Trojaner-Board
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Trojaner gefunden? awt43abr.exe, wgsdgsdgdsgsd.exe, ebf.exe (https://www.trojaner-board.de/125370-trojaner-gefunden-awt43abr-exe-wgsdgsdgdsgsd-exe-ebf-exe.html)

cosinus 10.10.2012 13:17
Die Sterne hast du in deinen echten Namen vorher zurückeditiert?
Startet Windows noch?

Wen nja, starte Windows neu im abgesicherten Modus (mit Netzwerktreibern nach Möglichkeit), manchmal hakt das Fixen mit OTL im normalen Modus aber sehr oft funktioniert der Fix im abgesicherte Modus.

ForWoody 10.10.2012 15:12
Hey, ja die Sterne hatte ich zurückeditiert und Windows ging noch zu starten. Im abgesicherten Modus hat OTL jetzt auch funktioniert.

Code:
All processes killed
========== OTL ==========
Prefs.js: "129.228.15.142" removed from network.proxy.backup.ftp
Prefs.js: 80 removed from network.proxy.backup.ftp_port
Prefs.js: "129.228.15.142" removed from network.proxy.backup.socks
Prefs.js: 80 removed from network.proxy.backup.socks_port
Prefs.js: "129.228.15.142" removed from network.proxy.backup.ssl
Prefs.js: 80 removed from network.proxy.backup.ssl_port
Prefs.js: "129.228.15.142" removed from network.proxy.ftp
Prefs.js: 80 removed from network.proxy.ftp_port
Prefs.js: "129.228.15.142" removed from network.proxy.http
Prefs.js: 80 removed from network.proxy.http_port
Prefs.js: true removed from network.proxy.share_proxy_settings
Prefs.js: "129.228.15.142" removed from network.proxy.socks
Prefs.js: 80 removed from network.proxy.socks_port
Prefs.js: "129.228.15.142" removed from network.proxy.ssl
Prefs.js: 80 removed from network.proxy.ssl_port
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
ADS C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:016A8E80 deleted successfully.
ADS C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:14362DF8 deleted successfully.
ADS C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:298A4848 deleted successfully.
ADS C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:F5D01D7C deleted successfully.
ADS C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:1B3549F2 deleted successfully.
========== FILES ==========
C:\Dokumente und Einstellungen\***\Anwendungsdaten\Fuzyug folder moved successfully.
C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\l8z18207.default\user.js moved successfully.
C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Temp\NERO14766\Toolbar.exe moved successfully.
E:\Downloads\FHWIN.zip moved successfully.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Auflösungscache wurde geleert.
C:\Dokumente und Einstellungen\***\Desktop\cmd.bat deleted successfully.
C:\Dokumente und Einstellungen\***\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: All Users
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: ***
->Temp folder emptied: 3459641 bytes
->Temporary Internet Files folder emptied: 44447 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 36209308 bytes
->Flash cache emptied: 492 bytes
 
User: ***
->Temp folder emptied: 544556479 bytes
->Temporary Internet Files folder emptied: 157968923 bytes
->Java cache emptied: 25614177 bytes
->FireFox cache emptied: 86674063 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 2061583 bytes
 
User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 3216414 bytes
 
User: NetworkService
->Temp folder emptied: 49152 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2453834 bytes
%systemroot%\System32 .tmp files removed: 2951 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 31618039 bytes
RecycleBin emptied: 3271889543 bytes
 
Total Files Cleaned = 3.973,00 mb
 
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.69.0 log created on 10102012_160310

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

cosinus 10.10.2012 15:33
Geht jetzt nur noch der Modus? :confused:

ForWoody 10.10.2012 18:05
Nein, der normale geht auch. Soll ich den OTL-Fix auch noch im normalen Modus ausführen?

cosinus 10.10.2012 20:50
Nein nein :) wollte nur wissen ob der normale Modus geht

Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtg4nzy0ywy5/settings_2012-09-04.png

