|
Plagegeister aller Art und deren Bekämpfung: GVU-Trojaner: Ich kann noch nicht mal von CD/USB startenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
09.08.2013, 13:54 | #31 |
| GVU-Trojaner: Ich kann noch nicht mal von CD/USB starten Zum Drucker kann ich leider nichts sagen, da es nicht mein Rechner ist und der Drucker folglich nicht bei mir steht. Sorry, hatte vergessen die Häckchen zu setzen. Hier die neue log: 14:50:19.0656 3992 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42 14:50:19.0718 3992 ============================================================ 14:50:19.0718 3992 Current date / time: 2013/08/09 14:50:19.0718 14:50:19.0718 3992 SystemInfo: 14:50:19.0718 3992 14:50:19.0718 3992 OS Version: 5.1.2600 ServicePack: 3.0 14:50:19.0718 3992 Product type: Workstation 14:50:19.0718 3992 ComputerName: HP 14:50:19.0718 3992 UserName: Heinz 14:50:19.0718 3992 Windows directory: C:\WINDOWS 14:50:19.0718 3992 System windows directory: C:\WINDOWS 14:50:19.0718 3992 Processor architecture: Intel x86 14:50:19.0718 3992 Number of processors: 1 14:50:19.0718 3992 Page size: 0x1000 14:50:19.0718 3992 Boot type: Normal boot 14:50:19.0718 3992 ============================================================ 14:50:21.0343 3992 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054 14:50:21.0359 3992 ============================================================ 14:50:21.0359 3992 \Device\Harddisk0\DR0: 14:50:21.0359 3992 MBR partitions: 14:50:21.0359 3992 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x9C41AD8 14:50:21.0359 3992 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x9C41B17, BlocksNum 0x84D0D9D 14:50:21.0359 3992 ============================================================ 14:50:21.0406 3992 C: <-> \Device\Harddisk0\DR0\Partition1 14:50:21.0437 3992 D: <-> \Device\Harddisk0\DR0\Partition2 14:50:21.0500 3992 ============================================================ 14:50:21.0500 3992 Initialize success 14:50:21.0500 3992 ============================================================ 14:51:05.0359 2876 ============================================================ 14:51:05.0359 2876 Scan started 14:51:05.0359 2876 Mode: Manual; SigCheck; TDLFS; 14:51:05.0359 2876 ============================================================ 14:51:06.0031 2876 ================ Scan system memory ======================== 14:51:06.0031 2876 System memory - ok 14:51:06.0031 2876 ================ Scan services ============================= 14:51:06.0125 2876 Abiosdsk - ok 14:51:06.0125 2876 abp480n5 - ok 14:51:06.0171 2876 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys 14:51:06.0687 2876 ACPI - ok 14:51:06.0703 2876 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys 14:51:06.0875 2876 ACPIEC - ok 14:51:06.0968 2876 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe 14:51:07.0046 2876 AdobeFlashPlayerUpdateSvc - ok 14:51:07.0062 2876 adpu160m - ok 14:51:07.0093 2876 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys 14:51:07.0343 2876 aec - ok 14:51:07.0375 2876 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys 14:51:07.0437 2876 AFD - ok 14:51:07.0515 2876 [ B894A08F2A01E27C1989C31C96FDDE83 ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys 14:51:07.0640 2876 AgereSoftModem - ok 14:51:07.0640 2876 Aha154x - ok 14:51:07.0656 2876 aic78u2 - ok 14:51:07.0671 2876 aic78xx - ok 14:51:07.0843 2876 [ 9A8AA4DF3999BD7C60B90A4E799B1CD0 ] ALCXWDM C:\WINDOWS\system32\drivers\ALCXWDM.SYS 14:51:08.0125 2876 ALCXWDM - ok 14:51:08.0156 2876 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll 14:51:08.0390 2876 Alerter - ok 14:51:08.0406 2876 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe 14:51:08.0578 2876 ALG - ok 14:51:08.0578 2876 AliIde - ok 14:51:08.0593 2876 amsint - ok 14:51:08.0828 2876 [ FE9932692FC61C2203EC9884D414F700 ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe 14:51:08.0859 2876 AntiVirSchedulerService - ok 14:51:08.0875 2876 [ B1F8B58F27971B7E316DD316687886EC ] AntiVirService C:\Programme\Avira\AntiVir Desktop\avguard.exe 14:51:08.0890 2876 AntiVirService - ok 14:51:08.0953 2876 [ 53DDEA96AA407C3E2BCEF68A44E31A59 ] AntiVirWebService C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE 14:51:09.0015 2876 AntiVirWebService - ok 14:51:09.0078 2876 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe 14:51:09.0140 2876 Apple Mobile Device - ok 14:51:09.0171 2876 [ D45960BE52C3C610D361977057F98C54 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll 14:51:09.0359 2876 AppMgmt - ok 14:51:09.0390 2876 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys 14:51:09.0609 2876 Arp1394 - ok 14:51:09.0625 2876 asc - ok 14:51:09.0625 2876 asc3350p - ok 14:51:09.0640 2876 asc3550 - ok 14:51:09.0718 2876 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe 14:51:09.0812 2876 aspnet_state - ok 14:51:09.0843 2876 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys 14:51:10.0031 2876 