| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Firefox leitet um auf "mytoolsapp.info"Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
26.02.2013, 21:14
| #16 |
| /// Malware-holic   |  Firefox leitet um auf "mytoolsapp.info" Hi, HitmanPro - Download - Filepony hitmanpro laden, öffnen, lizenz, Testlizenz. Auf Scan, nichts löschen, auf weiter, Log als XML exportieren und posten, bzw packen und anhängen
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
26.02.2013, 21:45
| #17 |
 | Firefox leitet um auf "mytoolsapp.info" So hier der log in der Zip datei
__________________ |
|
26.02.2013, 22:11
| #18 |
| /// Malware-holic | Firefox leitet um auf "mytoolsapp.info" Funde bitte löschen, neues OTL log posten.
__________________
__________________ |
|
26.02.2013, 22:21
| #19 |
| | Firefox leitet um auf "mytoolsapp.info" diesmal sogar mit Extra.txt datei  |
|
26.02.2013, 22:26
| #20 |
| /// Malware-holic | Firefox leitet um auf "mytoolsapp.info" Hi, otl fix Fixen mit OTL
Code:
ATTFilter :OTL
IE - HKCU\..\SearchScopes\{80937FBF-06F4-48BA-840D-A827D431F99E}: "URL" = http://search.avg.com/route/?d=$instd$&v=$ver$&i=$dchid$&tp=chrome&q={searchTerms}&lng={moz:locale}&iy=&ychte=ch
O4 - HKLM..\Run: [NokiaMServer] C:\Programme\Gemeinsame Dateien\Nokia\MPlatform\NokiaMServer /watchfiles File not found
O8 - Extra context menu item: Free YouTube Download - C:\Dokumente und Einstellungen\Denis\Anwendungsdaten\DVDVideoSoftIEHelpers\freeytvdownloader.htm File not found
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Dokumente und Einstellungen\Denis\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found
:files
:Commands
[emptytemp]
Neustarten, testen wie pc und browser laufen bitte teste, ob es im Firefox, internet explorer, chrome, irgendwelche ungewollten toolbars, umleitungen oder sonstigen Probleme gibt. Teste wie pc und programme allgemein laufen. starte in den normalen modus. falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang in den Thread posten! Drücke bitte die  + E Taste.
 lade unhide: http://www.trojaner-board.de/54791-a...ner-board.html danach: downloade get info: http://markusg.trojaner-board.de/GetInfo.exe doppelklicke die .exe im selben ordner wird nun eine .txt erstellt: summary-info.txt diese doppelklicken und deren inhalt posten. machst du onlinebanking /einkäufe? http://www.trojaner-board.de/51187-a...i-malware.html bitte erstelle und poste ein combofix log. Ein Leitfaden und Tutorium zur Nutzung von ComboFix Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
der pc muss neu aufgesetzt und dann abgesichert werden 1. Datenrettung:
ich werde außerdem noch weitere punkte dazu posten. 4. alle Passwörter ändern! 5. nach PC Absicherung, die gesicherten Daten prüfen und falls sauber: zurückspielen. 6. werde ich dann noch was zum absichern von Onlinebanking mit Chip Card Reader + Star Money sagen.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
28.02.2013, 19:58
| #21 |
| | Firefox leitet um auf "mytoolsapp.info" Hallo ich habe immernoch Probleme egal, welcher Browser  beiliegend der log von OTL und vom tdsskiller Code:
ATTFilter All processes killed
========== OTL ==========
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{80937FBF-06F4-48BA-840D-A827D431F99E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{80937FBF-06F4-48BA-840D-A827D431F99E}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NokiaMServer deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Free YouTube Download\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Free YouTube to MP3 Converter\ deleted successfully.
========== FILES ==========
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 0 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Denis
->Temp folder emptied: 4335917 bytes
->Temporary Internet Files folder emptied: 9702344 bytes
->Java cache emptied: 1190831 bytes
->FireFox cache emptied: 1185415197 bytes
->Apple Safari cache emptied: 854016 bytes
->Flash cache emptied: 135173 bytes
User: Gast
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32835 bytes
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 483 bytes
RecycleBin emptied: 91732 bytes
Total Files Cleaned = 1'146.00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 02262013_223208
Files\Folders moved on Reboot...
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Code:
ATTFilter 19:54:24.0265 2600 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
19:54:24.0437 2600 ============================================================
19:54:24.0437 2600 Current date / time: 2013/02/28 19:54:24.0437
19:54:24.0437 2600 SystemInfo:
19:54:24.0437 2600
19:54:24.0437 2600 OS Version: 5.1.2600 ServicePack: 3.0
19:54:24.0437 2600 Product type: Workstation
19:54:24.0437 2600 ComputerName: WINXPCLIENT
19:54:24.0437 2600 UserName: Denis
19:54:24.0437 2600 Windows directory: C:\WINDOWS
19:54:24.0437 2600 System windows directory: C:\WINDOWS
19:54:24.0437 2600 Processor architecture: Intel x86
19:54:24.0437 2600 Number of processors: 4
19:54:24.0437 2600 Page size: 0x1000
19:54:24.0437 2600 Boot type: Normal boot
19:54:24.0437 2600 ============================================================
19:54:25.0140 2600 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
19:54:25.0156 2600 Drive \Device\Harddisk1\DR1 - Size: 0x22EF13E000 (139.74 Gb), SectorSize: 0x200, Cylinders: 0x4741, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
19:54:25.0156 2600 ============================================================
19:54:25.0156 2600 \Device\Harddisk0\DR0:
19:54:25.0156 2600 MBR partitions:
19:54:25.0156 2600 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4A852FC1
19:54:25.0156 2600 \Device\Harddisk1\DR1:
19:54:25.0156 2600 MBR partitions:
19:54:25.0156 2600 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x11773701
19:54:25.0156 2600 ============================================================
19:54:25.0171 2600 C: <-> \Device\Harddisk1\DR1\Partition1
19:54:25.0203 2600 E: <-> \Device\Harddisk0\DR0\Partition1
19:54:25.0203 2600 ============================================================
19:54:25.0203 2600 Initialize success
19:54:25.0203 2600 ============================================================
19:54:27.0921 3672 ============================================================
19:54:27.0921 3672 Scan started
19:54:27.0921 3672 Mode: Manual;
19:54:27.0921 3672 ============================================================
19:54:28.0781 3672 ================ Scan system memory ========================
19:54:28.0781 3672 System memory - ok
19:54:28.0781 3672 ================ Scan services =============================
19:54:28.0828 3672 Abiosdsk - ok
19:54:28.0828 3672 abp480n5 - ok
19:54:28.0859 3672 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:54:28.0859 3672 ACPI - ok
19:54:28.0875 3672 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
19:54:28.0875 3672 ACPIEC - ok
19:54:28.0906 3672 [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:54:28.0906 3672 AdobeFlashPlayerUpdateSvc - ok
19:54:28.0906 3672 adpu160m - ok
19:54:28.0921 3672 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
19:54:28.0921 3672 aec - ok
19:54:28.0953 3672 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
19:54:28.0953 3672 AFD - ok
19:54:28.0953 3672 Aha154x - ok
19:54:28.0953 3672 aic78u2 - ok
19:54:28.0953 3672 aic78xx - ok
19:54:28.0968 3672 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll
19:54:28.0968 3672 Alerter - ok
19:54:28.0984 3672 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe
19:54:28.0984 3672 ALG - ok
19:54:28.0984 3672 AliIde - ok
19:54:29.0031 3672 [ 267FC636801EDC5AB28E14036349E3BE ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys
19:54:29.0062 3672 Ambfilt - ok
19:54:29.0093 3672 [ 033448D435E65C4BD72E70521FD05C76 ] AmdPPM C:\WINDOWS\system32\DRIVERS\AmdPPM.sys
19:54:29.0093 3672 AmdPPM - ok
19:54:29.0093 3672 amsint - ok
19:54:29.0156 3672 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:54:29.0156 3672 Apple Mobile Device - ok
19:54:29.0171 3672 [ D45960BE52C3C610D361977057F98C54 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
19:54:29.0171 3672 AppMgmt - ok
19:54:29.0187 3672 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
19:54:29.0187 3672 Arp1394 - ok
19:54:29.0187 3672 asc - ok
19:54:29.0187 3672 asc3350p - ok
19:54:29.0187 3672 asc3550 - ok
19:54:29.0250 3672 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
19:54:29.0250 3672 aspnet_state - ok
19:54:29.0281 3672 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:54:29.0281 3672 AsyncMac - ok
19:54:29.0296 3672 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
19:54:29.0296 3672 atapi - ok
19:54:29.0296 3672 Atdisk - ok
19:54:29.0296 3672 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:54:29.0312 3672 Atmarpc - ok
19:54:29.0312 3672 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
19:54:29.0312 3672 AudioSrv - ok
19:54:29.0328 3672 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
19:54:29.0328 3672 audstub - ok
19:54:29.0343 3672 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
19:54:29.0343 3672 Beep - ok
19:54:29.0375 3672 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll
19:54:29.0375 3672 BITS - ok
19:54:29.0421 3672 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Programme\Bonjour\mDNSResponder.exe
19:54:29.0421 3672 Bonjour Service - ok
19:54:29.0453 3672 [ B71549F23736ADF83A571061C47777FD ] Browser C:\WINDOWS\System32\browser.dll
19:54:29.0453 3672 Browser - ok
19:54:29.0515 3672 catchme - ok
19:54:29.0531 3672 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
19:54:29.0531 3672 cbidf2k - ok
19:54:29.0531 3672 cd20xrnt - ok
19:54:29.0546 3672 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
19:54:29.0546 3672 Cdaudio - ok
19:54:29.0546 3672 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
19:54:29.0546 3672 Cdfs - ok
19:54:29.0562 3672 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:54:29.0562 3672 Cdrom - ok
19:54:29.0562 3672 Changer - ok
19:54:29.0578 3672 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe
19:54:29.0578 3672 CiSvc - ok
19:54:29.0593 3672 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
19:54:29.0593 3672 ClipSrv - ok
19:54:29.0609 3672 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:54:29.0609 3672 clr_optimization_v2.0.50727_32 - ok
19:54:29.0640 3672 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:54:29.0640 3672 clr_optimization_v4.0.30319_32 - ok
19:54:29.0640 3672 CmdIde - ok
19:54:29.0656 3672 COMSysApp - ok
19:54:29.0656 3672 Cpqarray - ok
19:54:29.0671 3672 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
19:54:29.0671 3672 CryptSvc - ok
19:54:29.0671 3672 dac2w2k - ok
19:54:29.0671 3672 dac960nt - ok
19:54:29.0703 3672 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
19:54:29.0703 3672 DcomLaunch - ok
19:54:29.0718 3672 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
19:54:29.0718 3672 Dhcp - ok
19:54:29.0734 3672 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
19:54:29.0734 3672 Disk - ok
19:54:29.0734 3672 dmadmin - ok
19:54:29.0750 3672 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
19:54:29.0765 3672 dmboot - ok
19:54:29.0781 3672 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys
19:54:29.0781 3672 dmio - ok
19:54:29.0796 3672 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
19:54:29.0796 3672 dmload - ok
19:54:29.0796 3672 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll
19:54:29.0796 3672 dmserver - ok
19:54:29.0812 3672 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
19:54:29.0812 3672 DMusic - ok
19:54:29.0828 3672 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
19:54:29.0828 3672 Dnscache - ok
19:54:29.0843 3672 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
19:54:29.0859 3672 Dot3svc - ok
19:54:29.0859 3672 dpti2o - ok
19:54:29.0859 3672 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
19:54:29.0859 3672 drmkaud - ok
19:54:29.0875 3672 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll
19:54:29.0875 3672 EapHost - ok
19:54:29.0875 3672 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll
19:54:29.0875 3672 ERSvc - ok
19:54:29.0890 3672 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe
19:54:29.0890 3672 Eventlog - ok
19:54:29.0906 3672 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\system32\es.dll
19:54:29.0906 3672 EventSystem - ok
19:54:29.0921 3672 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
19:54:29.0921 3672 Fastfat - ok
19:54:29.0937 3672 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
19:54:29.0937 3672 FastUserSwitchingCompatibility - ok
19:54:29.0953 3672 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
19:54:29.0953 3672 Fdc - ok
19:54:29.0953 3672 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
19:54:29.0953 3672 Fips - ok
19:54:29.0968 3672 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
19:54:29.0968 3672 Flpydisk - ok
19:54:30.0015 3672 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
19:54:30.0015 3672 FltMgr - ok
19:54:30.0125 3672 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
19:54:30.0125 3672 FontCache3.0.0.0 - ok
19:54:30.0156 3672 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:54:30.0156 3672 Fs_Rec - ok
19:54:30.0187 3672 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:54:30.0203 3672 Ftdisk - ok
19:54:30.0234 3672 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
19:54:30.0234 3672 GEARAspiWDM - ok
19:54:30.0234 3672 [ 77EBF3E9386DAA51551AF429052D88D0 ] giveio C:\WINDOWS\system32\giveio.sys
19:54:30.0234 3672 giveio - ok
19:54:30.0250 3672 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:54:30.0250 3672 Gpc - ok
19:54:30.0265 3672 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
19:54:30.0265 3672 HDAudBus - ok
19:54:30.0281 3672 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
19:54:30.0281 3672 helpsvc - ok
19:54:30.0296 3672 [ B35DA85E60C0103F2E4104532DA2F12B ] HidServ C:\WINDOWS\System32\hidserv.dll
19:54:30.0296 3672 HidServ - ok
19:54:30.0312 3672 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:54:30.0312 3672 hidusb - ok
19:54:30.0328 3672 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
19:54:30.0328 3672 hkmsvc - ok
19:54:30.0328 3672 hpn - ok
19:54:30.0343 3672 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
19:54:30.0343 3672 HTTP - ok
19:54:30.0375 3672 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
19:54:30.0375 3672 HTTPFilter - ok
19:54:30.0375 3672 i2omgmt - ok
19:54:30.0375 3672 i2omp - ok
19:54:30.0375 3672 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:54:30.0375 3672 i8042prt - ok
19:54:30.0406 3672 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:54:30.0421 3672 idsvc - ok
19:54:30.0437 3672 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
19:54:30.0437 3672 Imapi - ok
19:54:30.0468 3672 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe
19:54:30.0468 3672 ImapiService - ok
19:54:30.0468 3672 ini910u - ok
19:54:30.0609 3672 [ 251BE5418A9B2F9240079146AE96C4CF ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
19:54:30.0640 3672 IntcAzAudAddService - ok
19:54:30.0875 3672 IntelIde - ok
19:54:30.0890 3672 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
19:54:30.0890 3672 Ip6Fw - ok
19:54:30.0890 3672 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:54:30.0890 3672 IpFilterDriver - ok
19:54:30.0890 3672 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:54:30.0906 3672 IpInIp - ok
19:54:30.0906 3672 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:54:30.0906 3672 IpNat - ok
19:54:30.0937 3672 [ E8A39D41474BE42FD8830CED32932D6C ] iPod Service C:\Programme\iPod\bin\iPodService.exe
19:54:30.0953 3672 iPod Service - ok
19:54:30.0968 3672 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:54:30.0968 3672 IPSec - ok
19:54:30.0984 3672 [ ACA5E7B54409F9CB5EED97ED0C81120E ] irda C:\WINDOWS\system32\DRIVERS\irda.sys
19:54:30.0984 3672 irda - ok
19:54:31.0000 3672 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
19:54:31.0000 3672 IRENUM - ok
19:54:31.0000 3672 [ 2EFE1DB1EC58A26B0C14BFDA122E246F ] Irmon C:\WINDOWS\System32\irmon.dll
19:54:31.0000 3672 Irmon - ok
19:54:31.0031 3672 [ 0501F0B9AB08425F8C0EACBDCC04AA32 ] irsir C:\WINDOWS\system32\DRIVERS\irsir.sys
19:54:31.0031 3672 irsir - ok
19:54:31.0031 3672 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:54:31.0046 3672 isapnp - ok
19:54:31.0109 3672 [ 1758AF653723679E3746FC7DDD93C69B ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe
19:54:31.0109 3672 JavaQuickStarterService - ok
19:54:31.0125 3672 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:54:31.0125 3672 Kbdclass - ok
19:54:31.0140 3672 [ B6D6C117D771C98130497265F26D1882 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
19:54:31.0140 3672 kbdhid - ok
19:54:31.0156 3672 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
19:54:31.0156 3672 kmixer - ok
19:54:31.0171 3672 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
19:54:31.0171 3672 KSecDD - ok
19:54:31.0171 3672 [ 2BBDCB79900990F0716DFCB714E72DE7 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
19:54:31.0187 3672 LanmanServer - ok
19:54:31.0203 3672 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
19:54:31.0203 3672 lanmanworkstation - ok
19:54:31.0203 3672 lbrtfdc - ok
19:54:31.0218 3672 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
19:54:31.0218 3672 LmHosts - ok
19:54:31.0234 3672 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll
19:54:31.0234 3672 Messenger - ok
19:54:31.0234 3672 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
19:54:31.0234 3672 mnmdd - ok
19:54:31.0250 3672 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
19:54:31.0250 3672 mnmsrvc - ok
19:54:31.0281 3672 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
19:54:31.0281 3672 Modem - ok
19:54:31.0312 3672 [ C7D9F9717916B34C1B00DD4834AF485C ] Monfilt C:\WINDOWS\system32\drivers\Monfilt.sys
19:54:31.0343 3672 Monfilt - ok
19:54:31.0359 3672 [ 9960B18D55E7BD0F265C3C1953D19592 ] MotioninJoyXFilter C:\WINDOWS\system32\DRIVERS\MijXfilt.sys
19:54:31.0375 3672 MotioninJoyXFilter - ok
19:54:31.0375 3672 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:54:31.0375 3672 Mouclass - ok
19:54:31.0375 3672 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
19:54:31.0375 3672 mouhid - ok