ForWoody 10.10.2012 21:03
Code:
21:54:05.0781 3048  TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
21:54:07.0781 3048  ============================================================
21:54:07.0781 3048  Current date / time: 2012/10/10 21:54:07.0781
21:54:07.0781 3048  SystemInfo:
21:54:07.0781 3048 
21:54:07.0781 3048  OS Version: 5.1.2600 ServicePack: 3.0
21:54:07.0781 3048  Product type: Workstation
21:54:07.0781 3048  ComputerName: ***
21:54:07.0781 3048  UserName: ***
21:54:07.0781 3048  Windows directory: C:\WINDOWS
21:54:07.0781 3048  System windows directory: C:\WINDOWS
21:54:07.0781 3048  Processor architecture: Intel x86
21:54:07.0781 3048  Number of processors: 2
21:54:07.0781 3048  Page size: 0x1000
21:54:07.0781 3048  Boot type: Normal boot
21:54:07.0781 3048  ============================================================
21:54:08.0093 3048  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
21:54:08.0109 3048  ============================================================
21:54:08.0109 3048  \Device\Harddisk0\DR0:
21:54:08.0109 3048  MBR partitions:
21:54:08.0109 3048  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x61A7927
21:54:08.0109 3048  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x61A79A5, BlocksNum 0x1869E559
21:54:08.0125 3048  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1E845F3D, BlocksNum 0x1BB3AE43
21:54:08.0125 3048  ============================================================
21:54:08.0156 3048  C: <-> \Device\Harddisk0\DR0\Partition1
21:54:08.0187 3048  E: <-> \Device\Harddisk0\DR0\Partition2
21:54:08.0218 3048  F: <-> \Device\Harddisk0\DR0\Partition3
21:54:08.0218 3048  ============================================================
21:54:08.0218 3048  Initialize success
21:54:08.0218 3048  ============================================================
21:54:57.0312 0724  ============================================================
21:54:57.0312 0724  Scan started
21:54:57.0312 0724  Mode: Manual; SigCheck; TDLFS;
21:54:57.0312 0724  ============================================================
21:54:57.0437 0724  ================ Scan system memory ========================
21:54:57.0437 0724  System memory - ok
21:54:57.0437 0724  ================ Scan services =============================
21:54:57.0546 0724  [ 7B78F182AFD71EB752495FF902DF1539 ] 3SRTE          C:\WINDOWS\system32\drivers\3SRTE.sys
21:54:57.0687 0724  3SRTE ( UnsignedFile.Multi.Generic ) - warning
21:54:57.0687 0724  3SRTE - detected UnsignedFile.Multi.Generic (1)
21:54:57.0687 0724  Abiosdsk - ok
21:54:57.0687 0724  abp480n5 - ok
21:54:57.0718 0724  [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
21:54:58.0031 0724  ACPI - ok
21:54:58.0046 0724  [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
21:54:58.0125 0724  ACPIEC - ok
21:54:58.0140 0724  adpu160m - ok
21:54:58.0187 0724  [ 8BED39E3C35D6A489438B8141717A557 ] aec            C:\WINDOWS\system32\drivers\aec.sys
21:54:58.0265 0724  aec - ok
21:54:58.0296 0724  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD            C:\WINDOWS\System32\drivers\afd.sys
21:54:58.0312 0724  AFD - ok
21:54:58.0328 0724  Aha154x - ok
21:54:58.0328 0724  aic78u2 - ok
21:54:58.0328 0724  aic78xx - ok
21:54:58.0343 0724  [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter        C:\WINDOWS\system32\alrsvc.dll
21:54:58.0406 0724  Alerter - ok
21:54:58.0421 0724  [ 190CD73D4984F94D823F9444980513E5 ] ALG            C:\WINDOWS\System32\alg.exe
21:54:58.0453 0724  ALG - ok
21:54:58.0453 0724  AliIde - ok
21:54:58.0500 0724  [ 267FC636801EDC5AB28E14036349E3BE ] Ambfilt        C:\WINDOWS\system32\drivers\Ambfilt.sys
21:54:58.0578 0724  Ambfilt - ok
21:54:58.0578 0724  amsint - ok
21:54:58.0609 0724  [ D45960BE52C3C610D361977057F98C54 ] AppMgmt        C:\WINDOWS\System32\appmgmts.dll
21:54:58.0640 0724  AppMgmt - ok
21:54:58.0671 0724  [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394        C:\WINDOWS\system32\DRIVERS\arp1394.sys
21:54:58.0734 0724  Arp1394 - ok
21:54:58.0750 0724  asc - ok
21:54:58.0750 0724  asc3350p - ok
21:54:58.0750 0724  asc3550 - ok
21:54:58.0812 0724  [ 4EABF511B1AF176A971C3271E48FA3A8 ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
21:54:58.0843 0724  aspnet_state - ok
21:54:58.0859 0724  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:54:58.0937 0724  AsyncMac - ok
21:54:58.0953 0724  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi          C:\WINDOWS\system32\DRIVERS\atapi.sys
21:54:59.0031 0724  atapi - ok
21:54:59.0031 0724  Atdisk - ok
21:54:59.0062 0724  [ D2FBEB67C63AFA2F6747779B0FEE15B0 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
21:54:59.0109 0724  Ati HotKey Poller - ok
21:54:59.0125 0724  [ CA2033C7C5491B12C628A1CFDB99D75E ] ATI Smart      C:\WINDOWS\system32\ati2sgag.exe
21:54:59.0140 0724  ATI Smart ( UnsignedFile.Multi.Generic ) - warning
21:54:59.0140 0724  ATI Smart - detected UnsignedFile.Multi.Generic (1)
21:54:59.0265 0724  [ 8E280E25A7A3CA8F5F35946CDF41D434 ] ati2mtag        C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
21:54:59.0437 0724  ati2mtag - ok
21:54:59.0437 0724  [ B2A236DC65E90170A369164384EFB460 ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdXP3.sys
21:54:59.0453 0724  AtiHDAudioService - ok
21:54:59.0468 0724  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc        C:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:54:59.0531 0724  Atmarpc - ok
21:54:59.0546 0724  [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
21:54:59.0625 0724  AudioSrv - ok
21:54:59.0656 0724  [ D9F724AA26C010A217C97606B160ED68 ] audstub        C:\WINDOWS\system32\DRIVERS\audstub.sys
21:54:59.0718 0724  audstub - ok
21:54:59.0843 0724  [ 8DFA2EC772F97ED02B384DB88641B367 ] AVM IGD CTRL Service e:\programme\FRITZ!DSL\IGDCTRL.EXE
21:54:59.0843 0724  AVM IGD CTRL Service ( UnsignedFile.Multi.Generic ) - warning
21:54:59.0843 0724  AVM IGD CTRL Service - detected UnsignedFile.Multi.Generic (1)
21:54:59.0859 0724  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
21:54:59.0953 0724  Beep - ok
21:54:59.0968 0724  [ D6F603772A789BB3228F310D650B8BD1 ] BITS            C:\WINDOWS\system32\qmgr.dll
21:55:00.0140 0724  BITS - ok
21:55:00.0156 0724  [ B42057F06BBB98B31876C0B3F2B54E33 ] Browser        C:\WINDOWS\System32\browser.dll
21:55:00.0234 0724  Browser - ok
21:55:00.0234 0724  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k        C:\WINDOWS\system32\drivers\cbidf2k.sys
21:55:00.0312 0724  cbidf2k - ok
21:55:00.0343 0724  [ FDC06E2ADA8C468EBB161624E03976CF ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
21:55:00.0375 0724  CCDECODE - ok
21:55:00.0375 0724  cd20xrnt - ok
21:55:00.0390 0724  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio        C:\WINDOWS\system32\drivers\Cdaudio.sys
21:55:00.0468 0724  Cdaudio - ok
21:55:00.0484 0724  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
21:55:00.0562 0724  Cdfs - ok
21:55:00.0562 0724  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom          C:\WINDOWS\system32\DRIVERS\cdrom.sys
21:55:00.0640 0724  Cdrom - ok
21:55:00.0640 0724  Changer - ok
21:55:00.0656 0724  [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc          C:\WINDOWS\system32\cisvc.exe
21:55:00.0734 0724  CiSvc - ok
21:55:00.0750 0724  [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv        C:\WINDOWS\system32\clipsrv.exe
21:55:00.0828 0724  ClipSrv - ok
21:55:00.0859 0724  [ 234B1BC2796483E1F5C3F26649FB3388 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:55:00.0890 0724  clr_optimization_v2.0.50727_32 - ok
21:55:00.0890 0724  CmdIde - ok
21:55:00.0968 0724  [ 1C15404EA8FC42DAB8A7B3765ED53E58 ] CodeMeter.exe  C:\Programme\CodeMeter\Runtime\bin\CodeMeter.exe
21:55:01.0062 0724  CodeMeter.exe - ok
21:55:01.0265 0724  [ 9C8D5B84E2F5B9D341D1F66A7B8F96E9 ] CoDeSys Control Win V3 E:\programme\3s Codesys\GatewayPLC\CoDeSysControlService.exe
21:55:01.0265 0724  CoDeSys Control Win V3 ( UnsignedFile.Multi.Generic ) - warning
21:55:01.0265 0724  CoDeSys Control Win V3 - detected UnsignedFile.Multi.Generic (1)
21:55:01.0328 0724  [ 6991569A2D5CA146350C28E112413121 ] CoDeSys Gateway V3 E:\programme\3s Codesys\GatewayPLC\GatewayService.exe
21:55:01.0359 0724  CoDeSys Gateway V3 ( UnsignedFile.Multi.Generic ) - warning
21:55:01.0359 0724  CoDeSys Gateway V3 - detected UnsignedFile.Multi.Generic (1)
21:55:01.0421 0724  [ 504692624FFF3A6D1F5B15EE6FE0CA50 ] CoDeSys ServiceControl E:\programme\3s Codesys\GatewayPLC\ServiceControl.exe
21:55:01.0437 0724  CoDeSys ServiceControl ( UnsignedFile.Multi.Generic ) - warning
21:55:01.0437 0724  CoDeSys ServiceControl - detected UnsignedFile.Multi.Generic (1)
21:55:01.0437 0724  COMSysApp - ok
21:55:01.0453 0724  Cpqarray - ok
21:55:01.0484 0724  CPUCooLServer - ok
21:55:01.0500 0724  [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
21:55:01.0578 0724  CryptSvc - ok
21:55:01.0578 0724  dac2w2k - ok
21:55:01.0593 0724  dac960nt - ok
21:55:01.0625 0724  [ E970C2296916BF4A2F958680016FE312 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
21:55:01.0718 0724  DcomLaunch - ok
21:55:01.0765 0724  [ 1523251B9D8A5D84DE0CD23418847824 ] de_serv        C:\Programme\Gemeinsame Dateien\AVM\de_serv.exe
21:55:01.0781 0724  de_serv ( UnsignedFile.Multi.Generic ) - warning
21:55:01.0781 0724  de_serv - detected UnsignedFile.Multi.Generic (1)
21:55:01.0796 0724  [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
21:55:01.0875 0724  Dhcp - ok
21:55:01.0890 0724  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
21:55:01.0968 0724  Disk - ok
21:55:01.0968 0724  dmadmin - ok
21:55:02.0000 0724  [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
21:55:02.0093 0724  dmboot - ok
21:55:02.0093 0724  [ 53720AB12B48719D00E327DA470A619A ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
21:55:02.0171 0724  dmio - ok
21:55:02.0187 0724  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
21:55:02.0250 0724  dmload - ok
21:55:02.0281 0724  [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver        C:\WINDOWS\System32\dmserver.dll
21:55:02.0343 0724  dmserver - ok
21:55:02.0390 0724  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
21:55:02.0453 0724  DMusic - ok
21:55:02.0484 0724  [ 8C9ED3B2834AAE63081AB2DA831C6FE9 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
21:55:02.0578 0724  Dnscache - ok
21:55:02.0593 0724  [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc        C:\WINDOWS\System32\dot3svc.dll
21:55:02.0671 0724  Dot3svc - ok
21:55:02.0687 0724  dpti2o - ok
21:55:02.0718 0724  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud        C:\WINDOWS\system32\drivers\drmkaud.sys
21:55:02.0781 0724  drmkaud - ok
21:55:02.0796 0724  [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost        C:\WINDOWS\System32\eapsvc.dll
21:55:02.0875 0724  EapHost - ok
21:55:02.0968 0724  [ DEFA45E9F01878FBF6FB35103D584034 ] ENI Server      E:\programme\3S\CoDeSys ENI Server\ENI.exe
21:55:03.0000 0724  ENI Server ( UnsignedFile.Multi.Generic ) - warning
21:55:03.0000 0724  ENI Server - detected UnsignedFile.Multi.Generic (1)
21:55:03.0015 0724  [ 877C18558D70587AA7823A1A308AC96B ] ERSvc          C:\WINDOWS\System32\ersvc.dll
21:55:03.0093 0724  ERSvc - ok
21:55:03.0109 0724  [ 4BB6A83640F1D1792AD21CE767B621C6 ] Eventlog        C:\WINDOWS\system32\services.exe
21:55:03.0187 0724  Eventlog - ok
21:55:03.0203 0724  [ 0F3EDAEE1EF97CF3DB2BE23A7289B78C ] EventSystem    C:\WINDOWS\system32\es.dll
21:55:03.0281 0724  EventSystem - ok
21:55:03.0281 0724  [ 38D332A6D56AF32635675F132548343E ] Fastfat        C:\WINDOWS\system32\drivers\Fastfat.sys
21:55:03.0359 0724  Fastfat - ok
21:55:03.0375 0724  [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
21:55:03.0390 0724  FastUserSwitchingCompatibility - ok
21:55:03.0406 0724  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc            C:\WINDOWS\system32\DRIVERS\fdc.sys
21:55:03.0484 0724  Fdc - ok
21:55:03.0500 0724  [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
