm6k - ok
22:16:07.0374 2628 [ 616B411BFC0E9F535A436759F19B79D8 ] ZTEusbnmea C:\WINDOWS\system32\DRIVERS\ZTEusbnmea.sys
22:16:07.0405 2628 ZTEusbnmea - ok
22:16:07.0420 2628 [ 616B411BFC0E9F535A436759F19B79D8 ] ZTEusbser6k C:\WINDOWS\system32\DRIVERS\ZTEusbser6k.sys
22:16:07.0467 2628 ZTEusbser6k - ok
22:16:07.0530 2628 ================ Scan global ===============================
22:16:07.0577 2628 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
22:16:07.0639 2628 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
22:16:07.0670 2628 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
22:16:07.0686 2628 [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe
22:16:07.0686 2628 [Global] - ok
22:16:07.0686 2628 ================ Scan MBR ==================================
22:16:07.0717 2628 [ 99852D5C3A78447C3D6D82B6155FE848 ] \Device\Harddisk0\DR0
22:16:14.0217 2628 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
22:16:14.0217 2628 \Device\Harddisk0\DR0 - detected TDSS File System (1)
22:16:14.0217 2628 ================ Scan VBR ==================================
22:16:14.0249 2628 [ 1EDAED548AD7E6D342C9B9A3CCCF5E15 ] \Device\Harddisk0\DR0\Partition1
22:16:14.0249 2628 \Device\Harddisk0\DR0\Partition1 - ok
22:16:14.0280 2628 [ B29ED67FFEC67AFAE60386215223233C ] \Device\Harddisk0\DR0\Partition2
22:16:14.0280 2628 \Device\Harddisk0\DR0\Partition2 - ok
22:16:14.0280 2628 ============================================================
22:16:14.0280 2628 Scan finished
22:16:14.0280 2628 ============================================================
22:16:14.0405 1004 Detected object count: 27
22:16:14.0405 1004 Actual detected object count: 27
22:16:31.0374 1004 AegisP ( UnsignedFile.Multi.Generic ) - skipped by user
22:16:31.0374 1004 AegisP ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:16:31.0374 1004 Afc ( UnsignedFile.Multi.Generic ) - skipped by user
22:16:31.0374 1004 Afc ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:16:31.0374 1004 Apache2.2 ( UnsignedFile.Multi.Generic ) - skipped by user
22:16:31.0374 1004 Apache2.2 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:16:31.0374 1004 eLockService ( UnsignedFile.Multi.Generic ) - skipped by user
22:16:31.0374 1004 eLockService ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:16:31.0374 1004 EpmPsd ( UnsignedFile.Multi.Generic ) - skipped by user
22:16:31.0374 1004 EpmPsd ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:16:31.0374 1004 EpmShd ( UnsignedFile.Multi.Generic ) - skipped by user
22:16:31.0374 1004 EpmShd ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:16:31.0374 1004 EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user
22:16:31.0374 1004 EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:16:31.0374 1004 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
22:16:31.0374 1004 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:16:31.0374 1004 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
22:16:31.0374 1004 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:16:31.0374 1004 int15.sys ( UnsignedFile.Multi.Generic ) - skipped by user
22:16:31.0374 1004 int15.sys ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:16:31.0389 1004 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
22:16:31.0389 1004 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:16:31.0389 1004 Ndisprot ( UnsignedFile.Multi.Generic ) - skipped by user
22:16:31.0389 1004 Ndisprot ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:16:31.0389 1004 NPF ( UnsignedFile.Multi.Generic ) - skipped by user
22:16:31.0389 1004 NPF ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:16:31.0389 1004 NTIDrvr ( UnsignedFile.Multi.Generic ) - skipped by user
22:16:31.0389 1004 NTIDrvr ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:16:31.0389 1004 psdfilter ( UnsignedFile.Multi.Generic ) - skipped by user
22:16:31.0389 1004 psdfilter ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:16:31.0389 1004 psdvdisk ( UnsignedFile.Multi.Generic ) - skipped by user
22:16:31.0389 1004 psdvdisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:16:31.0389 1004 RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user
22:16:31.0405 1004 RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:16:31.0405 1004 RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
22:16:31.0405 1004 RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:16:31.0405 1004 rpcapd ( UnsignedFile.Multi.Generic ) - skipped by user
22:16:31.0405 1004 rpcapd ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:16:31.0405 1004 S24EventMonitor ( UnsignedFile.Multi.Generic ) - skipped by user
22:16:31.0405 1004 S24EventMonitor ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:16:31.0405 1004 s24trans ( UnsignedFile.Multi.Generic ) - skipped by user
22:16:31.0405 1004 s24trans ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:16:31.0405 1004 tvicport ( UnsignedFile.Multi.Generic ) - skipped by user
22:16:31.0405 1004 tvicport ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:16:31.0420 1004 UBHelper ( UnsignedFile.Multi.Generic ) - skipped by user
22:16:31.0420 1004 UBHelper ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:16:31.0420 1004 UI Assistant Service ( UnsignedFile.Multi.Generic ) - skipped by user
22:16:31.0420 1004 UI Assistant Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:16:31.0420 1004 VNUSB ( UnsignedFile.Multi.Generic ) - skipped by user
22:16:31.0420 1004 VNUSB ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:16:31.0436 1004 zntport ( UnsignedFile.Multi.Generic ) - skipped by user
22:16:31.0436 1004 zntport ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:16:31.0436 1004 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
22:16:31.0436 1004 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
|
|
27.12.2012, 18:49
| #6 |
| /// Malware-holic | GVU-Trojaner – was tun mit der Otl.txt? hi Scanne noch mal mit den Einstellungen von oben mit dem TDSS Killer. lösche diesmal den fund: TDSS File System Starte neu, scanne dann erneut poste das Log.