AsyncMac - ok 14:51:10.0062 2876 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys 14:51:10.0234 2876 atapi - ok 14:51:10.0250 2876 Atdisk - ok 14:51:10.0265 2876 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys 14:51:10.0453 2876 Atmarpc - ok 14:51:10.0484 2876 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll 14:51:10.0656 2876 AudioSrv - ok 14:51:10.0687 2876 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys 14:51:10.0843 2876 audstub - ok 14:51:10.0890 2876 [ 87425709A251386064C99B684BF96F72 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys 14:51:10.0968 2876 avgntflt - ok 14:51:11.0000 2876 [ D50FBA68163BC498F2C136E0E5BA8E2F ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys 14:51:11.0031 2876 avipbb - ok 14:51:11.0062 2876 [ CB8741CD7B126499FED40C9B197F6AC5 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys 14:51:11.0093 2876 avkmgr - ok 14:51:11.0125 2876 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys 14:51:11.0312 2876 Beep - ok 14:51:11.0343 2876 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll 14:51:11.0531 2876 BITS - ok 14:51:11.0578 2876 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Programme\Bonjour\mDNSResponder.exe 14:51:11.0671 2876 Bonjour Service - ok 14:51:11.0703 2876 [ B71549F23736ADF83A571061C47777FD ] Browser C:\WINDOWS\System32\browser.dll 14:51:11.0750 2876 Browser - ok 14:51:11.0812 2876 catchme - ok 14:51:11.0843 2876 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys 14:51:12.0031 2876 cbidf2k - ok 14:51:12.0078 2876 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 14:51:12.0250 2876 CCDECODE - ok 14:51:12.0265 2876 cd20xrnt - ok 14:51:12.0296 2876 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys 14:51:12.0484 2876 Cdaudio - ok 14:51:12.0500 2876 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys 14:51:12.0687 2876 Cdfs - ok 14:51:12.0718 2876 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys 14:51:12.0890 2876 Cdrom - ok 14:51:12.0906 2876 Changer - ok 14:51:12.0968 2876 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe 14:51:13.0156 2876 CiSvc - ok 14:51:13.0187 2876 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe 14:51:13.0359 2876 ClipSrv - ok 14:51:13.0390 2876 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 14:51:13.0484 2876 clr_optimization_v2.0.50727_32 - ok 14:51:13.0500 2876 CmdIde - ok 14:51:13.0515 2876 COMSysApp - ok 14:51:13.0531 2876 Cpqarray - ok 14:51:13.0562 2876 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll 14:51:13.0734 2876 CryptSvc - ok 14:51:13.0750 2876 dac2w2k - ok 14:51:13.0750 2876 dac960nt - ok 14:51:13.0796 2876 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 14:51:13.0843 2876 DcomLaunch - ok 14:51:13.0890 2876 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll 14:51:14.0046 2876 Dhcp - ok 14:51:14.0078 2876 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys 14:51:14.0265 2876 Disk - ok 14:51:14.0265 2876 dmadmin - ok 14:51:14.0328 2876 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys 14:51:14.0562 2876 dmboot - ok 14:51:14.0593 2876 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys 14:51:14.0781 2876 dmio - ok 14:51:14.0796 2876 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys 14:51:14.0984 2876 dmload - ok 14:51:15.0015 2876 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll 14:51:15.0203 2876 dmserver - ok 14:51:15.0218 2876 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys 14:51:15.0390 2876 DMusic - ok 14:51:15.0421 2876 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 14:51:15.0468 2876 Dnscache - ok 14:51:15.0500 2876 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll 14:51:15.0671 2876 Dot3svc - ok 14:51:15.0687 2876 dpti2o - ok 14:51:15.0718 2876 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys 14:51:15.0875 2876 drmkaud - ok 14:51:15.0921 2876 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll 14:51:16.0125 2876 EapHost - ok 14:51:16.0140 2876 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll 14:51:16.0312 2876 ERSvc - ok 14:51:16.0343 2876 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe 14:51:16.0375 2876 Eventlog - ok 14:51:16.0421 2876 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\System32\es.dll 14:51:16.0453 2876 EventSystem - ok 14:51:16.0500 2876 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys 14:51:16.0671 2876 Fastfat - ok 14:51:16.0703 2876 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll 14:51:16.0734 2876 FastUserSwitchingCompatibility - ok 14:51:16.0781 2876 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys 14:51:16.0953 2876 Fdc - ok 14:51:17.0000 2876 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys 14:51:17.0187 2876 Fips - ok 14:51:17.0187 2876 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys 14:51:17.0359 2876 Flpydisk - ok 14:51:17.0406 2876 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys 14:51:17.0578 2876 FltMgr - ok 14:51:17.0656 2876 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe 14:51:17.0687 2876 FontCache3.0.0.0 - ok 14:51:17.0718 2876 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 14:51:17.0875 2876 Fs_Rec - ok 14:51:17.0906 2876 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys 14:51:18.0109 2876 Ftdisk - ok 14:51:18.0140 2876 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys 14:51:18.0171 2876 GEARAspiWDM - ok 14:51:18.0171 2876 GMSIPCI - ok 14:51:18.0218 2876 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys 14:51:18.0375 2876 Gpc - ok 14:51:18.0437 2876 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Programme\Google\Update\GoogleUpdate.exe 14:51:18.0484 2876 gupdate - ok 14:51:18.0515 2876 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe 14:51:18.0531 2876 gupdatem - ok 14:51:18.0593 2876 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 14:51:18.0765 2876 helpsvc - ok 14:51:18.0796 2876 [ B35DA85E60C0103F2E4104532DA2F12B ] HidServ C:\WINDOWS\System32\hidserv.dll 14:51:18.0953 2876 HidServ - ok 14:51:18.0984 2876 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys 14:51:19.0187 2876 HidUsb - ok 14:51:19.0203 2876 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll 14:51:19.0375 2876 hkmsvc - ok 14:51:19.0468 2876 [ 16959F84844DC9B2CEF0D5B1A412370F ] HP LaserJet Service C:\Programme\HP\HPLaserJetService\HPLaserJetService.exe 14:51:19.0484 2876 HP LaserJet Service ( UnsignedFile.Multi.Generic ) - warning 14:51:19.0484 2876 HP LaserJet Service - detected UnsignedFile.Multi.Generic (1) 14:51:19.0515 2876 [ 58176988FBA04153D35D7EB92825A14F ] HP Port Resolver C:\WINDOWS\system32\hpbpro.exe 14:51:19.0546 2876 HP Port Resolver ( UnsignedFile.Multi.Generic ) - warning 14:51:19.0546 2876 HP Port Resolver - detected UnsignedFile.Multi.Generic (1) 14:51:19.0562 2876 [ B00044476F6D091922DA76A086ECC15B ] HP Status Server C:\WINDOWS\system32\hpboid.exe 14:51:19.0593 2876 HP Status Server ( UnsignedFile.Multi.Generic ) - warning 14:51:19.0593 2876 HP Status Server - detected UnsignedFile.Multi.Generic (1) 14:51:19.0609 2876 hpn - ok 14:51:19.0640 2876 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys 14:51:19.0687 2876 HTTP - ok 14:51:19.0718 2876 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll 14:51:19.0875 2876 HTTPFilter - ok 14:51:19.0890 2876 i2omgmt - ok 14:51:19.0906 2876 i2omp - ok 14:51:19.0953 2876 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys 14:51:20.0125 2876 i8042prt - ok 14:51:20.0187 2876 [ 1432958DC80B7BBACF07377763D70E91 ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys 14:51:20.0296 2876 ialm - ok 14:51:20.0343 2876 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe 14:51:20.0375 2876 IDriverT ( UnsignedFile.Multi.Generic ) - warning 14:51:20.0375 2876 IDriverT - detected UnsignedFile.Multi.Generic (1) 14:51:20.0453 2876 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 14:51:20.0609 2876 idsvc - ok 14:51:20.0640 2876 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys 14:51:20.0828 2876 Imapi - ok 14:51:20.0859 2876 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe 14:51:21.0015 2876 ImapiService - ok 14:51:21.0031 2876 ini910u - ok 14:51:21.0046 2876 IntelIde - ok 14:51:21.0078 2876 [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys 14:51:21.0250 2876 intelppm - ok 14:51:21.0281 2876 [ 3BB22519A194418D5FEC05D800A19AD0 ] ip6fw C:\WINDOWS\system32\drivers\ip6fw.sys 14:51:21.0453 2876 ip6fw - ok 14:51:21.0484 2876 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 14:51:21.0656 2876 IpFilterDriver - ok 14:51:21.0671 2876 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys 14:51:21.0843 2876 IpInIp - ok 14:51:21.0890 2876 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys 14:51:22.0062 2876 IpNat - ok 14:51:22.0140 2876 [ E46B17060D3962A384AE484094614788 ] iPod Service C:\Programme\iPod\bin\iPodService.exe 14:51:22.0171 2876 iPod Service - ok 14:51:22.0187 2876 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys 14:51:22.0359 2876 IPSec - ok 14:51:22.0390 2876 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys 14:51:22.0562 2876 IRENUM - ok 14:51:22.0578 2876 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys 14:51:22.0750 2876 isapnp - ok 14:51:22.0781 2876 [ CD8ABFFF1387E0F42CF6C6D7CDC19F0D ] Iviaspi C:\WINDOWS\system32\drivers\iviaspi.sys 14:51:22.0781 2876 Iviaspi ( UnsignedFile.Multi.Generic ) - warning 14:51:22.0781 2876 Iviaspi - detected UnsignedFile.Multi.Generic (1) 14:51:22.0984 2876 [ 9ECF00E19736054E019C532AED8228FC ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe 14:51:23.0031 2876 JavaQuickStarterService - ok 14:51:23.0062 2876 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys 14:51:23.0265 2876 Kbdclass - ok 14:51:23.0296 2876 [ B6D6C117D771C98130497265F26D1882 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys 14:51:23.0453 2876 kbdhid - ok 