21:55:03.0578 0724  Fips - ok
21:55:03.0609 0724  [ F76D04F7413B07DAA029F6520B64B4E8 ] FLEXnet Licensing Service C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
21:55:03.0625 0724  FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
21:55:03.0625 0724  FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
21:55:03.0625 0724  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
21:55:03.0718 0724  Flpydisk - ok
21:55:03.0718 0724  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\DRIVERS\fltMgr.sys
21:55:03.0796 0724  FltMgr - ok
21:55:03.0843 0724  [ 993883524AA9CF1C90E1545411A9AC9C ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:55:03.0875 0724  FontCache3.0.0.0 - ok
21:55:03.0937 0724  [ A6F98D7FB17477E6EC99538223B54DAA ] ForceWare Intelligent Application Manager (IAM) C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
21:55:03.0937 0724  ForceWare Intelligent Application Manager (IAM) ( UnsignedFile.Multi.Generic ) - warning
21:55:03.0937 0724  ForceWare Intelligent Application Manager (IAM) - detected UnsignedFile.Multi.Generic (1)
21:55:03.0968 0724  [ B81F8778F5BB485F3B75114F0C99A49F ] ForcewareWebInterface C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
21:55:03.0968 0724  ForcewareWebInterface ( UnsignedFile.Multi.Generic ) - warning
21:55:03.0968 0724  ForcewareWebInterface - detected UnsignedFile.Multi.Generic (1)
21:55:03.0984 0724  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:55:04.0062 0724  Fs_Rec - ok
21:55:04.0062 0724  [ 8F1955CE42E1484714B542F341647778 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:55:04.0140 0724  Ftdisk - ok
21:55:04.0140 0724  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc            C:\WINDOWS\system32\DRIVERS\msgpc.sys
21:55:04.0218 0724  Gpc - ok
21:55:04.0265 0724  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate        C:\Programme\Google\Update\GoogleUpdate.exe
21:55:04.0265 0724  gupdate - ok
21:55:04.0281 0724  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Programme\Google\Update\GoogleUpdate.exe
21:55:04.0281 0724  gupdatem - ok
21:55:04.0312 0724  [ 56BF27D7A539F9E6BBC1DE201ABA0EDF ] HdAudAddService C:\WINDOWS\system32\drivers\AtiHdAud.sys
21:55:04.0343 0724  HdAudAddService - ok
21:55:04.0343 0724  [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
21:55:04.0421 0724  HDAudBus - ok
21:55:04.0468 0724  [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc        C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
21:55:04.0546 0724  helpsvc - ok
21:55:04.0578 0724  [ B35DA85E60C0103F2E4104532DA2F12B ] HidServ        C:\WINDOWS\System32\hidserv.dll
21:55:04.0656 0724  HidServ - ok
21:55:04.0671 0724  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
21:55:04.0750 0724  hidusb - ok
21:55:04.0765 0724  [ ED29F14101523A6E0E808107405D452C ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
21:55:04.0828 0724  hkmsvc - ok
21:55:04.0843 0724  hpn - ok
21:55:04.0859 0724  [ F6AACF5BCE2893E0C1754AFEB672E5C9 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
21:55:04.0921 0724  HTTP - ok
21:55:04.0937 0724  [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
21:55:05.0015 0724  HTTPFilter - ok
21:55:05.0015 0724  i2omgmt - ok
21:55:05.0015 0724  i2omp - ok
21:55:05.0031 0724  [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt        C:\WINDOWS\system32\drivers\i8042prt.sys
21:55:05.0109 0724  i8042prt - ok
21:55:05.0156 0724  [ 82AC853ECF1A0E5F38EFBB86E3B04187 ] ibpcimpm        C:\WINDOWS\system32\drivers\ibpcimpm.sys
21:55:05.0156 0724  ibpcimpm ( UnsignedFile.Multi.Generic ) - warning
21:55:05.0156 0724  ibpcimpm - detected UnsignedFile.Multi.Generic (1)
21:55:05.0203 0724  [ E7CC3AEAED9893A88876744CD439F76C ] idsvc          C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:55:05.0234 0724  idsvc ( UnsignedFile.Multi.Generic ) - warning
21:55:05.0234 0724  idsvc - detected UnsignedFile.Multi.Generic (1)
21:55:05.0250 0724  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi          C:\WINDOWS\system32\DRIVERS\imapi.sys
21:55:05.0328 0724  Imapi - ok
21:55:05.0343 0724  [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService    C:\WINDOWS\system32\imapi.exe
21:55:05.0421 0724  ImapiService - ok
21:55:05.0437 0724  ini910u - ok
21:55:05.0562 0724  [ 063DD51CBDC37B8668E09148E0A118BC ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
21:55:05.0703 0724  IntcAzAudAddService - ok
21:55:05.0718 0724  IntelIde - ok
21:55:05.0750 0724  [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
21:55:05.0812 0724  intelppm - ok
21:55:05.0828 0724  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw          C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
21:55:05.0906 0724  Ip6Fw - ok
21:55:05.0937 0724  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:55:06.0000 0724  IpFilterDriver - ok
21:55:06.0000 0724  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
21:55:06.0078 0724  IpInIp - ok
21:55:06.0093 0724  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat          C:\WINDOWS\system32\DRIVERS\ipnat.sys
21:55:06.0171 0724  IpNat - ok
21:55:06.0171 0724  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec          C:\WINDOWS\system32\DRIVERS\ipsec.sys
21:55:06.0250 0724  IPSec - ok
21:55:06.0281 0724  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
21:55:06.0312 0724  IRENUM - ok
21:55:06.0328 0724  [ 6DFB88F64135C525433E87648BDA30DE ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
21:55:06.0406 0724  isapnp - ok
21:55:06.0515 0724  [ 9AA67569D5257462E230767510B0C815 ] JavaQuickStarterService E:\programme\java\jre6\bin\jqs.exe
21:55:06.0515 0724  JavaQuickStarterService - ok
21:55:06.0531 0724  [ C995C0E8B4503FAC38793BB0236AD246 ] JGOGO          C:\WINDOWS\system32\DRIVERS\JGOGO.sys
21:55:06.0546 0724  JGOGO - ok
21:55:06.0562 0724  [ F4A31E66A61C0783F51157519B03280B ] JRAID          C:\WINDOWS\system32\DRIVERS\jraid.sys
21:55:06.0578 0724  JRAID - ok
21:55:06.0609 0724  [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:55:06.0671 0724  Kbdclass - ok
21:55:06.0687 0724  [ B6D6C117D771C98130497265F26D1882 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
21:55:06.0765 0724  kbdhid - ok
21:55:06.0765 0724  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
21:55:06.0859 0724  kmixer - ok
21:55:06.0875 0724  [ 1705745D900DABF2D89F90EBADDC7517 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
21:55:06.0937 0724  KSecDD - ok
21:55:06.0953 0724  [ D6EB4916B203CBE525F8EFF5FD5AB16C ] LanmanServer    C:\WINDOWS\System32\srvsvc.dll
21:55:07.0031 0724  LanmanServer - ok
21:55:07.0046 0724  [ C0DB1E9367681ECD7ECCA9615C1D0F9B ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
21:55:07.0125 0724  lanmanworkstation - ok
21:55:07.0125 0724  lbrtfdc - ok
21:55:07.0140 0724  [ 636714B7D43C8D0C80449123FD266920 ] LmHosts        C:\WINDOWS\System32\lmhsvc.dll
21:55:07.0218 0724  LmHosts - ok
21:55:07.0234 0724  [ A730FC8671A60666D6E877C544DD7CD4 ] LVUSBSta        C:\WINDOWS\system32\drivers\lvusbsta.sys
21:55:07.0265 0724  LVUSBSta - ok
21:55:07.0281 0724  [ B7550A7107281D170CE85524B1488C98 ] Messenger      C:\WINDOWS\System32\msgsvc.dll
21:55:07.0359 0724  Messenger - ok
21:55:07.0375 0724  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd          C:\WINDOWS\system32\drivers\mnmdd.sys
21:55:07.0453 0724  mnmdd - ok
21:55:07.0468 0724  [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc        C:\WINDOWS\system32\mnmsrvc.exe
21:55:07.0546 0724  mnmsrvc - ok
21:55:07.0562 0724  [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem          C:\WINDOWS\system32\drivers\Modem.sys
21:55:07.0640 0724  Modem - ok
21:55:07.0671 0724  [ C7D9F9717916B34C1B00DD4834AF485C ] Monfilt        C:\WINDOWS\system32\drivers\Monfilt.sys
21:55:07.0703 0724  Monfilt - ok
21:55:07.0718 0724  [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:55:07.0812 0724  Mouclass - ok
21:55:07.0812 0724  [ 66A6F73C74E1791464160A7065CE711A ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
21:55:07.0890 0724  mouhid - ok
21:55:07.0890 0724  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
21:55:07.0968 0724  MountMgr - ok
21:55:07.0984 0724  [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
21:55:08.0000 0724  MozillaMaintenance - ok
21:55:08.0000 0724  mraid35x - ok
21:55:08.0015 0724  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:55:08.0093 0724  MRxDAV - ok
21:55:08.0109 0724  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:55:08.0140 0724  MRxSmb - ok
21:55:08.0156 0724  [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC          C:\WINDOWS\system32\msdtc.exe
21:55:08.0234 0724  MSDTC - ok
21:55:08.0234 0724  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
21:55:08.0312 0724  Msfs - ok
21:55:08.0312 0724  MSIServer - ok
21:55:08.0343 0724  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV        C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:55:08.0406 0724  MSKSSRV - ok
21:55:08.0421 0724  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:55:08.0484 0724  MSPCLOCK - ok
21:55:08.0500 0724  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM          C:\WINDOWS\system32\drivers\MSPQM.sys
21:55:08.0578 0724  MSPQM - ok
21:55:08.0609 0724  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:55:08.0687 0724  mssmbios - ok
21:55:08.0734 0724  MSSQL$SQLEXPRESS - ok
21:55:08.0750 0724  [ ADAF062116B4E6D96E44D26486A87AF6 ] MSSQLServerADHelper C:\Programme\Microsoft SQL Server\90\Shared\sqladhlp90.exe
21:55:08.0765 0724  MSSQLServerADHelper - ok
21:55:08.0765 0724  [ D5059366B361F0E1124753447AF08AA2 ] MSTEE          C:\WINDOWS\system32\drivers\MSTEE.sys
21:55:08.0796 0724  MSTEE - ok
21:55:09.0015 0724  [ E514D0493C272AECBAC7C6C1DAC635D1 ] msvsmon90      e:\programme\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe
21:55:09.0125 0724  msvsmon90 - ok
21:55:09.0140 0724  [ D48659BB24C48345D926ECB45C1EBDF5 ] MTsensor        C:\WINDOWS\system32\DRIVERS\ASACPI.sys
21:55:09.0156 0724  MTsensor - ok
21:55:09.0171 0724  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup            C:\WINDOWS\system32\drivers\Mup.sys
21:55:09.0203 0724  Mup - ok
21:55:09.0218 0724  [ AC31B352CE5E92704056D409834BEB74 ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
21:55:09.0218 0724  NABTSFEC - ok
21:55:09.0375 0724  [ 07B2740CF3294B98380B9E1BF8AB05B8 ] NanoServiceMain E:\programme\panda\PSANHost.exe
21:55:09.0390 0724  NanoServiceMain - ok
21:55:09.0421 0724  [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent        C:\WINDOWS\System32\qagentrt.dll
21:55:09.0484 0724  napagent - ok
21:55:09.0531 0724  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
21:55:09.0593 0724  NDIS - ok
21:55:09.0625 0724  [ ABD7629CF2796250F315C1DD0B6CF7A0 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
21:55:09.0640 0724  NdisIP - ok
21:55:09.0671 0724  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:55:09.0687 0724  NdisTapi - ok
21:55:09.0703 0724  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio        C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:55:09.0781 0724  Ndisuio - ok
21:55:09.0796 0724  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan        C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:55:09.0859 0724  NdisWan - ok
21:55:09.0875 0724  [ 6215023940CFD3702B46ABC304E1D45A ] NDProxy        C:\WINDOWS\system32\drivers\NDProxy.sys
21:55:09.0953 0724  NDProxy - ok
21:55:09.0953 0724  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS        C:\WINDOWS\system32\DRIVERS\netbios.sys
21:55:10.0015 0724  NetBIOS - ok
21:55:10.0031 0724  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT          C:\WINDOWS\system32\DRIVERS\netbt.sys
21:55:10.0109 0724  NetBT - ok
21:55:10.0125 0724  [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE          C:\WINDOWS\system32\netdde.exe
21:55:10.0187 0724  NetDDE - ok
21:55:10.0203 0724  [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
21:55:10.0265 0724  NetDDEdsdm - ok