__________________ --> GVU-Trojaner – was tun mit der Otl.txt? |
|
06.01.2013, 17:27
| #7 |
| | GVU-Trojaner – was tun mit der Otl.txt? Hallo, vielen Dank. Hier der der aktuelle Report Code:
ATTFilter 17:23:07.0687 5572 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
17:23:08.0343 5572 ============================================================
17:23:08.0343 5572 Current date / time: 2013/01/06 17:23:08.0343
17:23:08.0343 5572 SystemInfo:
17:23:08.0343 5572
17:23:08.0343 5572 OS Version: 5.1.2600 ServicePack: 3.0
17:23:08.0343 5572 Product type: Workstation
17:23:08.0343 5572 ComputerName: NOTEBOOK
17:23:08.0343 5572 UserName: David Franz
17:23:08.0343 5572 Windows directory: C:\WINDOWS
17:23:08.0343 5572 System windows directory: C:\WINDOWS
17:23:08.0343 5572 Processor architecture: Intel x86
17:23:08.0343 5572 Number of processors: 2
17:23:08.0343 5572 Page size: 0x1000
17:23:08.0343 5572 Boot type: Normal boot
17:23:08.0343 5572 ============================================================
17:23:13.0437 5572 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
17:23:13.0468 5572 ============================================================
17:23:13.0468 5572 \Device\Harddisk0\DR0:
17:23:13.0468 5572 MBR partitions:
17:23:13.0468 5572 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xBB86BD, BlocksNum 0xFA671D8
17:23:13.0468 5572 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xC, StartLBA 0x1061F895, BlocksNum 0x23F922C
17:23:13.0468 5572 ============================================================
17:23:13.0515 5572 C: <-> \Device\Harddisk0\DR0\Partition1
17:23:13.0531 5572 D: <-> \Device\Harddisk0\DR0\Partition2
17:23:13.0531 5572 ============================================================
17:23:13.0531 5572 Initialize success
17:23:13.0531 5572 ============================================================
17:23:22.0937 3604 ============================================================
17:23:22.0937 3604 Scan started
17:23:22.0937 3604 Mode: Manual; SigCheck; TDLFS;
17:23:22.0937 3604 ============================================================
17:23:24.0875 3604 ================ Scan system memory ========================
17:23:24.0875 3604 System memory - ok
17:23:24.0875 3604 ================ Scan services =============================
17:23:25.0140 3604 [ 7EEB488346FBFA3731276C3EE8A8FD9E ] AAV UpdateService C:\Programme\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
17:23:25.0421 3604 AAV UpdateService - ok
17:23:27.0968 3604 Abiosdsk - ok
17:23:28.0000 3604 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
17:23:31.0437 3604 abp480n5 - ok
17:23:31.0625 3604 [ 419C06524DC5A79BAAD9A67339C1C65C ] ACDaemon C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe
17:23:32.0140 3604 ACDaemon - ok
17:23:32.0296 3604 [ 27F954120BABB8A00F8745D8F5BC9B82 ] acedrv11 C:\WINDOWS\system32\drivers\acedrv11.sys
17:23:32.0578 3604 acedrv11 - ok
17:23:32.0687 3604 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:23:32.0968 3604 ACPI - ok
17:23:33.0015 3604 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
17:23:33.0250 3604 ACPIEC - ok
17:23:33.0296 3604 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
17:23:33.0562 3604 adpu160m - ok
17:23:33.0734 3604 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
17:23:34.0015 3604 aec - ok
17:23:34.0062 3604 [ 375EB0B97E3950ADEF3633C27A82438B ] AegisP C:\WINDOWS\system32\DRIVERS\AegisP.sys
17:23:34.0140 3604 AegisP ( UnsignedFile.Multi.Generic ) - warning
17:23:34.0140 3604 AegisP - detected UnsignedFile.Multi.Generic (1)
17:23:34.0187 3604 [ A7B8A3A79D35215D798A300DF49ED23F ] Afc C:\WINDOWS\system32\drivers\Afc.sys
17:23:34.0234 3604 Afc ( UnsignedFile.Multi.Generic ) - warning
17:23:34.0234 3604 Afc - detected UnsignedFile.Multi.Generic (1)
17:23:34.0281 3604 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
17:23:34.0453 3604 AFD - ok
17:23:34.0562 3604 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
17:23:34.0796 3604 agp440 - ok
17:23:34.0812 3604 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
17:23:35.0062 3604 agpCPQ - ok
17:23:35.0093 3604 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
17:23:35.0265 3604 Aha154x - ok
17:23:35.0281 3604 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
17:23:35.0562 3604 aic78u2 - ok
17:23:35.0593 3604 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
17:23:35.0812 3604 aic78xx - ok
17:23:35.0859 3604 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll
17:23:36.0140 3604 Alerter - ok
17:23:36.0187 3604 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe
17:23:36.0328 3604 ALG - ok
17:23:36.0359 3604 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
17:23:36.0593 3604 AliIde - ok
17:23:36.0671 3604 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
17:23:36.0906 3604 alim1541 - ok
17:23:36.0953 3604 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
17:23:37.0250 3604 amdagp - ok
17:23:37.0406 3604 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
17:23:37.0625 3604 amsint - ok
17:23:37.0875 3604 [ 90B2413AC639CBADBD6CF166375E39C0 ] Apache2.2 C:\Programme\open3A\apache\bin\apache.exe
17:23:37.0906 3604 Apache2.2 ( UnsignedFile.Multi.Generic ) - warning
17:23:37.0906 3604 Apache2.2 - detected UnsignedFile.Multi.Generic (1)
17:23:38.0046 3604 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:23:38.0093 3604 Apple Mobile Device - ok
17:23:38.0187 3604 [ D45960BE52C3C610D361977057F98C54 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
17:23:38.0375 3604 AppMgmt - ok
17:23:38.0421 3604 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
17:23:38.0671 3604 Arp1394 - ok
17:23:38.0734 3604 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
17:23:39.0031 3604 asc - ok
17:23:39.0062 3604 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
17:23:39.0203 3604 asc3350p - ok
17:23:39.0234 3604 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
17:23:39.0468 3604 asc3550 - ok
17:23:39.0812 3604 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
17:23:40.0078 3604 aspnet_state - ok
17:23:40.0140 3604 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:23:40.0390 3604 AsyncMac - ok
17:23:40.0406 3604 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
17:23:40.0703 3604 atapi - ok
17:23:40.0718 3604 Atdisk - ok
17:23:40.0812 3604 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:23:41.0078 3604 Atmarpc - ok
17:23:41.0140 3604 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
17:23:41.0453 3604 AudioSrv - ok
17:23:41.0500 3604 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
17:23:41.0781 3604 audstub - ok
17:23:41.0890 3604 [ F96038AA1EC4013A93D2420FC689D1E9 ] b57w2k C:\WINDOWS\system32\DRIVERS\b57xp32.sys
17:23:42.0093 3604 b57w2k - ok
17:23:42.0125 3604 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
17:23:42.0375 3604 Beep - ok
17:23:42.0468 3604 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll
17:23:43.0015 3604 BITS - ok
17:23:43.0171 3604 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Programme\Bonjour\mDNSResponder.exe
17:23:43.0218 3604 Bonjour Service - ok
17:23:43.0281 3604 [ D3FACB34FFF5DB91ADB70987838F8BA7 ] Brother XP spl Service C:\WINDOWS\system32\brsvc01a.exe
17:23:43.0359 3604 Brother XP spl Service - ok
17:23:43.0406 3604 [ B71549F23736ADF83A571061C47777FD ] Browser C:\WINDOWS\System32\browser.dll