19:54:31.0390 3672 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
19:54:31.0390 3672 MountMgr - ok
19:54:31.0421 3672 [ 5C5E45DDABEFBC9F564F1D5C83258B8F ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
19:54:31.0421 3672 MozillaMaintenance - ok
19:54:31.0421 3672 mraid35x - ok
19:54:31.0421 3672 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:54:31.0421 3672 MRxDAV - ok
19:54:31.0453 3672 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:54:31.0468 3672 MRxSmb - ok
19:54:31.0500 3672 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\system32\msdtc.exe
19:54:31.0500 3672 MSDTC - ok
19:54:31.0500 3672 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
19:54:31.0500 3672 Msfs - ok
19:54:31.0500 3672 MSIServer - ok
19:54:31.0515 3672 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:54:31.0515 3672 MSKSSRV - ok
19:54:31.0515 3672 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:54:31.0515 3672 MSPCLOCK - ok
19:54:31.0546 3672 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
19:54:31.0546 3672 MSPQM - ok
19:54:31.0562 3672 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:54:31.0562 3672 mssmbios - ok
19:54:31.0562 3672 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
19:54:31.0562 3672 Mup - ok
19:54:31.0578 3672 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll
19:54:31.0578 3672 napagent - ok
19:54:31.0593 3672 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
19:54:31.0593 3672 NDIS - ok
19:54:31.0609 3672 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:54:31.0609 3672 NdisTapi - ok
19:54:31.0625 3672 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:54:31.0625 3672 Ndisuio - ok
19:54:31.0625 3672 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:54:31.0625 3672 NdisWan - ok
19:54:31.0640 3672 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
19:54:31.0640 3672 NDProxy - ok
19:54:31.0640 3672 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
19:54:31.0640 3672 NetBIOS - ok
19:54:31.0656 3672 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
19:54:31.0656 3672 NetBT - ok
19:54:31.0671 3672 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe
19:54:31.0671 3672 NetDDE - ok
19:54:31.0671 3672 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
19:54:31.0671 3672 NetDDEdsdm - ok
19:54:31.0687 3672 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe
19:54:31.0687 3672 Netlogon - ok
19:54:31.0703 3672 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll
19:54:31.0703 3672 Netman - ok
19:54:31.0734 3672 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:54:31.0734 3672 NetTcpPortSharing - ok
19:54:31.0750 3672 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
19:54:31.0750 3672 NIC1394 - ok
19:54:31.0750 3672 [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla C:\WINDOWS\System32\mswsock.dll
19:54:31.0765 3672 Nla - ok
19:54:31.0796 3672 [ FD306FBCCE7ADB1077B709742E7148E9 ] NMSAccessU C:\Programme\CDBurnerXP\NMSAccessU.exe
19:54:31.0796 3672 NMSAccessU - ok
19:54:31.0812 3672 [ B4E87D4F40C57D036E821BD06DB1D1B7 ] nmwcd C:\WINDOWS\system32\drivers\ccdcmb.sys
19:54:31.0812 3672 nmwcd - ok
19:54:31.0828 3672 [ BEE0ADDF01D62725DDC2CC113D6B374C ] nmwcdc C:\WINDOWS\system32\drivers\ccdcmbo.sys
19:54:31.0828 3672 nmwcdc - ok
19:54:31.0843 3672 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
19:54:31.0843 3672 Npfs - ok
19:54:31.0843 3672 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
19:54:31.0859 3672 Ntfs - ok
19:54:31.0859 3672 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
19:54:31.0859 3672 NtLmSsp - ok
19:54:31.0890 3672 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
19:54:31.0890 3672 NtmsSvc - ok
19:54:31.0906 3672 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
19:54:31.0906 3672 Null - ok
19:54:32.0140 3672 [ 062C16F3364C7706713282163586988E ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
19:54:32.0375 3672 nv - ok
19:54:32.0390 3672 [ B2F5AC506C9B1103827B62BA18A2C514 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
19:54:32.0390 3672 NVSvc - ok
19:54:32.0468 3672 [ 844A25C9E3076EDEF2B12E0BEDED755D ] nvUpdatusService C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
19:54:32.0515 3672 nvUpdatusService - ok
19:54:32.0562 3672 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:54:32.0562 3672 NwlnkFlt - ok
19:54:32.0562 3672 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:54:32.0562 3672 NwlnkFwd - ok
19:54:32.0562 3672 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
19:54:32.0562 3672 ohci1394 - ok
19:54:32.0578 3672 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\drivers\Parport.sys
19:54:32.0578 3672 Parport - ok
19:54:32.0578 3672 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
19:54:32.0578 3672 PartMgr - ok
19:54:32.0578 3672 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
19:54:32.0578 3672 ParVdm - ok
19:54:32.0593 3672 [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
19:54:32.0593 3672 pccsmcfd - ok
19:54:32.0609 3672 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
19:54:32.0609 3672 PCI - ok
19:54:32.0609 3672 PCIDump - ok
19:54:32.0609 3672 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
19:54:32.0609 3672 PCIIde - ok
19:54:32.0609 3672 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
19:54:32.0625 3672 Pcmcia - ok
19:54:32.0625 3672 PDCOMP - ok
19:54:32.0625 3672 PDFRAME - ok
19:54:32.0625 3672 PDRELI - ok
19:54:32.0625 3672 PDRFRAME - ok
19:54:32.0625 3672 perc2 - ok
19:54:32.0625 3672 perc2hib - ok
19:54:32.0640 3672 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe
19:54:32.0656 3672 PlugPlay - ok
19:54:32.0656 3672 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
19:54:32.0656 3672 PolicyAgent - ok
19:54:32.0671 3672 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:54:32.0671 3672 PptpMiniport - ok
19:54:32.0671 3672 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
19:54:32.0687 3672 ProtectedStorage - ok
19:54:32.0687 3672 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
19:54:32.0687 3672 PSched - ok
19:54:32.0687 3672 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:54:32.0687 3672 Ptilink - ok
19:54:32.0687 3672 ql1080 - ok
19:54:32.0687 3672 Ql10wnt - ok
19:54:32.0687 3672 ql12160 - ok
19:54:32.0687 3672 ql1240 - ok
19:54:32.0687 3672 ql1280 - ok
19:54:32.0703 3672 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:54:32.0703 3672 RasAcd - ok
19:54:32.0718 3672 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll
19:54:32.0718 3672 RasAuto - ok
19:54:32.0734 3672 [ 0207D26DDF796A193CCD9F83047BB5FC ] Rasirda C:\WINDOWS\system32\DRIVERS\rasirda.sys
19:54:32.0734 3672 Rasirda - ok
19:54:32.0734 3672 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:54:32.0734 3672 Rasl2tp - ok
19:54:32.0734 3672 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll
19:54:32.0734 3672 RasMan - ok
19:54:32.0750 3672 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:54:32.0750 3672 RasPppoe - ok
19:54:32.0750 3672 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
19:54:32.0750 3672 Raspti - ok
19:54:32.0765 3672 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:54:32.0765 3672 Rdbss - ok
19:54:32.0765 3672 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:54:32.0765 3672 RDPCDD - ok
19:54:32.0781 3672 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
19:54:32.0781 3672 rdpdr - ok
19:54:32.0796 3672 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
19:54:32.0796 3672 RDPWD - ok
19:54:32.0812 3672 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
19:54:32.0812 3672 RDSessMgr - ok
19:54:32.0828 3672 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
19:54:32.0828 3672 redbook - ok
19:54:32.0843 3672 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
19:54:32.0843 3672 RemoteAccess - ok
19:54:32.0859 3672 [ E4CD1F3D84E1C2CA0B8CF7501E201593 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
19:54:32.0859 3672 RemoteRegistry - ok
19:54:32.0890 3672 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\system32\locator.exe
19:54:32.0890 3672 RpcLocator - ok
19:54:32.0890 3672 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs C:\WINDOWS\System32\rpcss.dll
19:54:32.0906 3672 RpcSs - ok
19:54:32.0906 3672 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\system32\rsvp.exe
19:54:32.0906 3672 RSVP - ok
19:54:32.0937 3672 [ 89619EF503F949FAE09252A8B883EE11 ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
19:54:32.0937 3672 RTLE8023xp - ok
19:54:32.0937 3672 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe
19:54:32.0937 3672 SamSs - ok
19:54:32.0953 3672 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
19:54:32.0953 3672 SCardSvr - ok
19:54:32.0984 3672 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll
19:54:32.0984 3672 Schedule - ok
19:54:32.0984 3672 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:54:32.0984 3672 Secdrv - ok
19:54:33.0000 3672 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll
19:54:33.0000 3672 seclogon - ok
19:54:33.0000 3672 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll
19:54:33.0000 3672 SENS - ok
19:54:33.0000 3672 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