21:55:10.0296 0724  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon        C:\WINDOWS\system32\lsass.exe
21:55:10.0375 0724  Netlogon - ok
21:55:10.0375 0724  [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman          C:\WINDOWS\System32\netman.dll
21:55:10.0453 0724  Netman - ok
21:55:10.0468 0724  [ F9102685F97F9BA85F4A70AFCF722CFE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:55:10.0484 0724  NetTcpPortSharing ( UnsignedFile.Multi.Generic ) - warning
21:55:10.0484 0724  NetTcpPortSharing - detected UnsignedFile.Multi.Generic (1)
21:55:10.0484 0724  [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394        C:\WINDOWS\system32\DRIVERS\nic1394.sys
21:55:10.0546 0724  NIC1394 - ok
21:55:10.0578 0724  [ F12B9D9A069331877D006CC81B4735F9 ] Nla            C:\WINDOWS\System32\mswsock.dll
21:55:10.0640 0724  Nla - ok
21:55:10.0703 0724  [ 7AEA4DF1CA68FD45DD4BBE1F0243CE7F ] NMSAccess      E:\programme\CDBurnerXP\NMSAccessU.exe
21:55:10.0703 0724  NMSAccess - ok
21:55:10.0718 0724  [ CFEE15A88280D369672DA0E378BBC702 ] NNSALPC        C:\WINDOWS\system32\DRIVERS\NNSAlpc.sys
21:55:10.0718 0724  NNSALPC - ok
21:55:10.0734 0724  [ 2708799ADC223C4412341F0C68D032E3 ] NNSHTTP        C:\WINDOWS\system32\DRIVERS\NNSHttp.sys
21:55:10.0750 0724  NNSHTTP - ok
21:55:10.0750 0724  [ 533F19056B98D9CCE466B64186905BC1 ] NNSIDS          C:\WINDOWS\system32\DRIVERS\NNSIds.sys
21:55:10.0765 0724  NNSIDS - ok
21:55:10.0781 0724  [ 5F7A83B1FC6CAE3E46B215F5E5C759E9 ] NNSNAHS        C:\WINDOWS\system32\DRIVERS\NNSNAHS.sys
21:55:10.0796 0724  NNSNAHS - ok
21:55:10.0812 0724  [ 1F054C5CA627FCD3983538D74574016B ] NNSPICC        C:\WINDOWS\system32\DRIVERS\NNSPicc.sys
21:55:10.0812 0724  NNSPICC - ok
21:55:10.0828 0724  [ 1ABA7D70E4F029892A381C75EE144C16 ] NNSPIHS        C:\WINDOWS\system32\DRIVERS\NNSPihs.sys
21:55:10.0843 0724  NNSPIHS - ok
21:55:10.0843 0724  [ 5F8C023775B8F4A0A8FFC93DD0A27285 ] NNSPOP3        C:\WINDOWS\system32\DRIVERS\NNSPop3.sys
21:55:10.0859 0724  NNSPOP3 - ok
21:55:10.0859 0724  [ CA541CE4A1FC034EEC8CFD6C155B9D30 ] NNSPROT        C:\WINDOWS\system32\DRIVERS\NNSProt.sys
21:55:10.0875 0724  NNSPROT - ok
21:55:10.0890 0724  [ 938E8CCC7AC5922F2E3DBDF3E7A3035C ] NNSPRV          C:\WINDOWS\system32\DRIVERS\NNSPrv.sys
21:55:10.0890 0724  NNSPRV - ok
21:55:10.0906 0724  [ 2458E950F0A0DD9AD08385209B5E1702 ] NNSSMTP        C:\WINDOWS\system32\DRIVERS\NNSSmtp.sys
21:55:10.0906 0724  NNSSMTP - ok
21:55:10.0921 0724  [ 75D990651236A570C4C80ED56BFB4009 ] NNSSTRM        C:\WINDOWS\system32\DRIVERS\NNSStrm.sys
21:55:10.0937 0724  NNSSTRM - ok
21:55:10.0968 0724  [ 9D526B79E7D438056ED7D382AB94019A ] NNSTLSC        C:\WINDOWS\system32\DRIVERS\NNSTlsc.sys
21:55:10.0968 0724  NNSTLSC - ok
21:55:10.0984 0724  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
21:55:11.0062 0724  Npfs - ok
21:55:11.0078 0724  [ C98168642B15B5EC4AF116E4C30C8BAF ] nSvcIp          C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
21:55:11.0078 0724  nSvcIp ( UnsignedFile.Multi.Generic ) - warning
21:55:11.0078 0724  nSvcIp - detected UnsignedFile.Multi.Generic (1)
21:55:11.0093 0724  [ 381A4EDAC8C5D4327E27387686087A99 ] nSvcLog        C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
21:55:11.0093 0724  nSvcLog ( UnsignedFile.Multi.Generic ) - warning
21:55:11.0093 0724  nSvcLog - detected UnsignedFile.Multi.Generic (1)
21:55:11.0109 0724  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
21:55:11.0203 0724  Ntfs - ok
21:55:11.0218 0724  [ 8A2788FF5AA0FE75D7231417200406FF ] ntiomin        C:\WINDOWS\system32\drivers\ntiomin.sys
21:55:11.0218 0724  ntiomin ( UnsignedFile.Multi.Generic ) - warning
21:55:11.0218 0724  ntiomin - detected UnsignedFile.Multi.Generic (1)
21:55:11.0250 0724  [ 5850C28057DDEA04390B88F8CC482504 ] ntiopnp        C:\WINDOWS\system32\drivers\ntiopnp.sys
21:55:11.0250 0724  ntiopnp - ok
21:55:11.0265 0724  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp        C:\WINDOWS\system32\lsass.exe
21:55:11.0328 0724  NtLmSsp - ok
21:55:11.0359 0724  [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc        C:\WINDOWS\system32\ntmssvc.dll
21:55:11.0437 0724  NtmsSvc - ok
21:55:11.0453 0724  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
21:55:11.0531 0724  Null - ok
21:55:11.0546 0724  [ C03E15101F6D9E82CD9B0E7D715F5DE3 ] nvata          C:\WINDOWS\system32\DRIVERS\nvata.sys
21:55:11.0562 0724  nvata - ok
21:55:11.0578 0724  [ B9333604527E02CD2223F200C0BAE7E0 ] NVENETFD        C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
21:55:11.0593 0724  NVENETFD - ok
21:55:11.0625 0724  [ 5E9E55F7EE644C7C5FD78A206FBE37AB ] nvnetbus        C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
21:55:11.0640 0724  nvnetbus - ok
21:55:11.0656 0724  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:55:11.0718 0724  NwlnkFlt - ok
21:55:11.0734 0724  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:55:11.0796 0724  NwlnkFwd - ok
21:55:11.0796 0724  [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys
21:55:11.0875 0724  ohci1394 - ok
21:55:11.0906 0724  [ BB7B0F4BE49BF461CED8103B000D20D5 ] OpcEnum        C:\WINDOWS\system32\OpcEnum.exe
21:55:11.0906 0724  OpcEnum - ok
21:55:11.0953 0724  [ 5A432A042DAE460ABE7199B758E8606C ] ose            C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
21:55:11.0968 0724  ose - ok
21:55:11.0968 0724  [ F84785660305B9B903FB3BCA8BA29837 ] Parport        C:\WINDOWS\system32\DRIVERS\parport.sys
21:55:12.0031 0724  Parport - ok
21:55:12.0046 0724  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr        C:\WINDOWS\system32\drivers\PartMgr.sys
21:55:12.0125 0724  PartMgr - ok
21:55:12.0125 0724  [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
21:55:12.0203 0724  ParVdm - ok
21:55:12.0203 0724  [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI            C:\WINDOWS\system32\DRIVERS\pci.sys
21:55:12.0265 0724  PCI - ok
21:55:12.0281 0724  PCIDump - ok
21:55:12.0312 0724  [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
21:55:12.0375 0724  PCIIde - ok
21:55:12.0390 0724  [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
21:55:12.0468 0724  Pcmcia - ok
21:55:12.0468 0724  PDCOMP - ok
21:55:12.0468 0724  PDFRAME - ok
21:55:12.0468 0724  PDRELI - ok
21:55:12.0484 0724  PDRFRAME - ok
21:55:12.0500 0724  [ 16BC447DE474A9E125DB39806714F1E1 ] pepifilter      C:\WINDOWS\system32\DRIVERS\lv302af.sys
21:55:12.0500 0724  pepifilter - ok
21:55:12.0500 0724  perc2 - ok
21:55:12.0515 0724  perc2hib - ok
21:55:12.0546 0724  [ 7A31B09C7F037A1217B658465F19BBCE ] PID_08A0        C:\WINDOWS\system32\DRIVERS\LV302AV.SYS
21:55:12.0609 0724  PID_08A0 - ok
21:55:12.0625 0724  [ 4BB6A83640F1D1792AD21CE767B621C6 ] PlugPlay        C:\WINDOWS\system32\services.exe
21:55:12.0687 0724  PlugPlay - ok
21:55:12.0703 0724  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent    C:\WINDOWS\system32\lsass.exe
21:55:12.0781 0724  PolicyAgent - ok
21:55:12.0796 0724  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:55:12.0875 0724  PptpMiniport - ok
21:55:12.0875 0724  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
21:55:12.0937 0724  ProtectedStorage - ok
21:55:12.0953 0724  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
21:55:13.0015 0724  PSched - ok
21:55:13.0046 0724  [ 8ABBC5F1492BFDE63FEAE2718A630E5C ] PSINAflt        C:\WINDOWS\system32\DRIVERS\PSINAflt.sys
21:55:13.0062 0724  PSINAflt - ok
21:55:13.0062 0724  [ D92FD5186C6ED7A0CFE5E4FA69CFEF59 ] PSINFile        C:\WINDOWS\system32\DRIVERS\PSINFile.sys
21:55:13.0062 0724  PSINFile - ok
21:55:13.0078 0724  [ C24FA396FF16D8C671D9E5807A0BC8B7 ] PSINKNC        C:\WINDOWS\system32\DRIVERS\psinknc.sys
21:55:13.0093 0724  PSINKNC - ok
21:55:13.0093 0724  [ C52B3E1631CFA5E3BBDE6D2558C0CC72 ] PSINProc        C:\WINDOWS\system32\DRIVERS\PSINProc.sys
21:55:13.0093 0724  PSINProc - ok
21:55:13.0109 0724  [ 0E4C4813C2AA327229F387E3921E69C3 ] PSINProt        C:\WINDOWS\system32\DRIVERS\PSINProt.sys
21:55:13.0109 0724  PSINProt - ok
21:55:13.0140 0724  [ 476769481841007583875023F7ECC4CA ] PSKMAD          C:\WINDOWS\system32\DRIVERS\PSKMAD.sys
21:55:13.0156 0724  PSKMAD - ok
21:55:13.0187 0724  [ 98A9D3236C6301503571DE79B86E8538 ] PSUAService    E:\programme\panda\PSUAService.exe
21:55:13.0187 0724  PSUAService - ok
21:55:13.0218 0724  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink        C:\WINDOWS\system32\DRIVERS\ptilink.sys
21:55:13.0281 0724  Ptilink - ok
21:55:13.0281 0724  ql1080 - ok
21:55:13.0281 0724  Ql10wnt - ok
21:55:13.0296 0724  ql12160 - ok
21:55:13.0296 0724  ql1240 - ok
21:55:13.0296 0724  ql1280 - ok
21:55:13.0328 0724  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:55:13.0406 0724  RasAcd - ok
21:55:13.0437 0724  [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto        C:\WINDOWS\System32\rasauto.dll
21:55:13.0515 0724  RasAuto - ok
21:55:13.0515 0724  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp        C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:55:13.0593 0724  Rasl2tp - ok
21:55:13.0625 0724  [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan          C:\WINDOWS\System32\rasmans.dll
21:55:13.0687 0724  RasMan - ok
21:55:13.0687 0724  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:55:13.0765 0724  RasPppoe - ok
21:55:13.0765 0724  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
21:55:13.0828 0724  Raspti - ok
21:55:13.0859 0724  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss          C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:55:13.0921 0724  Rdbss - ok
21:55:13.0921 0724  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:55:14.0000 0724  RDPCDD - ok
21:55:14.0031 0724  [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr          C:\WINDOWS\system32\DRIVERS\rdpdr.sys
21:55:14.0093 0724  rdpdr - ok
21:55:14.0125 0724  [ FC105DD312ED64EB66BFF111E8EC6EAC ] RDPWD          C:\WINDOWS\system32\drivers\RDPWD.sys
21:55:14.0156 0724  RDPWD - ok
21:55:14.0171 0724  [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr      C:\WINDOWS\system32\sessmgr.exe
21:55:14.0250 0724  RDSessMgr - ok
21:55:14.0265 0724  [ ED761D453856F795A7FE056E42C36365 ] redbook        C:\WINDOWS\system32\DRIVERS\redbook.sys
21:55:14.0328 0724  redbook - ok
21:55:14.0359 0724  [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
21:55:14.0421 0724  RemoteAccess - ok
21:55:14.0453 0724  [ E4CD1F3D84E1C2CA0B8CF7501E201593 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
21:55:14.0515 0724  RemoteRegistry - ok
21:55:14.0546 0724  [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator      C:\WINDOWS\system32\locator.exe
21:55:14.0609 0724  RpcLocator - ok
21:55:14.0640 0724  [ E970C2296916BF4A2F958680016FE312 ] RpcSs          C:\WINDOWS\system32\rpcss.dll
21:55:14.0703 0724  RpcSs - ok
21:55:14.0718 0724  [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP            C:\WINDOWS\system32\rsvp.exe
21:55:14.0796 0724  RSVP - ok
21:55:14.0812 0724  [ DC9CB32D3749AEB37C3250C3274121A5 ] RTIOdrvAPIC    C:\WINDOWS\system32\drivers\RTIOdrvAPIC.sys
21:55:14.0812 0724  RTIOdrvAPIC ( UnsignedFile.Multi.Generic ) - warning
21:55:14.0812 0724  RTIOdrvAPIC - detected UnsignedFile.Multi.Generic (1)
21:55:14.0859 0724  [ 4F7D38311DD316437CDFCA78AEA67733 ] RTIOdrvApplicom C:\WINDOWS\system32\drivers\RTIOdrvApplicom.sys
21:55:14.0859 0724  RTIOdrvApplicom ( UnsignedFile.Multi.Generic ) - warning
21:55:14.0859 0724  RTIOdrvApplicom - detected UnsignedFile.Multi.Generic (1)
21:55:14.0890 0724  [ 9391853D25F5A5B5769CB4B6E014199C ] RTIOdrvAutomata C:\WINDOWS\system32\drivers\RTIOdrvAutomata.sys
21:55:14.0906 0724  RTIOdrvAutomata ( UnsignedFile.Multi.Generic ) - warning
21:55:14.0906 0724  RTIOdrvAutomata - detected UnsignedFile.Multi.Generic (1)
21:55:14.0953 0724  [ CF48B576AC493546303ACC9E119970C6 ] RTIOdrvCP5613  C:\WINDOWS\system32\drivers\RTIOdrvCP5613.sys
21:55:14.0968 0724  RTIOdrvCP5613 ( UnsignedFile.Multi.Generic ) - warning
21:55:14.0968 0724  RTIOdrvCP5613 - detected UnsignedFile.Multi.Generic (1)