17:23:43.0515 3604 Browser - ok
17:23:43.0546 3604 [ 92A964547B96D697E5E9ED43B4297F5A ] BrScnUsb C:\WINDOWS\system32\Drivers\BrScnUsb.sys
17:23:43.0640 3604 BrScnUsb - ok
17:23:43.0703 3604 [ ECDC40CC54603C711E1A7A1C9255184A ] btaudio C:\WINDOWS\system32\drivers\btaudio.sys
17:23:43.0765 3604 btaudio - ok
17:23:43.0828 3604 [ 58A49BD10E08D3D4333A60DEDCB1CED8 ] BTDriver C:\WINDOWS\system32\DRIVERS\btport.sys
17:23:43.0859 3604 BTDriver - ok
17:23:43.0906 3604 [ B279426E3C0C344893ED78A613A73BDE ] BthEnum C:\WINDOWS\system32\DRIVERS\BthEnum.sys
17:23:44.0171 3604 BthEnum - ok
17:23:44.0234 3604 [ 80602B8746D3738F5886CE3D67EF06B6 ] BthPan C:\WINDOWS\system32\DRIVERS\bthpan.sys
17:23:44.0531 3604 BthPan - ok
17:23:44.0593 3604 [ 592E1CEDBE314D0EF184DC6F46141E76 ] BTHPORT C:\WINDOWS\system32\Drivers\BTHport.sys
17:23:44.0703 3604 BTHPORT - ok
17:23:44.0734 3604 [ 26C601EF7525E31379744ABFC6F35A1B ] BthServ C:\WINDOWS\System32\bthserv.dll
17:23:44.0968 3604 BthServ - ok
17:23:45.0015 3604 [ 61364CD71EF63B0F038B7E9DF00F1EFA ] BTHUSB C:\WINDOWS\system32\Drivers\BTHUSB.sys
17:23:45.0250 3604 BTHUSB - ok
17:23:45.0468 3604 [ 885B6D0F826A216EEE4C3AD883809012 ] BTKRNL C:\WINDOWS\system32\DRIVERS\btkrnl.sys
17:23:45.0671 3604 BTKRNL - ok
17:23:45.0906 3604 [ 49E9ED37FAEC5E8C03E81FD73D3884D6 ] btwdins C:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe
17:23:45.0953 3604 btwdins - ok
17:23:46.0015 3604 [ B1D350F3F13CF340FCE93912D2BA1EBF ] BTWDNDIS C:\WINDOWS\system32\DRIVERS\btwdndis.sys
17:23:46.0156 3604 BTWDNDIS - ok
17:23:46.0187 3604 [ E48668B4A6A5CF68B33AECAD18EE8E1E ] btwhid C:\WINDOWS\system32\DRIVERS\btwhid.sys
17:23:46.0234 3604 btwhid - ok
17:23:46.0296 3604 [ 57E91E9925976BBC98984EEBAAF1D84C ] BTWUSB C:\WINDOWS\system32\Drivers\btwusb.sys
17:23:46.0453 3604 BTWUSB - ok
17:23:46.0625 3604 [ 4B999349156C3E203E0728ACA4274359 ] Cam5607 C:\WINDOWS\system32\Drivers\BisonC07.sys
17:23:46.0703 3604 Cam5607 - ok
17:23:46.0734 3604 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
17:23:47.0000 3604 cbidf - ok
17:23:47.0015 3604 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
17:23:47.0250 3604 cbidf2k - ok
17:23:47.0328 3604 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
17:23:47.0562 3604 CCDECODE - ok
17:23:47.0656 3604 [ 15C40B3E236C98C3C31F802881713064 ] ccEvtMgr C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe
17:23:47.0750 3604 ccEvtMgr - ok
17:23:47.0796 3604 [ 15C40B3E236C98C3C31F802881713064 ] ccSetMgr C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe
17:23:47.0812 3604 ccSetMgr - ok
17:23:47.0906 3604 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
17:23:48.0078 3604 cd20xrnt - ok
17:23:48.0109 3604 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
17:23:48.0343 3604 Cdaudio - ok
17:23:48.0390 3604 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
17:23:48.0640 3604 Cdfs - ok
17:23:48.0984 3604 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:23:49.0265 3604 Cdrom - ok
17:23:49.0281 3604 Changer - ok
17:23:49.0500 3604 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe
17:23:49.0875 3604 CiSvc - ok
17:23:49.0906 3604 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
17:23:50.0140 3604 ClipSrv - ok
17:23:50.0218 3604 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:23:50.0671 3604 clr_optimization_v2.0.50727_32 - ok
17:23:50.0718 3604 [ 15C40B3E236C98C3C31F802881713064 ] CLTNetCnService C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe
17:23:50.0750 3604 CLTNetCnService - ok
17:23:50.0812 3604 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
17:23:51.0203 3604 CmBatt - ok
17:23:51.0453 3604 [ C687F81290303D90099B027A6474F99F ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
17:23:51.0843 3604 CmdIde - ok
17:23:51.0890 3604 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
17:23:52.0234 3604 Compbatt - ok
17:23:52.0250 3604 COMSysApp - ok
17:23:52.0281 3604 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
17:23:52.0562 3604 Cpqarray - ok
17:23:52.0593 3604 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
17:23:52.0921 3604 CryptSvc - ok
17:23:52.0968 3604 [ 4E08A98DBA0B1249C2EB4B191978A9A4 ] ctxusbm C:\WINDOWS\system32\DRIVERS\ctxusbm.sys
17:23:53.0000 3604 ctxusbm - ok
17:23:53.0078 3604 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
17:23:53.0312 3604 dac2w2k - ok
17:23:53.0375 3604 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
17:23:53.0593 3604 dac960nt - ok
17:23:53.0656 3604 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
17:23:53.0968 3604 DcomLaunch - ok
17:23:54.0046 3604 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
17:23:54.0359 3604 Dhcp - ok
17:23:54.0421 3604 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\DISK.SYS
17:23:54.0750 3604 Disk - ok
17:23:54.0765 3604 dmadmin - ok
17:23:55.0125 3604 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
17:23:55.0671 3604 dmboot - ok
17:23:55.0781 3604 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys
17:24:04.0093 3604 dmio - ok
17:24:04.0406 3604 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
17:24:04.0656 3604 dmload - ok
17:24:05.0140 3604 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll
17:24:05.0406 3604 dmserver - ok
17:24:05.0625 3604 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
17:24:05.0859 3604 DMusic - ok
17:24:06.0484 3604 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
17:24:06.0750 3604 Dnscache - ok
17:24:07.0203 3604 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
17:24:07.0656 3604 Dot3svc - ok
17:24:07.0734 3604 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
17:24:08.0015 3604 dpti2o - ok
17:24:08.0140 3604 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
17:24:08.0406 3604 drmkaud - ok
17:24:08.0562 3604 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll
17:24:08.0859 3604 EapHost - ok
17:24:09.0500 3604 [ D33EC04D1F0B5F388DE86CCC3333A59F ] eLockService C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
17:24:09.0531 3604 eLockService ( UnsignedFile.Multi.Generic ) - warning
17:24:09.0531 3604 eLockService - detected UnsignedFile.Multi.Generic (1)
17:24:09.0562 3604 [ D68564FCFBDFC04280CDBBB37CF7EF7F ] EpmPsd C:\WINDOWS\system32\drivers\epm-psd.sys
17:24:09.0640 3604 EpmPsd ( UnsignedFile.Multi.Generic ) - warning
17:24:09.0640 3604 EpmPsd - detected UnsignedFile.Multi.Generic (1)
17:24:09.0671 3604 [ 2D0C4A7077F6C68449479F5444C580A7 ] EpmShd C:\WINDOWS\system32\drivers\epm-shd.sys
17:24:09.0781 3604 EpmShd ( UnsignedFile.Multi.Generic ) - warning
17:24:09.0781 3604 EpmShd - detected UnsignedFile.Multi.Generic (1)
17:24:09.0921 3604 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll
17:24:10.0203 3604 ERSvc - ok
17:24:10.0281 3604 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe
17:24:10.0359 3604 Eventlog - ok
17:24:10.0593 3604 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\system32\es.dll
17:24:10.0984 3604 EventSystem - ok
17:24:11.0625 3604 [ 4C6FA3FD55087B7C35707068723A1710 ] EvtEng C:\Programme\Intel\Wireless\Bin\EvtEng.exe
17:24:11.0859 3604 EvtEng ( UnsignedFile.Multi.Generic ) - warning
17:24:11.0859 3604 EvtEng - detected UnsignedFile.Multi.Generic (1)
17:24:11.0953 3604 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
17:24:12.0296 3604 Fastfat - ok
17:24:12.0375 3604 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