19:54:33.0000 3672 serenum - ok
19:54:33.0015 3672 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
19:54:33.0015 3672 Serial - ok
19:54:33.0046 3672 [ 3334DE016FDCDE5C98E30A405A72DD8D ] ServiceLayer C:\Programme\Nokia\PC Connectivity Solution\ServiceLayer.exe
19:54:33.0062 3672 ServiceLayer - ok
19:54:33.0078 3672 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
19:54:33.0078 3672 Sfloppy - ok
19:54:33.0093 3672 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
19:54:33.0093 3672 SharedAccess - ok
19:54:33.0109 3672 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:54:33.0109 3672 ShellHWDetection - ok
19:54:33.0109 3672 Simbad - ok
19:54:33.0109 3672 Sparrow - ok
19:54:33.0140 3672 [ 3FA2E254BFBCE52B3C6F1BF23AAB6911 ] speedfan C:\WINDOWS\system32\speedfan.sys
19:54:33.0140 3672 speedfan - ok
19:54:33.0156 3672 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
19:54:33.0156 3672 splitter - ok
19:54:33.0171 3672 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
19:54:33.0171 3672 Spooler - ok
19:54:33.0187 3672 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
19:54:33.0187 3672 sr - ok
19:54:33.0187 3672 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll
19:54:33.0203 3672 srservice - ok
19:54:33.0234 3672 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
19:54:33.0234 3672 Srv - ok
19:54:33.0250 3672 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
19:54:33.0250 3672 SSDPSRV - ok
19:54:33.0265 3672 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll
19:54:33.0265 3672 stisvc - ok
19:54:33.0281 3672 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
19:54:33.0281 3672 swenum - ok
19:54:33.0296 3672 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
19:54:33.0296 3672 swmidi - ok
19:54:33.0296 3672 SwPrv - ok
19:54:33.0296 3672 symc810 - ok
19:54:33.0296 3672 symc8xx - ok
19:54:33.0296 3672 sym_hi - ok
19:54:33.0296 3672 sym_u3 - ok
19:54:33.0312 3672 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
19:54:33.0312 3672 sysaudio - ok
19:54:33.0328 3672 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
19:54:33.0328 3672 SysmonLog - ok
19:54:33.0343 3672 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
19:54:33.0343 3672 TapiSrv - ok
19:54:33.0359 3672 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:54:33.0359 3672 Tcpip - ok
19:54:33.0375 3672 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
19:54:33.0375 3672 TDPIPE - ok
19:54:33.0390 3672 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
19:54:33.0390 3672 TDTCP - ok
19:54:33.0390 3672 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
19:54:33.0390 3672 TermDD - ok
19:54:33.0421 3672 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll
19:54:33.0437 3672 TermService - ok
19:54:33.0437 3672 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll
19:54:33.0437 3672 Themes - ok
19:54:33.0453 3672 [ 03681A1CE77F51586903869A5AB1DEAB ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
19:54:33.0453 3672 TlntSvr - ok
19:54:33.0453 3672 TosIde - ok
19:54:33.0453 3672 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll
19:54:33.0453 3672 TrkWks - ok
19:54:33.0484 3672 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
19:54:33.0484 3672 Udfs - ok
19:54:33.0484 3672 ultra - ok
19:54:33.0515 3672 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
19:54:33.0531 3672 Update - ok
19:54:33.0531 3672 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll
19:54:33.0531 3672 upnphost - ok
19:54:33.0546 3672 [ F5D2AA9D56A3A01A190D01CD961BA0E7 ] upperdev C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
19:54:33.0546 3672 upperdev - ok
19:54:33.0578 3672 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe
19:54:33.0578 3672 UPS - ok
19:54:33.0593 3672 [ 8BF5D980CDCE35FB26F05047144BB57E ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
19:54:33.0593 3672 USBAAPL - ok
19:54:33.0593 3672 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:54:33.0609 3672 usbccgp - ok
19:54:33.0609 3672 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:54:33.0609 3672 usbehci - ok
19:54:33.0609 3672 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:54:33.0609 3672 usbhub - ok
19:54:33.0625 3672 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
19:54:33.0625 3672 usbohci - ok
19:54:33.0625 3672 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
19:54:33.0640 3672 usbscan - ok
19:54:33.0656 3672 [ 1C888B000C2F9492F4B15B5B6B84873E ] usbser C:\WINDOWS\system32\drivers\usbser.sys
19:54:33.0656 3672 usbser - ok
19:54:33.0656 3672 [ EB2D3830646E393776E1EF98AC76A43D ] UsbserFilt C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
19:54:33.0656 3672 UsbserFilt - ok
19:54:33.0671 3672 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:54:33.0671 3672 USBSTOR - ok
19:54:33.0687 3672 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
19:54:33.0687 3672 VgaSave - ok
19:54:33.0687 3672 ViaIde - ok
19:54:33.0703 3672 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
19:54:33.0703 3672 VolSnap - ok
19:54:33.0703 3672 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe
19:54:33.0718 3672 VSS - ok
19:54:33.0734 3672 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll
19:54:33.0734 3672 W32Time - ok
19:54:33.0734 3672 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:54:33.0734 3672 Wanarp - ok
19:54:33.0765 3672 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
19:54:33.0765 3672 Wdf01000 - ok
19:54:33.0765 3672 WDICA - ok
19:54:33.0781 3672 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
19:54:33.0781 3672 wdmaud - ok
19:54:33.0781 3672 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll
19:54:33.0781 3672 WebClient - ok
19:54:33.0828 3672 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
19:54:33.0828 3672 winmgmt - ok
19:54:33.0843 3672 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
19:54:33.0843 3672 WmdmPmSN - ok
19:54:33.0859 3672 [ FFA4D901D46D07A5BAB2D8307FBB51A6 ] Wmi C:\WINDOWS\System32\advapi32.dll
19:54:33.0875 3672 Wmi - ok
19:54:33.0890 3672 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
19:54:33.0890 3672 WmiAcpi - ok
19:54:33.0921 3672 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
19:54:33.0921 3672 WmiApSrv - ok
19:54:33.0937 3672 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
19:54:33.0937 3672 WpdUsb - ok
19:54:34.0031 3672 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:54:34.0031 3672 WPFFontCache_v0400 - ok
19:54:34.0062 3672 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
19:54:34.0062 3672 WS2IFSL - ok
19:54:34.0093 3672 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINDOWS\system32\wscsvc.dll
19:54:34.0093 3672 wscsvc - ok
19:54:34.0109 3672 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
19:54:34.0109 3672 wuauserv - ok
19:54:34.0125 3672 [ 50EB9E21963B4F06FD010D007D54351B ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
19:54:34.0125 3672 WudfPf - ok
19:54:34.0140 3672 [ 6E209664BDEA8A15B5E8E480D6C607C2 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
19:54:34.0140 3672 WudfRd - ok
19:54:34.0140 3672 [ AE93084D2D236887BA56467AE42B4955 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
19:54:34.0156 3672 WudfSvc - ok
19:54:34.0156 3672 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
19:54:34.0171 3672 WZCSVC - ok
19:54:34.0187 3672 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
19:54:34.0187 3672 xmlprov - ok
19:54:34.0203 3672 [ EE9144207EE0211EB5656BA6808AC4A0 ] xusb21 C:\WINDOWS\system32\DRIVERS\xusb21.sys
19:54:34.0203 3672 xusb21 - ok
19:54:34.0203 3672 ================ Scan global ===============================
19:54:34.0218 3672 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
19:54:34.0250 3672 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
19:54:34.0250 3672 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
19:54:34.0281 3672 [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe
19:54:34.0281 3672 [Global] - ok
19:54:34.0281 3672 ================ Scan MBR ==================================
19:54:34.0281 3672 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
19:54:34.0296 3672 \Device\Harddisk0\DR0 - ok
19:54:34.0296 3672 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk1\DR1
19:54:34.0375 3672 \Device\Harddisk1\DR1 - ok
19:54:34.0375 3672 ================ Scan VBR ==================================
19:54:34.0375 3672 [ 90D96D15FFC164E04C3D9D101E74A56F ] \Device\Harddisk0\DR0\Partition1
19:54:34.0390 3672 \Device\Harddisk0\DR0\Partition1 - ok
19:54:34.0390 3672 [ E3E69C21B48252F496D53AC8A45D4481 ] \Device\Harddisk1\DR1\Partition1
19:54:34.0390 3672 \Device\Harddisk1\DR1\Partition1 - ok
19:54:34.0390 3672 ============================================================
19:54:34.0390 3672 Scan finished
19:54:34.0390 3672 ============================================================
19:54:34.0390 3668 Detected object count: 0
19:54:34.0390 3668 Actual detected object count: 0
19:54:54.0578 2592 Deinitialize success
|
|
28.02.2013, 20:29
| #22 |
| /// Malware-holic | Firefox leitet um auf "mytoolsapp.info" tdss killer ist nicht richtig konfiguriert, noch mal bittewindows cd zur hand?