21:55:15.0000 0724  [ 4B2A5274EFB5EA9D9CE5714CE46E6AC8 ] RTIOdrvDAMP    C:\WINDOWS\system32\drivers\RTIOdrvDAMP.sys
21:55:15.0000 0724  RTIOdrvDAMP ( UnsignedFile.Multi.Generic ) - warning
21:55:15.0000 0724  RTIOdrvDAMP - detected UnsignedFile.Multi.Generic (1)
21:55:15.0015 0724  [ 0A7A2D1DF3129E581A183B0C048FE1F5 ] RTIOdrvFC310x  C:\WINDOWS\system32\drivers\RTIOdrvFC310x.sys
21:55:15.0015 0724  RTIOdrvFC310x ( UnsignedFile.Multi.Generic ) - warning
21:55:15.0015 0724  RTIOdrvFC310x - detected UnsignedFile.Multi.Generic (1)
21:55:15.0031 0724  [ 21CE27D9F015C7DE78C220B1D6316A3A ] RTIOdrvHilscherDPM C:\WINDOWS\system32\drivers\RTIOdrvHilscherDPM.sys
21:55:15.0046 0724  RTIOdrvHilscherDPM ( UnsignedFile.Multi.Generic ) - warning
21:55:15.0046 0724  RTIOdrvHilscherDPM - detected UnsignedFile.Multi.Generic (1)
21:55:15.0062 0724  [ D2F41F9E0F0F58EB79F269D8F0ECAD4D ] RTIOdrvHMS      C:\WINDOWS\system32\drivers\RTIOdrvHMS.sys
21:55:15.0062 0724  RTIOdrvHMS ( UnsignedFile.Multi.Generic ) - warning
21:55:15.0062 0724  RTIOdrvHMS - detected UnsignedFile.Multi.Generic (1)
21:55:15.0093 0724  [ 10997FCD12441587E2AFC51FBCCDA286 ] RTIOdrvKuhnkePBM C:\WINDOWS\system32\drivers\RTIOdrvKuhnkePBM.sys
21:55:15.0093 0724  RTIOdrvKuhnkePBM ( UnsignedFile.Multi.Generic ) - warning
21:55:15.0093 0724  RTIOdrvKuhnkePBM - detected UnsignedFile.Multi.Generic (1)
21:55:15.0125 0724  [ 8E4667211F883426456B8237FC83C326 ] RTIOdrvSJA      C:\WINDOWS\system32\drivers\RTIOdrvSJA.sys
21:55:15.0125 0724  RTIOdrvSJA ( UnsignedFile.Multi.Generic ) - warning
21:55:15.0125 0724  RTIOdrvSJA - detected UnsignedFile.Multi.Generic (1)
21:55:15.0203 0724  [ 0BB70D0CEF694D7FC7C9BDEC9B4D4496 ] RTService      E:\programme\3S\CoDeSys SP RTE\RTService.exe
21:55:15.0218 0724  RTService ( UnsignedFile.Multi.Generic ) - warning
21:55:15.0218 0724  RTService - detected UnsignedFile.Multi.Generic (1)
21:55:15.0250 0724  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs          C:\WINDOWS\system32\lsass.exe
21:55:15.0312 0724  SamSs - ok
21:55:15.0343 0724  [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
21:55:15.0406 0724  SCardSvr - ok
21:55:15.0453 0724  [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule        C:\WINDOWS\system32\schedsvc.dll
21:55:15.0515 0724  Schedule - ok
21:55:15.0531 0724  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
21:55:15.0562 0724  Secdrv - ok
21:55:15.0578 0724  [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon        C:\WINDOWS\System32\seclogon.dll
21:55:15.0656 0724  seclogon - ok
21:55:15.0671 0724  [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS            C:\WINDOWS\system32\sens.dll
21:55:15.0750 0724  SENS - ok
21:55:15.0750 0724  [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum        C:\WINDOWS\system32\DRIVERS\serenum.sys
21:55:15.0828 0724  serenum - ok
21:55:15.0828 0724  [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
21:55:15.0906 0724  Serial - ok
21:55:15.0906 0724  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy        C:\WINDOWS\system32\drivers\Sfloppy.sys
21:55:15.0984 0724  Sfloppy - ok
21:55:16.0000 0724  [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
21:55:16.0062 0724  SharedAccess - ok
21:55:16.0093 0724  [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
21:55:16.0093 0724  ShellHWDetection - ok
21:55:16.0109 0724  Simbad - ok
21:55:16.0140 0724  [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate    C:\Programme\Skype\Updater\Updater.exe
21:55:16.0140 0724  SkypeUpdate - ok
21:55:16.0171 0724  [ 1FFC44D6787EC1EA9A2B1440A90FA5C1 ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
21:55:16.0187 0724  SLIP - ok
21:55:16.0187 0724  Sparrow - ok
21:55:16.0203 0724  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
21:55:16.0265 0724  splitter - ok
21:55:16.0296 0724  [ 39356A9CDB6753A6D13A4072A9F5A4BB ] Spooler        C:\WINDOWS\system32\spoolsv.exe
21:55:16.0359 0724  Spooler - ok
21:55:16.0375 0724  [ 71E276F6D189413266EA22171806597B ] sptd            C:\WINDOWS\System32\Drivers\sptd.sys
21:55:16.0406 0724  sptd - ok
21:55:16.0421 0724  [ D2B096CD2F56FAC6EEEED9A77DDF6DC8 ] SQLBrowser      C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe
21:55:16.0437 0724  SQLBrowser - ok
21:55:16.0453 0724  [ 54902536AAD0E9B99BC65F89C0CAF93F ] SQLWriter      C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe
21:55:16.0468 0724  SQLWriter - ok
21:55:16.0500 0724  [ 50FA898F8C032796D3B1B9951BB5A90F ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
21:55:16.0531 0724  sr - ok
21:55:16.0546 0724  [ FE77A85495065F3AD59C5C65B6C54182 ] srservice      C:\WINDOWS\system32\srsvc.dll
21:55:16.0578 0724  srservice - ok
21:55:16.0609 0724  [ 5252605079810904E31C332E241CD59B ] Srv            C:\WINDOWS\system32\DRIVERS\srv.sys
21:55:16.0687 0724  Srv - ok
21:55:16.0703 0724  [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV        C:\WINDOWS\System32\ssdpsrv.dll
21:55:16.0734 0724  SSDPSRV - ok
21:55:16.0750 0724  [ F92254B0BCFCD10CAAC7BCCC7CB7F467 ] StarOpen        C:\WINDOWS\system32\drivers\StarOpen.sys
21:55:16.0750 0724  StarOpen ( UnsignedFile.Multi.Generic ) - warning
21:55:16.0750 0724  StarOpen - detected UnsignedFile.Multi.Generic (1)
21:55:16.0781 0724  [ BC2C5985611C5356B24AEB370953DED9 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
21:55:16.0859 0724  stisvc - ok
21:55:16.0875 0724  [ A9F9FD0212E572B84EDB9EB661F6BC04 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
21:55:16.0890 0724  streamip - ok
21:55:16.0890 0724  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
21:55:16.0953 0724  swenum - ok
21:55:16.0968 0724  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
21:55:17.0031 0724  swmidi - ok
21:55:17.0046 0724  SwPrv - ok
21:55:17.0046 0724  symc810 - ok
21:55:17.0046 0724  symc8xx - ok
21:55:17.0062 0724  sym_hi - ok
21:55:17.0062 0724  sym_u3 - ok
21:55:17.0062 0724  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
21:55:17.0140 0724  sysaudio - ok
21:55:17.0156 0724  [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog      C:\WINDOWS\system32\smlogsvc.exe
21:55:17.0234 0724  SysmonLog - ok
21:55:17.0265 0724  [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv        C:\WINDOWS\System32\tapisrv.dll
21:55:17.0343 0724  TapiSrv - ok
21:55:17.0359 0724  [ 68F06FE0021B01E670AF37B8C5964FDF ] Tcpip          C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:55:17.0359 0724  Tcpip ( UnsignedFile.Multi.Generic ) - warning
21:55:17.0359 0724  Tcpip - detected UnsignedFile.Multi.Generic (1)
21:55:17.0390 0724  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
21:55:17.0453 0724  TDPIPE - ok
21:55:17.0468 0724  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP          C:\WINDOWS\system32\drivers\TDTCP.sys
21:55:17.0546 0724  TDTCP - ok
21:55:17.0562 0724  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
21:55:17.0640 0724  TermDD - ok
21:55:17.0671 0724  [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService    C:\WINDOWS\System32\termsrv.dll
21:55:17.0750 0724  TermService - ok
21:55:17.0765 0724  [ 2DB7D303C36DDD055215052F118E8E75 ] Themes          C:\WINDOWS\System32\shsvcs.dll
21:55:17.0781 0724  Themes - ok
21:55:17.0812 0724  [ 03681A1CE77F51586903869A5AB1DEAB ] TlntSvr        C:\WINDOWS\system32\tlntsvr.exe
21:55:17.0843 0724  TlntSvr - ok
21:55:17.0843 0724  TosIde - ok
21:55:17.0859 0724  [ 626504572B175867F30F3215C04B3E2F ] TrkWks          C:\WINDOWS\system32\trkwks.dll
21:55:17.0937 0724  TrkWks - ok
21:55:17.0953 0724  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
21:55:18.0031 0724  Udfs - ok
21:55:18.0031 0724  ultra - ok
21:55:18.0046 0724  [ AB0A7CA90D9E3D6A193905DC1715DED0 ] UMWdf          C:\WINDOWS\system32\wdfmgr.exe
21:55:18.0093 0724  UMWdf - ok
21:55:18.0125 0724  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
21:55:18.0203 0724  Update - ok
21:55:18.0203 0724  [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost        C:\WINDOWS\System32\upnphost.dll
21:55:18.0250 0724  upnphost - ok
21:55:18.0265 0724  [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS            C:\WINDOWS\System32\ups.exe
21:55:18.0328 0724  UPS - ok
21:55:18.0359 0724  [ E919708DB44ED8543A7C017953148330 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
21:55:18.0421 0724  usbaudio - ok
21:55:18.0437 0724  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp        C:\WINDOWS\system32\DRIVERS\usbccgp.sys
21:55:18.0515 0724  usbccgp - ok
21:55:18.0515 0724  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci        C:\WINDOWS\system32\DRIVERS\usbehci.sys
21:55:18.0593 0724  usbehci - ok
21:55:18.0593 0724  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:55:18.0671 0724  usbhub - ok
21:55:18.0687 0724  [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci        C:\WINDOWS\system32\DRIVERS\usbohci.sys
21:55:18.0750 0724  usbohci - ok
21:55:18.0781 0724  [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR        C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:55:18.0843 0724  USBSTOR - ok
21:55:18.0859 0724  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave        C:\WINDOWS\System32\drivers\vga.sys
21:55:18.0921 0724  VgaSave - ok
21:55:18.0921 0724  ViaIde - ok
21:55:18.0937 0724  [ A5A712F4E880874A477AF790B5186E1D ] VolSnap        C:\WINDOWS\system32\drivers\VolSnap.sys
21:55:19.0000 0724  VolSnap - ok
21:55:19.0015 0724  [ 68F106273BE29E7B7EF8266977268E78 ] VSS            C:\WINDOWS\System32\vssvc.exe
21:55:19.0046 0724  VSS - ok
21:55:19.0062 0724  [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time        C:\WINDOWS\system32\w32time.dll
21:55:19.0140 0724  W32Time - ok
21:55:19.0140 0724  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:55:19.0218 0724  Wanarp - ok
21:55:19.0218 0724  WDICA - ok
21:55:19.0234 0724  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
21:55:19.0296 0724  wdmaud - ok
21:55:19.0312 0724  [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient      C:\WINDOWS\System32\webclnt.dll
21:55:19.0375 0724  WebClient - ok
21:55:19.0421 0724  [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt        C:\WINDOWS\system32\wbem\WMIsvc.dll
21:55:19.0484 0724  winmgmt - ok
21:55:19.0515 0724  [ 140EF97B64F560FD78643CAE2CDAD838 ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
21:55:19.0531 0724  WmdmPmSN - ok
21:55:19.0562 0724  [ 53E1CCF332A2F40B5E08476921CD8B44 ] Wmi            C:\WINDOWS\System32\advapi32.dll
21:55:19.0656 0724  Wmi - ok
21:55:19.0671 0724  [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
21:55:19.0734 0724  WmiApSrv - ok
21:55:19.0765 0724  [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL        C:\WINDOWS\System32\drivers\ws2ifsl.sys
21:55:19.0843 0724  WS2IFSL - ok
21:55:19.0843 0724  [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
21:55:19.0921 0724  wscsvc - ok
21:55:19.0953 0724  [ 233CDD1C06942115802EB7CE6669E099 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
21:55:19.0953 0724  WSTCODEC - ok
21:55:19.0968 0724  [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
21:55:20.0093 0724  wuauserv - ok
21:55:20.0125 0724  [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
21:55:20.0203 0724  WZCSVC - ok
21:55:20.0203 0724  [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov        C:\WINDOWS\System32\xmlprov.dll
21:55:20.0312 0724  xmlprov - ok
21:55:20.0328 0724  ================ Scan global ===============================
21:55:20.0343 0724  [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
21:55:20.0359 0724  [ 4CD408F799D4A72B0DE1F1116A77A48E ] C:\WINDOWS\system32\winsrv.dll
21:55:20.0375 0724  [ 4CD408F799D4A72B0DE1F1116A77A48E ] C:\WINDOWS\system32\winsrv.dll
21:55:20.0390 0724  [ 4BB6A83640F1D1792AD21CE767B621C6 ] C:\WINDOWS\system32\services.exe
21:55:20.0390 0724  [Global] - ok
21:55:20.0390 0724  ================ Scan MBR ==================================
21:55:20.0406 0724  [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