17:24:12.0546 3604 FastUserSwitchingCompatibility - ok
17:24:12.0718 3604 [ 08B8B302AF0D1B3B8543429BBAC8F21F ] Fax C:\WINDOWS\system32\fxssvc.exe
17:24:13.0062 3604 Fax - ok
17:24:13.0171 3604 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
17:24:13.0437 3604 Fdc - ok
17:24:13.0500 3604 [ E9648254056BCE81A85380C0C3647DC4 ] FETNDIS C:\WINDOWS\system32\DRIVERS\fetnd5.sys
17:24:13.0750 3604 FETNDIS - ok
17:24:13.0812 3604 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
17:24:14.0046 3604 Fips - ok
17:24:15.0031 3604 [ 167D24A045499EBEF438F231976158DF ] FirebirdServerMAGIXInstance C:\Programme\MAGIX\Common\Database\bin\fbserver.exe
17:24:16.0500 3604 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
17:24:16.0500 3604 FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
17:24:16.0734 3604 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
17:24:16.0968 3604 Flpydisk - ok
17:24:17.0093 3604 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
17:24:17.0359 3604 FltMgr - ok
17:24:17.0531 3604 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
17:24:17.0609 3604 FontCache3.0.0.0 - ok
17:24:17.0671 3604 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:24:17.0937 3604 Fs_Rec - ok
17:24:17.0984 3604 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:24:18.0250 3604 Ftdisk - ok
17:24:18.0312 3604 [ 3A74C423CF6BCCA6982715878F450A3B ] gagp30kx C:\WINDOWS\system32\DRIVERS\gagp30kx.sys
17:24:18.0562 3604 gagp30kx - ok
17:24:18.0625 3604 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
17:24:18.0656 3604 GEARAspiWDM - ok
17:24:18.0718 3604 [ 007AEA2E06E7CEF7372E40C277163959 ] ggflt C:\WINDOWS\system32\DRIVERS\ggflt.sys
17:24:18.0765 3604 ggflt - ok
17:24:18.0843 3604 [ C73DE35960CA75C5AB4AE636B127C64E ] ggsemc C:\WINDOWS\system32\DRIVERS\ggsemc.sys
17:24:18.0906 3604 ggsemc - ok
17:24:18.0968 3604 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:24:19.0234 3604 Gpc - ok
17:24:19.0406 3604 [ 626A24ED1228580B9518C01930936DF9 ] gupdate C:\Programme\Google\Update\GoogleUpdate.exe
17:24:19.0468 3604 gupdate - ok
17:24:19.0468 3604 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe
17:24:19.0500 3604 gupdatem - ok
17:24:19.0718 3604 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
17:24:19.0953 3604 HDAudBus - ok
17:24:20.0093 3604 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
17:24:20.0343 3604 helpsvc - ok
17:24:20.0406 3604 [ B35DA85E60C0103F2E4104532DA2F12B ] HidServ C:\WINDOWS\System32\hidserv.dll
17:24:20.0656 3604 HidServ - ok
17:24:20.0718 3604 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:24:20.0968 3604 HidUsb - ok
17:24:21.0015 3604 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
17:24:21.0265 3604 hkmsvc - ok
17:24:21.0328 3604 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
17:24:21.0546 3604 hpn - ok
17:24:21.0656 3604 [ 6A5C4732D6803F84E2987EDD8E4359CE ] HSFHWAZL C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
17:24:21.0921 3604 HSFHWAZL - ok
17:24:22.0156 3604 [ 21C31273C6CC4826E74BE8AE3B09D4A8 ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
17:24:22.0671 3604 HSF_DPV - ok
17:24:22.0687 3604 HTCAND32 - ok
17:24:22.0828 3604 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
17:24:23.0031 3604 HTTP - ok
17:24:23.0109 3604 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
17:24:23.0343 3604 HTTPFilter - ok
17:24:23.0406 3604 [ 07853191B1BDEE5B39BE4CFCFE3B9AD4 ] hwdatacard C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
17:24:23.0593 3604 hwdatacard - ok
17:24:23.0671 3604 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
17:24:23.0921 3604 i2omgmt - ok
17:24:23.0953 3604 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
17:24:24.0203 3604 i2omp - ok
17:24:24.0234 3604 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
17:24:24.0484 3604 i8042prt - ok
17:24:24.0843 3604 [ AE38A12F79A4980DDB88F36514F8A1DA ] IAANTMON C:\Programme\Intel\Intel Matrix Storage Manager\Iaantmon.exe
17:24:25.0250 3604 IAANTMON - ok
17:24:26.0500 3604 [ 12C7F8D581C4A9F126F5F8F5683A1C29 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
17:24:29.0718 3604 ialm - ok
17:24:29.0906 3604 [ 997E8F5939F2D12CD9F2E6B395724C16 ] iaStor C:\WINDOWS\system32\DRIVERS\iaStor.sys
17:24:29.0968 3604 iaStor - ok
17:24:30.0046 3604 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe
17:24:30.0062 3604 IDriverT ( UnsignedFile.Multi.Generic ) - warning
17:24:30.0062 3604 IDriverT - detected UnsignedFile.Multi.Generic (1)
17:24:30.0140 3604 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:24:30.0250 3604 idsvc - ok
17:24:30.0343 3604 [ E28602C9E17B0DDCE9F5DEB3B3E2A635 ] IGDCTRL C:\Programme\FRITZ!DSL\IGDCTRL.EXE
17:24:30.0375 3604 IGDCTRL - ok
17:24:30.0437 3604 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
17:24:30.0703 3604 Imapi - ok
17:24:30.0750 3604 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe
17:24:30.0968 3604 ImapiService - ok
17:24:31.0031 3604 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
17:24:31.0250 3604 ini910u - ok
17:24:31.0296 3604 [ F8F75594C17FE7BCE1B4045BB7199868 ] int15 C:\WINDOWS\system32\drivers\int15.sys
17:24:31.0328 3604 int15 - ok
17:24:31.0406 3604 [ 4D8D5B1C895EA0F2A721B98A7CE198F1 ] int15.sys C:\Acer\Empowering Technology\eRecovery\int15.sys
17:24:31.0500 3604 int15.sys ( UnsignedFile.Multi.Generic ) - warning
17:24:31.0500 3604 int15.sys - detected UnsignedFile.Multi.Generic (1)
17:24:31.0734 3604 [ B45A576AD280DD4F605F58B24CDAAFE1 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
17:24:32.0015 3604 IntcAzAudAddService - ok
17:24:32.0046 3604 [ 69C4E3C9E67A1F103B94E14FDD5F3213 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
17:24:32.0281 3604 IntelIde - ok
17:24:32.0312 3604 [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
17:24:32.0546 3604 intelppm - ok
17:24:32.0609 3604 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
17:24:32.0828 3604 Ip6Fw - ok
17:24:32.0906 3604 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:24:33.0109 3604 IpFilterDriver - ok
17:24:33.0171 3604 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:24:33.0390 3604 IpInIp - ok
17:24:33.0453 3604 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:24:33.0687 3604 IpNat - ok
17:24:33.0828 3604 [ CA1972397B845B2F53F5DC63C22FD98A ] iPod Service C:\Programme\iPod\bin\iPodService.exe
17:24:33.0890 3604 iPod Service - ok
17:24:33.0921 3604 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:24:34.0140 3604 IPSec - ok
17:24:34.0187 3604 [ ACA5E7B54409F9CB5EED97ED0C81120E ] irda C:\WINDOWS\system32\DRIVERS\irda.sys
17:24:34.0328 3604 irda - ok
17:24:34.0359 3604 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
17:24:34.0484 3604 IRENUM - ok
17:24:34.0531 3604 [ 2EFE1DB1EC58A26B0C14BFDA122E246F ] Irmon C:\WINDOWS\System32\irmon.dll
17:24:34.0656 3604 Irmon - ok
17:24:34.0703 3604 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:24:34.0921 3604 isapnp - ok
17:24:35.0062 3604 [ E731921DB2E17DCD3DB472FAD5549C57 ] JavaQuickStarterService C:\Programme\Java\jre6\bin\jqs.exe
17:24:35.0093 3604 JavaQuickStarterService - ok
17:24:35.0140 3604 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:24:35.0375 3604 Kbdclass - ok
17:24:35.0406 3604 [ B6D6C117D771C98130497265F26D1882 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
17:24:35.0640 3604 kbdhid - ok
