|
Log-Analyse und Auswertung: GVU Trojaner eingefangen.Windows XP.Abgesicherter Modus nicht moeglich.Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
21.01.2013, 13:13 | #1 |
| GVU Trojaner eingefangen.Windows XP.Abgesicherter Modus nicht moeglich. Hallo zusammen, ich habe mir letzte Woche auch den Trojaner eingefangen.Ich kann meinen Computer auch im abgesicherten Modus nicht mehr starten! Habe Windows XP als Betriebssystem.Ich war auch schon im Computershop.Dort wurden 10 Trojaner entfernt.Am eigentlichen Problem aendert sich jedoch nichts.Der Computer laesst sich nicht mehr starten.Habe nur einen weien bildschirm. Ich hoffe jemand von euch kann mir helfen! |
21.01.2013, 13:27 | #2 |
/// Malware-holic | GVU Trojaner eingefangen.Windows XP.Abgesicherter Modus nicht moeglich. hi
__________________was wurde da entfernt? hoffe, du musstest wenigstens nicht alles bezahlen, da sie dein Problem ja nicht gelöst haben... Mit einem sauberen 2. Rechner eine OTLPE-CD erstellen und den infizierten Rechner dann von dieser CD booten: Falls Du kein Brennprogramm installiert hast, lade dir bitte ISOBurner herunter. Das Programm wird Dir erlauben, OTLPE auf eine CD zu brennen und sie bootfähig zu machen. Du brauchst das Tool nur zu installieren, der Rest läuft automatisch => Wie brenne ich eine ISO Datei auf CD/DVD. Lade OTLPENet.exe von OldTimer herunter und speichere sie auf Deinem Desktop. Anmerkung: Die Datei ist ca. 120 MB groß und es wird bei langsamer Internet-Verbindung ein wenig dauern, bis Du sie runtergeladen hast.
Bebilderte Anleitung: OTLpe-Scan
__________________ |
21.01.2013, 13:28 | #3 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | GVU Trojaner eingefangen.Windows XP.Abgesicherter Modus nicht moeglich.Zitat:
Hast du ein Protokoll bekommen, was genau gefunden und entfernt wurde? edit Markus war mal wieder schneller /edit
__________________ |
21.01.2013, 15:21 | #4 |
/// Malware-holic | GVU Trojaner eingefangen.Windows XP.Abgesicherter Modus nicht moeglich. @arne, passiert ja nur manchmal
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
21.01.2013, 16:03 | #5 |
| GVU Trojaner eingefangen.Windows XP.Abgesicherter Modus nicht moeglich. Hallo, vielen Dank erstmal fuer eure schnellen Antworten. Der im Shop hat nur ein Programm laufen lassen und die gefundenen Trojaner entfernt. Dann war er mit seinem Latein am ende. Hat 20 Euro gekostet. So, hier die gefundene OTL DateiOTL Logfile: Code:
ATTFilter OTL logfile created on: 1/21/2013 3:45:04 PM - Run OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1,014.00 Mb Total Physical Memory | 749.00 Mb Available Physical Memory | 74.00% Memory free 902.00 Mb Paging File | 793.00 Mb Available in Paging File | 88.00% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 111.79 Gb Total Space | 63.45 Gb Free Space | 56.76% Space Free | Partition Type: NTFS Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Computer Name: REATOGO | User Name: SYSTEM Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days Using ControlSet: ControlSet003 ========== Win32 Services (SafeList) ========== SRV - File not found [Auto] -- -- (RoxLiveShare9) SRV - File not found [Auto] -- -- (Automatisches LiveUpdate - Scheduler) SRV - [2012/07/13 06:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012/06/15 21:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) [Auto] -- C:\Programme\Norton Internet Security\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe -- (NIS) SRV - [2011/07/19 22:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv) SRV - [2010/09/08 03:45:10 | 001,034,752 | ---- | M] () [Auto] -- C:\Programme\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe -- (WDFME) SRV - [2010/09/08 03:44:50 | 000,484,352 | ---- | M] () [Auto] -- C:\Programme\Western Digital\WD SmartWare\Front Parlor\WDSC.exe -- (WDSC) SRV - [2010/09/08 03:41:36 | 000,237,056 | ---- | M] (WDC) [Auto] -- C:\Programme\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService) SRV - [2010/09/06 02:16:58 | 000,095,568 | ---- | M] (Devguru Co., Ltd.) [Auto] -- C:\WINDOWS\system32\dgdersvc.exe -- (dgdersvc) SRV - [2010/09/06 02:11:32 | 000,217,088 | ---- | M] (Teruten) [Auto] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService) SRV - [2008/09/10 07:01:28 | 000,611,664 | ---- | M] (Lavasoft) [Auto] -- C:\Programme\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice) SRV - [2008/01/29 10:09:02 | 000,394,704 | ---- | M] (Symantec, Inc.) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Symantec Shared\Support Controls\ssrc.exe -- (Symantec RemoteAssist) SRV - [2006/10/26 07:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose) SRV - [2006/02/07 09:30:40 | 000,035,840 | ---- | M] (TOSHIBA Corp.) [Auto] -- C:\Programme\Toshiba\TOSHIBA Applet\TAPPSRV.exe -- (TAPPSRV) SRV - [2005/11/17 09:18:52 | 001,527,900 | ---- | M] (MAGIX®) [On_Demand] -- C:\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance) SRV - [2005/01/17 18:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto] -- C:\Programme\Toshiba\ConfigFree\CFSvcs.exe -- (CFSvcs) SRV - [2004/10/21 20:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT) SRV - [2004/08/28 02:33:00 | 000,110,592 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) [Auto] -- C:\WINDOWS\system32\DVDRAMSV.exe -- (DVD-RAM_Service) SRV - [2001/11/12 06:31:48 | 000,020,480 | ---- | M] (X10) [Auto] -- C:\Programme\Common Files\X10\Common\X10nets.exe -- (x10nets) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand] -- -- (WDICA) DRV - File not found [Kernel | System] -- -- (TDSSserv.sys) DRV - File not found [Kernel | On_Demand] -- -- (SYMREDRV) DRV - File not found [Kernel | On_Demand] -- -- (SYMNDIS) DRV - File not found [Kernel | On_Demand] -- -- (SYMIDS) DRV - File not found [Kernel | On_Demand] -- -- (SYMFW) DRV - File not found [Kernel | On_Demand] -- -- (SYMDNS) DRV - File not found [Kernel | On_Demand] -- -- (RimUsb) DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP) DRV - File not found [Kernel | System] -- -- (PCIDump) DRV - File not found [Kernel | System] -- -- (lbrtfdc) DRV - File not found [Kernel | System] -- -- (i2omgmt) DRV - File not found [Kernel | On_Demand] -- -- (cpuz132) DRV - File not found [Kernel | System] -- -- (Changer) DRV - File not found [Kernel | System] -- -- (Beep) DRV - [2013/01/01 07:09:13 | 001,601,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20130110.036\NAVEX15.SYS -- (NAVEX15) DRV - [2013/01/01 07:09:13 | 000,092,704 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20130110.036\NAVENG.SYS -- (NAVENG) DRV - [2012/10/23 18:34:24 | 000,995,488 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\BASHDefs\20130107.001\BHDrvx86.sys -- (BHDrvx86) DRV - [2012/10/17 00:24:25 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl) DRV - [2012/09/05 21:54:30 | 000,373,728 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\IPSDefs\20130111.002\IDSxpx86.sys -- (IDSxpx86) DRV - [2012/08/09 00:37:39 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) DRV - [2012/07/05 21:17:57 | 000,574,112 | ---- | M] (Symantec Corporation) [File_System | On_Demand] -- C:\WINDOWS\System32\Drivers\NIS\1309000.009\SRTSP.SYS -- (SRTSP) DRV - [2012/07/05 21:17:57 | 000,032,928 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\NIS\1309000.009\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL) DRV - [2012/06/06 23:43:43 | 000,132,768 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\NIS\1309000.009\ccSetx86.sys -- (ccSet_NIS) DRV - [2012/05/21 20:37:12 | 000,924,320 | ---- | M] (Symantec Corporation) [File_System | Boot] -- C:\WINDOWS\system32\drivers\NIS\1309000.009\symefa.sys -- (SymEFA) DRV - [2012/04/17 21:13:32 | 000,388,216 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\WINDOWS\System32\Drivers\NIS\1309000.009\SYMTDI.SYS -- (SYMTDI) DRV - [2012/04/17 20:42:14 | 000,149,624 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\NIS\1309000.009\Ironx86.SYS -- (SymIRON) DRV - [2012/03/29 13:23:20 | 000,141,944 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent) DRV - [2011/08/15 17:51:40 | 000,340,088 | R--- | M] (Symantec Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\NIS\1309000.009\symds.sys -- (SymDS) DRV - [2010/09/06 02:16:58 | 000,018,120 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\dgderdrv.sys -- (dgderdrv) DRV - [2010/09/06 02:11:32 | 000,036,640 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk) DRV - [2010/07/20 05:38:24 | 000,121,576 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ssadmdm.sys -- (ssadmdm) DRV - [2010/07/20 05:38:24 | 000,096,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM) DRV - [2010/07/20 05:38:24 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter) DRV - [2010/04/26 21:25:12 | 000,123,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ss_mdm.sys -- (ss_mdm) DRV - [2010/04/26 21:25:12 | 000,098,560 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM) DRV - [2010/04/26 21:25:12 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ss_mdfl.sys -- (ss_mdfl) DRV - [2009/02/13 05:02:52 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM) DRV - [2006/12/15 08:50:14 | 000,101,376 | ---- | M] (Protect Software GmbH) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\ACEDRV07.sys -- (ACEDRV07) DRV - [2006/08/01 18:27:48 | 000,012,544 | ---- | M] (Intel Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans) DRV - [2006/05/30 09:42:52 | 000,045,696 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Tvs.sys -- (Tvs) DRV - [2006/05/05 09:13:52 | 004,271,616 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2006/03/22 01:56:24 | 001,522,688 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2005/12/13 11:08:44 | 001,124,097 | ---- | M] (Agere Systems) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2005/11/30 12:12:00 | 000,162,560 | ---- | M] (Texas Instruments) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21) DRV - [2005/11/28 03:45:16 | 000,007,040 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\x10hid.sys -- (X10Hid) DRV - [2005/10/20 07:03:42 | 000,006,144 | ---- | M] (Toshiba Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\NBSMI.sys -- (TVALD) DRV - [2005/10/05 22:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM) DRV - [2005/10/05 22:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M) DRV - [2005/10/05 22:20:00 | 000,086,524 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M) DRV - [2005/10/05 22:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM) DRV - [2005/10/05 22:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM) DRV - [2005/10/05 22:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM) DRV - [2005/10/05 22:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN) DRV - [2005/09/09 07:47:10 | 000,009,344 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\tosrfec.sys -- (tosrfec) DRV - [2005/08/25 05:16:52 | 000,005,628 | ---- | M] (Sonic Solutions) [File_System | System] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM) DRV - [2005/08/25 05:16:16 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N) DRV - [2005/06/02 05:33:00 | 000,102,384 | ---- | M] (Matsushita Electric Industrial Co.,Ltd.) [File_System | System] -- C:\WINDOWS\system32\drivers\meiudf.sys -- (meiudf) DRV - [2004/10/11 12:22:02 | 000,211,712 | R--- | M] (Labtec Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LV561AV.SYS -- (PID_0928) Labtec WebCam(PID_0928) DRV - [2004/10/11 12:18:58 | 000,022,016 | R--- | M] (Labtec Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta) DRV - [2003/09/18 18:47:00 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pfc.sys -- (Pfc) DRV - [2003/01/29 16:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio) DRV - [2002/11/28 18:01:04 | 000,020,645 | ---- | M] (Thesycon GmbH, Germany) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\IwUSB.sys -- (IwUSB) DRV - [2001/11/02 03:21:14 | 000,007,896 | ---- | M] (Sven Goers Software) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\IWPORT.SYS -- (IWPORT) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1 IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = Bing IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\Internet_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = Google IE - HKU\Internet_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Live Search IE - HKU\Internet_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\Internet_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKU\Internet_ON_C\..\URLSearchHook: {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - C:\Programme\Freeze.com\NetAssistant\NetAssistant.dll (W3i, LLC) IE - HKU\Internet_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1 FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programme\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Programme\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll () FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Programme\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2010/06/07 03:17:33 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\IPSFFPlgn\ [2012/03/31 00:59:12 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\coFFPlgn\ [2013/01/21 05:38:27 | 000,000,000 | ---D | M] O1 HOSTS File: ([2004/08/10 07:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Programme\Norton Internet Security\Norton Internet Security\Engine\19.9.0.9\coieplg.dll (Symantec Corporation) O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Programme\Norton Internet Security\Norton Internet Security\Engine\19.9.0.9\ips\ipsbho.dll (Symantec Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (NetAssistant) - {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - C:\Programme\Freeze.com\NetAssistant\NetAssistant.dll (W3i, LLC) O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton Internet Security\Norton Internet Security\Engine\19.9.0.9\coieplg.dll (Symantec Corporation) O3 - HKU\Administrator_ON_C\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found. O3 - HKU\Administrator_ON_C\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found. O3 - HKU\Internet_ON_C\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found. O3 - HKU\Internet_ON_C\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton Internet Security\Norton Internet Security\Engine\19.9.0.9\coieplg.dll (Symantec Corporation) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [AntiSpywareXP 2009] File not found O4 - HKLM..\Run: [brastk] File not found O4 - HKLM..\Run: [CFSServ.exe] File not found O4 - HKLM..\Run: [Corel Photo Downloader] C:\Programme\Corel\Corel Photo Album 6\MediaDetect.exe (Corel, Inc.) O4 - HKLM..\Run: [CorelDRAW ESSENTIALS14] C:\Programme\Corel\CorelDRAW ESSENTIALS 2\Register\Registration.exe (Corel Corporation) O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions) O4 - HKLM..\Run: [IntelWireless] C:\Programme\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation) O4 - HKLM..\Run: [IntelZeroConfig] C:\Programme\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation) O4 - HKLM..\Run: [ISUSPM Startup] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\isuspm.exe (Macrovision Corporation) O4 - HKLM..\Run: [ISUSScheduler] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe (Macrovision Corporation) O4 - HKLM..\Run: [LogitechVideoRepair] C:\Programme\Logitech\Video\ISStart.exe (Labtec Inc.) O4 - HKLM..\Run: [LogitechVideoTray] C:\Programme\Logitech\Video\LogiTray.exe (Labtec Inc.) O4 - HKLM..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE (Labtec Inc.) O4 - HKLM..\Run: [NDSTray.exe] File not found O4 - HKLM..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [QuickFinder Scheduler] C:\Programme\WordPerfect Office X3\Programs\QFSCHD130.EXE (Corel Corporation) O4 - HKLM..\Run: [SmoothView] C:\Programme\Toshiba\TOSHIBA Zoom-Dienstprogramm\SmoothView.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [TFncKy] File not found O4 - HKLM..\Run: [THotkey] C:\Programme\Toshiba\TOSHIBA Applet\THotkey.exe (TOSHIBA) O4 - HKLM..\Run: [TPSMain] C:\WINDOWS\System32\TPSMain.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [Tvs] C:\Programme\Toshiba\Tvs\TvsTray.exe (TOSHIBA Corporation) O4 - HKU\.DEFAULT..\Run: [rundll32.exe] File not found O4 - HKU\Administrator_ON_C..\Run: [TOSCDSPD] C:\Programme\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA) O4 - HKU\Internet_ON_C..\Run: [ISUSPM] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\isuspm.exe (Macrovision Corporation) O4 - HKU\Internet_ON_C..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKU\Internet_ON_C..\Run: [TOSCDSPD] C:\Programme\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA) O4 - HKU\LocalService_ON_C..\Run: [rundll32.exe] File not found O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\RAMASST.lnk = File not found O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\WDDMStatus.lnk = C:\Programme\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (Western Digital Technologies, Inc.) O4 - Startup: C:\Dokumente und Einstellungen\Internet\Startmenü\Programme\Autostart\Dropbox.lnk = File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme () O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O7 - HKU\Internet_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game09.zylom.com/activex/zylomgamesplayer.cab (Zylom Games Player) O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (karna.dats\system3) - File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: System - (kdgqy.exe) - File not found O20 - HKU\Internet_ON_C Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKU\Internet_ON_C Winlogon: Shell - (C:\Dokumente und Einstellungen\Internet\Anwendungsdaten\skype.dat) - C:\Dokumente und Einstellungen\Internet\Anwendungsdaten\skype.dat () O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe () O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML) ActiveX: {14F4D1F6-79E4-4256-A10B-3CCD138698C6} - Microsoft .NET Framework 1.0 Hotfix (KB2656378) ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player ActiveX: {1BC46932-21B2-4130-86E0-B4EB4F7A7A7B} - Microsoft .NET Framework 1.0 Hotfix (KB887998) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4 ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation ActiveX: {29A43E48-B726-47B6-9EAC-AA2B7B48E133} - Microsoft .NET Framework 1.0 Security Update (KB2698035) ActiveX: {29E7D24F-BF30-45E7-8A40-AD27AFD8F5C6} - Microsoft .NET Framework 1.0 Hotfix (KB979904) ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906) ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {339E9413-F230-4F0F-ADDD-17914D95FD6D} - Microsoft .NET Framework 1.0 Hotfix (KB2604042) ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe ActiveX: {407408d4-94ed-4d86-ab69-a7f649d112ee} - %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection QuickLaunchShortcut 640 %systemroot%\inf\mcdftreg.inf ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4F00D11B-8327-4C55-B7DA-B8D8C10F28A8} - Microsoft .NET Framework 1.0 Hotfix (KB2572066) ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6C298884-91FD-408C-9D90-5A59D2C29FD1} - Microsoft .NET Framework 1.1 Security Update (KB2742597) ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install ActiveX: {8BF1B8CD-9A6C-4382-A454-CC769B913F48} - Microsoft .NET Framework 1.0 Hotfix (KB2656378) ActiveX: {8F736E10-8E5C-4399-A532-D0C00A406227} - Microsoft .NET Framework 1.1 Security Update (KB2698023) ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework ActiveX: {BDE0FA43-6952-4BA8-8C58-09AF690F88E1} - Microsoft .NET Framework 1.0 Hotfix (KB930494) ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {DE895E98-54B2-4180-91E1-7A0020EDF577} - Microsoft .NET Framework 1.0 Security Update (KB2742607) ActiveX: {E78BFA60-5393-4C38-82AB-E8019E464EB4} - .NET Framework ActiveX: {E8EA5BD6-D931-4001-ABF6-81BAA500360A} - Microsoft .NET Framework 1.0 Hotfix (KB953295) ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {EA29D410-CE41-4953-A862-2DE706A1DAD7} - Microsoft .NET Framework 1.0 Service Pack 3 ActiveX: {FDC11A6F-17D1-48f9-9EA3-9051954BAA24} - .NET Framework ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE ActiveX: KB910393 - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\EasyCDBlock.inf,PerUserInstall NetSvcs: 6to4 - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found ========== Files/Folders - Created Within 30 Days ========== [2013/01/21 05:26:25 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2013/01/15 17:43:22 | 002,237,440 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe [2013/01/15 17:43:19 | 000,000,000 | ---D | C] -- C:\_OTL [2013/01/13 01:59:51 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Internet\Recent [2013/01/03 05:01:16 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Internet\Desktop\PPS [2013/01/01 03:23:09 | 000,000,000 | ---D | C] -- C:\Programme\Dropbox [2006/10/24 04:01:28 | 000,246,272 | ---- | C] ( ) -- C:\WINDOWS\System32\Unlha32.dll [2006/09/14 04:48:14 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\DLLVGA.dll ========== Files - Modified Within 30 Days ========== [2013/01/21 05:39:17 | 000,000,004 | ---- | M] () -- C:\Dokumente und Einstellungen\Internet\Anwendungsdaten\skype.ini [2013/01/21 05:35:56 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013/01/21 05:35:20 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2013/01/21 05:35:00 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013/01/21 05:34:57 | 1063,309,312 | -HS- | M] () -- C:\hiberfil.sys [2013/01/15 09:42:11 | 000,001,094 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2013/01/12 09:11:41 | 000,058,880 | ---- | M] () -- C:\Dokumente und Einstellungen\Internet\146594328.exe [2013/01/11 03:23:00 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\LauncherAccess.dt [2013/01/11 03:19:56 | 000,002,243 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Skype.lnk [2013/01/10 10:59:09 | 000,459,788 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat [2013/01/10 10:59:09 | 000,441,906 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2013/01/10 10:59:09 | 000,085,124 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat [2013/01/10 10:59:09 | 000,071,842 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2013/01/07 04:01:29 | 000,128,737 | ---- | M] () -- C:\Dokumente und Einstellungen\Internet\Desktop\RyanairBoardingPass.pdf [2013/01/01 03:24:13 | 000,001,047 | ---- | M] () -- C:\Dokumente und Einstellungen\Internet\Startmenü\Programme\Autostart\Dropbox.lnk [2013/01/01 03:22:12 | 000,001,045 | ---- | M] () -- C:\Dokumente und Einstellungen\Internet\Desktop\Dropbox.lnk [2012/12/28 10:10:25 | 004,812,727 | ---- | M] () -- C:\Dokumente und Einstellungen\Internet\Desktop\802_W4_1301.exe [2012/12/26 11:23:52 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn [2012/12/24 09:08:21 | 000,103,763 | ---- | M] () -- C:\Dokumente und Einstellungen\Internet\Desktop\2012-12-24 15.08.21.jpg [2012/12/23 03:05:11 | 000,801,120 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT ========== Files Created - No Company Name ========== [2013/01/12 09:14:03 | 000,000,004 | ---- | C] () -- C:\Dokumente und Einstellungen\Internet\Anwendungsdaten\skype.ini [2013/01/12 09:11:40 | 000,058,880 | ---- | C] () -- C:\Dokumente und Einstellungen\Internet\146594328.exe [2013/01/09 07:44:58 | 000,039,283 | ---- | C] () -- C:\Dokumente und Einstellungen\Internet\Desktop\MHS-OM A Annex 1 Ch 05 AP Fam.pdf [2013/01/07 04:01:26 | 000,128,737 | ---- | C] () -- C:\Dokumente und Einstellungen\Internet\Desktop\RyanairBoardingPass.pdf [2013/01/01 03:24:11 | 000,001,047 | ---- | C] () -- C:\Dokumente und Einstellungen\Internet\Startmenü\Programme\Autostart\Dropbox.lnk [2012/12/28 10:10:25 | 004,812,727 | ---- | C] () -- C:\Dokumente und Einstellungen\Internet\Desktop\802_W4_1301.exe [2012/12/24 11:36:54 | 000,103,763 | ---- | C] () -- C:\Dokumente und Einstellungen\Internet\Desktop\2012-12-24 15.08.21.jpg [2011/02/06 04:25:38 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll [2011/02/06 04:25:26 | 000,036,640 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys [2010/11/16 06:30:02 | 000,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini [2010/10/27 03:56:47 | 000,001,940 | ---- | C] () -- C:\Dokumente und Einstellungen\Internet\Lokale Einstellungen\Anwendungsdaten\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini [2010/10/27 03:51:27 | 000,001,940 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini [2010/10/17 17:00:38 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2010/09/06 02:19:40 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll [2010/09/06 02:19:40 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll [2010/09/06 02:19:40 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll [2010/09/06 02:19:40 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll [2010/06/07 10:38:36 | 000,110,745 | ---- | C] () -- C:\WINDOWS\hpoins08.dat.temp [2010/06/07 10:38:35 | 000,007,577 | ---- | C] () -- C:\WINDOWS\hpomdl08.dat.temp [2010/06/07 06:26:14 | 000,286,603 | ---- | C] () -- C:\WINDOWS\hpoins30.dat.temp [2010/06/07 06:26:13 | 000,000,547 | ---- | C] () -- C:\WINDOWS\hpomdl30.dat.temp [2010/06/07 02:40:37 | 000,158,791 | ---- | C] () -- C:\WINDOWS\hpoins30.dat [2010/06/07 02:40:37 | 000,000,547 | ---- | C] () -- C:\WINDOWS\hpomdl30.dat [2010/04/23 12:29:58 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Internet\Anwendungsdaten\wklnhst.dat [2010/04/14 10:39:44 | 000,000,021 | ---- | C] () -- C:\WINDOWS\JeppECData.ini [2009/10/13 09:57:43 | 000,006,812 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini [2009/10/13 09:46:55 | 000,053,248 | R--- | C] () -- C:\WINDOWS\System32\InstMed.exe [2009/08/28 08:09:24 | 000,484,352 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll [2009/07/29 12:35:45 | 000,350,720 | ---- | C] () -- C:\WINDOWS\System32\binkw32.dll [2009/06/06 06:42:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Textart.INI [2009/02/11 10:20:41 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin [2009/01/22 13:58:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpqEmlSz.INI [2008/12/01 08:33:07 | 000,000,048 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat [2008/11/20 07:46:37 | 000,000,016 | -H-- | C] () -- C:\Programme\mxfilerelatedcache.mxc2 [2008/11/20 07:46:36 | 000,000,016 | -H-- | C] () -- C:\Dokumente und Einstellungen\Internet\mxfilerelatedcache.mxc2 [2008/11/20 07:46:36 | 000,000,016 | -H-- | C] () -- C:\Dokumente und Einstellungen\Administrator\mxfilerelatedcache.mxc2 [2008/11/11 11:49:53 | 000,019,130 | ---- | C] () -- C:\WINDOWS\ymazuqib.dll [2008/11/11 11:49:53 | 000,018,586 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\wokifumy.pif [2008/11/11 11:49:53 | 000,018,330 | ---- | C] () -- C:\Dokumente und Einstellungen\Internet\Lokale Einstellungen\Anwendungsdaten\ufybevyba.com [2008/11/11 11:49:53 | 000,016,968 | ---- | C] () -- C:\Dokumente und Einstellungen\Internet\Anwendungsdaten\vupolo.bat [2008/11/11 11:49:53 | 000,014,208 | ---- | C] () -- C:\Dokumente und Einstellungen\Internet\Lokale Einstellungen\Anwendungsdaten\jywax.bin [2008/11/11 11:49:53 | 000,013,006 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\coqotyfif.inf [2008/11/11 11:49:53 | 000,012,155 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\uwyx.vbs [2008/11/11 11:49:53 | 000,011,972 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ysocekidus.vbs [2008/11/11 11:49:53 | 000,011,894 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\poqoneju.vbs [2008/11/11 11:49:53 | 000,011,066 | ---- | C] () -- C:\WINDOWS\System32\iwazyxaku.dat [2008/11/11 11:49:53 | 000,010,774 | ---- | C] () -- C:\Dokumente und Einstellungen\Internet\Lokale Einstellungen\Anwendungsdaten\pigy.dat [2008/11/11 11:49:53 | 000,010,507 | ---- | C] () -- C:\Dokumente und Einstellungen\Internet\Anwendungsdaten\ripowo._sy [2008/11/11 11:49:53 | 000,010,191 | ---- | C] () -- C:\Programme\Gemeinsame Dateien\umasybotu.dll [2008/11/11 11:49:53 | 000,010,184 | ---- | C] () -- C:\Dokumente und Einstellungen\Internet\Anwendungsdaten\ysah.com [2008/11/11 05:22:51 | 000,015,238 | ---- | C] () -- C:\Dokumente und Einstellungen\Internet\Anwendungsdaten\vyty.db [2008/11/10 08:47:25 | 000,017,749 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ityzyzibem.db [2008/11/10 08:47:25 | 000,016,986 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\sedok.inf [2008/11/10 08:47:25 | 000,016,444 | ---- | C] () -- C:\Dokumente und Einstellungen\Internet\Anwendungsdaten\safikag.sys [2008/11/10 08:47:25 | 000,015,879 | ---- | C] () -- C:\Dokumente und Einstellungen\Internet\Anwendungsdaten\vugis.inf [2008/11/10 08:47:25 | 000,015,130 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\umanit.sys [2008/11/10 08:47:25 | 000,014,442 | ---- | C] () -- C:\Dokumente und Einstellungen\Internet\Lokale Einstellungen\Anwendungsdaten\epywuh.scr [2008/11/10 08:47:25 | 000,014,033 | ---- | C] () -- C:\WINDOWS\pacip.dll [2008/11/10 08:47:25 | 000,012,166 | ---- | C] () -- C:\Dokumente und Einstellungen\Internet\Anwendungsdaten\eqekajedu._dl [2008/11/10 08:47:25 | 000,011,551 | ---- | C] () -- C:\Dokumente und Einstellungen\Internet\Lokale Einstellungen\Anwendungsdaten\wykafono.vbs [2008/11/10 08:47:25 | 000,011,183 | ---- | C] () -- C:\Dokumente und Einstellungen\Internet\Anwendungsdaten\wadix.sys [2008/11/10 08:47:25 | 000,010,566 | ---- | C] () -- C:\WINDOWS\ofogeja.com [2008/11/10 08:47:25 | 000,010,463 | ---- | C] () -- C:\Dokumente und Einstellungen\Internet\Lokale Einstellungen\Anwendungsdaten\qaqej.bin [2008/11/10 08:47:24 | 000,017,703 | ---- | C] () -- C:\WINDOWS\poxuvyq.sys [2008/11/10 08:47:24 | 000,016,750 | ---- | C] () -- C:\WINDOWS\ezuxywi.dat [2008/11/10 08:47:24 | 000,016,539 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ipevysem.dat [2008/11/10 08:47:24 | 000,011,719 | ---- | C] () -- C:\Programme\Gemeinsame Dateien\aqyrep.scr [2008/11/10 08:47:24 | 000,011,301 | ---- | C] () -- C:\Dokumente und Einstellungen\Internet\Anwendungsdaten\eqaw.ban [2008/10/31 05:37:46 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI [2008/10/31 05:26:06 | 000,002,444 | ---- | C] () -- C:\WINDOWS\System32\TDSSlxcp.dll [2008/10/31 05:25:55 | 000,000,164 | ---- | C] () -- C:\WINDOWS\System32\TDSSmtve.dat [2008/10/14 07:50:09 | 000,000,032 | --S- | C] () -- C:\WINDOWS\System32\1146261702.dat [2008/10/03 05:08:12 | 000,046,128 | ---- | C] () -- C:\WINDOWS\System32\DLLPRF32.DAT [2008/05/16 04:58:04 | 000,012,632 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe [2008/03/10 04:27:02 | 000,000,032 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ezsid.dat [2007/05/08 09:05:29 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\LauncherAccess.dt [2007/04/12 02:46:03 | 000,000,952 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys [2007/02/15 16:47:58 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A4W.INI [2006/12/27 08:00:23 | 000,110,699 | ---- | C] () -- C:\WINDOWS\hpoins08.dat [2006/12/27 08:00:23 | 000,007,577 | ---- | C] () -- C:\WINDOWS\hpomdl08.dat [2006/12/26 11:09:05 | 000,000,056 | ---- | C] () -- C:\WINDOWS\CoverDes.INI [2006/12/26 10:55:54 | 000,000,130 | ---- | C] () -- C:\WINDOWS\Goya.INI [2006/12/15 08:50:34 | 000,000,218 | ---- | C] () -- C:\WINDOWS\homeDVD-Fotos_dlx.INI [2006/12/15 08:35:44 | 000,006,537 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini [2006/10/27 04:35:33 | 000,050,176 | ---- | C] () -- C:\Dokumente und Einstellungen\Internet\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2006/10/24 13:19:52 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A5W.INI [2006/10/24 04:42:32 | 000,000,565 | ---- | C] () -- C:\WINDOWS\ULEAD32.INI [2006/10/24 03:34:13 | 000,000,141 | ---- | C] () -- C:\Dokumente und Einstellungen\Internet\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat [2006/10/24 03:33:40 | 000,000,146 | ---- | C] () -- C:\Dokumente und Einstellungen\Default User\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat [2006/09/14 11:34:45 | 001,519,616 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe [2006/09/14 11:34:44 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2006/09/14 11:34:43 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2006/09/14 11:34:43 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2006/09/14 11:34:41 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2006/09/14 11:34:41 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe [2006/09/14 11:34:38 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe [2006/09/14 11:34:38 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll [2006/09/14 11:34:37 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe [2006/09/14 11:34:26 | 000,121,995 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat [2006/09/14 07:30:22 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2006/09/14 07:14:50 | 000,000,562 | ---- | C] () -- C:\WINDOWS\TBTdetect.ini [2006/09/14 06:54:01 | 000,000,620 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2006/09/14 06:50:38 | 000,103,024 | ---- | C] () -- C:\WINDOWS\Unwise.exe [2006/09/14 05:18:00 | 000,000,222 | ---- | C] () -- C:\WINDOWS\wininit.ini [2006/09/14 05:10:35 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll [2006/09/14 05:10:34 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll [2006/09/14 05:10:34 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll [2006/09/14 05:10:34 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll [2006/09/14 05:10:34 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll [2006/09/14 05:10:34 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll [2006/09/14 04:57:09 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI [2006/09/14 04:56:57 | 000,036,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\CSIIDecoder_kern_i386.sys [2006/09/14 04:56:57 | 000,029,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSXT_kern_i386.sys [2006/09/14 04:48:14 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\TCtrlIO.dll [2006/09/14 04:40:34 | 000,010,161 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini [2006/09/14 04:40:34 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini [2006/09/14 04:40:33 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini [2006/09/14 04:40:33 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll [2006/09/14 04:38:34 | 000,000,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTHDAEQ1.dat [2006/09/14 04:38:34 | 000,000,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTHDAEQ0.dat [2006/09/14 04:38:32 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2006/09/14 04:38:32 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe [2006/09/13 10:48:16 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2006/09/13 10:47:28 | 000,801,120 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2006/09/13 10:05:00 | 000,000,146 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat [2006/09/13 10:00:41 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2006/09/13 09:53:35 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2006/09/13 09:41:43 | 000,159,744 | ---- | C] () -- C:\WINDOWS\MakeMrk.exe [2006/09/13 09:41:43 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\ToshBIOS.dll [2006/09/13 09:41:43 | 000,000,083 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI [2006/09/13 09:41:31 | 000,459,788 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat [2006/09/13 09:41:31 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat [2006/09/13 09:41:31 | 000,085,124 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat [2006/09/13 09:41:31 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat [2006/09/13 09:40:54 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2006/09/13 09:40:53 | 000,441,906 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2006/09/13 09:40:53 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2006/09/13 09:40:53 | 000,071,842 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2006/09/13 09:40:53 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2006/09/13 09:40:52 | 000,004,631 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2006/09/13 09:40:50 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2006/09/13 09:40:48 | 000,058,880 | ---- | C] () -- C:\Dokumente und Einstellungen\Internet\Anwendungsdaten\skype.dat [2006/09/13 09:40:47 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [2006/09/13 09:40:42 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2006/09/13 09:40:42 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2006/09/13 09:40:37 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2006/09/13 09:40:28 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin [2006/01/30 16:15:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini [2005/09/02 07:44:00 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll [2005/08/05 07:26:04 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2005/07/22 14:30:00 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll [2004/07/20 10:04:00 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\TosBtHcrpAPI.dll [2004/01/15 07:43:00 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TBTMonUI.dll [2002/07/16 08:43:59 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\hookmod.dll [2002/02/14 08:49:32 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\azloader.dll [2001/07/06 10:30:00 | 000,003,254 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI [1999/01/27 06:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll [1997/06/13 00:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll ========== LOP Check ========== [2006/09/26 12:02:23 | 000,000,000 | ---D | M] -- C:\WINDOWS\system32\config\systemprofile\Anwendungsdaten\toshiba [2006/09/26 12:02:23 | 000,000,000 | ---D | M] -- C:\WINDOWS\system32\config\systemprofile\Anwendungsdaten\Windows Desktop Search [2006/10/24 03:36:43 | 000,000,000 | ---D | M] -- C:\WINDOWS\system32\config\systemprofile\Anwendungsdaten\X10 Commander [2006/09/26 12:02:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\toshiba [2006/09/26 12:02:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Windows Desktop Search [2007/02/20 10:54:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Internet\Anwendungsdaten\digital publishing [2013/01/21 05:36:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Internet\Anwendungsdaten\Dropbox [2010/11/14 14:01:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Internet\Anwendungsdaten\EBookSys [2010/01/27 10:34:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Internet\Anwendungsdaten\Image Zone Express [2006/12/21 13:16:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Internet\Anwendungsdaten\MAGIX [2006/12/04 04:02:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Internet\Anwendungsdaten\Micrografx [2012/07/28 10:26:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Internet\Anwendungsdaten\pdfforge [2011/02/01 06:57:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Internet\Anwendungsdaten\Samsung [2010/02/13 12:26:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Internet\Anwendungsdaten\SmartTools [2010/04/23 12:30:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Internet\Anwendungsdaten\Template [2010/11/01 13:15:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Internet\Anwendungsdaten\Tific [2006/12/22 16:43:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Internet\Anwendungsdaten\toshiba [2006/10/24 05:00:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Internet\Anwendungsdaten\TVG [2006/09/26 12:02:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Internet\Anwendungsdaten\Windows Desktop Search [2012/11/29 05:11:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Internet\Anwendungsdaten\YCanPDF [2006/09/26 12:06:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\X10 Commander [2006/10/24 04:50:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Borland [2006/12/16 05:38:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\FREEDB [2006/12/15 08:48:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MAGIX [2010/06/06 11:54:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Drivers HeadQuarters [2008/11/11 05:12:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PCSettings [2011/02/01 07:03:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Samsung [2012/11/29 05:07:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP [2007/09/08 15:07:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Viewpoint [2010/10/17 15:10:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Western Digital [2007/12/08 13:30:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*. > [2013/01/21 05:26:25 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN [2008/11/20 07:46:35 | 000,000,000 | ---D | M] -- C:\24f82941c6c6c3cf4ebe8b75a1 [2008/11/20 07:46:35 | 000,000,000 | ---D | M] -- C:\CMPNENTS [2013/01/10 16:24:49 | 000,000,000 | -H-D | M] -- C:\Config.Msi [2009/06/24 15:06:09 | 000,000,000 | ---D | M] -- C:\ConvertTemp [2010/06/16 16:19:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen [2009/12/19 11:50:16 | 000,000,000 | ---D | M] -- C:\e6742f45e76fb6b5f2a3a2e492ba1c [2012/11/29 05:14:00 | 000,000,000 | ---D | M] -- C:\Games [2008/11/20 07:46:36 | 000,000,000 | ---D | M] -- C:\I386 [2008/11/20 07:46:37 | 000,000,000 | ---D | M] -- C:\MAGIX [2006/09/26 12:12:15 | 000,000,000 | RH-D | M] -- C:\MSOCache [2013/01/15 18:22:39 | 000,000,000 | ---D | M] -- C:\Program Files [2013/01/01 03:23:09 | 000,000,000 | R--D | M] -- C:\Programme [2013/01/15 17:24:02 | 000,000,000 | -HSD | M] -- C:\RECYCLER [2011/07/25 07:52:47 | 000,000,000 | ---D | M] -- C:\STEFAN [2008/11/20 07:46:37 | 000,000,000 | ---D | M] -- C:\SUPPORT [2013/01/21 05:26:25 | 000,000,000 | -HSD | M] -- C:\System Volume Information [2008/11/20 07:46:37 | 000,000,000 | ---D | M] -- C:\TOOLSCD [2012/11/29 05:14:00 | 000,000,000 | ---D | M] -- C:\TraderStar1.1 [2008/11/20 07:46:37 | 000,000,000 | ---D | M] -- C:\VALUEADD [2013/01/21 05:36:02 | 000,000,000 | ---D | M] -- C:\WINDOWS [2013/01/15 17:43:19 | 000,000,000 | ---D | M] -- C:\_OTL < %PROGRAMFILES%\*.exe > Invalid Environment Variable: %LOCALAPPDATA%\*.exe < %systemroot%\*. /mp /s > < MD5 for: AGP440.SYS > [2004/08/10 07:00:00 | 017,006,491 | ---- | M] () .cab file -- C:\I386\sp2.cab:AGP440.sys [2004/08/10 07:00:00 | 017,006,491 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys [2008/11/11 09:37:46 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys [2008/11/11 09:37:46 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys [2008/04/13 13:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2008/04/13 13:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys < MD5 for: ATAPI.SYS > [2004/08/10 07:00:00 | 017,006,491 | ---- | M] () .cab file -- C:\I386\sp2.cab:atapi.sys [2004/08/10 07:00:00 | 017,006,491 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2008/11/11 09:37:46 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2008/11/11 09:37:46 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys [2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [2004/08/03 15:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys [2004/08/10 07:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys < MD5 for: EVENTLOG.DLL > [2008/04/13 21:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2008/04/13 21:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll [2004/08/10 07:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll < MD5 for: EXPLORER.EXE > [2004/08/10 07:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) MD5=22FE1BE02EADDE1632E478E4125639E0 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe [2007/06/13 08:10:08 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=331ED93570BAF3CFE30340298762CD56 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe [2008/04/13 21:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\explorer.exe [2008/04/13 21:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe [2007/06/13 08:21:45 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=64D320C0E301EEDC5A4ADBBDC5024F7F -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe < MD5 for: NETLOGON.DLL > [2008/04/13 21:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll [2008/04/13 21:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll [2004/08/10 07:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll < MD5 for: SCECLI.DLL > [2008/04/13 21:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll [2008/04/13 21:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll [2004/08/10 07:00:00 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll < MD5 for: USER32.DLL > [2005/03/02 13:09:46 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=3751D7CF0E0A113D84414992146BCE6A -- C:\WINDOWS\$NtUninstallKB925902$\user32.dll [2007/03/08 10:36:30 | 000,579,072 | ---- | M] (Microsoft Corporation) MD5=492E166CFD26A50FB9160DB536FF7D2B -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll [2005/03/02 13:19:56 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=4C90159A69A5FD3EB39C71411F28FCFF -- C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\user32.dll [2004/08/10 07:00:00 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=56785FD5236D7B22CF471A6DA9DB46D8 -- C:\WINDOWS\$NtUninstallKB890859$\user32.dll [2007/03/08 10:48:39 | 000,579,584 | ---- | M] (Microsoft Corporation) MD5=78785EFF8CB90CEC1862A4CCFD9A3C3A -- C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\user32.dll [2008/04/13 21:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\ServicePackFiles\i386\user32.dll [2008/04/13 21:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll < MD5 for: USERINIT.EXE > [2008/04/13 21:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe [2008/04/13 21:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe [2004/08/10 07:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe < MD5 for: WINLOGON.EXE > [2004/08/10 07:00:00 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe [2008/04/13 21:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe [2008/04/13 21:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe < MD5 for: WS2IFSL.SYS > [2004/08/10 07:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > [2006/09/13 11:46:55 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav [2006/09/13 11:46:55 | 000,663,552 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav [2006/09/13 11:46:54 | 000,434,176 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav < %systemroot%\system32\*.dll /lockedfiles > [2011/03/03 01:54:43 | 000,149,504 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dnsapi.dll [2012/11/01 07:17:52 | 011,111,424 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ieframe.dll [2012/11/01 07:17:52 | 002,000,384 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\iertutil.dll [2008/04/13 21:22:18 | 000,280,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\mstask.dll [2008/04/13 21:22:20 | 000,067,072 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ntdsapi.dll [2012/06/08 09:25:14 | 008,503,808 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\shell32.dll Invalid Environment Variable: %USERPROFILE%\*.* Invalid Environment Variable: %USERPROFILE%\Local Settings\Temp\*.exe Invalid Environment Variable: %USERPROFILE%\Local Settings\Temp\*.dll Invalid Environment Variable: %USERPROFILE%\Application Data\*.exe < End of report > |
21.01.2013, 17:15 | #6 |
/// Malware-holic | GVU Trojaner eingefangen.Windows XP.Abgesicherter Modus nicht moeglich. was hat der genau gemacht, gibts da ne auflistung? auf deinem zweiten pc gehe auf start, programme zubehör editor, kopiere dort rein: Code:
ATTFilter :OTL O20 - HKU\Internet_ON_C Winlogon: Shell - (C:\Dokumente und Einstellungen\Internet\Anwendungsdaten\skype.dat) - C:\Dokumente und Einstellungen\Internet\Anwendungsdaten\skype.dat () :Files :Commands [EMPTYFLASH] [emptytemp] dieses speicherst du auf nem usb stick als fix.txt nutze nun wieder OTLPENet.exe (starte also von der erstellten cd) und hake alles an, wie es bereits im post zu OTLPENet.exe beschrieben ist. • Klicke nun bitte auf den Fix Button. es sollte nun eine meldung ähnlich dieser: "load fix from file" erscheinen, lade also die fix.txt von deinem stick. wenn dies nicht funktioniert, bitte den fix manuell eintragen. dann klicke erneut den fix buton. pc startet evtl. neu. wenn ja, nimm die cd aus dem laufwerk, windows sollte nun normal starten und die otl.txt öffnen, log posten bitte.