21:55:20.0609 0724  \Device\Harddisk0\DR0 - ok
21:55:20.0609 0724  ================ Scan VBR ==================================
21:55:20.0609 0724  [ 22A128A5FBC0968718F84ECC8245F120 ] \Device\Harddisk0\DR0\Partition1
21:55:20.0609 0724  \Device\Harddisk0\DR0\Partition1 - ok
21:55:20.0609 0724  [ 5F1178C9F8123418E398130A9C9C65C6 ] \Device\Harddisk0\DR0\Partition2
21:55:20.0609 0724  \Device\Harddisk0\DR0\Partition2 - ok
21:55:20.0640 0724  [ 887854459EF0FF587CA451B229A1F9B1 ] \Device\Harddisk0\DR0\Partition3
21:55:20.0640 0724  \Device\Harddisk0\DR0\Partition3 - ok
21:55:20.0640 0724  ============================================================
21:55:20.0640 0724  Scan finished
21:55:20.0640 0724  ============================================================
21:55:20.0765 2412  Detected object count: 30
21:55:20.0765 2412  Actual detected object count: 30
21:56:09.0843 2412  3SRTE ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:09.0843 2412  3SRTE ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:09.0843 2412  ATI Smart ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:09.0843 2412  ATI Smart ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:09.0843 2412  AVM IGD CTRL Service ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:09.0843 2412  AVM IGD CTRL Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:09.0859 2412  CoDeSys Control Win V3 ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:09.0859 2412  CoDeSys Control Win V3 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:09.0859 2412  CoDeSys Gateway V3 ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:09.0859 2412  CoDeSys Gateway V3 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:09.0859 2412  CoDeSys ServiceControl ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:09.0859 2412  CoDeSys ServiceControl ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:09.0859 2412  de_serv ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:09.0859 2412  de_serv ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:09.0859 2412  ENI Server ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:09.0859 2412  ENI Server ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:09.0859 2412  FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:09.0859 2412  FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:09.0859 2412  ForceWare Intelligent Application Manager (IAM) ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:09.0859 2412  ForceWare Intelligent Application Manager (IAM) ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:09.0859 2412  ForcewareWebInterface ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:09.0859 2412  ForcewareWebInterface ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:09.0859 2412  ibpcimpm ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:09.0859 2412  ibpcimpm ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:09.0859 2412  idsvc ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:09.0859 2412  idsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:09.0859 2412  NetTcpPortSharing ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:09.0859 2412  NetTcpPortSharing ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:09.0859 2412  nSvcIp ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:09.0859 2412  nSvcIp ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:09.0859 2412  nSvcLog ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:09.0875 2412  nSvcLog ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:09.0875 2412  ntiomin ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:09.0875 2412  ntiomin ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:09.0875 2412  RTIOdrvAPIC ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:09.0875 2412  RTIOdrvAPIC ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:09.0875 2412  RTIOdrvApplicom ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:09.0875 2412  RTIOdrvApplicom ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:09.0875 2412  RTIOdrvAutomata ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:09.0875 2412  RTIOdrvAutomata ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:09.0875 2412  RTIOdrvCP5613 ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:09.0875 2412  RTIOdrvCP5613 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:09.0875 2412  RTIOdrvDAMP ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:09.0875 2412  RTIOdrvDAMP ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:09.0875 2412  RTIOdrvFC310x ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:09.0875 2412  RTIOdrvFC310x ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:09.0875 2412  RTIOdrvHilscherDPM ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:09.0875 2412  RTIOdrvHilscherDPM ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:09.0875 2412  RTIOdrvHMS ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:09.0875 2412  RTIOdrvHMS ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:09.0875 2412  RTIOdrvKuhnkePBM ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:09.0875 2412  RTIOdrvKuhnkePBM ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:09.0875 2412  RTIOdrvSJA ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:09.0875 2412  RTIOdrvSJA ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:09.0875 2412  RTService ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:09.0875 2412  RTService ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:09.0890 2412  StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:09.0890 2412  StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:09.0890 2412  Tcpip ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:09.0890 2412  Tcpip ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:24.0500 2436  ============================================================
21:56:24.0500 2436  Scan started
21:56:24.0500 2436  Mode: Manual; SigCheck; TDLFS;
21:56:24.0500 2436  ============================================================
21:56:24.0734 2436  ================ Scan system memory ========================
21:56:24.0734 2436  System memory - ok
21:56:24.0734 2436  ================ Scan services =============================
21:56:24.0859 2436  [ 7B78F182AFD71EB752495FF902DF1539 ] 3SRTE          C:\WINDOWS\system32\drivers\3SRTE.sys
21:56:24.0875 2436  3SRTE ( UnsignedFile.Multi.Generic ) - warning
21:56:24.0875 2436  3SRTE - detected UnsignedFile.Multi.Generic (1)
21:56:24.0875 2436  Abiosdsk - ok
21:56:24.0875 2436  abp480n5 - ok
21:56:24.0906 2436  [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
21:56:25.0000 2436  ACPI - ok
21:56:25.0015 2436  [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
21:56:25.0109 2436  ACPIEC - ok
21:56:25.0109 2436  adpu160m - ok
21:56:25.0140 2436  [ 8BED39E3C35D6A489438B8141717A557 ] aec            C:\WINDOWS\system32\drivers\aec.sys
21:56:25.0218 2436  aec - ok
21:56:25.0265 2436  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD            C:\WINDOWS\System32\drivers\afd.sys
21:56:25.0281 2436  AFD - ok
21:56:25.0281 2436  Aha154x - ok
21:56:25.0281 2436  aic78u2 - ok
21:56:25.0281 2436  aic78xx - ok
21:56:25.0296 2436  [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter        C:\WINDOWS\system32\alrsvc.dll
21:56:25.0359 2436  Alerter - ok
21:56:25.0359 2436  [ 190CD73D4984F94D823F9444980513E5 ] ALG            C:\WINDOWS\System32\alg.exe
21:56:25.0406 2436  ALG - ok
21:56:25.0406 2436  AliIde - ok
21:56:25.0453 2436  [ 267FC636801EDC5AB28E14036349E3BE ] Ambfilt        C:\WINDOWS\system32\drivers\Ambfilt.sys
21:56:25.0500 2436  Ambfilt - ok
21:56:25.0500 2436  amsint - ok
21:56:25.0515 2436  [ D45960BE52C3C610D361977057F98C54 ] AppMgmt        C:\WINDOWS\System32\appmgmts.dll
21:56:25.0562 2436  AppMgmt - ok
21:56:25.0578 2436  [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394        C:\WINDOWS\system32\DRIVERS\arp1394.sys
21:56:25.0656 2436  Arp1394 - ok
21:56:25.0656 2436  asc - ok
21:56:25.0656 2436  asc3350p - ok
21:56:25.0656 2436  asc3550 - ok
21:56:25.0718 2436  [ 4EABF511B1AF176A971C3271E48FA3A8 ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
21:56:25.0734 2436  aspnet_state - ok
21:56:25.0750 2436  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:56:25.0812 2436  AsyncMac - ok
21:56:25.0812 2436  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi          C:\WINDOWS\system32\DRIVERS\atapi.sys
21:56:25.0890 2436  atapi - ok
21:56:25.0890 2436  Atdisk - ok
21:56:25.0921 2436  [ D2FBEB67C63AFA2F6747779B0FEE15B0 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
21:56:25.0937 2436  Ati HotKey Poller - ok
21:56:25.0984 2436  [ CA2033C7C5491B12C628A1CFDB99D75E ] ATI Smart      C:\WINDOWS\system32\ati2sgag.exe
21:56:25.0984 2436  ATI Smart ( UnsignedFile.Multi.Generic ) - warning
21:56:25.0984 2436  ATI Smart - detected UnsignedFile.Multi.Generic (1)
21:56:26.0109 2436  [ 8E280E25A7A3CA8F5F35946CDF41D434 ] ati2mtag        C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
21:56:26.0265 2436  ati2mtag - ok
21:56:26.0281 2436  [ B2A236DC65E90170A369164384EFB460 ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdXP3.sys
21:56:26.0281 2436  AtiHDAudioService - ok
21:56:26.0296 2436  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc        C:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:56:26.0359 2436  Atmarpc - ok
21:56:26.0375 2436  [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
21:56:26.0437 2436  AudioSrv - ok
21:56:26.0453 2436  [ D9F724AA26C010A217C97606B160ED68 ] audstub        C:\WINDOWS\system32\DRIVERS\audstub.sys
21:56:26.0531 2436  audstub - ok
21:56:26.0656 2436  [ 8DFA2EC772F97ED02B384DB88641B367 ] AVM IGD CTRL Service e:\programme\FRITZ!DSL\IGDCTRL.EXE
21:56:26.0656 2436  AVM IGD CTRL Service ( UnsignedFile.Multi.Generic ) - warning
21:56:26.0656 2436  AVM IGD CTRL Service - detected UnsignedFile.Multi.Generic (1)
21:56:26.0687 2436  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
21:56:26.0750 2436  Beep - ok
21:56:26.0765 2436  [ D6F603772A789BB3228F310D650B8BD1 ] BITS            C:\WINDOWS\system32\qmgr.dll
21:56:26.0843 2436  BITS - ok
21:56:26.0859 2436  [ B42057F06BBB98B31876C0B3F2B54E33 ] Browser        C:\WINDOWS\System32\browser.dll
21:56:26.0937 2436  Browser - ok
21:56:26.0953 2436  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k        C:\WINDOWS\system32\drivers\cbidf2k.sys
21:56:27.0015 2436  cbidf2k - ok
21:56:27.0031 2436  [ FDC06E2ADA8C468EBB161624E03976CF ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
21:56:27.0046 2436  CCDECODE - ok
21:56:27.0046 2436  cd20xrnt - ok
21:56:27.0062 2436  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio        C:\WINDOWS\system32\drivers\Cdaudio.sys
21:56:27.0125 2436  Cdaudio - ok
21:56:27.0140 2436  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
21:56:27.0203 2436  Cdfs - ok
21:56:27.0218 2436  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom          C:\WINDOWS\system32\DRIVERS\cdrom.sys
21:56:27.0281 2436  Cdrom - ok
21:56:27.0281 2436  Changer - ok
21:56:27.0312 2436  [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc          C:\WINDOWS\system32\cisvc.exe
21:56:27.0375 2436  CiSvc - ok
21:56:27.0390 2436  [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv        C:\WINDOWS\system32\clipsrv.exe
21:56:27.0468 2436  ClipSrv - ok
21:56:27.0484 2436  [ 234B1BC2796483E1F5C3F26649FB3388 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:56:27.0484 2436  clr_optimization_v2.0.50727_32 - ok
21:56:27.0500 2436  CmdIde - ok
21:56:27.0593 2436  [ 1C15404EA8FC42DAB8A7B3765ED53E58 ] CodeMeter.exe  C:\Programme\CodeMeter\Runtime\bin\CodeMeter.exe
21:56:27.0656 2436  CodeMeter.exe - ok
21:56:27.0859 2436  [ 9C8D5B84E2F5B9D341D1F66A7B8F96E9 ] CoDeSys Control Win V3 E:\programme\3s Codesys\GatewayPLC\CoDeSysControlService.exe
21:56:27.0859 2436  CoDeSys Control Win V3 ( UnsignedFile.Multi.Generic ) - warning
21:56:27.0859 2436  CoDeSys Control Win V3 - detected UnsignedFile.Multi.Generic (1)