17:24:35.0671 3604 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
17:24:35.0890 3604 kmixer - ok
17:24:35.0953 3604 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
17:24:36.0093 3604 KSecDD - ok
17:24:36.0156 3604 [ 2BBDCB79900990F0716DFCB714E72DE7 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
17:24:36.0250 3604 lanmanserver - ok
17:24:36.0296 3604 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
17:24:36.0359 3604 lanmanworkstation - ok
17:24:36.0359 3604 lbrtfdc - ok
17:24:36.0453 3604 [ 793FF718477345CD5D232C50BED1E452 ] LightScribeService C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
17:24:36.0484 3604 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
17:24:36.0484 3604 LightScribeService - detected UnsignedFile.Multi.Generic (1)
17:24:36.0531 3604 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
17:24:36.0750 3604 LmHosts - ok
17:24:36.0796 3604 [ 09721F2C56681A83C93ECDFAB8B102A9 ] massfilter C:\WINDOWS\system32\drivers\massfilter.sys
17:24:36.0859 3604 massfilter - ok
17:24:36.0906 3604 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
17:24:36.0968 3604 mdmxsdk - ok
17:24:36.0984 3604 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll
17:24:37.0203 3604 Messenger - ok
17:24:37.0265 3604 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
17:24:37.0468 3604 mnmdd - ok
17:24:37.0515 3604 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
17:24:37.0718 3604 mnmsrvc - ok
17:24:37.0765 3604 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
17:24:37.0968 3604 Modem - ok
17:24:38.0046 3604 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:24:38.0265 3604 Mouclass - ok
17:24:38.0281 3604 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
17:24:38.0500 3604 mouhid - ok
17:24:38.0562 3604 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
17:24:38.0796 3604 MountMgr - ok
17:24:38.0859 3604 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys
17:24:38.0921 3604 MpFilter - ok
17:24:39.0078 3604 [ A69630D039C38018689190234F866D77 ] MpKsl3e5fb7bf c:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\{C780C852-6333-499C-B98C-9092F2F12A9B}\MpKsl3e5fb7bf.sys
17:24:39.0109 3604 MpKsl3e5fb7bf - ok
17:24:39.0140 3604 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
17:24:39.0359 3604 mraid35x - ok
17:24:39.0406 3604 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:24:39.0656 3604 MRxDAV - ok
17:24:39.0718 3604 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:24:39.0796 3604 MRxSmb - ok
17:24:39.0828 3604 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\system32\msdtc.exe
17:24:40.0046 3604 MSDTC - ok
17:24:40.0156 3604 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
17:24:40.0343 3604 Msfs - ok
17:24:40.0359 3604 MSIServer - ok
17:24:40.0453 3604 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:24:40.0640 3604 MSKSSRV - ok
17:24:40.0718 3604 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc c:\Programme\Microsoft Security Client\MsMpEng.exe
17:24:40.0765 3604 MsMpSvc - ok
17:24:40.0796 3604 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:24:41.0000 3604 MSPCLOCK - ok
17:24:41.0046 3604 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
17:24:41.0265 3604 MSPQM - ok
17:24:41.0296 3604 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:24:41.0500 3604 mssmbios - ok
17:24:41.0546 3604 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
17:24:41.0765 3604 MSTEE - ok
17:24:41.0859 3604 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
17:24:41.0921 3604 Mup - ok
17:24:41.0984 3604 mysql - ok
17:24:42.0031 3604 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
17:24:42.0250 3604 NABTSFEC - ok
17:24:42.0312 3604 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll
17:24:42.0546 3604 napagent - ok
17:24:42.0656 3604 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
17:24:42.0875 3604 NDIS - ok
17:24:42.0953 3604 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
17:24:43.0171 3604 NdisIP - ok
17:24:43.0250 3604 [ E94265636D893314463CB650E43C3EB5 ] Ndisprot C:\WINDOWS\system32\DRIVERS\ndisprot.sys
17:24:43.0343 3604 Ndisprot ( UnsignedFile.Multi.Generic ) - warning
17:24:43.0343 3604 Ndisprot - detected UnsignedFile.Multi.Generic (1)
17:24:43.0390 3604 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:24:43.0468 3604 NdisTapi - ok
17:24:43.0515 3604 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:24:43.0718 3604 Ndisuio - ok
17:24:43.0781 3604 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:24:44.0000 3604 NdisWan - ok
17:24:44.0093 3604 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
17:24:44.0171 3604 NDProxy - ok
17:24:44.0218 3604 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
17:24:44.0437 3604 NetBIOS - ok
17:24:44.0468 3604 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
17:24:44.0671 3604 NetBT - ok
17:24:44.0765 3604 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe
17:24:44.0984 3604 NetDDE - ok
17:24:45.0000 3604 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
17:24:45.0203 3604 NetDDEdsdm - ok
17:24:45.0250 3604 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe
17:24:45.0468 3604 Netlogon - ok
17:24:45.0500 3604 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll
17:24:45.0718 3604 Netman - ok
17:24:45.0796 3604 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:24:45.0843 3604 NetTcpPortSharing - ok
17:24:45.0968 3604 [ 18B2D3E11ED7A3C898ADE6A6692B6929 ] NETw4x32 C:\WINDOWS\system32\DRIVERS\NETw4x32.sys
17:24:46.0250 3604 NETw4x32 - ok
17:24:46.0265 3604 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
17:24:46.0484 3604 NIC1394 - ok
17:24:46.0531 3604 NIHardwareService - ok
17:24:46.0578 3604 [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla C:\WINDOWS\System32\mswsock.dll
17:24:46.0640 3604 Nla - ok
17:24:46.0671 3604 [ D21FEE8DB254BA762656878168AC1DB6 ] NPF C:\WINDOWS\system32\drivers\npf.sys
17:24:46.0687 3604 NPF ( UnsignedFile.Multi.Generic ) - warning
17:24:46.0687 3604 NPF - detected UnsignedFile.Multi.Generic (1)
17:24:46.0734 3604 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
17:24:46.0953 3604 Npfs - ok
17:24:47.0015 3604 [ 2ADC0CA9945C65284B3D19BC18765974 ] NSCIRDA C:\WINDOWS\system32\DRIVERS\nscirda.sys
17:24:47.0156 3604 NSCIRDA - ok
17:24:47.0203 3604 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
17:24:47.0437 3604 Ntfs - ok
17:24:47.0484 3604 [ 7F1C1F78D709C4A54CBB46EDE7E0B48D ] NTIDrvr C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys
17:24:47.0531 3604 NTIDrvr ( UnsignedFile.Multi.Generic ) - warning
17:24:47.0531 3604 NTIDrvr - detected UnsignedFile.Multi.Generic (1)
17:24:47.0562 3604 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
17:24:47.0765 3604 NtLmSsp - ok
17:24:47.0843 3604 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
17:24:48.0078 3604 NtmsSvc - ok
17:24:48.0093 3604 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
17:24:48.0296 3604 Null - ok
17:24:48.0312 3604 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:24:48.0515 3604 NwlnkFlt - ok
17:24:48.0593 3604 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:24:48.0812 3604 NwlnkFwd - ok
17:24:48.0890 3604 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
17:24:49.0109 3604 ohci1394 - ok
17:24:49.0234 3604 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
17:24:49.0265 3604 ose - ok