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
28.02.2013, 20:33
| #23 |
| | Firefox leitet um auf "mytoolsapp.info" Hey Markus hier der neue log Code:
ATTFilter 20:31:16.0234 3628 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
20:31:16.0343 3628 ============================================================
20:31:16.0343 3628 Current date / time: 2013/02/28 20:31:16.0343
20:31:16.0343 3628 SystemInfo:
20:31:16.0343 3628
20:31:16.0343 3628 OS Version: 5.1.2600 ServicePack: 3.0
20:31:16.0343 3628 Product type: Workstation
20:31:16.0343 3628 ComputerName: WINXPCLIENT
20:31:16.0343 3628 UserName: Denis
20:31:16.0343 3628 Windows directory: C:\WINDOWS
20:31:16.0343 3628 System windows directory: C:\WINDOWS
20:31:16.0343 3628 Processor architecture: Intel x86
20:31:16.0343 3628 Number of processors: 4
20:31:16.0343 3628 Page size: 0x1000
20:31:16.0343 3628 Boot type: Normal boot
20:31:16.0343 3628 ============================================================
20:31:17.0093 3628 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:31:17.0109 3628 Drive \Device\Harddisk1\DR1 - Size: 0x22EF13E000 (139.74 Gb), SectorSize: 0x200, Cylinders: 0x4741, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:31:17.0109 3628 ============================================================
20:31:17.0109 3628 \Device\Harddisk0\DR0:
20:31:17.0109 3628 MBR partitions:
20:31:17.0109 3628 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4A852FC1
20:31:17.0109 3628 \Device\Harddisk1\DR1:
20:31:17.0109 3628 MBR partitions:
20:31:17.0109 3628 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x11773701
20:31:17.0109 3628 ============================================================
20:31:17.0125 3628 C: <-> \Device\Harddisk1\DR1\Partition1
20:31:17.0156 3628 E: <-> \Device\Harddisk0\DR0\Partition1
20:31:17.0156 3628 ============================================================
20:31:17.0156 3628 Initialize success
20:31:17.0156 3628 ============================================================
20:31:31.0500 1432 ============================================================
20:31:31.0500 1432 Scan started
20:31:31.0500 1432 Mode: Manual; SigCheck; TDLFS;
20:31:31.0500 1432 ============================================================
20:31:32.0062 1432 ================ Scan system memory ========================
20:31:32.0062 1432 System memory - ok
20:31:32.0062 1432 ================ Scan services =============================
20:31:32.0156 1432 Abiosdsk - ok
20:31:32.0171 1432 abp480n5 - ok
20:31:32.0187 1432 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:31:32.0625 1432 ACPI - ok
20:31:32.0625 1432 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
20:31:32.0750 1432 ACPIEC - ok
20:31:32.0796 1432 [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:31:32.0796 1432 AdobeFlashPlayerUpdateSvc - ok
20:31:32.0828 1432 adpu160m - ok
20:31:32.0843 1432 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
20:31:32.0921 1432 aec - ok
20:31:32.0937 1432 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
20:31:32.0953 1432 AFD - ok
20:31:32.0953 1432 Aha154x - ok
20:31:32.0953 1432 aic78u2 - ok
20:31:32.0953 1432 aic78xx - ok
20:31:32.0968 1432 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll
20:31:33.0046 1432 Alerter - ok
20:31:33.0062 1432 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe
20:31:33.0093 1432 ALG - ok
20:31:33.0109 1432 AliIde - ok
20:31:33.0156 1432 [ 267FC636801EDC5AB28E14036349E3BE ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys
20:31:33.0218 1432 Ambfilt - ok
20:31:33.0250 1432 [ 033448D435E65C4BD72E70521FD05C76 ] AmdPPM C:\WINDOWS\system32\DRIVERS\AmdPPM.sys
20:31:33.0281 1432 AmdPPM - ok
20:31:33.0281 1432 amsint - ok
20:31:33.0421 1432 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:31:33.0437 1432 Apple Mobile Device - ok
20:31:33.0453 1432 [ D45960BE52C3C610D361977057F98C54 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
20:31:33.0515 1432 AppMgmt - ok
20:31:33.0515 1432 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
20:31:33.0593 1432 Arp1394 - ok
20:31:33.0593 1432 asc - ok
20:31:33.0593 1432 asc3350p - ok
20:31:33.0593 1432 asc3550 - ok
20:31:33.0671 1432 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
20:31:33.0687 1432 aspnet_state - ok
20:31:33.0703 1432 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:31:33.0796 1432 AsyncMac - ok
20:31:33.0812 1432 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
20:31:33.0906 1432 atapi - ok
20:31:33.0906 1432 Atdisk - ok
20:31:33.0906 1432 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:31:34.0015 1432 Atmarpc - ok
20:31:34.0312 1432 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
20:31:34.0406 1432 AudioSrv - ok
20:31:34.0421 1432 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
20:31:34.0500 1432 audstub - ok
20:31:34.0515 1432 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
20:31:34.0593 1432 Beep - ok
20:31:34.0625 1432 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll
20:31:34.0703 1432 BITS - ok
20:31:34.0734 1432 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Programme\Bonjour\mDNSResponder.exe
20:31:34.0750 1432 Bonjour Service - ok
20:31:34.0765 1432 [ B71549F23736ADF83A571061C47777FD ] Browser C:\WINDOWS\System32\browser.dll
20:31:34.0796 1432 Browser - ok
20:31:34.0843 1432 catchme - ok
20:31:34.0859 1432 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
20:31:34.0937 1432 cbidf2k - ok
20:31:34.0937 1432 cd20xrnt - ok
20:31:34.0953 1432 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
20:31:35.0046 1432 Cdaudio - ok
20:31:35.0046 1432 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
20:31:35.0125 1432 Cdfs - ok
20:31:35.0140 1432 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:31:35.0218 1432 Cdrom - ok
20:31:35.0218 1432 Changer - ok
20:31:35.0234 1432 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe
20:31:35.0312 1432 CiSvc - ok
20:31:35.0328 1432 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
20:31:35.0406 1432 ClipSrv - ok
20:31:35.0421 1432 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:31:35.0437 1432 clr_optimization_v2.0.50727_32 - ok
20:31:35.0484 1432 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:31:35.0484 1432 clr_optimization_v4.0.30319_32 - ok
20:31:35.0500 1432 CmdIde - ok
20:31:35.0500 1432 COMSysApp - ok
20:31:35.0500 1432 Cpqarray - ok
20:31:35.0515 1432 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
20:31:35.0609 1432 CryptSvc - ok
20:31:35.0609 1432 dac2w2k - ok
20:31:35.0609 1432 dac960nt - ok
20:31:35.0625 1432 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
20:31:35.0671 1432 DcomLaunch - ok
20:31:35.0687 1432 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
20:31:35.0765 1432 Dhcp - ok
20:31:35.0781 1432 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
20:31:35.0859 1432 Disk - ok
20:31:35.0859 1432 dmadmin - ok
20:31:35.0890 1432 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
20:31:35.0984 1432 dmboot - ok
20:31:35.0984 1432 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys
20:31:36.0078 1432 dmio - ok
20:31:36.0093 1432 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
20:31:36.0171 1432 dmload - ok
20:31:36.0171 1432 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll
20:31:36.0250 1432 dmserver - ok
20:31:36.0265 1432 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
20:31:36.0343 1432 DMusic - ok
20:31:36.0359 1432 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
20:31:36.0375 1432 Dnscache - ok
20:31:36.0390 1432 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
20:31:36.0468 1432 Dot3svc - ok
20:31:36.0468 1432 dpti2o - ok
20:31:36.0468 1432 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
20:31:36.0546 1432 drmkaud - ok
20:31:36.0562 1432 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll
20:31:36.0656 1432 EapHost - ok
20:31:36.0656 1432 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll
20:31:36.0750 1432 ERSvc - ok
20:31:36.0765 1432 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe
20:31:36.0781 1432 Eventlog - ok
20:31:36.0796 1432 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\system32\es.dll
20:31:36.0828 1432 EventSystem - ok
20:31:36.0828 1432 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
20:31:36.0906 1432 Fastfat - ok
20:31:36.0937 1432 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
20:31:36.0953 1432 FastUserSwitchingCompatibility - ok
20:31:36.0968 1432 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
20:31:37.0046 1432 Fdc - ok
20:31:37.0046 1432 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
20:31:37.0156 1432 Fips - ok
20:31:37.0156 1432 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
20:31:37.0250 1432 Flpydisk - ok
20:31:37.0265 1432 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
20:31:37.0343 1432 FltMgr - ok