14:51:23.0484 2876 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys 14:51:23.0671 2876 kmixer - ok 14:51:23.0703 2876 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys 14:51:23.0750 2876 KSecDD - ok 14:51:23.0781 2876 [ 2BBDCB79900990F0716DFCB714E72DE7 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll 14:51:23.0812 2876 lanmanserver - ok 14:51:23.0843 2876 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll 14:51:23.0875 2876 lanmanworkstation - ok 14:51:23.0875 2876 lbrtfdc - ok 14:51:23.0953 2876 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll 14:51:24.0125 2876 LmHosts - ok 14:51:24.0171 2876 [ 8BE71D7EDB8C7494913722059F760DD0 ] LVPr2Mon C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys 14:51:24.0187 2876 LVPr2Mon - ok 14:51:24.0234 2876 [ 2333057542C91AE8228BDCCC2E5F2632 ] LVPrcSrv C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcSrv.exe 14:51:24.0250 2876 LVPrcSrv - ok 14:51:24.0296 2876 [ A1857FBB9B4930EEB2FD92386C45C529 ] LVRS C:\WINDOWS\system32\DRIVERS\lvrs.sys 14:51:24.0328 2876 LVRS - ok 14:51:24.0484 2876 [ 3703406AF0726BADD24C5E552493E5B1 ] LVUVC C:\WINDOWS\system32\DRIVERS\lvuvc.sys 14:51:24.0796 2876 LVUVC - ok 14:51:24.0843 2876 [ AA976B567C3A04EA29A7F3E93920AF59 ] M2500 C:\WINDOWS\system32\DRIVERS\M2500.sys 14:51:24.0890 2876 M2500 - ok 14:51:24.0921 2876 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll 14:51:25.0125 2876 Messenger - ok 14:51:25.0140 2876 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys 14:51:25.0328 2876 mnmdd - ok 14:51:25.0359 2876 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\System32\mnmsrvc.exe 14:51:25.0515 2876 mnmsrvc - ok 14:51:25.0531 2876 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys 14:51:25.0687 2876 Modem - ok 14:51:25.0718 2876 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys 14:51:25.0890 2876 Mouclass - ok 14:51:25.0968 2876 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys 14:51:26.0156 2876 mouhid - ok 14:51:26.0171 2876 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys 14:51:26.0343 2876 MountMgr - ok 14:51:26.0343 2876 mraid35x - ok 14:51:26.0390 2876 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys 14:51:26.0578 2876 MRxDAV - ok 14:51:26.0625 2876 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 14:51:26.0718 2876 MRxSmb - ok 14:51:26.0750 2876 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\System32\msdtc.exe 14:51:26.0921 2876 MSDTC - ok 14:51:26.0968 2876 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 14:51:27.0156 2876 Msfs - ok 14:51:27.0171 2876 MSIServer - ok 14:51:27.0218 2876 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys 14:51:27.0390 2876 MSKSSRV - ok 14:51:27.0406 2876 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys 14:51:27.0578 2876 MSPCLOCK - ok 14:51:27.0609 2876 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys 14:51:28.0140 2876 MSPQM - ok 14:51:28.0156 2876 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys 14:51:28.0312 2876 mssmbios - ok 14:51:28.0343 2876 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys 14:51:28.0500 2876 MSTEE - ok 14:51:28.0546 2876 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys 14:51:28.0609 2876 Mup - ok 14:51:28.0640 2876 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 14:51:28.0812 2876 NABTSFEC - ok 14:51:28.0859 2876 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll 14:51:29.0062 2876 napagent - ok 14:51:29.0062 2876 NAVAP - ok 14:51:29.0093 2876 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys 14:51:29.0296 2876 NDIS - ok 14:51:29.0328 2876 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys 14:51:29.0484 2876 NdisIP - ok 14:51:29.0531 2876 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 14:51:29.0578 2876 NdisTapi - ok 14:51:29.0593 2876 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys 14:51:29.0765 2876 Ndisuio - ok 14:51:29.0781 2876 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys 14:51:29.0953 2876 NdisWan - ok 14:51:29.0984 2876 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys 14:51:30.0031 2876 NDProxy - ok 14:51:30.0078 2876 [ 80B7A96F908DA13617E7E6832C5C6A64 ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll 14:51:30.0093 2876 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 14:51:30.0093 2876 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 14:51:30.0140 2876 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys 14:51:30.0312 2876 NetBIOS - ok 14:51:30.0343 2876 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 14:51:30.0531 2876 NetBT - ok 14:51:30.0546 2876 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe 14:51:30.0750 2876 NetDDE - ok 14:51:30.0765 2876 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe 14:51:30.0921 2876 NetDDEdsdm - ok 14:51:31.0000 2876 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe 14:51:31.0203 2876 Netlogon - ok 14:51:31.0296 2876 