__________________ --> GVU Trojaner eingefangen.Windows XP.Abgesicherter Modus nicht moeglich. |
21.01.2013, 17:38 | #7 |
| GVU Trojaner eingefangen.Windows XP.Abgesicherter Modus nicht moeglich. Hab leider keine Auflistung vom Shop!Der hat dieses Kaspersky ablaufen lassen. Hier die Datei ========== OTL ========== Registry value HKEY_USERS\Internet_ON_C\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:C:\Dokumente und Einstellungen\Internet\Anwendungsdaten\skype.dat deleted successfully. C:\Dokumente und Einstellungen\Internet\Anwendungsdaten\skype.dat moved successfully. ========== FILES ========== ========== COMMANDS ========== [EMPTYFLASH] User: Administrator ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Internet ->Temp folder emptied: 601200 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Java cache emptied: 0 bytes ->Flash cache emptied: 0 bytes User: LocalService ->Temp folder emptied: 66016 bytes ->Temporary Internet Files folder emptied: 16786 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Stefan Total Flash Files Cleaned = 1.00 mb [EMPTYTEMP] User: Administrator ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Internet ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Java cache emptied: 0 bytes ->Flash cache emptied: 0 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Stefan %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 63343 bytes Total Files Cleaned = 0.00 mb OTLPE by OldTimer - Version 3.1.48.0 log created on 01212013_173206 Suuuuper! Computer läuft wieder! Vielen Dank! Suuuuper! Computer läuft wieder! Vielen Dank! |
21.01.2013, 19:23 | #8 |
/// Malware-holic | GVU Trojaner eingefangen.Windows XP.Abgesicherter Modus nicht moeglich. hi download tdss killer: http://www.trojaner-board.de/82358-t...entfernen.html Klicke auf Change parameters • Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system • Klick auf OK und anschließend auf Start scan - bei funden erst mal immer skip wählen, log posten c: öffnen, tdsskiller-datum-version.txt öffnen, Inhalt posten
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
21.01.2013, 21:44 | #9 |
| GVU Trojaner eingefangen.Windows XP.Abgesicherter Modus nicht moeglich. Hier das TDSS log.Ich musste es teilen weil es zu groß war! 21:07:26.0843 5016 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35 21:07:28.0171 5016 ============================================================ 21:07:28.0171 5016 Current date / time: 2013/01/21 21:07:28.0171 21:07:28.0171 5016 SystemInfo: 21:07:28.0171 5016 21:07:28.0171 5016 OS Version: 5.1.2600 ServicePack: 3.0 21:07:28.0171 5016 Product type: Workstation 21:07:28.0171 5016 ComputerName: STEFAN 21:07:28.0171 5016 UserName: Internet 21:07:28.0171 5016 Windows directory: C:\WINDOWS 21:07:28.0171 5016 System windows directory: C:\WINDOWS 21:07:28.0171 5016 Processor architecture: Intel x86 21:07:28.0171 5016 Number of processors: 1 21:07:28.0171 5016 Page size: 0x1000 21:07:28.0171 5016 Boot type: Normal boot 21:07:28.0171 5016 ============================================================ 21:07:30.0515 5016 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054 21:07:30.0531 5016 ============================================================ 21:07:30.0531 5016 \Device\Harddisk0\DR0: 21:07:30.0531 5016 MBR partitions: 21:07:30.0531 5016 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xDF93782 21:07:30.0531 5016 ============================================================ 21:07:30.0546 5016 C: <-> \Device\Harddisk0\DR0\Partition1 21:07:30.0546 5016 ============================================================ 21:07:30.0546 5016 Initialize success 21:07:30.0546 5016 ============================================================ 21:08:24.0515 0460 ============================================================ 21:08:24.0515 0460 Scan started 21:08:24.0515 0460 Mode: Manual; SigCheck; TDLFS; 21:08:24.0515 0460 ============================================================ 21:08:26.0984 0460 ================ Scan system memory ======================== 21:08:27.0000 0460 System memory - ok 21:08:27.0000 0460 ================ Scan services ============================= 21:08:27.0281 0460 [ 17067069B9A7865028C1F2E6971D0CCC ] aawservice C:\Programme\Lavasoft\Ad-Aware\aawservice.exe 21:08:27.0562 0460 aawservice - ok 21:08:28.0875 0460 Abiosdsk - ok 21:08:28.0875 0460 abp480n5 - ok 21:08:28.0937 0460 [ 4E5451DD0AEC8504D7F8030DD2D4C416 ] ACEDRV07 C:\WINDOWS\system32\drivers\ACEDRV07.sys 21:08:30.0015 0460 ACEDRV07 ( UnsignedFile.Multi.Generic ) - warning 21:08:30.0015 0460 ACEDRV07 - detected UnsignedFile.Multi.Generic (1) 21:08:30.0078 0460 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys 21:08:32.0906 0460 ACPI - ok 21:08:32.0968 0460 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys 21:08:33.0203 0460 ACPIEC - ok 21:08:33.0203 0460 adpu160m - ok 21:08:33.0218 0460 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys 21:08:33.0390 0460 aec - ok 21:08:33.0437 0460 [ 15E655BAA989444F56787EF558823643 ] AegisP C:\WINDOWS\system32\DRIVERS\AegisP.sys 21:08:33.0468 0460 AegisP ( UnsignedFile.Multi.Generic ) - warning 21:08:33.0468 0460 AegisP - detected UnsignedFile.Multi.Generic (1) 21:08:33.0515 0460 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys 21:08:33.0593 0460 AFD - ok 21:08:33.0687 0460 [ C41A5740468D0B9CB46E6390A0E15CE3 ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys 21:08:33.0890 0460 AgereSoftModem - ok 21:08:33.0890 0460 Aha154x - ok 21:08:33.0890 0460 aic78u2 - ok 21:08:33.0906 0460 aic78xx - ok 21:08:33.0968 0460 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll 21:08:34.0125 0460 Alerter - ok 21:08:34.0140 0460 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe 21:08:34.0296 0460 ALG - ok 21:08:34.0312 0460 AliIde - ok 21:08:34.0312 0460 amsint - ok 21:08:34.0343 0460 [ D45960BE52C3C610D361977057F98C54 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll 21:08:34.0515 0460 AppMgmt - ok 21:08:34.0562 0460 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys 21:08:34.0718 0460 Arp1394 - ok 21:08:34.0718 0460 asc - ok 21:08:34.0734 0460 asc3350p - ok 21:08:34.0734 0460 asc3550 - ok 21:08:34.0859 0460 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe 21:08:34.0921 0460 aspnet_state - ok 21:08:34.0953 0460 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys 21:08:35.0109 0460 AsyncMac - ok 21:08:35.0140 0460 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys 21:08:35.0296 0460 atapi - ok 21:08:35.0296 0460 Atdisk - ok 21:08:35.0390 0460 [ C4B5144443A368741E6427FAA44C5491 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe 21:08:35.0500 0460 Ati HotKey Poller - ok 21:08:35.0609 0460 [ 221F0A33229CCE7BF2F7640D3BB8845D ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys 21:08:35.0703 0460 ati2mtag - ok 21:08:35.0750 0460 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys 21:08:35.0906 0460 Atmarpc - ok 21:08:35.0937 0460 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll 21:08:36.0109 0460 AudioSrv - ok 21:08:36.0125 0460 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys 21:08:36.0281 0460 audstub - ok 21:08:36.0312 0460 Automatisches LiveUpdate - Scheduler - ok 21:08:36.0312 0460 Beep - ok 21:08:36.0500 0460 [ 9DFFCB249663AA3C2ECB67202280054E ] BHDrvx86 C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\BASHDefs\20130111.001\BHDrvx86.sys 21:08:36.0640 0460 BHDrvx86 - ok 21:08:36.0687 0460 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll 21:08:36.0875 0460 BITS - ok 21:08:36.0921 0460 [ B71549F23736ADF83A571061C47777FD ] Browser C:\WINDOWS\System32\browser.dll 21:08:37.0000 0460 Browser - ok 21:08:37.0046 0460 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys 21:08:37.0218 0460 cbidf2k - ok 21:08:37.0250 0460 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 21:08:37.0421 0460 CCDECODE - ok 21:08:37.0531 0460 [ ACE85AF1C31F68BDFEE9333F6592917E ] ccSet_NIS C:\WINDOWS\system32\drivers\NIS\1309000.009\ccSetx86.sys 21:08:37.0562 0460 ccSet_NIS - ok 21:08:37.0562 0460 cd20xrnt - ok 21:08:37.0578 0460 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys 21:08:37.0734 0460 Cdaudio - ok 21:08:37.0765 0460 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys 21:08:37.0906 0460 Cdfs - ok 21:08:37.0921 0460 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys 21:08:38.0093 0460 Cdrom - ok 21:08:38.0171 0460 [ 3CB0CC8879956C187E87E18634EE5164 ] CFSvcs C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe 21:08:38.0203 0460 CFSvcs ( UnsignedFile.Multi.Generic ) - warning 21:08:38.0203 0460 CFSvcs - detected UnsignedFile.Multi.Generic (1) 21:08:38.0218 0460 Changer - ok 21:08:38.0250 0460 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe 21:08:38.0421 0460 CiSvc - ok 21:08:38.0453 0460 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe 21:08:38.0625 0460 ClipSrv - ok 21:08:38.0656 0460 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 21:08:38.0781 0460 clr_optimization_v2.0.50727_32 - ok 21:08:38.0812 0460 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys 21:08:38.0968 0460 CmBatt - ok 21:08:38.0984 0460 CmdIde - ok 21:08:39.0000 0460 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys 21:08:39.0156 0460 Compbatt - ok 21:08:39.0171 0460 COMSysApp - ok 21:08:39.0187 0460 Cpqarray - ok 21:08:39.0328 0460 cpuz132 - ok 21:08:39.0343 0460 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll 21:08:39.0500 0460 CryptSvc - ok 21:08:39.0515 0460 dac2w2k - ok 21:08:39.0515 0460 dac960nt - ok 21:08:39.0593 0460 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 21:08:39.0671 0460 DcomLaunch - ok 21:08:39.0718 0460 [ 3BE1651C63954067940E7F473498AD70 ] dgderdrv C:\WINDOWS\system32\drivers\dgderdrv.sys 21:08:39.0734 0460 dgderdrv - ok 21:08:39.0796 0460 [ 10B8F89D146D0E20B1284D47BB4EC6C9 ] dgdersvc C:\WINDOWS\system32\dgdersvc.exe 21:08:39.0828 0460 dgdersvc - ok 21:08:39.0859 0460 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll 21:08:40.0015 0460 Dhcp - ok 21:08:40.0062 0460 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys 21:08:40.0218 0460 Disk - ok 21:08:40.0281 0460 [ EE4325BECEF51B8C32B4329097E4F301 ] DLABOIOM C:\WINDOWS\system32\DLA\DLABOIOM.SYS 21:08:40.0296 0460 DLABOIOM ( UnsignedFile.Multi.Generic ) - warning 21:08:40.0296 0460 DLABOIOM - detected UnsignedFile.Multi.Generic (1) 21:08:40.0296 0460 [ D979BEBCF7EDCC9C9EE1857D1A68C67B ] DLACDBHM C:\WINDOWS\system32\Drivers\DLACDBHM.SYS 21:08:40.0312 0460 DLACDBHM ( UnsignedFile.Multi.Generic ) - warning 21:08:40.0312 0460 DLACDBHM - detected UnsignedFile.Multi.Generic (1) 21:08:40.0343 0460 [ F17CFEB7F7E90496931523E5BA11D399 ] DLADResN C:\WINDOWS\system32\DLA\DLADResN.SYS 21:08:40.0390 0460 DLADResN ( UnsignedFile.Multi.Generic ) - warning 21:08:40.0390 0460 DLADResN - detected UnsignedFile.Multi.Generic (1) 21:08:40.0406 0460 [ 752376E109A090970BFA9722F0F40B03 ] DLAIFS_M C:\WINDOWS\system32\DLA\DLAIFS_M.SYS 21:08:40.0437 0460 DLAIFS_M ( UnsignedFile.Multi.Generic ) - warning 21:08:40.0437 0460 DLAIFS_M - detected UnsignedFile.Multi.Generic (1) 21:08:40.0468 0460 [ 62EE7902E74B90BF1CCC4643FC6C07A7 ] DLAOPIOM C:\WINDOWS\system32\DLA\DLAOPIOM.SYS 21:08:40.0484 0460 DLAOPIOM ( UnsignedFile.Multi.Generic ) - warning 21:08:40.0484 0460 DLAOPIOM - detected UnsignedFile.Multi.Generic (1) 21:08:40.0500 0460 [ 5C220124C5AFEAEE84A9BB89D685C17B ] DLAPoolM C:\WINDOWS\system32\DLA\DLAPoolM.SYS 21:08:40.0515 0460 DLAPoolM ( UnsignedFile.Multi.Generic ) - warning 21:08:40.0515 0460 DLAPoolM - detected UnsignedFile.Multi.Generic (1) 21:08:40.0515 0460 [ 7EE0852AE8907689DF25049DCD2342E8 ] DLARTL_N C:\WINDOWS\system32\Drivers\DLARTL_N.SYS 21:08:40.0531 0460 DLARTL_N ( UnsignedFile.Multi.Generic ) - warning 21:08:40.0531 0460 DLARTL_N - detected UnsignedFile.Multi.Generic (1) 21:08:40.0562 0460 [ 4EBB78D9BBF072119363B35B9B3E518F ] DLAUDFAM C:\WINDOWS\system32\DLA\DLAUDFAM.SYS 21:08:40.0578 0460 DLAUDFAM ( UnsignedFile.Multi.Generic ) - warning 21:08:40.0578 0460 DLAUDFAM - detected UnsignedFile.Multi.Generic (1) 21:08:40.0593 0460 [ 333B770E52D2CEA7BD86391120466E43 ] DLAUDF_M C:\WINDOWS\system32\DLA\DLAUDF_M.SYS 21:08:40.0625 0460 DLAUDF_M ( UnsignedFile.Multi.Generic ) - warning 21:08:40.0625 0460 DLAUDF_M - detected UnsignedFile.Multi.Generic (1) 21:08:40.0625 0460 dmadmin - ok 21:08:40.0734 0460 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys 21:08:41.0000 0460 dmboot - ok 21:08:41.0046 0460 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys 21:08:41.0187 0460 dmio - ok 21:08:41.0203 0460 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys 21:08:41.0343 0460 dmload - ok 21:08:41.0406 0460 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll 21:08:41.0562 0460 dmserver - ok 21:08:41.0593 0460 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys 21:08:41.0750 0460 DMusic - ok 21:08:41.0796 0460 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 21:08:41.0953 0460 Dnscache - ok 21:08:42.0000 0460 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll 21:08:42.0156 0460 Dot3svc - ok 21:08:42.0156 0460 dpti2o - ok 21:08:42.0203 0460 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys 21:08:42.0328 0460 drmkaud - ok 21:08:42.0343 0460 [ FD0F95981FEF9073659D8EC58E40AA3C ] DRVMCDB C:\WINDOWS\system32\Drivers\DRVMCDB.SYS 21:08:42.0375 0460 DRVMCDB ( UnsignedFile.Multi.Generic ) - warning 21:08:42.0375 0460 DRVMCDB - detected UnsignedFile.Multi.Generic (1) 21:08:42.0406 0460 [ B4869D320428CDC5EC4D7F5E808E99B5 ] DRVNDDM C:\WINDOWS\system32\Drivers\DRVNDDM.SYS 21:08:42.0437 0460 DRVNDDM ( UnsignedFile.Multi.Generic ) - warning 21:08:42.0437 0460 DRVNDDM - detected UnsignedFile.Multi.Generic (1) 21:08:42.0484 0460 [ C9FFBD6B8EDC46CD3D13E3C6DB914FB7 ] DVD-RAM_Service C:\WINDOWS\system32\DVDRAMSV.exe 21:08:42.0515 0460 DVD-RAM_Service ( UnsignedFile.Multi.Generic ) - warning 21:08:42.0515 0460 DVD-RAM_Service - detected UnsignedFile.Multi.Generic (1) 21:08:42.0546 0460 [ 83403675CAB29E7A4B885B11E7C855D8 ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys 21:08:42.0609 0460 E100B - ok 21:08:42.0625 0460 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll 21:08:42.0765 0460 EapHost - ok 21:08:42.0937 0460 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\eeCtrl.sys 21:08:42.0984 0460 eeCtrl - ok 21:08:43.0078 0460 [ B03BCD810A2EE089FA08E47B5200BE31 ] ehRecvr C:\WINDOWS\eHome\ehRecvr.exe 21:08:43.0171 0460 ehRecvr - ok 21:08:43.0187 0460 [ E774BF24A6CB798DCE67AD1C8E917152 ] ehSched C:\WINDOWS\eHome\ehSched.exe 21:08:43.0234 0460 ehSched - ok 21:08:43.0281 0460 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 21:08:43.0296 0460 EraserUtilRebootDrv - ok 21:08:43.0343 0460 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll 21:08:43.0484 0460 ERSvc - ok 21:08:43.0546 0460 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe 21:08:43.0593 0460 Eventlog - ok 21:08:43.0640 0460 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\system32\es.dll 21:08:43.0718 0460 EventSystem - ok 21:08:43.0812 0460 [ 6A197698A141FFE7651B962AE3172008 ] EvtEng C:\Programme\Intel\Wireless\Bin\EvtEng.exe 21:08:43.0890 0460 EvtEng ( UnsignedFile.Multi.Generic ) - warning 21:08:43.0890 0460 EvtEng - detected UnsignedFile.Multi.Generic (1) 21:08:43.0937 0460 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys 21:08:44.0125 0460 Fastfat - ok 21:08:44.0171 0460 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll 21:08:44.0234 0460 FastUserSwitchingCompatibility - ok 21:08:44.0250 0460 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys 21:08:44.0406 0460 Fdc - ok 21:08:44.0437 0460 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys 21:08:44.0625 0460 Fips - ok 21:08:44.0875 0460 [ 167D24A045499EBEF438F231976158DF ] FirebirdServerMAGIXInstance C:\MAGIX\Common\Database\bin\fbserver.exe 21:08:45.0000 0460 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning 21:08:45.0000 0460 FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1) 21:08:45.0078 0460 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys 21:08:45.0218 0460 Flpydisk - ok 21:08:45.0265 0460 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys 21:08:45.0437 0460 FltMgr - ok 21:08:46.0187 0460 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe 21:08:46.0203 0460 FontCache3.0.0.0 - ok 21:08:46.0265 0460 [ B07663A810E861EEBFD0EAC7E82CA62D ] FsUsbExDisk C:\WINDOWS\system32\FsUsbExDisk.SYS 21:08:46.0281 0460 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning 21:08:46.0281 0460 FsUsbExDisk - detected UnsignedFile.Multi.Generic (1) 21:08:46.0343 0460 [ F96C429788350DB4BA6771C3034DFD88 ] FsUsbExService C:\WINDOWS\system32\FsUsbExService.Exe 21:08:46.0375 0460 FsUsbExService ( UnsignedFile.Multi.Generic ) - warning 21:08:46.0375 0460 FsUsbExService - detected UnsignedFile.Multi.Generic (1) 21:08:46.0406 0460 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 21:08:46.0578 0460 Fs_Rec - ok 21:08:46.0578 0460 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys 21:08:46.0734 0460 Ftdisk - ok 21:08:46.0781 0460 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys 21:08:46.0937 0460 Gpc - ok 21:08:47.0000 0460 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Programme\Google\Update\GoogleUpdate.exe 21:08:47.0015 0460 gupdate - ok 21:08:47.0015 0460 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe 21:08:47.0031 0460 gupdatem - ok 21:08:47.0062 0460 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 21:08:47.0203 0460 HDAudBus - ok 21:08:47.0296 0460 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 21:08:47.0437 0460 helpsvc - ok 21:08:47.0484 0460 [ B35DA85E60C0103F2E4104532DA2F12B ] HidServ C:\WINDOWS\System32\hidserv.dll 21:08:47.0640 0460 HidServ - ok 21:08:47.0671 0460 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys 21:08:47.0796 0460 HidUsb - ok 21:08:47.0828 0460 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll 21:08:47.0984 0460 hkmsvc - ok 21:08:47.0984 0460 hpn - ok 21:08:48.0093 0460 [ CE0FCEC4D4D860F36D972759B11EAF0F ] hpqcxs08 C:\Programme\HP\Digital Imaging\bin\hpqcxs08.dll 21:08:48.0109 0460 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning 21:08:48.0109 0460 hpqcxs08 - detected UnsignedFile.Multi.Generic (1) 21:08:48.0171 0460 [ 7DA3211AC63EDD90B8ECA1CA1ABFD43B ] hpqddsvc C:\Programme\HP\Digital Imaging\bin\hpqddsvc.dll 21:08:48.0203 0460 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning 21:08:48.0203 0460 hpqddsvc - detected UnsignedFile.Multi.Generic (1) 21:08:48.0265 0460 [ 14229263AA19C704E0D6D2E7404A8455 ] HPSLPSVC C:\Programme\HP\Digital Imaging\bin\HPSLPSVC32.DLL 21:08:48.0343 0460 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning 21:08:48.0343 0460 HPSLPSVC - detected UnsignedFile.Multi.Generic (1) 21:08:48.0390 0460 [ D03D10F7DED688FECF50F8FBF1EA9B8A ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys 21:08:48.0687 0460 HPZid412 - ok 21:08:48.0718 0460 [ 89F41658929393487B6B7D13C8528CE3 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys 21:08:48.0781 0460 HPZipr12 - ok 21:08:48.0828 0460 [ ABCB05CCDBF03000354B9553820E39F8 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys 21:08:48.0875 0460 HPZius12 - ok 21:08:48.0953 0460 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys 21:08:49.0046 0460 HTTP - ok 21:08:49.0093 0460 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll 21:08:49.0250 0460 HTTPFilter - ok 21:08:49.0250 0460 i2omgmt - ok 21:08:49.0265 0460 i2omp - ok 21:08:49.0281 0460 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys 21:08:49.0453 0460 i8042prt - ok 21:08:49.0515 0460 [ 0F0194C4B635C10C3F785E4FEE52D641 ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys 21:08:49.0625 0460 ialm - ok 21:08:49.0718 0460 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe 21:08:49.0750 0460 IDriverT ( UnsignedFile.Multi.Generic ) - warning 21:08:49.0750 0460 IDriverT - detected UnsignedFile.Multi.Generic (1) 21:08:49.0875 0460 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 21:08:49.0937 0460 idsvc - ok 21:08:50.0031 0460 [ C19BF2A07BE972A110220DF6B1E89D14 ] IDSxpx86 C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\IPSDefs\20130118.001\IDSxpx86.sys 21:08:50.0062 0460 IDSxpx86 - ok 21:08:50.0093 0460 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys 21:08:50.0265 0460 Imapi - ok 21:08:50.0687 0460 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe 21:08:51.0078 0460 ImapiService - ok 21:08:51.0109 0460 ini910u - ok 21:08:51.0328 0460 [ 7C09D605FCAE64E3CB11EBF90FB1E3A1 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys 21:08:51.0828 0460 IntcAzAudAddService - ok 21:08:51.0843 0460 IntelIde - ok 21:08:51.0906 0460 [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys 21:08:52.0062 0460 intelppm - ok 21:08:52.0109 0460 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys 21:08:52.0265 0460 Ip6Fw - ok 21:08:52.0312 0460 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 21:08:52.0468 0460 IpFilterDriver - ok 21:08:52.0515 0460 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys 21:08:52.0671 0460 IpInIp - ok 21:08:52.0734 0460 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys 21:08:52.0906 0460 IpNat - ok 21:08:52.0953 0460 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys 21:08:53.0078 0460 IPSec - ok 21:08:53.0093 0460 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys 21:08:53.0265 0460 IRENUM - ok 21:08:53.0328 0460 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys 21:08:53.0484 0460 isapnp - ok 21:08:53.0515 0460 [ F59C3569A2F2C464BB78CB1BDCDCA55E ] Iviaspi C:\WINDOWS\system32\drivers\iviaspi.sys 21:08:53.0546 0460 Iviaspi ( UnsignedFile.Multi.Generic ) - warning 21:08:53.0546 0460 Iviaspi - detected UnsignedFile.Multi.Generic (1) 21:08:53.0625 0460 [ 8660A2F09AEEFE933728B9FD4C7DA0CF ] IWPORT C:\WINDOWS\SYSTEM32\DRIVERS\IWPORT.SYS 21:08:53.0640 0460 IWPORT ( UnsignedFile.Multi.Generic ) - warning 21:08:53.0640 0460 IWPORT - detected UnsignedFile.Multi.Generic (1) 21:08:53.0718 0460 [ 6BDF044FED21416D14235F039E49EF1C ] IwUSB C:\WINDOWS\system32\Drivers\IwUSB.sys 21:08:53.0734 0460 IwUSB ( UnsignedFile.Multi.Generic ) - warning 21:08:53.0734 0460 IwUSB - detected UnsignedFile.Multi.Generic (1) 21:08:53.0859 0460 [ 0A5709543986843D37A92290B7838340 ] JavaQuickStarterService C:\Programme\Java\jre6\bin\jqs.exe 21:08:53.0875 0460 JavaQuickStarterService - ok 21:08:53.0921 0460 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys 21:08:54.0062 0460 Kbdclass - ok 21:08:54.0109 0460 [ B6D6C117D771C98130497265F26D1882 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys 21:08:54.0250 0460 kbdhid - ok 21:08:54.0296 0460 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys 21:08:54.0437 0460 kmixer - ok 21:08:54.0484 0460 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys 21:08:54.0625 0460 KSecDD - ok 21:08:54.0687 0460 [ 2BBDCB79900990F0716DFCB714E72DE7 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll 21:08:54.0812 0460 lanmanserver - ok 21:08:54.0859 0460 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll 21:08:54.0937 0460 lanmanworkstation - ok 21:08:54.0953 0460 lbrtfdc - ok 21:08:55.0031 0460 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll 21:08:55.0187 0460 LmHosts - ok 21:08:55.0250 0460 [ 0BE8E67A2639E6F663225E485CC1B2FB ] LVUSBSta C:\WINDOWS\system32\drivers\lvusbsta.sys 21:08:55.0328 0460 LVUSBSta - ok 21:08:55.0375 0460 [ 52404CC76E9D53843BDF97564BB16BED ] McrdSvc C:\WINDOWS\ehome\mcrdsvc.exe 21:08:55.0406 0460 McrdSvc - ok 21:08:55.0453 0460 [ 7EFAC183A25B30FB5D64CC9D484B1EB6 ] meiudf C:\WINDOWS\system32\Drivers\meiudf.sys 21:08:55.0484 0460 meiudf ( UnsignedFile.Multi.Generic ) - warning 21:08:55.0484 0460 meiudf - detected UnsignedFile.Multi.Generic (1) 21:08:55.0578 0460 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll 21:08:55.0750 0460 Messenger - ok 21:08:55.0796 0460 [ DED60230E3019C508769EC3C15BCDA44 ] MHN C:\WINDOWS\System32\mhn.dll 21:08:55.0812 0460 MHN ( UnsignedFile.Multi.Generic ) - warning 21:08:55.0812 0460 MHN - detected UnsignedFile.Multi.Generic (1) 21:08:55.0859 0460 [ 7F2F1D2815A6449D346FCCCBC569FBD6 ] MHNDRV C:\WINDOWS\system32\DRIVERS\mhndrv.sys 21:08:55.0890 0460 MHNDRV ( UnsignedFile.Multi.Generic ) - warning 21:08:55.0890 0460 MHNDRV - detected UnsignedFile.Multi.Generic (1) 21:08:55.0937 0460 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys 21:08:56.0078 0460 mnmdd - ok 21:08:56.0109 0460 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe 21:08:56.0281 0460 mnmsrvc - ok 21:08:56.0328 0460 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys 21:08:56.0468 0460 Modem - ok 21:08:56.0500 0460 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys 21:08:56.0640 0460 Mouclass - ok 21:08:56.0718 0460 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys 21:08:56.0890 0460 mouhid - ok 21:08:56.0921 0460 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys 21:08:57.0062 0460 MountMgr - ok 21:08:57.0078 0460 mraid35x - ok 21:08:57.0109 0460 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys 21:08:57.0250 0460 MRxDAV - ok 21:08:57.0328 0460 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 21:08:57.0437 0460 MRxSmb - ok 21:08:57.0484 0460 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\system32\msdtc.exe 21:08:57.0625 0460 MSDTC - ok 21:08:57.0656 0460 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 21:08:57.0812 0460 Msfs - ok 21:08:57.0828 0460 MSIServer - ok 21:08:57.0875 0460 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys 21:08:58.0062 0460 MSKSSRV - ok 21:08:58.0125 0460 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys 21:08:58.0281 0460 MSPCLOCK - ok 21:08:58.0328 0460 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys 21:08:58.0500 0460 MSPQM - ok 21:08:58.0531 0460 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys 21:08:58.0703 0460 mssmbios - ok 21:08:58.0750 0460 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys 21:08:58.0890 0460 MSTEE - ok 21:08:58.0953 0460 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys 21:08:59.0015 0460 Mup - ok 21:08:59.0031 0460 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 21:08:59.0203 0460 NABTSFEC - ok 21:08:59.0265 0460 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll 21:08:59.0437 0460 napagent - ok 21:08:59.0546 0460 [ 7D7A3BC6640C1A0D1442816B30856928 ] NAVENG C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20130120.018\NAVENG.SYS 21:08:59.0562 0460 NAVENG - ok 21:08:59.0687 0460 [ 28494C43D62AA7584BDCA2FADFBC4D11 ] NAVEX15 C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20130120.018\NAVEX15.SYS 21:08:59.0765 0460 NAVEX15 - ok 21:08:59.0843 0460 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys 21:09:00.0015 0460 NDIS - ok 21:09:00.0078 0460 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys 21:09:00.0218 0460 NdisIP - ok 21:09:00.0296 0460 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 21:09:00.0406 0460 NdisTapi - ok 21:09:00.0437 0460 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys 21:09:01.0062 0460 Ndisuio - ok 21:09:01.0093 0460 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys 21:09:01.0265 0460 NdisWan - ok 21:09:01.0328 0460 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys 21:09:01.0390 0460 NDProxy - ok 21:09:01.0453 0460 [ A081CB6FB9A12668F233EB5414BE3A0E ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll 21:09:01.0468 0460 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 21:09:01.0468 0460 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 21:09:01.0515 0460 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys 21:09:01.0671 0460 NetBIOS - ok 21:09:01.0718 0460 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 21:09:01.0875 0460 NetBT - ok 21:09:01.0953 0460 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe 21:09:02.0093 0460 NetDDE - ok 21:09:02.0125 0460 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe 21:09:02.0250 0460 NetDDEdsdm - ok 21:09:02.0281 0460 [ 1265EB253ED4EBE4ACB3BD5F548FF796 ] Netdevio C:\WINDOWS\system32\DRIVERS\netdevio.sys 21:09:02.0312 0460 Netdevio ( UnsignedFile.Multi.Generic ) - warning 21:09:02.0312 0460 Netdevio - detected UnsignedFile.Multi.Generic (1) 21:09:02.0375 0460 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe 21:09:02.0500 0460 Netlogon - ok 21:09:02.0531 0460 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll 21:09:02.0687 0460 Netman - ok 21:09:02.0718 0460 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 21:09:02.0750 0460 NetTcpPortSharing - ok 21:09:02.0859 0460 [ 50F5DE54E1D1646C02078F3EDDC15A8E ] NETw3x32 C:\WINDOWS\system32\DRIVERS\NETw3x32.sys 21:09:03.0031 0460 NETw3x32 - ok 21:09:03.0062 0460 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys 21:09:03.0218 0460 NIC1394 - ok 21:09:03.0328 0460 [ F2840DBFE9322F35557219AE82CC4597 ] NIS C:\Programme\Norton Internet Security\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe 21:09:03.0343 0460 NIS - ok 21:09:03.0421 0460 [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla C:\WINDOWS\System32\mswsock.dll 21:09:03.0468 0460 Nla - ok 21:09:03.0531 0460 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 21:09:03.0687 0460 Npfs - ok 21:09:03.0765 0460 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys 21:09:03.0968 0460 Ntfs - ok 21:09:04.0000 0460 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\system32\lsass.exe 21:09:04.0125 0460 NtLmSsp - ok 21:09:04.0203 0460 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll 21:09:04.0343 0460 NtmsSvc - ok 21:09:04.0390 0460 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys 21:09:04.0546 0460 Null - ok 21:09:04.0734 0460 [ AC5267C71F72FB42511ED5790BA0E9F5 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys 21:09:05.0031 0460 nv - ok 21:09:05.0093 0460 [ 3AB553F922FC8501BF2EE5407FC28C0F ] NVSvc C:\WINDOWS\system32\nvsvc32.exe 21:09:05.0171 0460 NVSvc - ok 21:09:05.0203 0460 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 21:09:05.0343 0460 NwlnkFlt - ok 21:09:05.0375 0460 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 21:09:05.0531 0460 NwlnkFwd - ok 21:09:05.0718 0460 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE 21:09:05.0750 0460 odserv - ok 21:09:05.0828 0460 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys 21:09:05.0953 0460 ohci1394 - ok 21:09:06.0031 0460 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE 21:09:06.0046 0460 ose - ok 21:09:06.0078 0460 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\drivers\Parport.sys 21:09:06.0250 0460 Parport - ok 21:09:06.0265 0460 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys 21:09:06.0406 0460 PartMgr - ok 21:09:06.0437 0460 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys 21:09:06.0609 0460 ParVdm - ok 21:09:06.0640 0460 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys 21:09:06.0781 0460 PCI - ok 21:09:06.0796 0460 PCIDump - ok 21:09:06.0828 0460 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys 21:09:07.0000 0460 PCIIde - ok 21:09:07.0046 0460 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys 21:09:07.0203 0460 Pcmcia - ok 21:09:07.0234 0460 PDCOMP - ok 21:09:07.0250 0460 PDFRAME - ok 21:09:07.0296 0460 PDRELI - ok 21:09:07.0312 0460 PDRFRAME - ok 21:09:07.0343 0460 perc2 - ok 21:09:07.0359 0460 perc2hib - ok 21:09:07.0453 0460 [ 444F122E68DB44C0589227781F3C8B3F ] Pfc C:\WINDOWS\system32\drivers\pfc.sys 21:09:07.0484 0460 Pfc ( UnsignedFile.Multi.Generic ) - warning 21:09:07.0484 0460 Pfc - detected UnsignedFile.Multi.Generic (1) 21:09:07.0562 0460 [ A2B25662FB5FAF875CCEAD2166B5F9AD ] PID_0928 C:\WINDOWS\system32\DRIVERS\LV561AV.SYS 21:09:07.0593 0460 PID_0928 - ok 21:09:07.0640 0460 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe 21:09:07.0687 0460 PlugPlay - ok 21:09:07.0765 0460 [ 65BC271F337637731D3C71455AE1F476 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll 21:09:07.0781 0460 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 21:09:07.0781 0460 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 21:09:07.0812 0460 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe 21:09:07.0937 0460 PolicyAgent - ok 21:09:07.0984 0460 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys 21:09:08.0140 0460 PptpMiniport - ok 21:09:08.0171 0460 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe 21:09:08.0328 0460 ProtectedStorage - ok 21:09:08.0343 0460 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys 21:09:08.0484 0460 PSched - ok 21:09:08.0515 0460 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys 21:09:08.0687 0460 Ptilink - ok 21:09:08.0734 0460 [ D86B4A68565E444D76457F14172C875A ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys 21:09:08.0750 0460 PxHelp20 - ok 21:09:08.0765 0460 ql1080 - ok 21:09:08.0796 0460 Ql10wnt - ok 21:09:08.0828 0460 ql12160 - ok 21:09:08.0843 0460 ql1240 - ok 21:09:08.0875 0460 ql1280 - ok 21:09:08.0921 0460 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 21:09:09.0078 0460 RasAcd - ok 21:09:09.0156 0460 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll 21:09:09.0312 0460 RasAuto - ok 21:09:09.0359 0460 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 21:09:09.0484 0460 Rasl2tp - ok 21:09:09.0562 0460 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll 21:09:09.0734 0460 RasMan - ok 21:09:09.0765 0460 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys 21:09:09.0906 0460 RasPppoe - ok 21:09:09.0937 0460 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys 21:09:10.0125 0460 Raspti - ok 21:09:10.0390 0460 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 21:09:10.0640 0460 Rdbss - ok 21:09:10.0687 0460 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 21:09:11.0078 0460 RDPCDD - ok 21:09:11.0125 0460 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys 21:09:11.0281 0460 rdpdr - ok 21:09:11.0359 0460 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys 21:09:11.0406 0460 RDPWD - ok 21:09:11.0468 0460 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe 21:09:11.0625 0460 RDSessMgr - ok 21:09:11.0796 0460 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys 21:09:11.0968 0460 redbook - ok 21:09:12.0031 0460 [ D8F61AAAE73A1FBDE6F538BECC891F2F ] RegSrvc C:\Programme\Intel\Wireless\Bin\RegSrvc.exe 21:09:12.0062 0460 RegSrvc ( UnsignedFile.Multi.Generic ) - warning 21:09:12.0062 0460 RegSrvc - detected UnsignedFile.Multi.Generic (1) 21:09:12.0140 0460 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 21:09:12.0312 0460 RemoteAccess - ok 21:09:12.0359 0460 [ E4CD1F3D84E1C2CA0B8CF7501E201593 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll 21:09:12.0500 0460 RemoteRegistry - ok 21:09:12.0515 0460 RimUsb - ok 21:09:12.0546 0460 [ D9B34325EE5DF78B8F28A3DE9F577C7D ] RimVSerPort C:\WINDOWS\system32\DRIVERS\RimSerial.sys 21:09:12.0609 0460 RimVSerPort - ok 21:09:12.0671 0460 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys 21:09:12.0890 0460 ROOTMODEM - ok 21:09:13.0171 0460 RoxLiveShare9 - ok 21:09:13.0218 0460 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\system32\locator.exe 21:09:13.0375 0460 RpcLocator - ok 21:09:13.0437 0460 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs C:\WINDOWS\system32\rpcss.dll 21:09:13.0500 0460 RpcSs - ok 21:09:13.0562 0460 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\system32\rsvp.exe 21:09:13.0703 0460 RSVP - ok 21:09:13.0781 0460 [ 25F697E3AFA7B337BBCADDBCE38E6934 ] S24EventMonitor C:\Programme\Intel\Wireless\Bin\S24EvMon.exe 21:09:13.0890 0460 S24EventMonitor ( UnsignedFile.Multi.Generic ) - warning 21:09:13.0890 0460 S24EventMonitor - detected UnsignedFile.Multi.Generic (1) 21:09:13.0921 0460 [ 2862ADB14481AC28F98105FF33A99EB0 ] s24trans C:\WINDOWS\system32\DRIVERS\s24trans.sys 21:09:13.0953 0460 s24trans ( UnsignedFile.Multi.Generic ) - warning 21:09:13.0953 0460 s24trans - detected UnsignedFile.Multi.Generic (1) 21:09:13.0984 0460 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe 21:09:14.0125 0460 SamSs - ok 21:09:14.0156 0460 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe 21:09:14.0312 0460 SCardSvr - ok 21:09:14.0359 0460 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll 21:09:14.0515 0460 Schedule - ok 21:09:14.0562 0460 [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys 21:09:14.0703 0460 sdbus - ok 21:09:14.0734 0460 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys 21:09:14.0859 0460 Secdrv - ok 21:09:14.0890 0460 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll 21:09:15.0015 0460 seclogon - ok 21:09:15.0046 0460 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll 21:09:15.0218 0460 SENS - ok 21:09:15.0234 0460 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\drivers\Serial.sys 21:09:15.0390 0460 Serial - ok 21:09:15.0421 0460 [ 0FA803C64DF0914B41F807EA276BF2A6 ] sffdisk C:\WINDOWS\system32\DRIVERS\sffdisk.sys 21:09:15.0609 0460 sffdisk - ok 21:09:15.0656 0460 [ C17C331E435ED8737525C86A7557B3AC ] sffp_sd C:\WINDOWS\system32\DRIVERS\sffp_sd.sys 21:09:15.0828 0460 sffp_sd - ok 21:09:15.0843 0460 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys 21:09:16.0000 0460 Sfloppy - ok 21:09:16.0062 0460 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll 21:09:16.0250 0460 SharedAccess - ok 21:09:16.0281 0460 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 21:09:16.0312 0460 ShellHWDetection - ok 21:09:16.0328 0460 Simbad - ok 21:09:16.0390 0460 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Programme\Skype\Updater\Updater.exe 21:09:16.0421 0460 SkypeUpdate - ok 