21:56:27.0921 2436  [ 6991569A2D5CA146350C28E112413121 ] CoDeSys Gateway V3 E:\programme\3s Codesys\GatewayPLC\GatewayService.exe
21:56:27.0937 2436  CoDeSys Gateway V3 ( UnsignedFile.Multi.Generic ) - warning
21:56:27.0937 2436  CoDeSys Gateway V3 - detected UnsignedFile.Multi.Generic (1)
21:56:27.0984 2436  [ 504692624FFF3A6D1F5B15EE6FE0CA50 ] CoDeSys ServiceControl E:\programme\3s Codesys\GatewayPLC\ServiceControl.exe
21:56:28.0000 2436  CoDeSys ServiceControl ( UnsignedFile.Multi.Generic ) - warning
21:56:28.0000 2436  CoDeSys ServiceControl - detected UnsignedFile.Multi.Generic (1)
21:56:28.0000 2436  COMSysApp - ok
21:56:28.0000 2436  Cpqarray - ok
21:56:28.0046 2436  CPUCooLServer - ok
21:56:28.0078 2436  [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
21:56:28.0140 2436  CryptSvc - ok
21:56:28.0140 2436  dac2w2k - ok
21:56:28.0156 2436  dac960nt - ok
21:56:28.0187 2436  [ E970C2296916BF4A2F958680016FE312 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
21:56:28.0265 2436  DcomLaunch - ok
21:56:28.0296 2436  [ 1523251B9D8A5D84DE0CD23418847824 ] de_serv        C:\Programme\Gemeinsame Dateien\AVM\de_serv.exe
21:56:28.0312 2436  de_serv ( UnsignedFile.Multi.Generic ) - warning
21:56:28.0312 2436  de_serv - detected UnsignedFile.Multi.Generic (1)
21:56:28.0328 2436  [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
21:56:28.0390 2436  Dhcp - ok
21:56:28.0406 2436  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
21:56:28.0468 2436  Disk - ok
21:56:28.0468 2436  dmadmin - ok
21:56:28.0515 2436  [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
21:56:28.0593 2436  dmboot - ok
21:56:28.0593 2436  [ 53720AB12B48719D00E327DA470A619A ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
21:56:28.0671 2436  dmio - ok
21:56:28.0671 2436  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
21:56:28.0750 2436  dmload - ok
21:56:28.0765 2436  [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver        C:\WINDOWS\System32\dmserver.dll
21:56:28.0828 2436  dmserver - ok
21:56:28.0859 2436  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
21:56:28.0921 2436  DMusic - ok
21:56:28.0937 2436  [ 8C9ED3B2834AAE63081AB2DA831C6FE9 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
21:56:29.0015 2436  Dnscache - ok
21:56:29.0031 2436  [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc        C:\WINDOWS\System32\dot3svc.dll
21:56:29.0093 2436  Dot3svc - ok
21:56:29.0093 2436  dpti2o - ok
21:56:29.0125 2436  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud        C:\WINDOWS\system32\drivers\drmkaud.sys
21:56:29.0187 2436  drmkaud - ok
21:56:29.0203 2436  [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost        C:\WINDOWS\System32\eapsvc.dll
21:56:29.0265 2436  EapHost - ok
21:56:29.0375 2436  [ DEFA45E9F01878FBF6FB35103D584034 ] ENI Server      E:\programme\3S\CoDeSys ENI Server\ENI.exe
21:56:29.0375 2436  ENI Server ( UnsignedFile.Multi.Generic ) - warning
21:56:29.0375 2436  ENI Server - detected UnsignedFile.Multi.Generic (1)
21:56:29.0390 2436  [ 877C18558D70587AA7823A1A308AC96B ] ERSvc          C:\WINDOWS\System32\ersvc.dll
21:56:29.0453 2436  ERSvc - ok
21:56:29.0484 2436  [ 4BB6A83640F1D1792AD21CE767B621C6 ] Eventlog        C:\WINDOWS\system32\services.exe
21:56:29.0546 2436  Eventlog - ok
21:56:29.0562 2436  [ 0F3EDAEE1EF97CF3DB2BE23A7289B78C ] EventSystem    C:\WINDOWS\system32\es.dll
21:56:29.0640 2436  EventSystem - ok
21:56:29.0640 2436  [ 38D332A6D56AF32635675F132548343E ] Fastfat        C:\WINDOWS\system32\drivers\Fastfat.sys
21:56:29.0718 2436  Fastfat - ok
21:56:29.0734 2436  [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
21:56:29.0750 2436  FastUserSwitchingCompatibility - ok
21:56:29.0750 2436  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc            C:\WINDOWS\system32\DRIVERS\fdc.sys
21:56:29.0828 2436  Fdc - ok
21:56:29.0828 2436  [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
21:56:29.0906 2436  Fips - ok
21:56:29.0937 2436  [ F76D04F7413B07DAA029F6520B64B4E8 ] FLEXnet Licensing Service C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
21:56:29.0953 2436  FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
21:56:29.0953 2436  FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
21:56:29.0953 2436  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
21:56:30.0015 2436  Flpydisk - ok
21:56:30.0046 2436  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\DRIVERS\fltMgr.sys
21:56:30.0109 2436  FltMgr - ok
21:56:30.0156 2436  [ 993883524AA9CF1C90E1545411A9AC9C ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:56:30.0171 2436  FontCache3.0.0.0 - ok
21:56:30.0234 2436  [ A6F98D7FB17477E6EC99538223B54DAA ] ForceWare Intelligent Application Manager (IAM) C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
21:56:30.0234 2436  ForceWare Intelligent Application Manager (IAM) ( UnsignedFile.Multi.Generic ) - warning
21:56:30.0234 2436  ForceWare Intelligent Application Manager (IAM) - detected UnsignedFile.Multi.Generic (1)
21:56:30.0265 2436  [ B81F8778F5BB485F3B75114F0C99A49F ] ForcewareWebInterface C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
21:56:30.0265 2436  ForcewareWebInterface ( UnsignedFile.Multi.Generic ) - warning
21:56:30.0265 2436  ForcewareWebInterface - detected UnsignedFile.Multi.Generic (1)
21:56:30.0281 2436  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:56:30.0359 2436  Fs_Rec - ok
21:56:30.0359 2436  [ 8F1955CE42E1484714B542F341647778 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:56:30.0421 2436  Ftdisk - ok
21:56:30.0437 2436  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc            C:\WINDOWS\system32\DRIVERS\msgpc.sys
21:56:30.0500 2436  Gpc - ok
21:56:30.0546 2436  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate        C:\Programme\Google\Update\GoogleUpdate.exe
21:56:30.0546 2436  gupdate - ok
21:56:30.0562 2436  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Programme\Google\Update\GoogleUpdate.exe
21:56:30.0562 2436  gupdatem - ok
21:56:30.0593 2436  [ 56BF27D7A539F9E6BBC1DE201ABA0EDF ] HdAudAddService C:\WINDOWS\system32\drivers\AtiHdAud.sys
21:56:30.0593 2436  HdAudAddService - ok
21:56:30.0609 2436  [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
21:56:30.0687 2436  HDAudBus - ok
21:56:30.0703 2436  [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc        C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
21:56:30.0781 2436  helpsvc - ok
21:56:30.0796 2436  [ B35DA85E60C0103F2E4104532DA2F12B ] HidServ        C:\WINDOWS\System32\hidserv.dll
21:56:30.0859 2436  HidServ - ok
21:56:30.0875 2436  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
21:56:30.0937 2436  hidusb - ok
21:56:30.0953 2436  [ ED29F14101523A6E0E808107405D452C ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
21:56:31.0031 2436  hkmsvc - ok
21:56:31.0031 2436  hpn - ok
21:56:31.0046 2436  [ F6AACF5BCE2893E0C1754AFEB672E5C9 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
21:56:31.0109 2436  HTTP - ok
21:56:31.0140 2436  [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
21:56:31.0218 2436  HTTPFilter - ok
21:56:31.0218 2436  i2omgmt - ok
21:56:31.0218 2436  i2omp - ok
21:56:31.0250 2436  [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt        C:\WINDOWS\system32\drivers\i8042prt.sys
21:56:31.0312 2436  i8042prt - ok
21:56:31.0359 2436  [ 82AC853ECF1A0E5F38EFBB86E3B04187 ] ibpcimpm        C:\WINDOWS\system32\drivers\ibpcimpm.sys
21:56:31.0359 2436  ibpcimpm ( UnsignedFile.Multi.Generic ) - warning
21:56:31.0359 2436  ibpcimpm - detected UnsignedFile.Multi.Generic (1)
21:56:31.0421 2436  [ E7CC3AEAED9893A88876744CD439F76C ] idsvc          C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:56:31.0437 2436  idsvc ( UnsignedFile.Multi.Generic ) - warning
21:56:31.0437 2436  idsvc - detected UnsignedFile.Multi.Generic (1)
21:56:31.0437 2436  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi          C:\WINDOWS\system32\DRIVERS\imapi.sys
21:56:31.0500 2436  Imapi - ok
21:56:31.0531 2436  [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService    C:\WINDOWS\system32\imapi.exe
21:56:31.0609 2436  ImapiService - ok
21:56:31.0609 2436  ini910u - ok
21:56:31.0734 2436  [ 063DD51CBDC37B8668E09148E0A118BC ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
21:56:31.0875 2436  IntcAzAudAddService - ok
21:56:31.0890 2436  IntelIde - ok
21:56:31.0890 2436  [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
21:56:31.0968 2436  intelppm - ok
21:56:31.0968 2436  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw          C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
21:56:32.0046 2436  Ip6Fw - ok
21:56:32.0062 2436  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:56:32.0125 2436  IpFilterDriver - ok
21:56:32.0125 2436  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
21:56:32.0203 2436  IpInIp - ok
21:56:32.0218 2436  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat          C:\WINDOWS\system32\DRIVERS\ipnat.sys
21:56:32.0281 2436  IpNat - ok
21:56:32.0296 2436  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec          C:\WINDOWS\system32\DRIVERS\ipsec.sys
21:56:32.0359 2436  IPSec - ok
21:56:32.0390 2436  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
21:56:32.0421 2436  IRENUM - ok
21:56:32.0437 2436  [ 6DFB88F64135C525433E87648BDA30DE ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
21:56:32.0500 2436  isapnp - ok
21:56:32.0593 2436  [ 9AA67569D5257462E230767510B0C815 ] JavaQuickStarterService E:\programme\java\jre6\bin\jqs.exe
21:56:32.0609 2436  JavaQuickStarterService - ok
21:56:32.0625 2436  [ C995C0E8B4503FAC38793BB0236AD246 ] JGOGO          C:\WINDOWS\system32\DRIVERS\JGOGO.sys
21:56:32.0625 2436  JGOGO - ok
21:56:32.0640 2436  [ F4A31E66A61C0783F51157519B03280B ] JRAID          C:\WINDOWS\system32\DRIVERS\jraid.sys
21:56:32.0656 2436  JRAID - ok
21:56:32.0687 2436  [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:56:32.0765 2436  Kbdclass - ok
21:56:32.0781 2436  [ B6D6C117D771C98130497265F26D1882 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
21:56:32.0843 2436  kbdhid - ok
21:56:32.0843 2436  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
21:56:32.0921 2436  kmixer - ok
21:56:32.0921 2436  [ 1705745D900DABF2D89F90EBADDC7517 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
21:56:33.0000 2436  KSecDD - ok
21:56:33.0015 2436  [ D6EB4916B203CBE525F8EFF5FD5AB16C ] LanmanServer    C:\WINDOWS\System32\srvsvc.dll
21:56:33.0093 2436  LanmanServer - ok
21:56:33.0109 2436  [ C0DB1E9367681ECD7ECCA9615C1D0F9B ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
21:56:33.0187 2436  lanmanworkstation - ok
21:56:33.0187 2436  lbrtfdc - ok
21:56:33.0203 2436  [ 636714B7D43C8D0C80449123FD266920 ] LmHosts        C:\WINDOWS\System32\lmhsvc.dll
21:56:33.0265 2436  LmHosts - ok
21:56:33.0281 2436  [ A730FC8671A60666D6E877C544DD7CD4 ] LVUSBSta        C:\WINDOWS\system32\drivers\lvusbsta.sys
21:56:33.0296 2436  LVUSBSta - ok
21:56:33.0312 2436  [ B7550A7107281D170CE85524B1488C98 ] Messenger      C:\WINDOWS\System32\msgsvc.dll
21:56:33.0375 2436  Messenger - ok
21:56:33.0390 2436  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd          C:\WINDOWS\system32\drivers\mnmdd.sys
21:56:33.0453 2436  mnmdd - ok
21:56:33.0484 2436  [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc        C:\WINDOWS\system32\mnmsrvc.exe
21:56:33.0562 2436  mnmsrvc - ok
21:56:33.0562 2436  [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem          C:\WINDOWS\system32\drivers\Modem.sys
21:56:33.0640 2436  Modem - ok
21:56:33.0671 2436  [ C7D9F9717916B34C1B00DD4834AF485C ] Monfilt        C:\WINDOWS\system32\drivers\Monfilt.sys
21:56:33.0703 2436  Monfilt - ok
21:56:33.0703 2436  [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:56:33.0781 2436  Mouclass - ok
21:56:33.0796 2436  [ 66A6F73C74E1791464160A7065CE711A ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
21:56:33.0859 2436  mouhid - ok
21:56:33.0875 2436  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