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll 14:51:31.0484 2876 Netman - ok 14:51:31.0578 2876 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 14:51:31.0640 2876 NetTcpPortSharing - ok 14:51:31.0687 2876 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys 14:51:31.0890 2876 NIC1394 - ok 14:51:32.0031 2876 [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla C:\WINDOWS\System32\mswsock.dll 14:51:32.0062 2876 Nla - ok 14:51:32.0156 2876 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 14:51:32.0343 2876 Npfs - ok 14:51:32.0593 2876 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys 14:51:34.0000 2876 Ntfs - ok 14:51:34.0015 2876 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\System32\lsass.exe 14:51:34.0171 2876 NtLmSsp - ok 14:51:34.0390 2876 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll 14:51:34.0937 2876 NtmsSvc - ok 14:51:34.0968 2876 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys 14:51:35.0203 2876 Null - ok 14:51:35.0250 2876 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 14:51:35.0453 2876 NwlnkFlt - ok 14:51:35.0468 2876 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 14:51:35.0687 2876 NwlnkFwd - ok 14:51:35.0718 2876 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys 14:51:35.0875 2876 ohci1394 - ok 14:51:36.0000 2876 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE 14:51:36.0031 2876 ose - ok 14:51:36.0046 2876 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\drivers\Parport.sys 14:51:36.0234 2876 Parport - ok 14:51:36.0265 2876 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys 14:51:36.0437 2876 PartMgr - ok 14:51:36.0484 2876 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys 14:51:36.0656 2876 ParVdm - ok 14:51:36.0671 2876 PCANDIS5 - ok 14:51:36.0687 2876 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys 14:51:36.0859 2876 PCI - ok 14:51:36.0875 2876 PCIDump - ok 14:51:36.0890 2876 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys 14:51:37.0078 2876 PCIIde - ok 14:51:37.0109 2876 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys 14:51:37.0281 2876 Pcmcia - ok 14:51:37.0296 2876 PDCOMP - ok 14:51:37.0296 2876 PDFRAME - ok 14:51:37.0312 2876 PDRELI - ok 14:51:37.0312 2876 PDRFRAME - ok 14:51:37.0328 2876 perc2 - ok 14:51:37.0343 2876 perc2hib - ok 14:51:37.0375 2876 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe 14:51:37.0406 2876 PlugPlay - ok 14:51:37.0437 2876 [ 0C155C5D8942B3CBCF9506A9D376B9AD ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll 14:51:37.0453 2876 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 14:51:37.0453 2876 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 14:51:37.0500 2876 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe 14:51:37.0640 2876 PolicyAgent - ok 14:51:37.0671 2876 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys 14:51:37.0843 2876 PptpMiniport - ok 14:51:37.0875 2876 [ 2CB55427C58679F49AD600FCCBA76360 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys 14:51:38.0046 2876 Processor - ok 14:51:38.0062 2876 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe 14:51:38.0218 2876 ProtectedStorage - ok 14:51:38.0250 2876 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys 14:51:38.0421 2876 PSched - ok 14:51:38.0437 2876 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys 14:51:38.0609 2876 Ptilink - ok 14:51:38.0625 2876 ql1080 - ok 14:51:38.0625 2876 Ql10wnt - ok 14:51:38.0640 2876 ql12160 - ok 14:51:38.0656 2876 ql1240 - ok 14:51:38.0671 2876 ql1280 - ok 14:51:38.0687 2876 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 14:51:38.0859 2876 RasAcd - ok 14:51:38.0875 2876 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll 14:51:39.0062 2876 RasAuto - ok 14:51:39.0078 2876 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 14:51:39.0265 2876 Rasl2tp - ok 14:51:39.0312 2876 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll 14:51:39.0468 2876 RasMan - ok 14:51:39.0484 2876 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys 14:51:39.0656 2876 RasPppoe - ok 14:51:39.0671 2876 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys 14:51:39.0843 2876 Raspti - ok 14:51:39.0875 2876 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 14:51:40.0046 2876 Rdbss - ok 14:51:40.0078 2876 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 14:51:40.0265 2876 RDPCDD - ok 14:51:40.0296 2876 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys 14:51:40.0484 2876 rdpdr - ok 14:51:40.0531 2876 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys 14:51:40.0578 2876 RDPWD - ok 14:51:40.0609 2876 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe 14:51:40.0796 2876 RDSessMgr - ok 14:51:40.0843 2876 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys 14:51:41.0015 2876 redbook - ok 14:51:41.0046 2876 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 14:51:41.0281 2876 RemoteAccess - ok 14:51:41.0312 2876 [ E4CD1F3D84E1C2CA0B8CF7501E201593 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll 14:51:41.0468 2876 RemoteRegistry - ok 14:51:41.0484 2876 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\System32\locator.exe 14:51:41.0656 2876 RpcLocator - ok 14:51:41.0718 2876 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs C:\WINDOWS\System32\rpcss.dll 14:51:41.0750 2876 RpcSs - ok 14:51:41.0796 2876 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\System32\rsvp.exe 14:51:42.0000 2876 RSVP - ok 14:51:42.0015 2876 [ D507C1400284176573224903819FFDA3 ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS 14:51:42.0171 2876 rtl8139 - ok 14:51:42.0187 2876 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe 14:51:42.0343 2876 SamSs - ok 14:51:42.0359 2876 SASDIFSV - ok 14:51:42.0359 2876 SASKUTIL - ok 14:51:42.0406 2876 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe 14:51:42.0593 2876 SCardSvr - ok 14:51:42.0625 2876 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll 14:51:42.0796 2876 Schedule - ok 14:51:43.0000 2876 [ 95AA9E165C7DE1B64A11E8B18E91E499 ] SDScannerService C:\Programme\Spybot - Search & Destroy 2\SDFSSvc.exe 14:51:43.0062 2876 SDScannerService - ok 14:51:43.0125 2876 [ D31398D4BB4907B517B6E784C2100C4A ] SDUpdateService C:\Programme\Spybot - Search & Destroy 2\SDUpdSvc.exe 14:51:43.0171 2876 SDUpdateService - ok 14:51:43.0203 2876 [ 6AE8E702D1027A9627DDE2B77BB9992B ] SDWSCService C:\Programme\Spybot - Search & Destroy 2\SDWSCSvc.exe 14:51:43.0265 2876 SDWSCService - ok 14:51:43.0296 2876 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys 14:51:43.0453 2876 Secdrv - ok 14:51:43.0484 2876 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll 14:51:43.0640 2876 seclogon - ok 14:51:43.0656 2876 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll 14:51:43.0828 2876 SENS - ok 14:51:43.0843 2876 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys 14:51:44.0015 2876 serenum - ok 14:51:44.0046 2876 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys 14:51:44.0203 2876 Serial - ok 14:51:44.0234 2876 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys 14:51:44.0390 2876 Sfloppy - ok 14:51:44.0453 2876 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll 14:51:44.0640 2876 SharedAccess - ok 14:51:44.0656 2876 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 14:51:44.0687 2876 ShellHWDetection - ok 14:51:44.0687 2876 Simbad - ok 14:51:44.0734 2876 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Programme\Skype\Updater\Updater.exe 14:51:44.0890 2876 SkypeUpdate - ok 14:51:44.0937 2876 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys 14:51:45.0125 2876 SLIP - ok 14:51:45.0140 2876 Sparrow - ok 14:51:45.0171 2876 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys 14:51:45.0343 2876 splitter - ok 14:51:45.0375 2876 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe 14:51:45.0406 2876 Spooler - ok 14:51:45.0437 2876 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys 14:51:45.0609 2876 sr - ok 14:51:45.0640 2876 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll 14:51:45.0796 2876 srservice - ok 14:51:45.0843 2876 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys 14:51:45.0953 2876 Srv - ok 14:51:46.0015 2876 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 14:51:46.0187 2876 SSDPSRV - ok 14:51:46.0218 2876 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys 14:51:46.0250 2876 ssmdrv - ok 14:51:46.0281 2876 [ BD15182E9D2D3FABC1D1313BADBD2415 ] ss_bus C:\WINDOWS\system32\DRIVERS\ss_bus.sys 14:51:46.0312 2876 ss_bus - ok 14:51:46.0359 2876 [ 67D1144F249A3C5E03EBD7A2304DEE11 ] ss_mdfl C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys 14:51:46.0375 2876 ss_mdfl - ok 14:51:46.0406 2876 [ 954B7CE2D54C703D6A8471D6B05A5E13 ] ss_mdm C:\WINDOWS\system32\DRIVERS\ss_mdm.sys 14:51:46.0453 2876 ss_mdm - ok 14:51:46.0500 2876 [ 306521935042FC0A6988D528643619B3 ] StarOpen C:\WINDOWS\system32\drivers\StarOpen.sys 14:51:46.0515 2876 StarOpen ( UnsignedFile.Multi.Generic ) - warning 14:51:46.0515 2876 StarOpen - detected UnsignedFile.Multi.Generic (1) 14:51:46.0546 2876 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll 14:51:46.0781 2876 stisvc - ok 14:51:46.0796 2876 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys 14:51:46.0968 2876 streamip - ok 14:51:47.0000 2876 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys 14:51:47.0187 2876 swenum - ok 14:51:47.0218 2876 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys 14:51:47.0375 2876 swmidi - ok 14:51:47.0375 2876 SwPrv - ok 14:51:47.0390 2876 symc810 - ok 14:51:47.0406 2876 symc8xx - ok 14:51:47.0421 2876 sym_hi - ok 14:51:47.0421 2876 sym_u3 - ok 14:51:47.0437 2876 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys 14:51:47.0609 2876 sysaudio - ok 14:51:47.0640 2876 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe 14:51:47.0843 2876 SysmonLog - ok 14:51:47.0875 2876 