20:31:37.0390 1432 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
20:31:37.0390 1432 FontCache3.0.0.0 - ok
20:31:37.0406 1432 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:31:37.0484 1432 Fs_Rec - ok
20:31:37.0484 1432 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:31:37.0578 1432 Ftdisk - ok
20:31:37.0593 1432 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
20:31:37.0593 1432 GEARAspiWDM - ok
20:31:37.0609 1432 [ 77EBF3E9386DAA51551AF429052D88D0 ] giveio C:\WINDOWS\system32\giveio.sys
20:31:37.0625 1432 giveio ( UnsignedFile.Multi.Generic ) - warning
20:31:37.0625 1432 giveio - detected UnsignedFile.Multi.Generic (1)
20:31:37.0625 1432 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:31:37.0718 1432 Gpc - ok
20:31:37.0718 1432 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
20:31:37.0796 1432 HDAudBus - ok
20:31:37.0828 1432 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:31:37.0921 1432 helpsvc - ok
20:31:37.0921 1432 [ B35DA85E60C0103F2E4104532DA2F12B ] HidServ C:\WINDOWS\System32\hidserv.dll
20:31:38.0000 1432 HidServ - ok
20:31:38.0015 1432 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:31:38.0093 1432 hidusb - ok
20:31:38.0125 1432 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
20:31:38.0203 1432 hkmsvc - ok
20:31:38.0203 1432 hpn - ok
20:31:38.0218 1432 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
20:31:38.0250 1432 HTTP - ok
20:31:38.0281 1432 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
20:31:38.0375 1432 HTTPFilter - ok
20:31:38.0375 1432 i2omgmt - ok
20:31:38.0375 1432 i2omp - ok
20:31:38.0390 1432 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:31:38.0484 1432 i8042prt - ok
20:31:38.0515 1432 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:31:38.0546 1432 idsvc - ok
20:31:38.0578 1432 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
20:31:38.0656 1432 Imapi - ok
20:31:38.0671 1432 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe
20:31:38.0765 1432 ImapiService - ok
20:31:38.0765 1432 ini910u - ok
20:31:38.0890 1432 [ 251BE5418A9B2F9240079146AE96C4CF ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
20:31:39.0062 1432 IntcAzAudAddService - ok
20:31:39.0078 1432 IntelIde - ok
20:31:39.0093 1432 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
20:31:39.0187 1432 Ip6Fw - ok
20:31:39.0203 1432 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:31:39.0281 1432 IpFilterDriver - ok
20:31:39.0296 1432 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:31:39.0375 1432 IpInIp - ok
20:31:39.0390 1432 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:31:39.0484 1432 IpNat - ok
20:31:39.0515 1432 [ E8A39D41474BE42FD8830CED32932D6C ] iPod Service C:\Programme\iPod\bin\iPodService.exe
20:31:39.0531 1432 iPod Service - ok
20:31:39.0546 1432 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:31:39.0640 1432 IPSec - ok
20:31:39.0656 1432 [ ACA5E7B54409F9CB5EED97ED0C81120E ] irda C:\WINDOWS\system32\DRIVERS\irda.sys
20:31:39.0703 1432 irda - ok
20:31:39.0718 1432 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
20:31:39.0750 1432 IRENUM - ok
20:31:39.0765 1432 [ 2EFE1DB1EC58A26B0C14BFDA122E246F ] Irmon C:\WINDOWS\System32\irmon.dll
20:31:39.0796 1432 Irmon - ok
20:31:40.0062 1432 [ 0501F0B9AB08425F8C0EACBDCC04AA32 ] irsir C:\WINDOWS\system32\DRIVERS\irsir.sys
20:31:40.0109 1432 irsir - ok
20:31:40.0109 1432 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:31:40.0203 1432 isapnp - ok
20:31:40.0265 1432 [ 1758AF653723679E3746FC7DDD93C69B ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe
20:31:40.0281 1432 JavaQuickStarterService - ok
20:31:40.0296 1432 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:31:40.0390 1432 Kbdclass - ok
20:31:40.0390 1432 [ B6D6C117D771C98130497265F26D1882 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
20:31:40.0468 1432 kbdhid - ok
20:31:40.0484 1432 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
20:31:40.0578 1432 kmixer - ok
20:31:40.0578 1432 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
20:31:40.0609 1432 KSecDD - ok
20:31:40.0625 1432 [ 2BBDCB79900990F0716DFCB714E72DE7 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
20:31:40.0640 1432 LanmanServer - ok
20:31:40.0656 1432 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
20:31:40.0671 1432 lanmanworkstation - ok
20:31:40.0671 1432 lbrtfdc - ok
20:31:40.0703 1432 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
20:31:40.0781 1432 LmHosts - ok
20:31:40.0796 1432 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll
20:31:40.0890 1432 Messenger - ok
20:31:40.0890 1432 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
20:31:40.0968 1432 mnmdd - ok
20:31:40.0984 1432 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
20:31:41.0078 1432 mnmsrvc - ok
20:31:41.0078 1432 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
20:31:41.0171 1432 Modem - ok
20:31:41.0203 1432 [ C7D9F9717916B34C1B00DD4834AF485C ] Monfilt C:\WINDOWS\system32\drivers\Monfilt.sys
20:31:41.0234 1432 Monfilt - ok
20:31:41.0265 1432 [ 9960B18D55E7BD0F265C3C1953D19592 ] MotioninJoyXFilter C:\WINDOWS\system32\DRIVERS\MijXfilt.sys
20:31:41.0265 1432 MotioninJoyXFilter - ok
20:31:41.0265 1432 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:31:41.0359 1432 Mouclass - ok
20:31:41.0375 1432 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
20:31:41.0453 1432 mouhid - ok
20:31:41.0468 1432 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
20:31:41.0546 1432 MountMgr - ok
20:31:41.0593 1432 [ 5C5E45DDABEFBC9F564F1D5C83258B8F ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
20:31:41.0609 1432 MozillaMaintenance - ok
20:31:41.0609 1432 mraid35x - ok
20:31:41.0609 1432 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:31:41.0687 1432 MRxDAV - ok
20:31:41.0718 1432 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:31:41.0734 1432 MRxSmb - ok
20:31:41.0765 1432 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\system32\msdtc.exe
20:31:41.0843 1432 MSDTC - ok
20:31:41.0843 1432 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
20:31:41.0937 1432 Msfs - ok
20:31:41.0937 1432 MSIServer - ok
20:31:41.0953 1432 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:31:42.0015 1432 MSKSSRV - ok
20:31:42.0031 1432 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:31:42.0109 1432 MSPCLOCK - ok
20:31:42.0109 1432 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
20:31:42.0187 1432 MSPQM - ok
20:31:42.0203 1432 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:31:42.0281 1432 mssmbios - ok
20:31:42.0296 1432 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
20:31:42.0312 1432 Mup - ok
20:31:42.0328 1432 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll
20:31:42.0406 1432 napagent - ok
20:31:42.0421 1432 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
20:31:42.0500 1432 NDIS - ok
20:31:42.0515 1432 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:31:42.0515 1432 NdisTapi - ok
20:31:42.0531 1432 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:31:42.0609 1432 Ndisuio - ok
20:31:42.0609 1432 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:31:42.0750 1432 NdisWan - ok
20:31:42.0765 1432 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
20:31:42.0781 1432 NDProxy - ok
20:31:42.0796 1432 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
20:31:42.0875 1432 NetBIOS - ok
20:31:42.0890 1432 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
20:31:42.0984 1432 NetBT - ok
20:31:43.0000 1432 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe
20:31:43.0078 1432 NetDDE - ok
20:31:43.0078 1432 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
20:31:43.0156 1432 NetDDEdsdm - ok
20:31:43.0171 1432 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe
20:31:43.0265 1432 Netlogon - ok
20:31:43.0296 1432 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll
20:31:43.0375 1432 Netman - ok
20:31:43.0468 1432 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:31:43.0484 1432 NetTcpPortSharing - ok
20:31:43.0500 1432 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
20:31:43.0593 1432 NIC1394 - ok
20:31:43.0609 1432 [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla C:\WINDOWS\System32\mswsock.dll
20:31:43.0625 1432 Nla - ok
20:31:43.0671 1432 [ FD306FBCCE7ADB1077B709742E7148E9 ] NMSAccessU C:\Programme\CDBurnerXP\NMSAccessU.exe
20:31:43.0687 1432 NMSAccessU - ok
20:31:43.0703 1432 [ B4E87D4F40C57D036E821BD06DB1D1B7 ] nmwcd C:\WINDOWS\system32\drivers\ccdcmb.sys
20:31:43.0750 1432 nmwcd - ok
20:31:43.0765 1432 [ BEE0ADDF01D62725DDC2CC113D6B374C ] nmwcdc C:\WINDOWS\system32\drivers\ccdcmbo.sys
20:31:43.0781 1432 nmwcdc - ok
20:31:43.0796 1432 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
20:31:43.0875 1432 Npfs - ok
20:31:43.0890 1432 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