17:24:49.0312 3604 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
17:24:49.0515 3604 Parport - ok
17:24:49.0578 3604 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
17:24:49.0812 3604 PartMgr - ok
17:24:49.0875 3604 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
17:24:50.0109 3604 ParVdm - ok
17:24:50.0156 3604 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
17:24:50.0359 3604 PCI - ok
17:24:50.0375 3604 PCIDump - ok
17:24:50.0390 3604 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
17:24:50.0609 3604 PCIIde - ok
17:24:50.0609 3604 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
17:24:50.0875 3604 Pcmcia - ok
17:24:50.0875 3604 PDCOMP - ok
17:24:50.0890 3604 PDFRAME - ok
17:24:50.0906 3604 PDRELI - ok
17:24:50.0921 3604 PDRFRAME - ok
17:24:51.0015 3604 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
17:24:51.0234 3604 perc2 - ok
17:24:51.0250 3604 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
17:24:51.0437 3604 perc2hib - ok
17:24:51.0484 3604 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe
17:24:51.0546 3604 PlugPlay - ok
17:24:51.0546 3604 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
17:24:51.0750 3604 PolicyAgent - ok
17:24:51.0796 3604 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:24:52.0015 3604 PptpMiniport - ok
17:24:52.0078 3604 [ 2CB55427C58679F49AD600FCCBA76360 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
17:24:52.0296 3604 Processor - ok
17:24:52.0328 3604 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
17:24:52.0515 3604 ProtectedStorage - ok
17:24:52.0578 3604 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
17:24:52.0796 3604 PSched - ok
17:24:52.0890 3604 [ 32338659E9DA79055406F2157CD0E1DF ] psdfilter C:\WINDOWS\system32\Drivers\psdfilter.sys
17:24:52.0953 3604 psdfilter ( UnsignedFile.Multi.Generic ) - warning
17:24:52.0953 3604 psdfilter - detected UnsignedFile.Multi.Generic (1)
17:24:52.0968 3604 [ 4C7947014674DF40B7AF52342A9157D0 ] psdvdisk C:\WINDOWS\system32\Drivers\psdvdisk.sys
17:24:53.0203 3604 psdvdisk ( UnsignedFile.Multi.Generic ) - warning
17:24:53.0203 3604 psdvdisk - detected UnsignedFile.Multi.Generic (1)
17:24:53.0250 3604 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:24:53.0453 3604 Ptilink - ok
17:24:53.0515 3604 [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
17:24:53.0546 3604 PxHelp20 - ok
17:24:53.0578 3604 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
17:24:53.0812 3604 ql1080 - ok
17:24:53.0828 3604 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
17:24:54.0078 3604 Ql10wnt - ok
17:24:54.0093 3604 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
17:24:54.0296 3604 ql12160 - ok
17:24:54.0359 3604 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
17:24:54.0578 3604 ql1240 - ok
17:24:54.0656 3604 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
17:24:54.0859 3604 ql1280 - ok
17:24:54.0937 3604 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:24:55.0156 3604 RasAcd - ok
17:24:55.0203 3604 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll
17:24:55.0406 3604 RasAuto - ok
17:24:55.0468 3604 [ 0207D26DDF796A193CCD9F83047BB5FC ] Rasirda C:\WINDOWS\system32\DRIVERS\rasirda.sys
17:24:55.0593 3604 Rasirda - ok
17:24:55.0609 3604 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:24:55.0828 3604 Rasl2tp - ok
17:24:55.0906 3604 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll
17:24:56.0125 3604 RasMan - ok
17:24:56.0218 3604 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:24:56.0437 3604 RasPppoe - ok
17:24:56.0453 3604 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
17:24:56.0656 3604 Raspti - ok
17:24:56.0718 3604 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:24:56.0937 3604 Rdbss - ok
17:24:57.0015 3604 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:24:57.0234 3604 RDPCDD - ok
17:24:57.0296 3604 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
17:24:57.0500 3604 rdpdr - ok
17:24:57.0562 3604 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
17:24:57.0640 3604 RDPWD - ok
17:24:57.0687 3604 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
17:24:57.0906 3604 RDSessMgr - ok
17:24:58.0000 3604 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
17:24:58.0203 3604 redbook - ok
17:24:58.0265 3604 [ 8AC155995F5D10FC0D3AD949A1A68075 ] RegSrvc C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
17:24:58.0296 3604 RegSrvc ( UnsignedFile.Multi.Generic ) - warning
17:24:58.0296 3604 RegSrvc - detected UnsignedFile.Multi.Generic (1)
17:24:58.0328 3604 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
17:24:58.0531 3604 RemoteAccess - ok
17:24:58.0640 3604 [ E4CD1F3D84E1C2CA0B8CF7501E201593 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
17:24:58.0875 3604 RemoteRegistry - ok
17:24:58.0968 3604 [ 851C30DF2807FCFA21E4C681A7D6440E ] RFCOMM C:\WINDOWS\system32\DRIVERS\rfcomm.sys
17:24:59.0187 3604 RFCOMM - ok
17:24:59.0281 3604 [ 2AF094B1CE4725E4551F38FDA2348637 ] RichVideo C:\Programme\CyberLink\Shared Files\RichVideo.exe
17:24:59.0296 3604 RichVideo ( UnsignedFile.Multi.Generic ) - warning
17:24:59.0296 3604 RichVideo - detected UnsignedFile.Multi.Generic (1)
17:24:59.0343 3604 [ F17713D108ACA124A139FDE877EEF68A ] RimUsb C:\WINDOWS\system32\Drivers\RimUsb.sys
17:24:59.0421 3604 RimUsb - ok
17:24:59.0453 3604 [ 2C4FB2E9F039287767C384E46EE91030 ] RimVSerPort C:\WINDOWS\system32\DRIVERS\RimSerial.sys
17:24:59.0531 3604 RimVSerPort - ok
17:24:59.0546 3604 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys
17:24:59.0750 3604 ROOTMODEM - ok
17:24:59.0875 3604 RoxLiveShare9 - ok
17:24:59.0906 3604 [ 67C607857CCD6EBFFE768DAD5B2CA239 ] rpcapd C:\Programme\WinPcap\rpcapd.exe
17:24:59.0937 3604 rpcapd ( UnsignedFile.Multi.Generic ) - warning
17:24:59.0937 3604 rpcapd - detected UnsignedFile.Multi.Generic (1)
17:24:59.0968 3604 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\system32\locator.exe
17:25:00.0203 3604 RpcLocator - ok
17:25:00.0265 3604 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs C:\WINDOWS\system32\rpcss.dll
17:25:00.0343 3604 RpcSs - ok
17:25:00.0375 3604 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\system32\rsvp.exe
17:25:00.0593 3604 RSVP - ok
17:25:00.0687 3604 [ 59509AD6CBC28F2C73056268985B3E48 ] s0016bus C:\WINDOWS\system32\DRIVERS\s0016bus.sys
17:25:00.0718 3604 s0016bus - ok
17:25:00.0750 3604 [ B98C3A6F91F4FBA285AF9606A240C6B4 ] s0016mdfl C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys
17:25:00.0781 3604 s0016mdfl - ok
17:25:00.0812 3604 [ 8A83426F4FB7B5212825D9DE76368B1A ] s0016mdm C:\WINDOWS\system32\DRIVERS\s0016mdm.sys
17:25:00.0843 3604 s0016mdm - ok
17:25:00.0859 3604 [ 7A78BBA97FEB5E6D24C49E93A3BF7287 ] s0016mgmt C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys
17:25:00.0890 3604 s0016mgmt - ok
17:25:00.0906 3604 [ 34EF7B5F611957B73E7219DD5A222AD1 ] s0016nd5 C:\WINDOWS\system32\DRIVERS\s0016nd5.sys
17:25:00.0937 3604 s0016nd5 - ok
17:25:00.0953 3604 [ 36792935847143E4A3CDA0DC87248487 ] s0016obex C:\WINDOWS\system32\DRIVERS\s0016obex.sys
17:25:00.0984 3604 s0016obex - ok
17:25:01.0015 3604 [ 927208754FB27FC3E7A659E77500C5D1 ] s0016unic C:\WINDOWS\system32\DRIVERS\s0016unic.sys
17:25:01.0046 3604 s0016unic - ok
17:25:01.0093 3604 [ 12A851F30853A5A8E7B50341FA4B0FFB ] s1018bus C:\WINDOWS\system32\DRIVERS\s1018bus.sys