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 14:51:48.0125 2876 TapiSrv - ok 14:51:48.0312 2876 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys 14:51:48.0390 2876 Tcpip - ok 14:51:48.0421 2876 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys 14:51:48.0578 2876 TDPIPE - ok 14:51:48.0593 2876 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys 14:51:48.0765 2876 TDTCP - ok 14:51:48.0796 2876 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys 14:51:48.0953 2876 TermDD - ok 14:51:49.0031 2876 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll 14:51:49.0218 2876 TermService - ok 14:51:49.0250 2876 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll 14:51:49.0281 2876 Themes - ok 14:51:49.0296 2876 [ 03681A1CE77F51586903869A5AB1DEAB ] TlntSvr C:\WINDOWS\System32\tlntsvr.exe 14:51:49.0468 2876 TlntSvr - ok 14:51:49.0515 2876 [ FBD16717FD68B206C4CE3BB3C9EE5CB3 ] TomTomHOMEService C:\Programme\TomTom HOME 2\TomTomHOMEService.exe 14:51:49.0531 2876 TomTomHOMEService - ok 14:51:49.0546 2876 TosIde - ok 14:51:49.0578 2876 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll 14:51:49.0734 2876 TrkWks - ok 14:51:49.0765 2876 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys 14:51:49.0937 2876 Udfs - ok 14:51:49.0953 2876 ultra - ok 14:51:50.0015 2876 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys 14:51:50.0328 2876 Update - ok 14:51:50.0343 2876 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll 14:51:50.0531 2876 upnphost - ok 14:51:50.0562 2876 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe 14:51:50.0718 2876 UPS - ok 14:51:50.0750 2876 [ 6E421CCC57059B0186C6259CA3B6DFC9 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys 14:51:50.0796 2876 USBAAPL - ok 14:51:50.0843 2876 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys 14:51:51.0015 2876 usbaudio - ok 14:51:51.0046 2876 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys 14:51:51.0203 2876 usbccgp - ok 14:51:51.0234 2876 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys 14:51:51.0406 2876 usbehci - ok 14:51:51.0453 2876 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys 14:51:51.0609 2876 usbhub - ok 14:51:51.0640 2876 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys 14:51:51.0812 2876 usbscan - ok 14:51:51.0828 2876 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 14:51:52.0000 2876 usbstor - ok 14:51:52.0062 2876 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys 14:51:52.0218 2876 usbuhci - ok 14:51:52.0250 2876 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys 14:51:52.0421 2876 usbvideo - ok 14:51:52.0437 2876 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys 14:51:52.0593 2876 VgaSave - ok 14:51:52.0609 2876 ViaIde - ok 14:51:52.0625 2876 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys 14:51:52.0796 2876 VolSnap - ok 14:51:52.0828 2876 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe 14:51:53.0015 2876 VSS - ok 14:51:53.0062 2876 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll 14:51:53.0218 2876 W32Time - ok 14:51:53.0250 2876 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys 14:51:53.0406 2876 Wanarp - ok 14:51:53.0421 2876 WDICA - ok 14:51:53.0453 2876 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys 14:51:53.0625 2876 wdmaud - ok 14:51:53.0656 2876 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll 14:51:53.0812 2876 WebClient - ok 14:51:53.0875 2876 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll 14:51:54.0031 2876 winmgmt - ok 14:51:54.0062 2876 [ 6E18978B749F0696A774DE3F2CB142DD ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll 14:51:54.0218 2876 WmdmPmSN - ok 14:51:54.0281 2876 [ FFA4D901D46D07A5BAB2D8307FBB51A6 ] Wmi C:\WINDOWS\System32\advapi32.dll 14:51:54.0359 2876 Wmi - ok 14:51:54.0390 2876 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\System32\wbem\wmiapsrv.exe 14:51:54.0562 2876 WmiApSrv - ok 14:51:54.0578 2876 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys 14:51:54.0765 2876 WS2IFSL - ok 14:51:54.0796 2876 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINDOWS\system32\wscsvc.dll 14:51:54.0953 2876 wscsvc - ok 14:51:55.0000 2876 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 14:51:55.0187 2876 WSTCODEC - ok 14:51:55.0218 2876 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll 14:51:55.0375 2876 wuauserv - ok 14:51:55.0421 2876 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll 14:51:55.0609 2876 WZCSVC - ok 14:51:55.0656 2876 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll 14:51:55.0828 2876 xmlprov - ok 14:51:55.0859 2876 ================ Scan global =============================== 14:51:55.0890 2876 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll 14:51:55.0921 2876 [ E62178BC21EAC63A3B9A2DBD46C1B505 ] C:\WINDOWS\system32\winsrv.dll 14:51:55.0984 2876 [ E62178BC21EAC63A3B9A2DBD46C1B505 ] C:\WINDOWS\system32\winsrv.dll 14:51:56.0015 