21:09:16.0453 0460 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys 21:09:16.0609 0460 SLIP - ok 21:09:16.0609 0460 Sparrow - ok 21:09:16.0671 0460 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys 21:09:16.0812 0460 splitter - ok 21:09:16.0859 0460 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe 21:09:16.0921 0460 Spooler - ok 21:09:16.0968 0460 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys 21:09:17.0125 0460 sr - ok 21:09:17.0171 0460 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll 21:09:17.0328 0460 srservice - ok 21:09:17.0453 0460 [ 7BB297CADA42903328E92425D9761DA6 ] SRTSP C:\WINDOWS\System32\Drivers\NIS\1309000.009\SRTSP.SYS 21:09:17.0484 0460 SRTSP - ok 21:09:17.0515 0460 [ 475FCF0F28D845BF1C8ABAC27F19003E ] SRTSPX C:\WINDOWS\system32\drivers\NIS\1309000.009\SRTSPX.SYS 21:09:17.0531 0460 SRTSPX - ok 21:09:17.0562 0460 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys 21:09:17.0671 0460 Srv - ok 21:09:17.0718 0460 [ 6D83FF6722BAF7E82A4521DBEC363E5A ] ssadbus C:\WINDOWS\system32\DRIVERS\ssadbus.sys 21:09:17.0796 0460 ssadbus - ok 21:09:17.0828 0460 [ 5AE42E90F99749E0E35B9989A2D0275C ] ssadmdfl C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys 21:09:17.0875 0460 ssadmdfl - ok 21:09:17.0906 0460 [ 9285D8ABA50A4D6482B1574448F9EB76 ] ssadmdm C:\WINDOWS\system32\DRIVERS\ssadmdm.sys 21:09:17.0953 0460 ssadmdm - ok 21:09:18.0015 0460 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 21:09:18.0171 0460 SSDPSRV - ok 21:09:18.0218 0460 [ 54946449A0EB74915A4BB34F7EE51A5A ] ss_bus C:\WINDOWS\system32\DRIVERS\ss_bus.sys 21:09:18.0234 0460 ss_bus - ok 21:09:18.0281 0460 [ 4450BC0B2E9D7D9B90E3C3DE4EA00A78 ] ss_mdfl C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys 21:09:18.0296 0460 ss_mdfl - ok 21:09:18.0312 0460 [ 30B8D0DD01EAD1243F329CAF7D7D1517 ] ss_mdm C:\WINDOWS\system32\DRIVERS\ss_mdm.sys 21:09:18.0328 0460 ss_mdm - ok 21:09:18.0359 0460 [ A2DBCC4C8860449DF1AB758EA28B4DE0 ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys 21:09:18.0500 0460 StillCam - ok 21:09:18.0546 0460 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll 21:09:18.0687 0460 stisvc - ok 21:09:18.0718 0460 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys 21:09:18.0875 0460 streamip - ok 21:09:18.0906 0460 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys 21:09:19.0046 0460 swenum - ok 21:09:19.0109 0460 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys 21:09:19.0265 0460 swmidi - ok 21:09:19.0265 0460 SwPrv - ok 21:09:19.0375 0460 [ 267C914667C94E5F47D342311C1C577F ] Symantec RemoteAssist C:\Programme\Gemeinsame Dateien\Symantec Shared\Support Controls\ssrc.exe 21:09:19.0437 0460 Symantec RemoteAssist - ok 21:09:19.0437 0460 symc810 - ok 21:09:19.0437 0460 symc8xx - ok 21:09:19.0453 0460 SYMDNS - ok 21:09:19.0500 0460 [ 690FA0E61B90084C4D9A721BD4F3D779 ] SymDS C:\WINDOWS\system32\drivers\NIS\1309000.009\SYMDS.SYS 21:09:19.0515 0460 SymDS - ok 21:09:19.0609 0460 [ 8F88EDB211B12537D2DC2A6D73D6067C ] SymEFA C:\WINDOWS\system32\drivers\NIS\1309000.009\SYMEFA.SYS 21:09:19.0671 0460 SymEFA - ok 21:09:19.0718 0460 [ 74E2521E96176A4449570E50BE91954D ] SymEvent C:\WINDOWS\system32\Drivers\SYMEVENT.SYS 21:09:19.0750 0460 SymEvent - ok 21:09:19.0750 0460 SYMFW - ok 21:09:19.0765 0460 SYMIDS - ok 21:09:19.0812 0460 [ 2C356CCA706505CF63CBE39D532B9236 ] SymIRON C:\WINDOWS\system32\drivers\NIS\1309000.009\Ironx86.SYS 21:09:19.0828 0460 SymIRON - ok 21:09:19.0843 0460 SYMNDIS - ok 21:09:19.0843 0460 SYMREDRV - ok 21:09:19.0875 0460 [ 508BD882040F9CB12319E3A4FC78EDB9 ] SYMTDI C:\WINDOWS\System32\Drivers\NIS\1309000.009\SYMTDI.SYS 21:09:19.0921 0460 SYMTDI - ok 21:09:19.0937 0460 sym_hi - ok 21:09:19.0937 0460 sym_u3 - ok 21:09:19.0968 0460 [ A6CC8C28D5AAD4179EF32F05BED55E91 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys 21:09:20.0031 0460 SynTP - ok 21:09:20.0062 0460 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys 21:09:20.0218 0460 sysaudio - ok 21:09:20.0265 0460 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe 21:09:20.0421 0460 SysmonLog - ok 21:09:20.0468 0460 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 21:09:20.0671 0460 TapiSrv - ok 21:09:21.0062 0460 [ 36772B5EAAAF42DB5C5EE6EEB0EC0AF7 ] TAPPSRV C:\Programme\Toshiba\TOSHIBA Applet\TAPPSRV.exe 21:09:21.0093 0460 TAPPSRV ( UnsignedFile.Multi.Generic ) - warning 21:09:21.0093 0460 TAPPSRV - detected UnsignedFile.Multi.Generic (1) 21:09:21.0250 0460 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys 21:09:21.0312 0460 Tcpip - ok 21:09:21.0359 0460 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys 21:09:21.0500 0460 TDPIPE - ok 21:09:21.0500 0460 TDSSserv.sys - ok 21:09:21.0531 0460 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys 21:09:21.0671 0460 TDTCP - ok 21:09:21.0687 0460 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys 21:09:21.0843 0460 TermDD - ok 21:09:21.0890 0460 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll 21:09:22.0015 0460 TermService - ok 21:09:22.0046 0460 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll 21:09:22.0078 0460 Themes - ok 21:09:22.0125 0460 [ 244CFBFFDEFB77F3DF571A8CD108FC06 ] tifm21 C:\WINDOWS\system32\drivers\tifm21.sys 21:09:22.0171 0460 tifm21 - ok 21:09:22.0203 0460 [ 03681A1CE77F51586903869A5AB1DEAB ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe 21:09:22.0343 0460 TlntSvr - ok 21:09:22.0343 0460 TosIde - ok 21:09:22.0359 0460 [ CC069342EE0EAE55B32A0AE99CF6185C ] tosrfec C:\WINDOWS\system32\DRIVERS\tosrfec.sys 21:09:22.0375 0460 tosrfec ( UnsignedFile.Multi.Generic ) - warning 21:09:22.0375 0460 tosrfec - detected UnsignedFile.Multi.Generic (1) 21:09:22.0406 0460 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll 21:09:22.0546 0460 TrkWks - ok 21:09:22.0546 0460 [ 676DB15DDF2E0FF6EC03068DEA428B8B ] TVALD C:\WINDOWS\system32\DRIVERS\NBSMI.sys 21:09:22.0562 0460 TVALD ( UnsignedFile.Multi.Generic ) - warning 21:09:22.0562 0460 TVALD - detected UnsignedFile.Multi.Generic (1) 21:09:22.0578 0460 [ 546DFBA6486569120D33F7AD6E94EFDD ] Tvs C:\WINDOWS\system32\DRIVERS\Tvs.sys 21:09:22.0609 0460 Tvs ( UnsignedFile.Multi.Generic ) - warning 21:09:22.0609 0460 Tvs - detected UnsignedFile.Multi.Generic (1) 21:09:22.0640 0460 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys 21:09:22.0781 0460 Udfs - ok 21:09:22.0796 0460 ultra - ok 21:09:22.0843 0460 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys 21:09:23.0015 0460 Update - ok 21:09:23.0046 0460 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll 21:09:23.0203 0460 upnphost - ok 21:09:23.0250 0460 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe 21:09:23.0390 0460 UPS - ok 21:09:23.0453 0460 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys 21:09:23.0578 0460 usbccgp - ok 21:09:23.0593 0460 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys 21:09:23.0734 0460 usbehci - ok 21:09:23.0765 0460 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys 21:09:23.0906 0460 usbhub - ok 21:09:23.0937 0460 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys 21:09:24.0078 0460 usbprint - ok 21:09:24.0093 0460 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys 21:09:24.0218 0460 usbscan - ok 21:09:24.0250 0460 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 21:09:24.0390 0460 USBSTOR - ok 21:09:24.0406 0460 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys 21:09:24.0531 0460 usbuhci - ok 21:09:24.0562 0460 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys 21:09:24.0703 0460 VgaSave - ok 21:09:24.0703 0460 ViaIde - ok 21:09:24.0734 0460 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys 21:09:24.0890 0460 VolSnap - ok 21:09:24.0937 0460 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe 21:09:25.0109 0460 VSS - ok 21:09:25.0171 0460 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll 21:09:25.0328 0460 W32Time - ok 21:09:25.0375 0460 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys 21:09:25.0546 0460 Wanarp - ok 21:09:25.0593 0460 [ D6EFAF429FD30C5DF613D220E344CCE7 ] WDC_SAM C:\WINDOWS\system32\DRIVERS\wdcsam.sys 21:09:25.0640 0460 WDC_SAM - ok 21:09:25.0750 0460 [ DBBAB783009FBDF69B222641BB7831AE ] WDDMService C:\Programme\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe 21:09:25.0796 0460 WDDMService ( UnsignedFile.Multi.Generic ) - warning 21:09:25.0796 0460 WDDMService - detected UnsignedFile.Multi.Generic (1) 21:09:25.0906 0460 [ A787A567B3470C91C487ECE90CF7509C ] WDFME C:\Programme\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe 21:09:26.0015 0460 WDFME ( UnsignedFile.Multi.Generic ) - warning 21:09:26.0015 0460 WDFME - detected UnsignedFile.Multi.Generic (1) 21:09:26.0015 0460 WDICA - ok 21:09:26.0078 0460 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys 21:09:26.0218 0460 wdmaud - ok 21:09:26.0265 0460 [ B30940E39D5B3218958DBD2EA3D13BCB ] WDSC C:\Programme\Western Digital\WD SmartWare\Front Parlor\WDSC.exe 21:09:26.0328 0460 WDSC ( UnsignedFile.Multi.Generic ) - warning 21:09:26.0328 0460 WDSC - detected UnsignedFile.Multi.Generic (1) 21:09:26.0390 0460 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll 21:09:26.0546 0460 WebClient - ok 21:09:26.0640 0460 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll 21:09:26.0843 0460 winmgmt - ok 21:09:27.0171 0460 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll 21:09:27.0265 0460 WmdmPmSN - ok 21:09:27.0343 0460 [ FFA4D901D46D07A5BAB2D8307FBB51A6 ] Wmi C:\WINDOWS\System32\advapi32.dll 21:09:27.0421 0460 Wmi - ok 21:09:27.0500 0460 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe 21:09:27.0656 0460 WmiApSrv - ok 21:09:27.0781 0460 [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc C:\Programme\Windows Media Player\WMPNetwk.exe 21:09:27.0859 0460 WMPNetworkSvc - ok 21:09:28.0015 0460 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys 21:09:28.0156 0460 WpdUsb - ok 21:09:28.0234 0460 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINDOWS\system32\wscsvc.dll 21:09:28.0421 0460 wscsvc - ok 21:09:28.0468 0460 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 21:09:28.0640 0460 WSTCODEC - ok 21:09:28.0703 0460 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll 21:09:28.0859 0460 wuauserv - ok 21:09:28.0921 0460 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys 21:09:29.0000 0460 WudfPf - ok 21:09:29.0062 0460 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys 21:09:29.0109 0460 WudfRd - ok 21:09:29.0171 0460 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll 21:09:29.0203 0460 WudfSvc - ok 21:09:29.0281 0460 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll 21:09:29.0468 0460 WZCSVC - ok 21:09:29.0531 0460 [ 81E8DA36CE70858898D5EB81E28A47D2 ] X10Hid C:\WINDOWS\system32\Drivers\x10hid.sys 21:09:29.0578 0460 X10Hid - ok 21:09:29.0656 0460 [ 5A0C788C5BC5F2C993CB60940ADCF95E ] x10nets C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe 21:09:29.0703 0460 x10nets ( UnsignedFile.Multi.Generic ) - warning 21:09:29.0703 0460 x10nets - detected UnsignedFile.Multi.Generic (1) 21:09:29.0750 0460 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll 21:09:29.0921 0460 xmlprov - ok 21:09:29.0968 0460 ================ Scan global =============================== 21:09:30.0015 0460 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll 21:09:30.0078 0460 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll 21:09:30.0109 0460 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll 21:09:30.0156 0460 [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe 21:09:30.0156 0460 [Global] - ok 21:09:30.0171 0460 ================ Scan MBR ================================== 21:09:30.0187 0460 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0 21:09:30.0453 0460 \Device\Harddisk0\DR0 - ok 21:09:30.0453 0460 ================ Scan VBR ================================== 21:09:30.0468 0460 [ 616B24BCF92A73F3F78D30623BDBD8B0 ] \Device\Harddisk0\DR0\Partition1 21:09:30.0468 0460 \Device\Harddisk0\DR0\Partition1 - ok 21:09:30.0484 0460 ============================================================ 21:09:30.0484 0460 Scan finished 21:09:30.0484 0460 ============================================================ 21:09:30.0625 1660 Detected object count: 44 21:09:30.0625 1660 Actual detected object count: 44 21:09:58.0140 1660 ACEDRV07 ( UnsignedFile.Multi.Generic ) - skipped by user 21:09:58.0140 1660 ACEDRV07 ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:09:58.0140 1660 AegisP ( UnsignedFile.Multi.Generic ) - skipped by user 21:09:58.0140 1660 AegisP ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:09:58.0156 1660 CFSvcs ( UnsignedFile.Multi.Generic ) - skipped by user 21:09:58.0156 1660 CFSvcs ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:09:58.0156 1660 DLABOIOM ( UnsignedFile.Multi.Generic ) - skipped by user 21:09:58.0156 1660 DLABOIOM ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:09:58.0171 1660 DLACDBHM ( UnsignedFile.Multi.Generic ) - skipped by user 21:09:58.0171 1660 DLACDBHM ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:09:58.0171 1660 DLADResN ( UnsignedFile.Multi.Generic ) - skipped by user 21:09:58.0171 1660 DLADResN ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:09:58.0171 1660 DLAIFS_M ( UnsignedFile.Multi.Generic ) - skipped by user 21:09:58.0171 1660 DLAIFS_M ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:09:58.0171 1660 DLAOPIOM ( UnsignedFile.Multi.Generic ) - skipped by user 21:09:58.0171 1660 DLAOPIOM ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:09:58.0171 1660 DLAPoolM ( UnsignedFile.Multi.Generic ) - skipped by user 21:09:58.0171 1660 DLAPoolM ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:09:58.0171 1660 DLARTL_N ( UnsignedFile.Multi.Generic ) - skipped by user 21:09:58.0171 1660 DLARTL_N ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:09:58.0171 1660 DLAUDFAM ( UnsignedFile.Multi.Generic ) - skipped by user 21:09:58.0171 1660 DLAUDFAM ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:09:58.0171 1660 DLAUDF_M ( UnsignedFile.Multi.Generic ) - skipped by user 21:09:58.0171 1660 DLAUDF_M ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:09:58.0187 1660 DRVMCDB ( UnsignedFile.Multi.Generic ) - skipped by user 21:09:58.0187 1660 DRVMCDB ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:09:58.0187 1660 DRVNDDM ( UnsignedFile.Multi.Generic ) - skipped by user 21:09:58.0187 1660 DRVNDDM ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:09:58.0187 1660 DVD-RAM_Service ( UnsignedFile.Multi.Generic ) - skipped by user 21:09:58.0187 1660 DVD-RAM_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:09:58.0187 1660 EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user 21:09:58.0187 1660 EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:09:58.0203 1660 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user 21:09:58.0203 1660 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:09:58.0203 1660 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user 21:09:58.0203 1660 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:09:58.0218 1660 FsUsbExService ( UnsignedFile.Multi.Generic ) - skipped by user 21:09:58.0218 1660 FsUsbExService ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:09:58.0218 1660 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user 21:09:58.0218 1660 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:09:58.0218 1660 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user 21:09:58.0218 1660 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:09:58.0218 1660 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user 21:09:58.0218 1660 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:09:58.0234 1660 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user 21:09:58.0234 1660 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:09:58.0234 1660 Iviaspi ( UnsignedFile.Multi.Generic ) - skipped by user 21:09:58.0234 1660 Iviaspi ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:09:58.0250 1660 IWPORT ( UnsignedFile.Multi.Generic ) - skipped by user 21:09:58.0250 1660 IWPORT ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:09:58.0250 1660 IwUSB ( UnsignedFile.Multi.Generic ) - skipped by user 21:09:58.0250 1660 IwUSB ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:09:58.0265 1660 meiudf ( UnsignedFile.Multi.Generic ) - skipped by user 21:09:58.0265 1660 meiudf ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:09:58.0265 1660 MHN ( UnsignedFile.Multi.Generic ) - skipped by user 21:09:58.0265 1660 MHN ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:09:58.0265 1660 MHNDRV ( UnsignedFile.Multi.Generic ) - skipped by user 21:09:58.0265 1660 MHNDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:09:58.0265 1660 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 21:09:58.0265 1660 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:09:58.0281 1660 Netdevio ( UnsignedFile.Multi.Generic ) - skipped by user 21:09:58.0281 1660 Netdevio ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:09:58.0281 1660 Pfc ( UnsignedFile.Multi.Generic ) - skipped by user 21:09:58.0281 1660 Pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:09:58.0296 1660 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 21:09:58.0296 1660 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:09:58.0296 1660 RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user 21:09:58.0296 1660 RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:09:58.0312 1660 S24EventMonitor ( UnsignedFile.Multi.Generic ) - skipped by user 21:09:58.0312 1660 S24EventMonitor ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:09:58.0312 1660 s24trans ( UnsignedFile.Multi.Generic ) - skipped by user 21:09:58.0312 1660 s24trans ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:09:58.0312 1660 TAPPSRV ( UnsignedFile.Multi.Generic ) - skipped by user 21:09:58.0312 1660 TAPPSRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:09:58.0312 1660 tosrfec ( UnsignedFile.Multi.Generic ) - skipped by user 21:09:58.0312 1660 tosrfec ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:09:58.0328 1660 TVALD ( UnsignedFile.Multi.Generic ) - skipped by user 21:09:58.0328 1660 TVALD ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:09:58.0328 1660 Tvs ( UnsignedFile.Multi.Generic ) - skipped by user 21:09:58.0328 1660 Tvs ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:09:58.0343 1660 WDDMService ( UnsignedFile.Multi.Generic ) - skipped by user 21:09:58.0343 1660 WDDMService ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:09:58.0343 1660 WDFME ( UnsignedFile.Multi.Generic ) - skipped by user 21:09:58.0343 1660 WDFME ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:09:58.0343 1660 WDSC ( UnsignedFile.Multi.Generic ) - skipped by user 21:09:58.0343 1660 WDSC ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:09:58.0343 1660 x10nets ( UnsignedFile.Multi.Generic ) - skipped by user 21:09:58.0343 1660 x10nets ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:11:29.0343 4464 ============================================================ 21:11:29.0343 4464 Scan started 21:11:29.0343 4464 Mode: Manual; SigCheck; TDLFS; 21:11:29.0343 4464 ============================================================ 21:11:29.0937 4464 ================ Scan system memory ======================== 21:11:29.0953 4464 System memory - ok 21:11:29.0968 4464 ================ Scan services ============================= 21:11:30.0156 4464 [ 17067069B9A7865028C1F2E6971D0CCC ] aawservice C:\Programme\Lavasoft\Ad-Aware\aawservice.exe 21:11:30.0203 4464 aawservice - ok 21:11:30.0359 4464 Abiosdsk - ok 21:11:30.0390 4464 abp480n5 - ok 21:11:30.0437 4464 [ 4E5451DD0AEC8504D7F8030DD2D4C416 ] ACEDRV07 C:\WINDOWS\system32\drivers\ACEDRV07.sys 21:11:30.0546 4464 ACEDRV07 ( UnsignedFile.Multi.Generic ) - warning 21:11:30.0546 4464 ACEDRV07 - detected UnsignedFile.Multi.Generic (1) 21:11:30.0625 4464 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys 21:11:30.0890 4464 ACPI - ok 21:11:30.0937 4464 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys 21:11:31.0093 4464 ACPIEC - ok 21:11:31.0109 4464 adpu160m - ok 21:11:31.0171 4464 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys 21:11:31.0328 4464 aec - ok 21:11:31.0375 4464 [ 15E655BAA989444F56787EF558823643 ] AegisP C:\WINDOWS\system32\DRIVERS\AegisP.sys 21:11:31.0421 4464 AegisP ( UnsignedFile.Multi.Generic ) - warning 21:11:31.0421 4464 AegisP - detected UnsignedFile.Multi.Generic (1) 21:11:31.0421 4464 Scan interrupted by user! 21:11:31.0421 4464 ================ Scan global =============================== 21:11:31.0421 4464 Scan interrupted by user! 21:11:31.0421 4464 ================ Scan MBR ================================== 21:11:31.0421 4464 Scan interrupted by user! 21:11:31.0421 4464 ================ Scan VBR ================================== 21:11:31.0421 4464 Scan interrupted by user! 21:11:31.0421 4464 ============================================================ 21:11:31.0421 4464 Scan finished 21:11:31.0421 4464 |