17:25:01.0125 3604 s1018bus - ok
17:25:01.0156 3604 [ A0141D5DC689A892B3F30446CBE52575 ] s1018mdfl C:\WINDOWS\system32\DRIVERS\s1018mdfl.sys
17:25:01.0187 3604 s1018mdfl - ok
17:25:01.0234 3604 [ 07D430E4B2BFDE6B07F31F1DA6E7CAB0 ] s1018mdm C:\WINDOWS\system32\DRIVERS\s1018mdm.sys
17:25:01.0265 3604 s1018mdm - ok
17:25:01.0296 3604 [ D73C20D3F0F825C8FD23F841CDCB14C0 ] s1018mgmt C:\WINDOWS\system32\DRIVERS\s1018mgmt.sys
17:25:01.0328 3604 s1018mgmt - ok
17:25:01.0359 3604 [ 895A1A2812DBD5AFDD5CA4686A89A33C ] s1018nd5 C:\WINDOWS\system32\DRIVERS\s1018nd5.sys
17:25:01.0390 3604 s1018nd5 - ok
17:25:01.0421 3604 [ A986E9683C74FA06456FD2AD34BA1490 ] s1018obex C:\WINDOWS\system32\DRIVERS\s1018obex.sys
17:25:01.0453 3604 s1018obex - ok
17:25:01.0468 3604 [ DA83525924C23F30F37AC1D1F11D6F15 ] s1018unic C:\WINDOWS\system32\DRIVERS\s1018unic.sys
17:25:01.0500 3604 s1018unic - ok
17:25:01.0578 3604 [ 131D50F081D2E29EBD1365B21F6B9736 ] S24EventMonitor C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
17:25:01.0703 3604 S24EventMonitor ( UnsignedFile.Multi.Generic ) - warning
17:25:01.0703 3604 S24EventMonitor - detected UnsignedFile.Multi.Generic (1)
17:25:01.0734 3604 [ E2C6ABCBEFB1D44F6AAEB1CD5D6062D4 ] s24trans C:\WINDOWS\system32\DRIVERS\s24trans.sys
17:25:01.0781 3604 s24trans ( UnsignedFile.Multi.Generic ) - warning
17:25:01.0781 3604 s24trans - detected UnsignedFile.Multi.Generic (1)
17:25:01.0812 3604 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe
17:25:02.0015 3604 SamSs - ok
17:25:02.0093 3604 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
17:25:02.0328 3604 SCardSvr - ok
17:25:02.0375 3604 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll
17:25:02.0593 3604 Schedule - ok
17:25:02.0687 3604 [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys
17:25:02.0890 3604 sdbus - ok
17:25:02.0984 3604 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:25:03.0109 3604 Secdrv - ok
17:25:03.0140 3604 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll
17:25:03.0375 3604 seclogon - ok
17:25:03.0421 3604 [ E5B56569A9F79B70314FEDE6C953641E ] seehcri C:\WINDOWS\system32\DRIVERS\seehcri.sys
17:25:03.0484 3604 seehcri - ok
17:25:03.0531 3604 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll
17:25:03.0734 3604 SENS - ok
17:25:03.0828 3604 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\drivers\Serial.sys
17:25:04.0031 3604 Serial - ok
17:25:04.0140 3604 [ 0FA803C64DF0914B41F807EA276BF2A6 ] sffdisk C:\WINDOWS\system32\DRIVERS\sffdisk.sys
17:25:04.0359 3604 sffdisk - ok
17:25:04.0375 3604 [ C17C331E435ED8737525C86A7557B3AC ] sffp_sd C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
17:25:04.0593 3604 sffp_sd - ok
17:25:04.0671 3604 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\DRIVERS\sfloppy.sys
17:25:04.0906 3604 Sfloppy - ok
17:25:05.0000 3604 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
17:25:05.0250 3604 SharedAccess - ok
17:25:05.0296 3604 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
17:25:05.0328 3604 ShellHWDetection - ok
17:25:05.0328 3604 Simbad - ok
17:25:05.0359 3604 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
17:25:05.0578 3604 sisagp - ok
17:25:05.0671 3604 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Programme\Skype\Updater\Updater.exe
17:25:05.0703 3604 SkypeUpdate - ok
17:25:05.0734 3604 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
17:25:05.0953 3604 SLIP - ok
17:25:06.0046 3604 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
17:25:06.0156 3604 Sparrow - ok
17:25:06.0203 3604 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
17:25:06.0437 3604 splitter - ok
17:25:06.0468 3604 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
17:25:06.0546 3604 Spooler - ok
17:25:06.0593 3604 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
17:25:06.0703 3604 sr - ok
17:25:06.0750 3604 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll
17:25:06.0875 3604 srservice - ok
17:25:06.0937 3604 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
17:25:07.0031 3604 Srv - ok
17:25:07.0062 3604 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
17:25:07.0187 3604 SSDPSRV - ok
17:25:07.0250 3604 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll
17:25:07.0468 3604 stisvc - ok
17:25:07.0515 3604 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
17:25:07.0734 3604 streamip - ok
17:25:07.0796 3604 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
17:25:08.0000 3604 swenum - ok
17:25:08.0078 3604 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
17:25:08.0296 3604 swmidi - ok
17:25:08.0312 3604 SwPrv - ok
17:25:08.0390 3604 [ CE045B180D34404FF3017C18D308E9C1 ] SymAppCore C:\Programme\Gemeinsame Dateien\Symantec Shared\AppCore\AppSvc32.exe
17:25:08.0406 3604 SymAppCore - ok
17:25:08.0453 3604 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
17:25:08.0640 3604 symc810 - ok
17:25:08.0656 3604 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
17:25:08.0906 3604 symc8xx - ok
17:25:09.0000 3604 [ 46908BD52789F85ABB0207C553857FDF ] SymEvent C:\Programme\Symantec\SYMEVENT.SYS
17:25:09.0031 3604 SymEvent - ok
17:25:09.0078 3604 [ 8D663525791EB438A71DF7D96227B398 ] SYMREDRV C:\WINDOWS\System32\Drivers\SYMREDRV.SYS
17:25:09.0093 3604 SYMREDRV - ok
17:25:09.0140 3604 [ 4A294BF8A1A11485DA5CB79216E3291B ] SYMTDI C:\WINDOWS\System32\Drivers\SYMTDI.SYS
17:25:09.0171 3604 SYMTDI - ok
17:25:09.0203 3604 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
17:25:09.0406 3604 sym_hi - ok
17:25:09.0421 3604 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
17:25:09.0609 3604 sym_u3 - ok
17:25:09.0671 3604 [ CC5DA243CFDAC58FC0408F7CE24084C5 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
17:25:09.0750 3604 SynTP - ok
17:25:09.0796 3604 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
17:25:10.0015 3604 sysaudio - ok
17:25:10.0109 3604 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
17:25:10.0328 3604 SysmonLog - ok
17:25:10.0406 3604 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
17:25:10.0625 3604 TapiSrv - ok
17:25:10.0718 3604 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:25:10.0765 3604 Tcpip - ok
17:25:10.0812 3604 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
17:25:11.0015 3604 TDPIPE - ok
17:25:11.0046 3604 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
17:25:11.0265 3604 TDTCP - ok
17:25:11.0312 3604 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
17:25:11.0531 3604 TermDD - ok
17:25:11.0578 3604 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll
17:25:11.0781 3604 TermService - ok
17:25:11.0843 3604 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll
17:25:11.0875 3604 Themes - ok
17:25:11.0953 3604 [ 78213F01CE781F93180BEF5EB5B3AD81 ] tifm21 C:\WINDOWS\system32\drivers\tifm21.sys
17:25:12.0031 3604 tifm21 - ok
17:25:12.0078 3604 [ 03681A1CE77F51586903869A5AB1DEAB ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
17:25:12.0203 3604 TlntSvr - ok
17:25:12.0250 3604 [ D213A9247DC347F305A2D4CC9B951487 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
17:25:12.0468 3604 TosIde - ok
17:25:12.0500 3604 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll
17:25:12.0718 3604 TrkWks - ok
17:25:12.0812 3604 [ 97DD70FECA64FB4F63DE7BB7E66A80B1 ] tvicport C:\WINDOWS\system32\drivers\tvicport.sys
17:25:12.0812 3604 tvicport ( UnsignedFile.Multi.Generic ) - warning