2876 [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe 14:51:56.0015 2876 [Global] - ok 14:51:56.0015 2876 ================ Scan MBR ================================== 14:51:56.0031 2876 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0 14:51:56.0312 2876 \Device\Harddisk0\DR0 - ok 14:51:56.0328 2876 ================ Scan VBR ================================== 14:51:56.0343 2876 [ 6C5F5EB0573A1D55124F9E8EBBEBA584 ] \Device\Harddisk0\DR0\Partition1 14:51:56.0343 2876 \Device\Harddisk0\DR0\Partition1 - ok 14:51:56.0375 2876 [ 4C76700E90D6F9B5D9B68409C81D4BA1 ] \Device\Harddisk0\DR0\Partition2 14:51:56.0375 2876 \Device\Harddisk0\DR0\Partition2 - ok 14:51:56.0375 2876 ============================================================ 14:51:56.0375 2876 Scan finished 14:51:56.0375 2876 ============================================================ 14:51:56.0500 2872 Detected object count: 8 14:51:56.0500 2872 Actual detected object count: 8 14:52:12.0187 2872 HP LaserJet Service ( UnsignedFile.Multi.Generic ) - skipped by user 14:52:12.0187 2872 HP LaserJet Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 14:52:12.0187 2872 HP Port Resolver ( UnsignedFile.Multi.Generic ) - skipped by user 14:52:12.0203 2872 HP Port Resolver ( UnsignedFile.Multi.Generic ) - User select action: Skip 14:52:12.0203 2872 HP Status Server ( UnsignedFile.Multi.Generic ) - skipped by user 14:52:12.0203 2872 HP Status Server ( UnsignedFile.Multi.Generic ) - User select action: Skip 14:52:12.0203 2872 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user 14:52:12.0203 2872 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 14:52:12.0203 2872 Iviaspi ( UnsignedFile.Multi.Generic ) - skipped by user 14:52:12.0203 2872 Iviaspi ( UnsignedFile.Multi.Generic ) - User select action: Skip 14:52:12.0218 2872 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 14:52:12.0218 2872 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 14:52:12.0218 2872 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 14:52:12.0218 2872 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 14:52:12.0218 2872 StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user 14:52:12.0218 2872 StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip |
12.08.2013, 16:11 | #32 |
/// Malware-holic | GVU-Trojaner: Ich kann noch nicht mal von CD/USB starten Hi,
__________________es sind 4 Logs zu erstellen, bitte möglichst gleichzeitig posten. 1. Downloade Dir bitte Malwarebytes Anti-Malware
neustarten. 2. Downloade Dir bitte AdwCleaner auf deinen Desktop.
neustarten. 3. Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
neustarten. 4. Hitman Pro - Download - Filepony Hitmanpro laden, doppelklicken, scan klicken. Log speichern und posten, bzw als XML exportieren, packen und anhängen. Hitmanpro schließen.
__________________ |
13.08.2013, 17:05 | #33 |
| GVU-Trojaner: Ich kann noch nicht mal von CD/USB starten Hi Marcus,
__________________sind die Scans wirklich noch nötig? Ich habe ja jetzt Zugriff auf den Rechner und Avira und Spybot finden nichts mehr. Eigentlich muss ich jetzt nur noch die Dateien auf den neuen Rechner kopieren. Der alte soll ja nicht weiter verwendet werden. |
13.08.2013, 17:08 | #34 |
/// Malware-holic | GVU-Trojaner: Ich kann noch nicht mal von CD/USB starten Hi, klar sind sie nötig, sonst hätte ich das nicht gepostet. spybot kann man vergessen.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
13.08.2013, 17:17 | #35 |
| GVU-Trojaner: Ich kann noch nicht mal von CD/USB starten okay, war mir nicht sicher, ob dir noch klar war dass der rechner nach der datensicherung verschrottet wird ... ich werde die scans heute nicht mehr schaffen, melde mich wieder sobald ich damit durch bin. |
13.08.2013, 18:02 | #36 |
/// Malware-holic | GVU-Trojaner: Ich kann noch nicht mal von CD/USB starten a ne, sorry das war mir tatsächlich nich bewusst. wenn du daten sicherst, vergiss ihn nicht danach zu formatieren, bzw festplatte ausbauen und kaputt machen, aufschrauben zb wenn du die nicht behalten willst
__________________ --> GVU-Trojaner: Ich kann noch nicht mal von CD/USB starten |
06.09.2013, 16:28 | #37 |
| GVU-Trojaner: Ich kann noch nicht mal von CD/USB starten Ich wollte mich nochmal kurz melden und mich ganz herzlich bedanken. Ich glaube ohne deine Hilfe wär ich an der Kiste verzweifelt. Schön, dass es im Internet noch "die Guten" gibt :-) Den Thread kann man jetzt schließen: Ich hab dem Bekannten die geretteten Daten auf den neuen Rechner überspielt und der alte wird verschrottet. Besten Dank nochmals und ein schönes Wochenende. |
Themen zu GVU-Trojaner: Ich kann noch nicht mal von CD/USB starten |
anschließen, befallen, bios, datenrettung, eingestellt, einstellung, externe platte, festplatte, frage, gestartet, guten, infektion, laufwerk, neue, neuen, nicht möglich, platte, rechner, rechners, richtig, schließe, schließen, starte, starten, usb, versucht, verwendet |