21.01.2013, 21:48 | #10 |
| GVU Trojaner eingefangen.Windows XP.Abgesicherter Modus nicht moeglich. Hier der zweite Teil! ============================================================ 21:11:31.0468 4584 Detected object count: 2 21:11:31.0468 4584 Actual detected object count: 2 21:11:33.0828 4584 ACEDRV07 ( UnsignedFile.Multi.Generic ) - skipped by user 21:11:33.0828 4584 ACEDRV07 ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:11:33.0828 4584 AegisP ( UnsignedFile.Multi.Generic ) - skipped by user 21:11:33.0828 4584 AegisP ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:11:39.0734 1368 ============================================================ 21:11:39.0734 1368 Scan started 21:11:39.0734 1368 Mode: Manual; SigCheck; TDLFS; 21:11:39.0734 1368 ============================================================ 21:11:40.0312 1368 ================ Scan system memory ======================== 21:11:40.0312 1368 System memory - ok 21:11:40.0328 1368 ================ Scan services ============================= 21:11:40.0500 1368 [ 17067069B9A7865028C1F2E6971D0CCC ] aawservice C:\Programme\Lavasoft\Ad-Aware\aawservice.exe 21:11:40.0546 1368 aawservice - ok 21:11:40.0734 1368 Abiosdsk - ok 21:11:40.0750 1368 abp480n5 - ok 21:11:40.0812 1368 [ 4E5451DD0AEC8504D7F8030DD2D4C416 ] ACEDRV07 C:\WINDOWS\system32\drivers\ACEDRV07.sys 21:11:40.0812 1368 ACEDRV07 ( UnsignedFile.Multi.Generic ) - warning 21:11:40.0812 1368 ACEDRV07 - detected UnsignedFile.Multi.Generic (1) 21:11:40.0875 1368 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys 21:11:41.0046 1368 ACPI - ok 21:11:41.0078 1368 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys 21:11:41.0218 1368 ACPIEC - ok 21:11:41.0250 1368 adpu160m - ok 21:11:41.0281 1368 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys 21:11:41.0421 1368 aec - ok 21:11:41.0468 1368 [ 15E655BAA989444F56787EF558823643 ] AegisP C:\WINDOWS\system32\DRIVERS\AegisP.sys 21:11:41.0468 1368 AegisP ( UnsignedFile.Multi.Generic ) - warning 21:11:41.0468 1368 AegisP - detected UnsignedFile.Multi.Generic (1) 21:11:41.0531 1368 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys 21:11:41.0593 1368 AFD - ok 21:11:41.0656 1368 [ C41A5740468D0B9CB46E6390A0E15CE3 ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys 21:11:41.0765 1368 AgereSoftModem - ok 21:11:41.0796 1368 Aha154x - ok 21:11:41.0812 1368 aic78u2 - ok 21:11:41.0843 1368 aic78xx - ok 21:11:41.0906 1368 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll 21:11:42.0046 1368 Alerter - ok 21:11:42.0093 1368 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe 21:11:42.0234 1368 ALG - ok 21:11:42.0250 1368 AliIde - ok 21:11:42.0281 1368 amsint - ok 21:11:42.0312 1368 [ D45960BE52C3C610D361977057F98C54 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll 21:11:42.0468 1368 AppMgmt - ok 21:11:42.0515 1368 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys 21:11:42.0671 1368 Arp1394 - ok 21:11:42.0703 1368 asc - ok 21:11:42.0734 1368 asc3350p - ok 21:11:42.0750 1368 asc3550 - ok 21:11:42.0906 1368 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe 21:11:42.0921 1368 aspnet_state - ok 21:11:42.0968 1368 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys 21:11:43.0125 1368 AsyncMac - ok 21:11:43.0171 1368 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys 21:11:43.0296 1368 atapi - ok 21:11:43.0328 1368 Atdisk - ok 21:11:43.0406 1368 [ C4B5144443A368741E6427FAA44C5491 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe 21:11:43.0468 1368 Ati HotKey Poller - ok 21:11:43.0578 1368 [ 221F0A33229CCE7BF2F7640D3BB8845D ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys 21:11:43.0671 1368 ati2mtag - ok 21:11:43.0734 1368 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys 21:11:43.0890 1368 Atmarpc - ok 21:11:43.0937 1368 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll 21:11:44.0062 1368 AudioSrv - ok 21:11:44.0125 1368 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys 21:11:44.0296 1368 audstub - ok 21:11:44.0328 1368 Automatisches LiveUpdate - Scheduler - ok 21:11:44.0359 1368 Beep - ok 21:11:44.0562 1368 [ 9DFFCB249663AA3C2ECB67202280054E ] BHDrvx86 C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\BASHDefs\20130111.001\BHDrvx86.sys 21:11:44.0609 1368 BHDrvx86 - ok 21:11:44.0687 1368 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll 21:11:44.0843 1368 BITS - ok 21:11:44.0906 1368 [ B71549F23736ADF83A571061C47777FD ] Browser C:\WINDOWS\System32\browser.dll 21:11:44.0937 1368 Browser - ok 21:11:45.0015 1368 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys 21:11:45.0171 1368 cbidf2k - ok 21:11:45.0218 1368 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 21:11:45.0375 1368 CCDECODE - ok 21:11:45.0515 1368 [ ACE85AF1C31F68BDFEE9333F6592917E ] ccSet_NIS C:\WINDOWS\system32\drivers\NIS\1309000.009\ccSetx86.sys 21:11:45.0531 1368 ccSet_NIS - ok 21:11:45.0546 1368 cd20xrnt - ok 21:11:45.0578 1368 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys 21:11:45.0796 1368 Cdaudio - ok 21:11:45.0828 1368 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys 21:11:45.0968 1368 Cdfs - ok 21:11:45.0984 1368 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys 21:11:46.0156 1368 Cdrom - ok 21:11:46.0234 1368 [ 3CB0CC8879956C187E87E18634EE5164 ] CFSvcs C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe 21:11:46.0265 1368 CFSvcs ( UnsignedFile.Multi.Generic ) - warning 21:11:46.0265 1368 CFSvcs - detected UnsignedFile.Multi.Generic (1) 21:11:46.0281 1368 Changer - ok 21:11:46.0343 1368 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe 21:11:46.0484 1368 CiSvc - ok 21:11:46.0546 1368 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe 21:11:46.0687 1368 ClipSrv - ok 21:11:46.0750 1368 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 21:11:46.0765 1368 clr_optimization_v2.0.50727_32 - ok 21:11:46.0828 1368 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys 21:11:46.0968 1368 CmBatt - ok 21:11:46.0984 1368 CmdIde - ok 21:11:47.0031 1368 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys 21:11:47.0187 1368 Compbatt - ok 21:11:47.0203 1368 COMSysApp - ok 21:11:47.0250 1368 Cpqarray - ok 21:11:47.0390 1368 cpuz132 - ok 21:11:47.0437 1368 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll 21:11:47.0593 1368 CryptSvc - ok 21:11:47.0609 1368 dac2w2k - ok 21:11:47.0640 1368 dac960nt - ok 21:11:47.0718 1368 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 21:11:47.0781 1368 DcomLaunch - ok 21:11:47.0859 1368 [ 3BE1651C63954067940E7F473498AD70 ] dgderdrv C:\WINDOWS\system32\drivers\dgderdrv.sys 21:11:47.0875 1368 dgderdrv - ok 21:11:47.0921 1368 [ 10B8F89D146D0E20B1284D47BB4EC6C9 ] dgdersvc C:\WINDOWS\system32\dgdersvc.exe 21:11:47.0937 1368 dgdersvc - ok 21:11:48.0000 1368 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll 21:11:48.0156 1368 Dhcp - ok 21:11:48.0218 1368 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys 21:11:48.0375 1368 Disk - ok 21:11:48.0437 1368 [ EE4325BECEF51B8C32B4329097E4F301 ] DLABOIOM C:\WINDOWS\system32\DLA\DLABOIOM.SYS 21:11:48.0453 1368 DLABOIOM ( UnsignedFile.Multi.Generic ) - warning 21:11:48.0453 1368 DLABOIOM - detected UnsignedFile.Multi.Generic (1) 21:11:48.0468 1368 [ D979BEBCF7EDCC9C9EE1857D1A68C67B ] DLACDBHM C:\WINDOWS\system32\Drivers\DLACDBHM.SYS 21:11:48.0500 1368 DLACDBHM ( UnsignedFile.Multi.Generic ) - warning 21:11:48.0500 1368 DLACDBHM - detected UnsignedFile.Multi.Generic (1) 21:11:48.0531 1368 [ F17CFEB7F7E90496931523E5BA11D399 ] DLADResN C:\WINDOWS\system32\DLA\DLADResN.SYS 21:11:48.0531 1368 DLADResN ( UnsignedFile.Multi.Generic ) - warning 21:11:48.0531 1368 DLADResN - detected UnsignedFile.Multi.Generic (1) 21:11:48.0578 1368 [ 752376E109A090970BFA9722F0F40B03 ] DLAIFS_M C:\WINDOWS\system32\DLA\DLAIFS_M.SYS 21:11:48.0578 1368 DLAIFS_M ( UnsignedFile.Multi.Generic ) - warning 21:11:48.0578 1368 DLAIFS_M - detected UnsignedFile.Multi.Generic (1) 21:11:48.0593 1368 [ 62EE7902E74B90BF1CCC4643FC6C07A7 ] DLAOPIOM C:\WINDOWS\system32\DLA\DLAOPIOM.SYS 21:11:48.0640 1368 DLAOPIOM ( UnsignedFile.Multi.Generic ) - warning 21:11:48.0640 1368 DLAOPIOM - detected UnsignedFile.Multi.Generic (1) 21:11:48.0656 1368 [ 5C220124C5AFEAEE84A9BB89D685C17B ] DLAPoolM C:\WINDOWS\system32\DLA\DLAPoolM.SYS 21:11:48.0703 1368 DLAPoolM ( UnsignedFile.Multi.Generic ) - warning 21:11:48.0703 1368 DLAPoolM - detected UnsignedFile.Multi.Generic (1) 21:11:48.0750 1368 [ 7EE0852AE8907689DF25049DCD2342E8 ] DLARTL_N C:\WINDOWS\system32\Drivers\DLARTL_N.SYS 21:11:48.0765 1368 DLARTL_N ( UnsignedFile.Multi.Generic ) - warning 21:11:48.0765 1368 DLARTL_N - detected UnsignedFile.Multi.Generic (1) 21:11:48.0812 1368 [ 4EBB78D9BBF072119363B35B9B3E518F ] DLAUDFAM C:\WINDOWS\system32\DLA\DLAUDFAM.SYS 21:11:48.0828 1368 DLAUDFAM ( UnsignedFile.Multi.Generic ) - warning 21:11:48.0828 1368 DLAUDFAM - detected UnsignedFile.Multi.Generic (1) 21:11:48.0843 1368 [ 333B770E52D2CEA7BD86391120466E43 ] DLAUDF_M C:\WINDOWS\system32\DLA\DLAUDF_M.SYS 21:11:48.0875 1368 DLAUDF_M ( UnsignedFile.Multi.Generic ) - warning 21:11:48.0875 1368 DLAUDF_M - detected UnsignedFile.Multi.Generic (1) 21:11:48.0906 1368 dmadmin - ok 21:11:48.0984 1368 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys 21:11:49.0171 1368 dmboot - ok 21:11:49.0234 1368 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys 21:11:49.0375 1368 dmio - ok 21:11:49.0390 1368 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys 21:11:49.0546 1368 dmload - ok 21:11:49.0703 1368 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll 21:11:49.0843 1368 dmserver - ok 21:11:49.0890 1368 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys 21:11:50.0031 1368 DMusic - ok 21:11:50.0093 1368 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 21:11:50.0140 1368 Dnscache - ok 21:11:50.0218 1368 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll 21:11:50.0359 1368 Dot3svc - ok 21:11:50.0390 1368 dpti2o - ok 21:11:50.0453 1368 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys 21:11:50.0593 1368 drmkaud - ok 21:11:50.0609 1368 [ FD0F95981FEF9073659D8EC58E40AA3C ] DRVMCDB C:\WINDOWS\system32\Drivers\DRVMCDB.SYS 21:11:50.0671 1368 DRVMCDB ( UnsignedFile.Multi.Generic ) - warning 21:11:50.0671 1368 DRVMCDB - detected UnsignedFile.Multi.Generic (1) 21:11:50.0750 1368 [ B4869D320428CDC5EC4D7F5E808E99B5 ] DRVNDDM C:\WINDOWS\system32\Drivers\DRVNDDM.SYS 21:11:50.0781 1368 DRVNDDM ( UnsignedFile.Multi.Generic ) - warning 21:11:50.0781 1368 DRVNDDM - detected UnsignedFile.Multi.Generic (1) 21:11:50.0843 1368 [ C9FFBD6B8EDC46CD3D13E3C6DB914FB7 ] DVD-RAM_Service C:\WINDOWS\system32\DVDRAMSV.exe 21:11:50.0859 1368 DVD-RAM_Service ( UnsignedFile.Multi.Generic ) - warning 21:11:50.0859 1368 DVD-RAM_Service - detected UnsignedFile.Multi.Generic (1) 21:11:50.0921 1368 [ 83403675CAB29E7A4B885B11E7C855D8 ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys 21:11:50.0968 1368 E100B - ok 21:11:51.0015 1368 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll 21:11:51.0156 1368 EapHost - ok 21:11:51.0312 1368 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\eeCtrl.sys 21:11:51.0343 1368 eeCtrl - ok 21:11:51.0453 1368 [ B03BCD810A2EE089FA08E47B5200BE31 ] ehRecvr C:\WINDOWS\eHome\ehRecvr.exe 21:11:51.0500 1368 ehRecvr - ok 21:11:51.0546 1368 [ E774BF24A6CB798DCE67AD1C8E917152 ] ehSched C:\WINDOWS\eHome\ehSched.exe 21:11:51.0593 1368 ehSched - ok 21:11:51.0656 1368 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 21:11:51.0671 1368 EraserUtilRebootDrv - ok 21:11:51.0734 1368 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll 21:11:51.0906 1368 ERSvc - ok 21:11:51.0968 1368 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe 21:11:52.0015 1368 Eventlog - ok 21:11:52.0093 1368 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\system32\es.dll 21:11:52.0140 1368 EventSystem - ok 21:11:52.0234 1368 [ 6A197698A141FFE7651B962AE3172008 ] EvtEng C:\Programme\Intel\Wireless\Bin\EvtEng.exe 21:11:52.0296 1368 EvtEng ( UnsignedFile.Multi.Generic ) - warning 21:11:52.0296 1368 EvtEng - detected UnsignedFile.Multi.Generic (1) 21:11:52.0359 1368 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys 21:11:52.0500 1368 Fastfat - ok 21:11:52.0578 1368 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll 21:11:52.0625 1368 FastUserSwitchingCompatibility - ok 21:11:52.0671 1368 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys 21:11:52.0812 1368 Fdc - ok 21:11:52.0859 1368 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys 21:11:52.0984 1368 Fips - ok 21:11:53.0156 1368 [ 167D24A045499EBEF438F231976158DF ] FirebirdServerMAGIXInstance C:\MAGIX\Common\Database\bin\fbserver.exe 21:11:53.0250 1368 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning 21:11:53.0250 1368 FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1) 21:11:53.0312 1368 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys 21:11:53.0453 1368 Flpydisk - ok 21:11:53.0515 1368 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys 21:11:53.0671 1368 FltMgr - ok 21:11:53.0828 1368 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe 21:11:53.0843 1368 FontCache3.0.0.0 - ok 21:11:53.0906 1368 [ B07663A810E861EEBFD0EAC7E82CA62D ] FsUsbExDisk C:\WINDOWS\system32\FsUsbExDisk.SYS 21:11:53.0937 1368 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning 21:11:53.0937 1368 FsUsbExDisk - detected UnsignedFile.Multi.Generic (1) 21:11:54.0000 1368 [ F96C429788350DB4BA6771C3034DFD88 ] FsUsbExService C:\WINDOWS\system32\FsUsbExService.Exe 21:11:54.0031 1368 FsUsbExService ( UnsignedFile.Multi.Generic ) - warning 21:11:54.0031 1368 FsUsbExService - detected UnsignedFile.Multi.Generic (1) 21:11:54.0078 1368 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 21:11:54.0234 1368 Fs_Rec - ok 21:11:54.0265 1368 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys 21:11:54.0406 1368 Ftdisk - ok 21:11:54.0468 1368 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys 21:11:54.0640 1368 Gpc - ok 21:11:54.0812 1368 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Programme\Google\Update\GoogleUpdate.exe 21:11:54.0828 1368 gupdate - ok 21:11:54.0843 1368 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe 21:11:54.0875 1368 gupdatem - ok 21:11:54.0937 1368 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 21:11:55.0078 1368 HDAudBus - ok 21:11:55.0187 1368 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 21:11:55.0328 1368 helpsvc - ok 21:11:55.0406 1368 [ B35DA85E60C0103F2E4104532DA2F12B ] HidServ C:\WINDOWS\System32\hidserv.dll 21:11:55.0546 1368 HidServ - ok 21:11:55.0656 1368 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys 21:11:56.0343 1368 HidUsb - ok 21:11:56.0406 1368 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll 21:11:56.0562 1368 hkmsvc - ok 21:11:56.0578 1368 hpn - ok 21:11:56.0906 1368 [ CE0FCEC4D4D860F36D972759B11EAF0F ] hpqcxs08 C:\Programme\HP\Digital Imaging\bin\hpqcxs08.dll 21:11:56.0937 1368 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning 21:11:56.0937 1368 hpqcxs08 - detected UnsignedFile.Multi.Generic (1) 21:11:57.0046 1368 [ 7DA3211AC63EDD90B8ECA1CA1ABFD43B ] hpqddsvc C:\Programme\HP\Digital Imaging\bin\hpqddsvc.dll 21:11:57.0078 1368 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning 21:11:57.0078 1368 hpqddsvc - detected UnsignedFile.Multi.Generic (1) 21:11:57.0187 1368 [ 14229263AA19C704E0D6D2E7404A8455 ] HPSLPSVC C:\Programme\HP\Digital Imaging\bin\HPSLPSVC32.DLL 21:11:57.0265 1368 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning 21:11:57.0265 1368 HPSLPSVC - detected UnsignedFile.Multi.Generic (1) 21:11:57.0343 1368 [ D03D10F7DED688FECF50F8FBF1EA9B8A ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys 21:11:57.0390 1368 HPZid412 - ok 21:11:57.0437 1368 [ 89F41658929393487B6B7D13C8528CE3 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys 21:11:57.0484 1368 HPZipr12 - ok 21:11:57.0531 1368 [ ABCB05CCDBF03000354B9553820E39F8 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys 21:11:57.0593 1368 HPZius12 - ok 21:11:57.0656 1368 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys 21:11:57.0671 1368 HTTP - ok 21:11:57.0718 1368 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll 21:11:57.0890 1368 HTTPFilter - ok 21:11:57.0906 1368 i2omgmt - ok 21:11:57.0937 1368 i2omp - ok 21:11:57.0984 1368 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys 21:11:58.0125 1368 i8042prt - ok 21:11:58.0203 1368 [ 0F0194C4B635C10C3F785E4FEE52D641 ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys 21:11:58.0296 1368 ialm - ok 21:11:58.0406 1368 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe 21:11:58.0421 1368 IDriverT ( UnsignedFile.Multi.Generic ) - warning 21:11:58.0421 1368 IDriverT - detected UnsignedFile.Multi.Generic (1) 21:11:58.0546 1368 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 21:11:58.0593 1368 idsvc - ok 21:11:58.0718 1368 [ C19BF2A07BE972A110220DF6B1E89D14 ] IDSxpx86 C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\IPSDefs\20130118.001\IDSxpx86.sys 21:11:58.0734 1368 IDSxpx86 - ok 21:11:58.0796 1368 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys 21:11:58.0937 1368 Imapi - ok 21:11:59.0000 1368 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe 21:11:59.0156 1368 ImapiService - ok 21:11:59.0187 1368 ini910u - ok 21:11:59.0421 1368 [ 7C09D605FCAE64E3CB11EBF90FB1E3A1 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys 21:11:59.0703 1368 IntcAzAudAddService - ok 21:11:59.0734 1368 IntelIde - ok 21:11:59.0765 1368 [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys 21:11:59.0937 1368 intelppm - ok 21:11:59.0968 1368 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys 21:12:00.0125 1368 Ip6Fw - ok 21:12:00.0156 1368 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 21:12:00.0328 1368 IpFilterDriver - ok 21:12:00.0375 1368 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys 21:12:00.0515 1368 IpInIp - ok 21:12:00.0578 1368 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys 21:12:00.0734 1368 IpNat - ok 21:12:00.0781 1368 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys 21:12:00.0937 1368 IPSec - ok 21:12:00.0984 1368 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys 21:12:01.0171 1368 IRENUM - ok 21:12:01.0218 1368 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys 21:12:01.0375 1368 isapnp - ok 21:12:01.0406 1368 [ F59C3569A2F2C464BB78CB1BDCDCA55E ] Iviaspi C:\WINDOWS\system32\drivers\iviaspi.sys 21:12:01.0453 1368 Iviaspi ( UnsignedFile.Multi.Generic ) - warning 21:12:01.0453 1368 Iviaspi - detected UnsignedFile.Multi.Generic (1) 21:12:01.0531 1368 [ 8660A2F09AEEFE933728B9FD4C7DA0CF ] IWPORT C:\WINDOWS\SYSTEM32\DRIVERS\IWPORT.SYS 21:12:01.0546 1368 IWPORT ( UnsignedFile.Multi.Generic ) - warning 21:12:01.0546 1368 IWPORT - detected UnsignedFile.Multi.Generic (1) 21:12:01.0593 1368 [ 6BDF044FED21416D14235F039E49EF1C ] IwUSB C:\WINDOWS\system32\Drivers\IwUSB.sys 21:12:01.0625 1368 IwUSB ( UnsignedFile.Multi.Generic ) - warning 21:12:01.0625 1368 IwUSB - detected UnsignedFile.Multi.Generic (1) 21:12:01.0734 1368 [ 0A5709543986843D37A92290B7838340 ] JavaQuickStarterService C:\Programme\Java\jre6\bin\jqs.exe 21:12:01.0750 1368 JavaQuickStarterService - ok 21:12:01.0781 1368 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys 21:12:01.0906 1368 Kbdclass - ok 21:12:01.0968 1368 [ B6D6C117D771C98130497265F26D1882 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys 21:12:02.0093 1368 kbdhid - ok 21:12:02.0171 1368 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys 21:12:02.0343 1368 kmixer - ok 21:12:02.0406 1368 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys 21:12:02.0468 1368 KSecDD - ok 21:12:02.0875 1368 [ 2BBDCB79900990F0716DFCB714E72DE7 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll 21:12:02.0906 1368 lanmanserver - ok 21:12:02.0968 1368 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll 21:12:03.0000 1368 lanmanworkstation - ok 21:12:03.0000 1368 lbrtfdc - ok 21:12:03.0046 1368 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll 21:12:03.0187 1368 LmHosts - ok 21:12:03.0250 1368 [ 0BE8E67A2639E6F663225E485CC1B2FB ] LVUSBSta C:\WINDOWS\system32\drivers\lvusbsta.sys 21:12:03.0281 1368 LVUSBSta - ok 21:12:03.0312 1368 [ 52404CC76E9D53843BDF97564BB16BED ] McrdSvc C:\WINDOWS\ehome\mcrdsvc.exe 21:12:03.0359 1368 McrdSvc - ok 21:12:03.0406 1368 [ 7EFAC183A25B30FB5D64CC9D484B1EB6 ] meiudf C:\WINDOWS\system32\Drivers\meiudf.sys 21:12:03.0421 1368 meiudf ( UnsignedFile.Multi.Generic ) - warning 21:12:03.0421 1368 meiudf - detected UnsignedFile.Multi.Generic (1) 21:12:03.0468 1368 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll 21:12:03.0625 1368 Messenger - ok 21:12:03.0671 1368 [ DED60230E3019C508769EC3C15BCDA44 ] MHN C:\WINDOWS\System32\mhn.dll 21:12:03.0671 1368 MHN ( UnsignedFile.Multi.Generic ) - warning 21:12:03.0671 1368 MHN - detected UnsignedFile.Multi.Generic (1) 21:12:03.0718 1368 [ 7F2F1D2815A6449D346FCCCBC569FBD6 ] MHNDRV C:\WINDOWS\system32\DRIVERS\mhndrv.sys 21:12:03.0750 1368 MHNDRV ( UnsignedFile.Multi.Generic ) - warning 21:12:03.0750 1368 MHNDRV - detected UnsignedFile.Multi.Generic (1) 21:12:03.0765 1368 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys 21:12:03.0921 1368 mnmdd - ok 21:12:03.0937 1368 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe 21:12:04.0093 1368 mnmsrvc - ok 21:12:04.0125 1368 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys 21:12:04.0265 1368 Modem - ok 21:12:04.0296 1368 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys 21:12:04.0453 1368 Mouclass - ok 21:12:04.0484 1368 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys 21:12:04.0640 1368 mouhid - ok 21:12:04.0687 1368 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys 21:12:04.0828 1368 MountMgr - ok 21:12:04.0843 1368 mraid35x - ok 21:12:04.0875 1368 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys 21:12:05.0015 1368 MRxDAV - ok 21:12:05.0078 1368 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 21:12:05.0140 1368 MRxSmb - ok 21:12:05.0171 1368 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\system32\msdtc.exe 21:12:05.0312 1368 MSDTC - ok 21:12:05.0312 1368 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 21:12:05.0468 1368 Msfs - ok 21:12:05.0484 1368 MSIServer - ok 21:12:05.0515 1368 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys 21:12:05.0703 1368 MSKSSRV - ok 21:12:05.0750 1368 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys 21:12:05.0875 1368 MSPCLOCK - ok 21:12:05.0890 1368 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys 21:12:06.0031 1368 MSPQM - ok 21:12:06.0062 1368 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys 21:12:06.0187 1368 mssmbios - ok 21:12:06.0218 1368 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys 21:12:06.0359 1368 MSTEE - ok 21:12:06.0406 1368 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys 21:12:06.0453 1368 Mup - ok 21:12:06.0453 1368 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 21:12:06.0593 1368 NABTSFEC - ok 21:12:06.0640 1368 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll 21:12:06.0796 1368 napagent - ok 21:12:06.0890 1368 [ 7D7A3BC6640C1A0D1442816B30856928 ] NAVENG C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20130120.018\NAVENG.SYS 21:12:06.0906 1368 NAVENG - ok 21:12:07.0000 1368 [ 28494C43D62AA7584BDCA2FADFBC4D11 ] NAVEX15 C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20130120.018\NAVEX15.SYS 21:12:07.0093 1368 NAVEX15 - ok 21:12:07.0156 1368 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys 21:12:07.0328 1368 NDIS - ok 21:12:07.0375 1368 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys 21:12:07.0515 1368 NdisIP - ok 21:12:07.0578 1368 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 21:12:07.0625 1368 NdisTapi - ok 21:12:07.0640 1368 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys 21:12:07.0765 1368 Ndisuio - ok 21:12:07.0781 1368 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys 21:12:07.0937 1368 NdisWan - ok 21:12:07.0984 1368 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys 21:12:08.0015 1368 NDProxy - ok 21:12:08.0062 1368 [ A081CB6FB9A12668F233EB5414BE3A0E ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll 21:12:08.0062 1368 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 21:12:08.0062 1368 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 21:12:08.0093 1368 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys 21:12:08.0234 1368 NetBIOS - ok 21:12:08.0281 1368 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 21:12:08.0437 1368 NetBT - ok 21:12:08.0484 1368 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe 21:12:08.0640 1368 NetDDE - ok 21:12:08.0640 1368 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe 21:12:08.0796 1368 NetDDEdsdm - ok 21:12:08.0812 1368 [ 1265EB253ED4EBE4ACB3BD5F548FF796 ] Netdevio C:\WINDOWS\system32\DRIVERS\netdevio.sys 21:12:08.0828 1368 Netdevio ( UnsignedFile.Multi.Generic ) - warning 21:12:08.0828 1368 Netdevio - detected UnsignedFile.Multi.Generic (1) 21:12:08.0875 1368 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe 21:12:09.0000 1368 Netlogon - ok 21:12:09.0031 1368 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll 21:12:09.0171 1368 Netman - ok 21:12:09.0203 1368 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 21:12:09.0218 1368 NetTcpPortSharing - ok 21:12:09.0328 1368 [ 50F5DE54E1D1646C02078F3EDDC15A8E ] NETw3x32 C:\WINDOWS\system32\DRIVERS\NETw3x32.sys 21:12:09.0437 1368 NETw3x32 - ok 21:12:09.0468 1368 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys 21:12:09.0609 1368 NIC1394 - ok 21:12:09.0734 1368 [ F2840DBFE9322F35557219AE82CC4597 ] NIS C:\Programme\Norton Internet Security\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe 21:12:09.0765 1368 NIS - ok 21:12:09.0812 1368 [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla C:\WINDOWS\System32\mswsock.dll 21:12:09.0859 1368 Nla - ok 21:12:09.0906 1368 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 21:12:10.0046 1368 Npfs - ok 21:12:10.0109 1368 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys 21:12:10.0296 1368 Ntfs - ok 21:12:10.0328 1368 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\system32\lsass.exe 21:12:10.0453 1368 NtLmSsp - ok 21:12:10.0515 1368 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll 21:12:10.0734 1368 NtmsSvc - ok 21:12:10.0750 1368 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys 21:12:11.0093 1368 Null - ok 21:12:11.0265 1368 [ AC5267C71F72FB42511ED5790BA0E9F5 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys 21:12:11.0484 1368 nv - ok 21:12:11.0531 1368 [ 3AB553F922FC8501BF2EE5407FC28C0F ] NVSvc C:\WINDOWS\system32\nvsvc32.exe 21:12:11.0562 1368 NVSvc - ok 21:12:11.0578 1368 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 21:12:11.0734 1368 NwlnkFlt - ok 21:12:11.0734 1368 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 21:12:11.0906 1368 NwlnkFwd - ok 21:12:12.0046 1368 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE 21:12:12.0078 1368 odserv - ok 21:12:12.0109 1368 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys 21:12:12.0250 1368 ohci1394 - ok 21:12:12.0296 1368 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE 21:12:12.0312 1368 ose - ok 21:12:12.0328 1368 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\drivers\Parport.sys 21:12:12.0484 1368 Parport - ok 21:12:12.0500 1368 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys 21:12:12.0640 1368 PartMgr - ok 21:12:12.0687 1368 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys 21:12:12.0859 1368 ParVdm - ok 21:12:12.0859 1368 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys 21:12:13.0015 1368 PCI - ok 21:12:13.0015 1368 PCIDump - ok 21:12:13.0031 1368 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys 21:12:13.0171 1368 PCIIde - ok 21:12:13.0203 1368 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys 21:12:13.0343 1368 Pcmcia - ok 21:12:13.0359 1368 PDCOMP - ok 21:12:13.0359 1368 PDFRAME - ok 21:12:13.0375 1368 PDRELI - ok 21:12:13.0375 1368 PDRFRAME - ok 21:12:13.0390 1368 perc2 - ok 21:12:13.0390 1368 perc2hib - ok 21:12:13.0421 1368 [ 444F122E68DB44C0589227781F3C8B3F ] Pfc C:\WINDOWS\system32\drivers\pfc.sys 21:12:13.0453 1368 Pfc ( UnsignedFile.Multi.Generic ) - warning 21:12:13.0453 1368 Pfc - detected UnsignedFile.Multi.Generic (1) 21:12:13.0515 1368 [ A2B25662FB5FAF875CCEAD2166B5F9AD ] PID_0928 C:\WINDOWS\system32\DRIVERS\LV561AV.SYS 21:12:13.0531 1368 PID_0928 - ok 21:12:13.0562 1368 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe 21:12:13.0593 1368 PlugPlay - ok 21:12:13.0640 1368 [ 65BC271F337637731D3C71455AE1F476 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll 21:12:13.0640 1368 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 21:12:13.0640 1368 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 21:12:13.0687 1368 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe 21:12:13.0812 1368 PolicyAgent - ok 21:12:13.0859 1368 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys 21:12:14.0000 1368 PptpMiniport - ok 21:12:14.0015 1368 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe 21:12:14.0156 1368 ProtectedStorage - ok 21:12:14.0156 1368 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys 21:12:14.0296 1368 PSched - ok 21:12:14.0296 1368 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys 21:12:14.0453 1368 Ptilink - ok 21:12:14.0500 1368 [ D86B4A68565E444D76457F14172C875A ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys 21:12:14.0515 1368 PxHelp20 - ok 21:12:14.0515 1368 ql1080 - ok 21:12:14.0515 1368 Ql10wnt - ok 21:12:14.0531 1368 ql12160 - ok 21:12:14.0531 1368 ql1240 - ok 21:12:14.0546 1368 ql1280 - ok 21:12:14.0562 1368 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 21:12:14.0718 1368 RasAcd - ok 21:12:14.0750 1368 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll 21:12:14.0906 1368 RasAuto - ok 21:12:14.0937 1368 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 21:12:15.0078 1368 Rasl2tp - ok 21:12:15.0140 1368 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll 21:12:15.0281 1368 RasMan - ok 21:12:15.0296 1368 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys 21:12:15.0437 1368 RasPppoe - ok 21:12:15.0468 1368 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys 21:12:15.0609 1368 Raspti - ok 21:12:15.0671 1368 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 21:12:15.0843 1368 Rdbss - ok 21:12:15.0875 1368 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 21:12:16.0031 1368 RDPCDD - ok 21:12:16.0062 1368 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys 21:12:16.0218 1368 rdpdr - ok 21:12:16.0281 1368 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys 21:12:16.0296 1368 RDPWD - ok 21:12:16.0390 1368 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe 21:12:16.0562 1368 RDSessMgr - ok 21:12:16.0578 1368 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys 21:12:16.0781 1368 redbook - ok 21:12:16.0937 1368 [ D8F61AAAE73A1FBDE6F538BECC891F2F ] RegSrvc C:\Programme\Intel\Wireless\Bin\RegSrvc.exe 21:12:16.0984 1368 RegSrvc ( UnsignedFile.Multi.Generic ) - warning 21:12:16.0984 1368 RegSrvc - detected UnsignedFile.Multi.Generic (1) 21:12:17.0015 1368 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 21:12:17.0156 1368 RemoteAccess - ok 21:12:17.0203 1368 [ E4CD1F3D84E1C2CA0B8CF7501E201593 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll 21:12:17.0359 1368 RemoteRegistry - ok 21:12:17.0359 1368 RimUsb - ok 21:12:17.0390 1368 [ D9B34325EE5DF78B8F28A3DE9F577C7D ] RimVSerPort C:\WINDOWS\system32\DRIVERS\RimSerial.sys 21:12:17.0406 1368 RimVSerPort - ok 21:12:17.0437 1368 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys 21:12:17.0609 1368 ROOTMODEM - ok 21:12:17.0859 1368 RoxLiveShare9 - ok 21:12:17.0906 1368 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\system32\locator.exe 21:12:18.0078 1368 RpcLocator - ok 21:12:18.0140 1368 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs C:\WINDOWS\system32\rpcss.dll 21:12:18.0203 1368 RpcSs - ok 21:12:18.0265 1368 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\system32\rsvp.exe 21:12:18.0406 1368 RSVP - ok 21:12:18.0484 1368 [ 25F697E3AFA7B337BBCADDBCE38E6934 ] S24EventMonitor C:\Programme\Intel\Wireless\Bin\S24EvMon.exe 21:12:18.0562 1368 S24EventMonitor ( UnsignedFile.Multi.Generic ) - warning 21:12:18.0562 1368 S24EventMonitor - detected UnsignedFile.Multi.Generic (1) 21:12:18.0593 1368 [ 2862ADB14481AC28F98105FF33A99EB0 ] s24trans C:\WINDOWS\system32\DRIVERS\s24trans.sys 21:12:18.0625 1368 s24trans ( UnsignedFile.Multi.Generic ) - warning 21:12:18.0625 1368 s24trans - detected UnsignedFile.Multi.Generic (1) 21:12:18.0640 1368 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe 21:12:18.0781 1368 SamSs - ok 21:12:18.0828 1368 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe 21:12:18.0968 1368 SCardSvr - ok 21:12:19.0015 1368 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll 21:12:19.0171 1368 Schedule - ok 21:12:19.0234 1368 [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys 21:12:19.0390 1368 sdbus - ok 21:12:19.0437 1368 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys 21:12:19.0578 1368 Secdrv - ok 21:12:19.0609 1368 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll 21:12:19.0734 1368 seclogon - ok 21:12:19.0781 1368 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll 21:12:19.0937 1368 SENS - ok 21:12:19.0984 1368 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\drivers\Serial.sys 21:12:20.0140 1368 Serial - ok 21:12:20.0218 1368 [ 0FA803C64DF0914B41F807EA276BF2A6 ] sffdisk C:\WINDOWS\system32\DRIVERS\sffdisk.sys 21:12:20.0359 1368 sffdisk - ok 21:12:20.0390 1368 [ C17C331E435ED8737525C86A7557B3AC ] sffp_sd C:\WINDOWS\system32\DRIVERS\sffp_sd.sys 21:12:20.0562 1368 sffp_sd - ok 21:12:20.0593 1368 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys 21:12:20.0734 1368 Sfloppy - ok 21:12:20.0812 1368 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll 21:12:21.0000 1368 SharedAccess - ok 21:12:21.0046 1368 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 21:12:21.0078 1368 ShellHWDetection - ok 21:12:21.0109 1368 Simbad - ok 21:12:21.0187 1368 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Programme\Skype\Updater\Updater.exe 21:12:21.0203 1368 SkypeUpdate - ok 21:12:21.0250 1368 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys 21:12:21.0406 1368 SLIP - ok 21:12:21.0453 1368 Sparrow - ok 21:12:21.0515 1368 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys 21:12:21.0687 1368 splitter - ok 21:12:21.0750 1368 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe 21:12:21.0796 1368 Spooler - ok 21:12:21.0828 1368 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys 21:12:21.0968 1368 sr - ok 21:12:22.0031 1368 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll 21:12:22.0156 1368 srservice - ok 21:12:22.0281 1368 [ 7BB297CADA42903328E92425D9761DA6 ] SRTSP C:\WINDOWS\System32\Drivers\NIS\1309000.009\SRTSP.SYS 21:12:22.0312 1368 SRTSP - ok 21:12:22.0343 1368 [ 475FCF0F28D845BF1C8ABAC27F19003E ] SRTSPX C:\WINDOWS\system32\drivers\NIS\1309000.009\SRTSPX.SYS 21:12:22.0359 1368 SRTSPX - ok 21:12:22.0437 1368 