20:31:43.0984 1432 Ntfs - ok
20:31:43.0984 1432 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
20:31:44.0062 1432 NtLmSsp - ok
20:31:44.0078 1432 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
20:31:44.0171 1432 NtmsSvc - ok
20:31:44.0171 1432 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
20:31:44.0265 1432 Null - ok
20:31:44.0515 1432 [ 062C16F3364C7706713282163586988E ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
20:31:44.0828 1432 nv - ok
20:31:44.0843 1432 [ B2F5AC506C9B1103827B62BA18A2C514 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
20:31:44.0859 1432 NVSvc - ok
20:31:44.0937 1432 [ 844A25C9E3076EDEF2B12E0BEDED755D ] nvUpdatusService C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
20:31:45.0000 1432 nvUpdatusService - ok
20:31:45.0000 1432 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:31:45.0093 1432 NwlnkFlt - ok
20:31:45.0093 1432 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:31:45.0171 1432 NwlnkFwd - ok
20:31:45.0187 1432 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
20:31:45.0265 1432 ohci1394 - ok
20:31:45.0281 1432 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\drivers\Parport.sys
20:31:45.0359 1432 Parport - ok
20:31:45.0375 1432 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
20:31:45.0453 1432 PartMgr - ok
20:31:45.0468 1432 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
20:31:45.0546 1432 ParVdm - ok
20:31:45.0562 1432 [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
20:31:45.0609 1432 pccsmcfd - ok
20:31:45.0609 1432 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
20:31:45.0671 1432 PCI - ok
20:31:45.0687 1432 PCIDump - ok
20:31:45.0703 1432 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
20:31:45.0781 1432 PCIIde - ok
20:31:45.0812 1432 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
20:31:45.0890 1432 Pcmcia - ok
20:31:45.0890 1432 PDCOMP - ok
20:31:45.0890 1432 PDFRAME - ok
20:31:45.0890 1432 PDRELI - ok
20:31:45.0890 1432 PDRFRAME - ok
20:31:45.0890 1432 perc2 - ok
20:31:45.0906 1432 perc2hib - ok
20:31:45.0921 1432 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe
20:31:45.0937 1432 PlugPlay - ok
20:31:45.0953 1432 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
20:31:46.0015 1432 PolicyAgent - ok
20:31:46.0031 1432 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:31:46.0125 1432 PptpMiniport - ok
20:31:46.0125 1432 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
20:31:46.0203 1432 ProtectedStorage - ok
20:31:46.0203 1432 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
20:31:46.0281 1432 PSched - ok
20:31:46.0281 1432 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:31:46.0406 1432 Ptilink - ok
20:31:46.0406 1432 ql1080 - ok
20:31:46.0406 1432 Ql10wnt - ok
20:31:46.0406 1432 ql12160 - ok
20:31:46.0406 1432 ql1240 - ok
20:31:46.0437 1432 ql1280 - ok
20:31:46.0468 1432 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:31:46.0546 1432 RasAcd - ok
20:31:46.0562 1432 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll
20:31:46.0656 1432 RasAuto - ok
20:31:46.0843 1432 [ 0207D26DDF796A193CCD9F83047BB5FC ] Rasirda C:\WINDOWS\system32\DRIVERS\rasirda.sys
20:31:46.0890 1432 Rasirda - ok
20:31:46.0890 1432 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:31:47.0000 1432 Rasl2tp - ok
20:31:47.0015 1432 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll
20:31:47.0109 1432 RasMan - ok
20:31:47.0109 1432 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:31:47.0234 1432 RasPppoe - ok
20:31:47.0250 1432 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
20:31:47.0343 1432 Raspti - ok
20:31:47.0359 1432 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:31:47.0453 1432 Rdbss - ok
20:31:47.0468 1432 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:31:47.0578 1432 RDPCDD - ok
20:31:47.0593 1432 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
20:31:47.0671 1432 rdpdr - ok
20:31:47.0703 1432 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
20:31:47.0718 1432 RDPWD - ok
20:31:47.0734 1432 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
20:31:47.0812 1432 RDSessMgr - ok
20:31:47.0828 1432 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
20:31:47.0937 1432 redbook - ok
20:31:47.0953 1432 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
20:31:48.0046 1432 RemoteAccess - ok
20:31:48.0062 1432 [ E4CD1F3D84E1C2CA0B8CF7501E201593 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
20:31:48.0171 1432 RemoteRegistry - ok
20:31:48.0187 1432 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\system32\locator.exe
20:31:48.0281 1432 RpcLocator - ok
20:31:48.0296 1432 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs C:\WINDOWS\System32\rpcss.dll
20:31:48.0312 1432 RpcSs - ok
20:31:48.0328 1432 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\system32\rsvp.exe
20:31:48.0421 1432 RSVP - ok
20:31:48.0437 1432 [ 89619EF503F949FAE09252A8B883EE11 ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
20:31:48.0453 1432 RTLE8023xp - ok
20:31:48.0468 1432 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe
20:31:48.0562 1432 SamSs - ok
20:31:48.0578 1432 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
20:31:48.0656 1432 SCardSvr - ok
20:31:48.0687 1432 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll
20:31:48.0765 1432 Schedule - ok
20:31:48.0781 1432 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:31:48.0812 1432 Secdrv - ok
20:31:48.0812 1432 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll
20:31:48.0906 1432 seclogon - ok
20:31:48.0906 1432 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll
20:31:48.0984 1432 SENS - ok
20:31:49.0000 1432 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
20:31:49.0093 1432 serenum - ok
20:31:49.0093 1432 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
20:31:49.0171 1432 Serial - ok
20:31:49.0218 1432 [ 3334DE016FDCDE5C98E30A405A72DD8D ] ServiceLayer C:\Programme\Nokia\PC Connectivity Solution\ServiceLayer.exe
20:31:49.0250 1432 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
20:31:49.0250 1432 ServiceLayer - detected UnsignedFile.Multi.Generic (1)
20:31:49.0281 1432 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
20:31:49.0359 1432 Sfloppy - ok
20:31:49.0390 1432 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
20:31:49.0468 1432 SharedAccess - ok
20:31:49.0484 1432 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
20:31:49.0500 1432 ShellHWDetection - ok
20:31:49.0515 1432 Simbad - ok
20:31:49.0515 1432 Sparrow - ok
20:31:49.0531 1432 [ 3FA2E254BFBCE52B3C6F1BF23AAB6911 ] speedfan C:\WINDOWS\system32\speedfan.sys
20:31:49.0546 1432 speedfan - ok
20:31:49.0578 1432 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
20:31:49.0656 1432 splitter - ok
20:31:49.0687 1432 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
20:31:49.0687 1432 Spooler - ok
20:31:49.0703 1432 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
20:31:49.0750 1432 sr - ok
20:31:49.0750 1432 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll
20:31:49.0796 1432 srservice - ok
20:31:49.0812 1432 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
20:31:49.0843 1432 Srv - ok
20:31:49.0843 1432 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
20:31:49.0890 1432 SSDPSRV - ok
20:31:49.0921 1432 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll
20:31:50.0031 1432 stisvc - ok
20:31:50.0031 1432 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
20:31:50.0125 1432 swenum - ok
20:31:50.0125 1432 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
20:31:50.0218 1432 swmidi - ok
20:31:50.0218 1432 SwPrv - ok
20:31:50.0218 1432 symc810 - ok
20:31:50.0218 1432 symc8xx - ok
20:31:50.0218 1432 sym_hi - ok
20:31:50.0218 1432 sym_u3 - ok
20:31:50.0250 1432 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
20:31:50.0328 1432 sysaudio - ok
20:31:50.0343 1432 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
20:31:50.0437 1432 SysmonLog - ok
20:31:50.0453 1432 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
20:31:50.0531 1432 TapiSrv - ok
20:31:50.0562 1432 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:31:50.0562 1432 Tcpip - ok
20:31:50.0578 1432 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
20:31:50.0671 1432 TDPIPE - ok
20:31:50.0687 1432 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
20:31:50.0765 1432 TDTCP - ok
20:31:50.0765 1432 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
20:31:50.0859 1432 TermDD - ok
20:31:50.0875 1432 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll
20:31:51.0015 1432 TermService - ok
20:31:51.0031 1432 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll
20:31:51.0031 1432 Themes - ok
20:31:51.0046 1432 [ 03681A1CE77F51586903869A5AB1DEAB ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
20:31:51.0093 1432 TlntSvr - ok