17:25:12.0812 3604 tvicport - detected UnsignedFile.Multi.Generic (1)
17:25:12.0859 3604 [ E0C67BE430C6DE490D6CCAECFA071F9E ] UBHelper C:\WINDOWS\system32\drivers\UBHelper.sys
17:25:12.0906 3604 UBHelper ( UnsignedFile.Multi.Generic ) - warning
17:25:12.0906 3604 UBHelper - detected UnsignedFile.Multi.Generic (1)
17:25:12.0937 3604 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
17:25:13.0125 3604 Udfs - ok
17:25:13.0234 3604 [ 0CA9E659B7053D398052776AC936B167 ] UI Assistant Service C:\Programme\Mobile Partner Manager\AssistantServices.exe
17:25:13.0265 3604 UI Assistant Service ( UnsignedFile.Multi.Generic ) - warning
17:25:13.0265 3604 UI Assistant Service - detected UnsignedFile.Multi.Generic (1)
17:25:13.0281 3604 UimBus - ok
17:25:13.0281 3604 Uim_IM - ok
17:25:13.0312 3604 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
17:25:13.0437 3604 ultra - ok
17:25:13.0484 3604 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
17:25:13.0718 3604 Update - ok
17:25:13.0765 3604 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll
17:25:13.0890 3604 upnphost - ok
17:25:13.0937 3604 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe
17:25:14.0125 3604 UPS - ok
17:25:14.0203 3604 [ 83CAFCB53201BBAC04D822F32438E244 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
17:25:14.0281 3604 USBAAPL - ok
17:25:14.0328 3604 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
17:25:14.0546 3604 usbccgp - ok
17:25:14.0625 3604 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:25:14.0843 3604 usbehci - ok
17:25:14.0906 3604 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:25:15.0109 3604 usbhub - ok
17:25:15.0140 3604 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
17:25:15.0343 3604 usbohci - ok
17:25:15.0359 3604 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
17:25:15.0578 3604 usbprint - ok
17:25:15.0671 3604 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
17:25:15.0875 3604 usbscan - ok
17:25:15.0953 3604 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:25:16.0171 3604 usbstor - ok
17:25:16.0218 3604 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
17:25:16.0437 3604 usbuhci - ok
17:25:16.0484 3604 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
17:25:16.0687 3604 usbvideo - ok
17:25:16.0781 3604 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
17:25:16.0984 3604 VgaSave - ok
17:25:17.0078 3604 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
17:25:17.0265 3604 viaagp - ok
17:25:17.0281 3604 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
17:25:17.0500 3604 ViaIde - ok
17:25:17.0531 3604 [ AE01E1ED5A81E0D268B91B4A6DE5A872 ] VNUSB C:\WINDOWS\system32\DRIVERS\VNUSB.sys
17:25:17.0609 3604 VNUSB ( UnsignedFile.Multi.Generic ) - warning
17:25:17.0609 3604 VNUSB - detected UnsignedFile.Multi.Generic (1)
17:25:17.0656 3604 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
17:25:17.0875 3604 VolSnap - ok
17:25:17.0984 3604 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe
17:25:18.0125 3604 VSS - ok
17:25:18.0156 3604 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll
17:25:18.0375 3604 W32Time - ok
17:25:18.0406 3604 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:25:18.0625 3604 Wanarp - ok
17:25:18.0718 3604 [ BBCFEAB7E871CDDAC2D397EE7FA91FDC ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
17:25:18.0781 3604 Wdf01000 - ok
17:25:18.0796 3604 WDICA - ok
17:25:18.0828 3604 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
17:25:19.0046 3604 wdmaud - ok
17:25:19.0125 3604 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll
17:25:19.0343 3604 WebClient - ok
17:25:19.0406 3604 [ 307D248F97835B6879BDD361086924FE ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
17:25:19.0484 3604 winachsf - ok
17:25:19.0593 3604 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
17:25:19.0812 3604 winmgmt - ok
17:25:19.0906 3604 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
17:25:20.0000 3604 WmdmPmSN - ok
17:25:20.0062 3604 [ FFA4D901D46D07A5BAB2D8307FBB51A6 ] Wmi C:\WINDOWS\System32\advapi32.dll
17:25:20.0125 3604 Wmi - ok
17:25:20.0203 3604 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
17:25:20.0406 3604 WmiAcpi - ok
17:25:20.0500 3604 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
17:25:20.0703 3604 WmiApSrv - ok
17:25:20.0781 3604 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
17:25:20.0812 3604 WpdUsb - ok
17:25:20.0843 3604 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
17:25:21.0062 3604 WS2IFSL - ok
17:25:21.0140 3604 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINDOWS\system32\wscsvc.dll
17:25:21.0359 3604 wscsvc - ok
17:25:21.0390 3604 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
17:25:21.0593 3604 WSTCODEC - ok
17:25:21.0687 3604 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
17:25:21.0890 3604 wuauserv - ok
17:25:21.0984 3604 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
17:25:22.0046 3604 WudfPf - ok
17:25:22.0078 3604 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
17:25:22.0125 3604 WudfRd - ok
17:25:22.0156 3604 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
17:25:22.0218 3604 WudfSvc - ok
17:25:22.0265 3604 [ 326C012C7FE573829871FE9C9E41CF9B ] WUSB54GCv3 C:\WINDOWS\system32\DRIVERS\WUSB54GCv3.sys
17:25:22.0328 3604 WUSB54GCv3 - ok
17:25:22.0406 3604 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
17:25:22.0656 3604 WZCSVC - ok
17:25:22.0687 3604 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
17:25:22.0906 3604 xmlprov - ok
17:25:22.0984 3604 [ 40AC8590CC9006DBB99FFCB37879D4C6 ] zntport C:\WINDOWS\system32\drivers\zntport.sys
17:25:23.0000 3604 zntport ( UnsignedFile.Multi.Generic ) - warning
17:25:23.0000 3604 zntport - detected UnsignedFile.Multi.Generic (1)
17:25:23.0046 3604 [ 616B411BFC0E9F535A436759F19B79D8 ] ZTEusbmdm6k C:\WINDOWS\system32\DRIVERS\ZTEusbmdm6k.sys
17:25:23.0156 3604 ZTEusbmdm6k - ok
17:25:23.0171 3604 [ 616B411BFC0E9F535A436759F19B79D8 ] ZTEusbnmea C:\WINDOWS\system32\DRIVERS\ZTEusbnmea.sys
17:25:23.0218 3604 ZTEusbnmea - ok
17:25:23.0218 3604 [ 616B411BFC0E9F535A436759F19B79D8 ] ZTEusbser6k C:\WINDOWS\system32\DRIVERS\ZTEusbser6k.sys
17:25:23.0265 3604 ZTEusbser6k - ok
17:25:23.0312 3604 ================ Scan global ===============================
17:25:23.0343 3604 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
17:25:23.0406 3604 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
17:25:23.0437 3604 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
17:25:23.0468 3604 [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe
17:25:23.0468 3604 [Global] - ok
17:25:23.0468 3604 ================ Scan MBR ==================================
17:25:23.0484 3604 [ 99852D5C3A78447C3D6D82B6155FE848 ] \Device\Harddisk0\DR0
|
|
07.01.2013, 16:15
| #8 |
| /// Malware-holic | GVU-Trojaner – was tun mit der Otl.txt? Das letzte Log scheint unvollständig, erstelle mal ein neues, und hänge die Datei an bitte.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
| Themen zu GVU-Trojaner – was tun mit der Otl.txt? |
| .dll, administrator, bho, bonjour, browser, dsl, einstellungen, error, explorer, firefox, format, helper, homepage, logfile, object, olympus, plug-in, realtek, registry, scan, security, services.exe, software, starten, symantec, windows, windows xp |
Linear-Darstellung