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys 21:12:22.0500 1368 Srv - ok 21:12:22.0546 1368 [ 6D83FF6722BAF7E82A4521DBEC363E5A ] ssadbus C:\WINDOWS\system32\DRIVERS\ssadbus.sys 21:12:22.0593 1368 ssadbus - ok 21:12:22.0640 1368 [ 5AE42E90F99749E0E35B9989A2D0275C ] ssadmdfl C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys 21:12:22.0687 1368 ssadmdfl - ok 21:12:22.0750 1368 [ 9285D8ABA50A4D6482B1574448F9EB76 ] ssadmdm C:\WINDOWS\system32\DRIVERS\ssadmdm.sys 21:12:22.0796 1368 ssadmdm - ok 21:12:22.0843 1368 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 21:12:23.0000 1368 SSDPSRV - ok 21:12:23.0062 1368 [ 54946449A0EB74915A4BB34F7EE51A5A ] ss_bus C:\WINDOWS\system32\DRIVERS\ss_bus.sys 21:12:23.0078 1368 ss_bus - ok 21:12:23.0125 1368 [ 4450BC0B2E9D7D9B90E3C3DE4EA00A78 ] ss_mdfl C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys 21:12:23.0125 1368 ss_mdfl - ok 21:12:23.0171 1368 [ 30B8D0DD01EAD1243F329CAF7D7D1517 ] ss_mdm C:\WINDOWS\system32\DRIVERS\ss_mdm.sys 21:12:23.0187 1368 ss_mdm - ok 21:12:23.0234 1368 [ A2DBCC4C8860449DF1AB758EA28B4DE0 ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys 21:12:23.0359 1368 StillCam - ok 21:12:23.0406 1368 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll 21:12:23.0562 1368 stisvc - ok 21:12:23.0609 1368 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys 21:12:23.0750 1368 streamip - ok 21:12:23.0781 1368 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys 21:12:23.0937 1368 swenum - ok 21:12:24.0000 1368 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys 21:12:24.0156 1368 swmidi - ok 21:12:24.0171 1368 SwPrv - ok 21:12:24.0328 1368 [ 267C914667C94E5F47D342311C1C577F ] Symantec RemoteAssist C:\Programme\Gemeinsame Dateien\Symantec Shared\Support Controls\ssrc.exe 21:12:24.0343 1368 Symantec RemoteAssist - ok 21:12:24.0359 1368 symc810 - ok 21:12:24.0390 1368 symc8xx - ok 21:12:24.0421 1368 SYMDNS - ok 21:12:24.0484 1368 [ 690FA0E61B90084C4D9A721BD4F3D779 ] SymDS C:\WINDOWS\system32\drivers\NIS\1309000.009\SYMDS.SYS 21:12:24.0500 1368 SymDS - ok 21:12:24.0609 1368 [ 8F88EDB211B12537D2DC2A6D73D6067C ] SymEFA C:\WINDOWS\system32\drivers\NIS\1309000.009\SYMEFA.SYS 21:12:24.0656 1368 SymEFA - ok 21:12:24.0718 1368 [ 74E2521E96176A4449570E50BE91954D ] SymEvent C:\WINDOWS\system32\Drivers\SYMEVENT.SYS 21:12:24.0734 1368 SymEvent - ok 21:12:24.0750 1368 SYMFW - ok 21:12:24.0781 1368 SYMIDS - ok 21:12:24.0828 1368 [ 2C356CCA706505CF63CBE39D532B9236 ] SymIRON C:\WINDOWS\system32\drivers\NIS\1309000.009\Ironx86.SYS 21:12:24.0859 1368 SymIRON - ok 21:12:24.0875 1368 SYMNDIS - ok 21:12:24.0906 1368 SYMREDRV - ok 21:12:24.0953 1368 [ 508BD882040F9CB12319E3A4FC78EDB9 ] SYMTDI C:\WINDOWS\System32\Drivers\NIS\1309000.009\SYMTDI.SYS 21:12:24.0984 1368 SYMTDI - ok 21:12:24.0984 1368 sym_hi - ok 21:12:25.0015 1368 sym_u3 - ok 21:12:25.0062 1368 [ A6CC8C28D5AAD4179EF32F05BED55E91 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys 21:12:25.0109 1368 SynTP - ok 21:12:25.0156 1368 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys 21:12:25.0296 1368 sysaudio - ok 21:12:25.0375 1368 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe 21:12:25.0515 1368 SysmonLog - ok 21:12:25.0562 1368 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 21:12:25.0750 1368 TapiSrv - ok 21:12:25.0843 1368 [ 36772B5EAAAF42DB5C5EE6EEB0EC0AF7 ] TAPPSRV C:\Programme\Toshiba\TOSHIBA Applet\TAPPSRV.exe 21:12:25.0875 1368 TAPPSRV ( UnsignedFile.Multi.Generic ) - warning 21:12:25.0875 1368 TAPPSRV - detected UnsignedFile.Multi.Generic (1) 21:12:25.0968 1368 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys 21:12:26.0015 1368 Tcpip - ok 21:12:26.0093 1368 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys 21:12:26.0250 1368 TDPIPE - ok 21:12:26.0281 1368 TDSSserv.sys - ok 21:12:26.0328 1368 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys 21:12:26.0453 1368 TDTCP - ok 21:12:26.0500 1368 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys 21:12:26.0640 1368 TermDD - ok 21:12:26.0718 1368 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll 21:12:26.0859 1368 TermService - ok 21:12:26.0890 1368 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll 21:12:26.0906 1368 Themes - ok 21:12:26.0968 1368 [ 244CFBFFDEFB77F3DF571A8CD108FC06 ] tifm21 C:\WINDOWS\system32\drivers\tifm21.sys 21:12:27.0000 1368 tifm21 - ok 21:12:27.0062 1368 [ 03681A1CE77F51586903869A5AB1DEAB ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe 21:12:27.0203 1368 TlntSvr - ok 21:12:27.0234 1368 TosIde - ok 21:12:27.0281 1368 [ CC069342EE0EAE55B32A0AE99CF6185C ] tosrfec C:\WINDOWS\system32\DRIVERS\tosrfec.sys 21:12:27.0281 1368 tosrfec ( UnsignedFile.Multi.Generic ) - warning 21:12:27.0281 1368 tosrfec - detected UnsignedFile.Multi.Generic (1) 21:12:27.0328 1368 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll 21:12:27.0500 1368 TrkWks - ok 21:12:27.0546 1368 [ 676DB15DDF2E0FF6EC03068DEA428B8B ] TVALD C:\WINDOWS\system32\DRIVERS\NBSMI.sys 21:12:27.0578 1368 TVALD ( UnsignedFile.Multi.Generic ) - warning 21:12:27.0578 1368 TVALD - detected UnsignedFile.Multi.Generic (1) 21:12:27.0609 1368 [ 546DFBA6486569120D33F7AD6E94EFDD ] Tvs C:\WINDOWS\system32\DRIVERS\Tvs.sys 21:12:27.0656 1368 Tvs ( UnsignedFile.Multi.Generic ) - warning 21:12:27.0656 1368 Tvs - detected UnsignedFile.Multi.Generic (1) 21:12:27.0718 1368 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys 21:12:27.0859 1368 Udfs - ok 21:12:27.0890 1368 ultra - ok 21:12:28.0015 1368 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys 21:12:28.0218 1368 Update - ok 21:12:28.0296 1368 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll 21:12:28.0437 1368 upnphost - ok 21:12:28.0515 1368 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe 21:12:28.0671 1368 UPS - ok 21:12:28.0781 1368 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys 21:12:28.0921 1368 usbccgp - ok 21:12:28.0953 1368 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys 21:12:29.0125 1368 usbehci - ok 21:12:29.0171 1368 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys 21:12:29.0343 1368 usbhub - ok 21:12:29.0375 1368 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys 21:12:29.0515 1368 usbprint - ok 21:12:29.0546 1368 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys 21:12:29.0703 1368 usbscan - ok 21:12:29.0734 1368 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 21:12:29.0890 1368 USBSTOR - ok 21:12:29.0921 1368 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys 21:12:30.0062 1368 usbuhci - ok 21:12:30.0093 1368 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys 21:12:30.0250 1368 VgaSave - ok 21:12:30.0265 1368 ViaIde - ok 21:12:30.0375 1368 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys 21:12:30.0515 1368 VolSnap - ok 21:12:30.0656 1368 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe 21:12:30.0812 1368 VSS - ok 21:12:31.0187 1368 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll 21:12:31.0328 1368 W32Time - ok 21:12:31.0421 1368 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys 21:12:31.0562 1368 Wanarp - ok 21:12:31.0640 1368 [ D6EFAF429FD30C5DF613D220E344CCE7 ] WDC_SAM C:\WINDOWS\system32\DRIVERS\wdcsam.sys 21:12:31.0687 1368 WDC_SAM - ok 21:12:31.0859 1368 [ DBBAB783009FBDF69B222641BB7831AE ] WDDMService C:\Programme\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe 21:12:31.0890 1368 WDDMService ( UnsignedFile.Multi.Generic ) - warning 21:12:31.0890 1368 WDDMService - detected UnsignedFile.Multi.Generic (1) 21:12:32.0281 1368 [ A787A567B3470C91C487ECE90CF7509C ] WDFME C:\Programme\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe 21:12:32.0406 1368 WDFME ( UnsignedFile.Multi.Generic ) - warning 21:12:32.0406 1368 WDFME - detected UnsignedFile.Multi.Generic (1) 21:12:32.0437 1368 WDICA - ok 21:12:32.0531 1368 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys 21:12:32.0687 1368 wdmaud - ok 21:12:32.0828 1368 [ B30940E39D5B3218958DBD2EA3D13BCB ] WDSC C:\Programme\Western Digital\WD SmartWare\Front Parlor\WDSC.exe 21:12:32.0890 1368 WDSC ( UnsignedFile.Multi.Generic ) - warning 21:12:32.0890 1368 WDSC - detected UnsignedFile.Multi.Generic (1) 21:12:32.0968 1368 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll 21:12:33.0109 1368 WebClient - ok 21:12:33.0218 1368 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll 21:12:33.0375 1368 winmgmt - ok 21:12:33.0468 1368 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll 21:12:33.0484 1368 WmdmPmSN - ok 21:12:33.0546 1368 [ FFA4D901D46D07A5BAB2D8307FBB51A6 ] Wmi C:\WINDOWS\System32\advapi32.dll 21:12:33.0609 1368 Wmi - ok 21:12:33.0671 1368 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe 21:12:33.0812 1368 WmiApSrv - ok 21:12:33.0906 1368 [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc C:\Programme\Windows Media Player\WMPNetwk.exe 21:12:33.0984 1368 WMPNetworkSvc - ok 21:12:34.0031 1368 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys 21:12:34.0046 1368 WpdUsb - ok 21:12:34.0109 1368 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINDOWS\system32\wscsvc.dll 21:12:34.0250 1368 wscsvc - ok 21:12:34.0296 1368 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 21:12:34.0453 1368 WSTCODEC - ok 21:12:34.0515 1368 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll 21:12:34.0656 1368 wuauserv - ok 21:12:34.0718 1368 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys 21:12:34.0734 1368 WudfPf - ok 21:12:34.0796 1368 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys 21:12:34.0828 1368 WudfRd - ok 21:12:34.0906 1368 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll 21:12:34.0937 1368 WudfSvc - ok 21:12:35.0031 1368 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll 21:12:35.0203 1368 WZCSVC - ok 21:12:35.0265 1368 [ 81E8DA36CE70858898D5EB81E28A47D2 ] X10Hid C:\WINDOWS\system32\Drivers\x10hid.sys 21:12:35.0296 1368 X10Hid - ok 21:12:35.0375 1368 [ 5A0C788C5BC5F2C993CB60940ADCF95E ] x10nets C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe 21:12:35.0406 1368 x10nets ( UnsignedFile.Multi.Generic ) - warning 21:12:35.0406 1368 x10nets - detected UnsignedFile.Multi.Generic (1) 21:12:35.0437 1368 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll 21:12:35.0593 1368 xmlprov - ok 21:12:35.0640 1368 ================ Scan global =============================== 21:12:35.0718 1368 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll 21:12:35.0765 1368 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll 21:12:35.0781 1368 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll 21:12:35.0828 1368 [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe 21:12:35.0828 1368 [Global] - ok 21:12:35.0843 1368 ================ Scan MBR ================================== 21:12:35.0875 1368 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0 21:12:36.0125 1368 \Device\Harddisk0\DR0 - ok 21:12:36.0140 1368 ================ Scan VBR ================================== 21:12:36.0140 1368 [ 616B24BCF92A73F3F78D30623BDBD8B0 ] \Device\Harddisk0\DR0\Partition1 21:12:36.0140 1368 \Device\Harddisk0\DR0\Partition1 - ok 21:12:36.0156 1368 ============================================================ 21:12:36.0156 1368 Scan finished 21:12:36.0156 1368 ============================================================ 21:12:36.0187 5324 Detected object count: 44 21:12:36.0187 5324 Actual detected object count: 44 21:12:54.0390 5324 ACEDRV07 ( UnsignedFile.Multi.Generic ) - skipped by user 21:12:54.0390 5324 ACEDRV07 ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:12:54.0390 5324 AegisP ( UnsignedFile.Multi.Generic ) - skipped by user 21:12:54.0390 5324 AegisP ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:12:54.0406 5324 CFSvcs ( UnsignedFile.Multi.Generic ) - skipped by user 21:12:54.0406 5324 CFSvcs ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:12:54.0406 5324 DLABOIOM ( UnsignedFile.Multi.Generic ) - skipped by user 21:12:54.0406 5324 DLABOIOM ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:12:54.0406 5324 DLACDBHM ( UnsignedFile.Multi.Generic ) - skipped by user 21:12:54.0406 5324 DLACDBHM ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:12:54.0406 5324 DLADResN ( UnsignedFile.Multi.Generic ) - skipped by user 21:12:54.0421 5324 DLADResN ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:12:54.0421 5324 DLAIFS_M ( UnsignedFile.Multi.Generic ) - skipped by user 21:12:54.0421 5324 DLAIFS_M ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:12:54.0421 5324 DLAOPIOM ( UnsignedFile.Multi.Generic ) - skipped by user 21:12:54.0421 5324 DLAOPIOM ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:12:54.0437 5324 DLAPoolM ( UnsignedFile.Multi.Generic ) - skipped by user 21:12:54.0437 5324 DLAPoolM ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:12:54.0437 5324 DLARTL_N ( UnsignedFile.Multi.Generic ) - skipped by user 21:12:54.0437 5324 DLARTL_N ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:12:54.0437 5324 DLAUDFAM ( UnsignedFile.Multi.Generic ) - skipped by user 21:12:54.0437 5324 DLAUDFAM ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:12:54.0437 5324 DLAUDF_M ( UnsignedFile.Multi.Generic ) - skipped by user 21:12:54.0437 5324 DLAUDF_M ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:12:54.0437 5324 DRVMCDB ( UnsignedFile.Multi.Generic ) - skipped by user 21:12:54.0437 5324 DRVMCDB ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:12:54.0437 5324 DRVNDDM ( UnsignedFile.Multi.Generic ) - skipped by user 21:12:54.0437 5324 DRVNDDM ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:12:54.0437 5324 DVD-RAM_Service ( UnsignedFile.Multi.Generic ) - skipped by user 21:12:54.0437 5324 DVD-RAM_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:12:54.0437 5324 EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user 21:12:54.0437 5324 EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:12:54.0453 5324 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user 21:12:54.0453 5324 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:12:54.0453 5324 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user 21:12:54.0453 5324 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:12:54.0453 5324 FsUsbExService ( UnsignedFile.Multi.Generic ) - skipped by user 21:12:54.0453 5324 FsUsbExService ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:12:54.0453 5324 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user 21:12:54.0453 5324 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:12:54.0468 5324 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user 21:12:54.0468 5324 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:12:54.0468 5324 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user 21:12:54.0468 5324 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:12:54.0484 5324 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user 21:12:54.0484 5324 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:12:54.0484 5324 Iviaspi ( UnsignedFile.Multi.Generic ) - skipped by user 21:12:54.0484 5324 Iviaspi ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:12:54.0484 5324 IWPORT ( UnsignedFile.Multi.Generic ) - skipped by user 21:12:54.0484 5324 IWPORT ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:12:54.0484 5324 IwUSB ( UnsignedFile.Multi.Generic ) - skipped by user 21:12:54.0484 5324 IwUSB ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:12:54.0500 5324 meiudf ( UnsignedFile.Multi.Generic ) - skipped by user 21:12:54.0500 5324 meiudf ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:12:54.0500 5324 MHN ( UnsignedFile.Multi.Generic ) - skipped by user 21:12:54.0500 5324 MHN ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:12:54.0515 5324 MHNDRV ( UnsignedFile.Multi.Generic ) - skipped by user 21:12:54.0515 5324 MHNDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:12:54.0515 5324 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 21:12:54.0515 5324 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:12:54.0531 5324 Netdevio ( UnsignedFile.Multi.Generic ) - skipped by user 21:12:54.0531 5324 Netdevio ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:12:54.0531 5324 Pfc ( UnsignedFile.Multi.Generic ) - skipped by user 21:12:54.0531 5324 Pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:12:54.0531 5324 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 21:12:54.0531 5324 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:12:54.0531 5324 RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user 21:12:54.0531 5324 RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:12:54.0546 5324 S24EventMonitor ( UnsignedFile.Multi.Generic ) - skipped by user 21:12:54.0546 5324 S24EventMonitor ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:12:54.0546 5324 s24trans ( UnsignedFile.Multi.Generic ) - skipped by user 21:12:54.0546 5324 s24trans ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:12:54.0562 5324 TAPPSRV ( UnsignedFile.Multi.Generic ) - skipped by user 21:12:54.0562 5324 TAPPSRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:12:54.0562 5324 tosrfec ( UnsignedFile.Multi.Generic ) - skipped by user 21:12:54.0562 5324 tosrfec ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:12:54.0578 5324 TVALD ( UnsignedFile.Multi.Generic ) - skipped by user 21:12:54.0578 5324 TVALD ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:12:54.0578 5324 Tvs ( UnsignedFile.Multi.Generic ) - skipped by user 21:12:54.0578 5324 Tvs ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:12:54.0578 5324 WDDMService ( UnsignedFile.Multi.Generic ) - skipped by user 21:12:54.0578 5324 WDDMService ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:12:54.0578 5324 WDFME ( UnsignedFile.Multi.Generic ) - skipped by user 21:12:54.0578 5324 WDFME ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:12:54.0593 5324 WDSC ( UnsignedFile.Multi.Generic ) - skipped by user 21:12:54.0593 5324 WDSC ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:12:54.0593 5324 x10nets ( UnsignedFile.Multi.Generic ) - skipped by user 21:12:54.0593 5324 x10nets ( UnsignedFile.Multi.Generic ) - User select action: Skip |
22.01.2013, 15:26 | #11 | |
/// Malware-holic | GVU Trojaner eingefangen.Windows XP.Abgesicherter Modus nicht moeglich. hi combofix: Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!Downloade dir bitte Combofix von einem dieser Downloadspiegel Link 1 Link 2 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
Themen zu GVU Trojaner eingefangen.Windows XP.Abgesicherter Modus nicht moeglich. |
abgesicherte, abgesicherten, abgesicherten modus, arten, compu, computer, entfern, gvu trojaner, hallo zusammen, hoffe, laesst, modus, moeglich, nicht mehr, problem, starte, starten, troja, trojaner, windows, windows xp, woche, zusammen |