20:31:51.0093 1432 TosIde - ok
20:31:51.0109 1432 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll
20:31:51.0187 1432 TrkWks - ok
20:31:51.0203 1432 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
20:31:51.0281 1432 Udfs - ok
20:31:51.0281 1432 ultra - ok
20:31:51.0296 1432 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
20:31:51.0375 1432 Update - ok
20:31:51.0406 1432 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll
20:31:51.0437 1432 upnphost - ok
20:31:51.0468 1432 [ F5D2AA9D56A3A01A190D01CD961BA0E7 ] upperdev C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
20:31:51.0468 1432 upperdev - ok
20:31:51.0484 1432 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe
20:31:51.0593 1432 UPS - ok
20:31:51.0625 1432 [ 8BF5D980CDCE35FB26F05047144BB57E ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
20:31:51.0640 1432 USBAAPL - ok
20:31:51.0671 1432 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:31:51.0750 1432 usbccgp - ok
20:31:51.0765 1432 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:31:51.0859 1432 usbehci - ok
20:31:51.0859 1432 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:31:51.0937 1432 usbhub - ok
20:31:51.0984 1432 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
20:31:52.0062 1432 usbohci - ok
20:31:52.0078 1432 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:31:52.0171 1432 usbscan - ok
20:31:52.0187 1432 [ 1C888B000C2F9492F4B15B5B6B84873E ] usbser C:\WINDOWS\system32\drivers\usbser.sys
20:31:52.0265 1432 usbser - ok
20:31:52.0281 1432 [ EB2D3830646E393776E1EF98AC76A43D ] UsbserFilt C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
20:31:52.0296 1432 UsbserFilt - ok
20:31:52.0312 1432 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:31:52.0406 1432 USBSTOR - ok
20:31:52.0421 1432 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
20:31:52.0500 1432 VgaSave - ok
20:31:52.0515 1432 ViaIde - ok
20:31:52.0531 1432 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
20:31:52.0609 1432 VolSnap - ok
20:31:52.0640 1432 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe
20:31:52.0671 1432 VSS - ok
20:31:52.0687 1432 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll
20:31:52.0765 1432 W32Time - ok
20:31:52.0781 1432 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:31:52.0859 1432 Wanarp - ok
20:31:52.0875 1432 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
20:31:52.0906 1432 Wdf01000 - ok
20:31:52.0906 1432 WDICA - ok
20:31:52.0906 1432 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
20:31:53.0000 1432 wdmaud - ok
20:31:53.0015 1432 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll
20:31:53.0109 1432 WebClient - ok
20:31:53.0156 1432 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
20:31:53.0234 1432 winmgmt - ok
20:31:53.0250 1432 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
20:31:53.0265 1432 WmdmPmSN - ok
20:31:53.0281 1432 [ FFA4D901D46D07A5BAB2D8307FBB51A6 ] Wmi C:\WINDOWS\System32\advapi32.dll
20:31:53.0312 1432 Wmi - ok
20:31:53.0328 1432 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
20:31:53.0421 1432 WmiAcpi - ok
20:31:53.0453 1432 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
20:31:53.0546 1432 WmiApSrv - ok
20:31:53.0562 1432 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
20:31:53.0578 1432 WpdUsb - ok
20:31:53.0671 1432 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:31:53.0703 1432 WPFFontCache_v0400 - ok
20:31:53.0718 1432 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
20:31:53.0796 1432 WS2IFSL - ok
20:31:53.0812 1432 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINDOWS\system32\wscsvc.dll
20:31:53.0890 1432 wscsvc - ok
20:31:53.0921 1432 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
20:31:54.0000 1432 wuauserv - ok
20:31:54.0031 1432 [ 50EB9E21963B4F06FD010D007D54351B ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
20:31:54.0062 1432 WudfPf - ok
20:31:54.0062 1432 [ 6E209664BDEA8A15B5E8E480D6C607C2 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
20:31:54.0093 1432 WudfRd - ok
20:31:54.0093 1432 [ AE93084D2D236887BA56467AE42B4955 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
20:31:54.0109 1432 WudfSvc - ok
20:31:54.0140 1432 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
20:31:54.0234 1432 WZCSVC - ok
20:31:54.0250 1432 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
20:31:54.0328 1432 xmlprov - ok
20:31:54.0343 1432 [ EE9144207EE0211EB5656BA6808AC4A0 ] xusb21 C:\WINDOWS\system32\DRIVERS\xusb21.sys
20:31:54.0359 1432 xusb21 - ok
20:31:54.0359 1432 ================ Scan global ===============================
20:31:54.0375 1432 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
20:31:54.0406 1432 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
20:31:54.0406 1432 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
20:31:54.0421 1432 [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe
20:31:54.0421 1432 [Global] - ok
20:31:54.0421 1432 ================ Scan MBR ==================================
20:31:54.0437 1432 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
20:31:54.0500 1432 \Device\Harddisk0\DR0 - ok
20:31:54.0515 1432 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk1\DR1
20:31:54.0671 1432 \Device\Harddisk1\DR1 - ok
20:31:54.0671 1432 ================ Scan VBR ==================================
20:31:54.0687 1432 [ 90D96D15FFC164E04C3D9D101E74A56F ] \Device\Harddisk0\DR0\Partition1
20:31:54.0687 1432 \Device\Harddisk0\DR0\Partition1 - ok
20:31:54.0687 1432 [ E3E69C21B48252F496D53AC8A45D4481 ] \Device\Harddisk1\DR1\Partition1
20:31:54.0687 1432 \Device\Harddisk1\DR1\Partition1 - ok
20:31:54.0687 1432 ============================================================
20:31:54.0687 1432 Scan finished
20:31:54.0687 1432 ============================================================
20:31:54.0796 1576 Detected object count: 2
20:31:54.0796 1576 Actual detected object count: 2
20:32:08.0062 1576 giveio ( UnsignedFile.Multi.Generic ) - skipped by user
20:32:08.0062 1576 giveio ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:32:08.0062 1576 ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
20:32:08.0062 1576 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
28.02.2013, 20:37
| #24 |
| /// Malware-holic | Firefox leitet um auf "mytoolsapp.info" ne upgraden is schlecht, ich würd dann eher einmal komplett neu instalieren da du ja ein rootkit hattest, außerdem können upgrades zu problemen führen. wenn du willst, können wir das gemeinsam angehen.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
28.02.2013, 20:48
| #25 |
| | Firefox leitet um auf "mytoolsapp.info" hm rootkit ist schlecht  hatte schon das erste mal 2 gleichzeitig und der damalige Helfer war erstaunt das mein rechner überhaupt noch lief  muss ich die festplatte neu formatieren inkl. verlust alles programme? deine Hilfe wäre super, wenn sich das mit wenig Zeitaufwand von dir verbindet, ich sehe das im minutentankt neue Threads erscheinen und ihr eine Menge arbeit habt |
|
28.02.2013, 20:58
| #26 |
| /// Malware-holic | Firefox leitet um auf "mytoolsapp.info" Hi, das passt schon. na programme müsstest du dann schon neu instalieren, aber wir können es ohne verlust persönlicher Daten machen. bitte nur die Datenrettung machen und dann noch mal melden 1. Datenrettung:
ich werde außerdem noch weitere punkte dazu posten. 4. alle Passwörter ändern! 5. nach PC Absicherung, die gesicherten Daten prüfen und falls sauber: zurückspielen. 6. werde ich dann noch was zum absichern von Onlinebanking mit Chip Card Reader + Star Money sagen.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
28.02.2013, 21:19
| #27 |
| | Firefox leitet um auf "mytoolsapp.info" alles klar, morgen werde ich zur Person gehen die den Rechner zusammengebaut hat und frag ob er eine recovery cd hat. Dann können wir loslegen  |
|
28.02.2013, 21:53
| #28 |
| /// Malware-holic | Firefox leitet um auf "mytoolsapp.info" hi ich dachte, du hast win7 daheim
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
28.02.2013, 22:00
| #29 |
| | Firefox leitet um auf "mytoolsapp.info" also auf dem Rechner den der Kollege zusammengebaut hat ist XP drauf (er hat es auch installiert) Bei mir Zuhause habe ich Windows 7 Home Premium als DVD und noch eine DVD von Windows 7 "Datenträger zur Vorinstallation" |
|
01.03.2013, 14:09
| #30 |
| /// Malware-holic | Firefox leitet um auf "mytoolsapp.info" und was willst du nun instalieren win7 hast du doch gesagt?
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
| Themen zu Firefox leitet um auf "mytoolsapp.info" |
| aktion, anhang, anleitung, automatisch, datei, dateien, durchgeführt, firefox, geladen, gmer, grosses, guten, interne, internetseite, konnte, leitet, lädt, problem, scan, seite, seiten, sofort, surfe, unterbricht, viren |
Textbox. 
Linear-Darstellung