21:56:33.0937 2436  MountMgr - ok
21:56:33.0968 2436  [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
21:56:33.0968 2436  MozillaMaintenance - ok
21:56:33.0968 2436  mraid35x - ok
21:56:33.0984 2436  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:56:34.0046 2436  MRxDAV - ok
21:56:34.0062 2436  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:56:34.0078 2436  MRxSmb - ok
21:56:34.0109 2436  [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC          C:\WINDOWS\system32\msdtc.exe
21:56:34.0187 2436  MSDTC - ok
21:56:34.0187 2436  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
21:56:34.0250 2436  Msfs - ok
21:56:34.0265 2436  MSIServer - ok
21:56:34.0281 2436  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV        C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:56:34.0343 2436  MSKSSRV - ok
21:56:34.0359 2436  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:56:34.0437 2436  MSPCLOCK - ok
21:56:34.0437 2436  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM          C:\WINDOWS\system32\drivers\MSPQM.sys
21:56:34.0515 2436  MSPQM - ok
21:56:34.0531 2436  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:56:34.0593 2436  mssmbios - ok
21:56:34.0656 2436  MSSQL$SQLEXPRESS - ok
21:56:34.0671 2436  [ ADAF062116B4E6D96E44D26486A87AF6 ] MSSQLServerADHelper C:\Programme\Microsoft SQL Server\90\Shared\sqladhlp90.exe
21:56:34.0687 2436  MSSQLServerADHelper - ok
21:56:34.0687 2436  [ D5059366B361F0E1124753447AF08AA2 ] MSTEE          C:\WINDOWS\system32\drivers\MSTEE.sys
21:56:34.0718 2436  MSTEE - ok
21:56:34.0953 2436  [ E514D0493C272AECBAC7C6C1DAC635D1 ] msvsmon90      e:\programme\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe
21:56:35.0031 2436  msvsmon90 - ok
21:56:35.0062 2436  [ D48659BB24C48345D926ECB45C1EBDF5 ] MTsensor        C:\WINDOWS\system32\DRIVERS\ASACPI.sys
21:56:35.0062 2436  MTsensor - ok
21:56:35.0078 2436  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup            C:\WINDOWS\system32\drivers\Mup.sys
21:56:35.0093 2436  Mup - ok
21:56:35.0109 2436  [ AC31B352CE5E92704056D409834BEB74 ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
21:56:35.0109 2436  NABTSFEC - ok
21:56:35.0265 2436  [ 07B2740CF3294B98380B9E1BF8AB05B8 ] NanoServiceMain E:\programme\panda\PSANHost.exe
21:56:35.0265 2436  NanoServiceMain - ok
21:56:35.0296 2436  [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent        C:\WINDOWS\System32\qagentrt.dll
21:56:35.0375 2436  napagent - ok
21:56:35.0406 2436  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
21:56:35.0468 2436  NDIS - ok
21:56:35.0500 2436  [ ABD7629CF2796250F315C1DD0B6CF7A0 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
21:56:35.0500 2436  NdisIP - ok
21:56:35.0531 2436  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:56:35.0531 2436  NdisTapi - ok
21:56:35.0546 2436  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio        C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:56:35.0609 2436  Ndisuio - ok
21:56:35.0625 2436  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan        C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:56:35.0703 2436  NdisWan - ok
21:56:35.0703 2436  [ 6215023940CFD3702B46ABC304E1D45A ] NDProxy        C:\WINDOWS\system32\drivers\NDProxy.sys
21:56:35.0765 2436  NDProxy - ok
21:56:35.0781 2436  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS        C:\WINDOWS\system32\DRIVERS\netbios.sys
21:56:35.0843 2436  NetBIOS - ok
21:56:35.0859 2436  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT          C:\WINDOWS\system32\DRIVERS\netbt.sys
21:56:35.0937 2436  NetBT - ok
21:56:35.0937 2436  [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE          C:\WINDOWS\system32\netdde.exe
21:56:36.0015 2436  NetDDE - ok
21:56:36.0015 2436  [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
21:56:36.0078 2436  NetDDEdsdm - ok
21:56:36.0109 2436  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon        C:\WINDOWS\system32\lsass.exe
21:56:36.0171 2436  Netlogon - ok
21:56:36.0187 2436  [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman          C:\WINDOWS\System32\netman.dll
21:56:36.0250 2436  Netman - ok
21:56:36.0281 2436  [ F9102685F97F9BA85F4A70AFCF722CFE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:56:36.0281 2436  NetTcpPortSharing ( UnsignedFile.Multi.Generic ) - warning
21:56:36.0281 2436  NetTcpPortSharing - detected UnsignedFile.Multi.Generic (1)
21:56:36.0296 2436  [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394        C:\WINDOWS\system32\DRIVERS\nic1394.sys
21:56:36.0375 2436  NIC1394 - ok
21:56:36.0390 2436  [ F12B9D9A069331877D006CC81B4735F9 ] Nla            C:\WINDOWS\System32\mswsock.dll
21:56:36.0453 2436  Nla - ok
21:56:36.0515 2436  [ 7AEA4DF1CA68FD45DD4BBE1F0243CE7F ] NMSAccess      E:\programme\CDBurnerXP\NMSAccessU.exe
21:56:36.0515 2436  NMSAccess - ok
21:56:36.0546 2436  [ CFEE15A88280D369672DA0E378BBC702 ] NNSALPC        C:\WINDOWS\system32\DRIVERS\NNSAlpc.sys
21:56:36.0546 2436  NNSALPC - ok
21:56:36.0562 2436  [ 2708799ADC223C4412341F0C68D032E3 ] NNSHTTP        C:\WINDOWS\system32\DRIVERS\NNSHttp.sys
21:56:36.0562 2436  NNSHTTP - ok
21:56:36.0578 2436  [ 533F19056B98D9CCE466B64186905BC1 ] NNSIDS          C:\WINDOWS\system32\DRIVERS\NNSIds.sys
21:56:36.0578 2436  NNSIDS - ok
21:56:36.0609 2436  [ 5F7A83B1FC6CAE3E46B215F5E5C759E9 ] NNSNAHS        C:\WINDOWS\system32\DRIVERS\NNSNAHS.sys
21:56:36.0609 2436  NNSNAHS - ok
21:56:36.0625 2436  [ 1F054C5CA627FCD3983538D74574016B ] NNSPICC        C:\WINDOWS\system32\DRIVERS\NNSPicc.sys
21:56:36.0640 2436  NNSPICC - ok
21:56:36.0671 2436  [ 1ABA7D70E4F029892A381C75EE144C16 ] NNSPIHS        C:\WINDOWS\system32\DRIVERS\NNSPihs.sys
21:56:36.0671 2436  NNSPIHS - ok
21:56:36.0687 2436  [ 5F8C023775B8F4A0A8FFC93DD0A27285 ] NNSPOP3        C:\WINDOWS\system32\DRIVERS\NNSPop3.sys
21:56:36.0687 2436  NNSPOP3 - ok
21:56:36.0703 2436  [ CA541CE4A1FC034EEC8CFD6C155B9D30 ] NNSPROT        C:\WINDOWS\system32\DRIVERS\NNSProt.sys
21:56:36.0703 2436  NNSPROT - ok
21:56:36.0718 2436  [ 938E8CCC7AC5922F2E3DBDF3E7A3035C ] NNSPRV          C:\WINDOWS\system32\DRIVERS\NNSPrv.sys
21:56:36.0734 2436  NNSPRV - ok
21:56:36.0734 2436  [ 2458E950F0A0DD9AD08385209B5E1702 ] NNSSMTP        C:\WINDOWS\system32\DRIVERS\NNSSmtp.sys
21:56:36.0734 2436  NNSSMTP - ok
21:56:36.0750 2436  [ 75D990651236A570C4C80ED56BFB4009 ] NNSSTRM        C:\WINDOWS\system32\DRIVERS\NNSStrm.sys
21:56:36.0765 2436  NNSSTRM - ok
21:56:36.0781 2436  [ 9D526B79E7D438056ED7D382AB94019A ] NNSTLSC        C:\WINDOWS\system32\DRIVERS\NNSTlsc.sys
21:56:36.0781 2436  NNSTLSC - ok
21:56:36.0796 2436  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
21:56:36.0859 2436  Npfs - ok
21:56:36.0890 2436  [ C98168642B15B5EC4AF116E4C30C8BAF ] nSvcIp          C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
21:56:36.0890 2436  nSvcIp ( UnsignedFile.Multi.Generic ) - warning
21:56:36.0890 2436  nSvcIp - detected UnsignedFile.Multi.Generic (1)
21:56:36.0890 2436  [ 381A4EDAC8C5D4327E27387686087A99 ] nSvcLog        C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
21:56:36.0906 2436  nSvcLog ( UnsignedFile.Multi.Generic ) - warning
21:56:36.0906 2436  nSvcLog - detected UnsignedFile.Multi.Generic (1)
21:56:36.0921 2436  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
21:56:37.0000 2436  Ntfs - ok
21:56:37.0015 2436  [ 8A2788FF5AA0FE75D7231417200406FF ] ntiomin        C:\WINDOWS\system32\drivers\ntiomin.sys
21:56:37.0015 2436  ntiomin ( UnsignedFile.Multi.Generic ) - warning
21:56:37.0015 2436  ntiomin - detected UnsignedFile.Multi.Generic (1)
21:56:37.0046 2436  [ 5850C28057DDEA04390B88F8CC482504 ] ntiopnp        C:\WINDOWS\system32\drivers\ntiopnp.sys
21:56:37.0046 2436  ntiopnp - ok
21:56:37.0062 2436  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp        C:\WINDOWS\system32\lsass.exe
21:56:37.0125 2436  NtLmSsp - ok
21:56:37.0140 2436  [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc        C:\WINDOWS\system32\ntmssvc.dll
21:56:37.0218 2436  NtmsSvc - ok
21:56:37.0250 2436  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
21:56:37.0312 2436  Null - ok
21:56:37.0328 2436  [ C03E15101F6D9E82CD9B0E7D715F5DE3 ] nvata          C:\WINDOWS\system32\DRIVERS\nvata.sys
21:56:37.0328 2436  nvata - ok
21:56:37.0343 2436  [ B9333604527E02CD2223F200C0BAE7E0 ] NVENETFD        C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
21:56:37.0343 2436  NVENETFD - ok
21:56:37.0359 2436  [ 5E9E55F7EE644C7C5FD78A206FBE37AB ] nvnetbus        C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
21:56:37.0375 2436  nvnetbus - ok
21:56:37.0390 2436  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:56:37.0453 2436  NwlnkFlt - ok
21:56:37.0453 2436  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:56:37.0531 2436  NwlnkFwd - ok
21:56:37.0531 2436  [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys
21:56:37.0593 2436  ohci1394 - ok
21:56:37.0640 2436  [ BB7B0F4BE49BF461CED8103B000D20D5 ] OpcEnum        C:\WINDOWS\system32\OpcEnum.exe
21:56:37.0640 2436  OpcEnum - ok
21:56:37.0687 2436  [ 5A432A042DAE460ABE7199B758E8606C ] ose            C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
21:56:37.0703 2436  ose - ok
21:56:37.0718 2436  [ F84785660305B9B903FB3BCA8BA29837 ] Parport        C:\WINDOWS\system32\DRIVERS\parport.sys
21:56:37.0781 2436  Parport - ok
21:56:37.0781 2436  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr        C:\WINDOWS\system32\drivers\PartMgr.sys
21:56:37.0859 2436  PartMgr - ok
21:56:37.0875 2436  [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
21:56:37.0937 2436  ParVdm - ok
21:56:37.0937 2436  [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI            C:\WINDOWS\system32\DRIVERS\pci.sys
21:56:38.0000 2436  PCI - ok
21:56:38.0015 2436  PCIDump - ok
21:56:38.0015 2436  [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
21:56:38.0093 2436  PCIIde - ok
21:56:38.0109 2436  [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
21:56:38.0171 2436  Pcmcia - ok
21:56:38.0171 2436  PDCOMP - ok
21:56:38.0187 2436  PDFRAME - ok
21:56:38.0187 2436  PDRELI - ok
21:56:38.0187 2436  PDRFRAME - ok
21:56:38.0203 2436  [ 16BC447DE474A9E125DB39806714F1E1 ] pepifilter      C:\WINDOWS\system32\DRIVERS\lv302af.sys
21:56:38.0218 2436  pepifilter - ok
21:56:38.0218 2436  perc2 - ok
21:56:38.0218 2436  perc2hib - ok
21:56:38.0250 2436  [ 7A31B09C7F037A1217B658465F19BBCE ] PID_08A0        C:\WINDOWS\system32\DRIVERS\LV302AV.SYS
21:56:38.0281 2436  PID_08A0 - ok
21:56:38.0312 2436  [ 4BB6A83640F1D1792AD21CE767B621C6 ] PlugPlay        C:\WINDOWS\system32\services.exe
21:56:38.0375 2436  PlugPlay - ok
21:56:38.0390 2436  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent    C:\WINDOWS\system32\lsass.exe
21:56:38.0453 2436  PolicyAgent - ok
21:56:38.0468 2436  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:56:38.0546 2436  PptpMiniport - ok
21:56:38.0546 2436  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
21:56:38.0609 2436  ProtectedStorage - ok
21:56:38.0625 2436  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
21:56:38.0687 2436  PSched - ok
21:56:38.0718 2436  [ 8ABBC5F1492BFDE63FEAE2718A630E5C ] PSINAflt        C:\WINDOWS\system32\DRIVERS\PSINAflt.sys
21:56:38.0734 2436  PSINAflt - ok
21:56:38.0734 2436  [ D92FD5186C6ED7A0CFE5E4FA69CFEF59 ] PSINFile        C:\WINDOWS\system32\DRIVERS\PSINFile.sys
21:56:38.0734 2436  PSINFile - ok
21:56:38.0750 2436  [ C24FA396FF16D8C671D9E5807A0BC8B7 ] PSINKNC        C:\WINDOWS\system32\DRIVERS\psinknc.sys
21:56:38.0765 2436  PSINKNC - ok
21:56:38.0765 2436  [ C52B3E1631CFA5E3BBDE6D2558C0CC72 ] PSINProc        C:\WINDOWS\system32\DRIVERS\PSINProc.sys
21:56:38.0765 2436  PSINProc - ok
21:56:38.0781 2436  [ 0E4C4813C2AA327229F387E3921E69C3 ] PSINProt        C:\WINDOWS\system32\DRIVERS\PSINProt.sys
21:56:38.0781 2436  PSINProt - ok
21:56:38.0812 2436  [ 476769481841007583875023F7ECC4CA ] PSKMAD          C:\WINDOWS\system32\DRIVERS\PSKMAD.sys
21:56:38.0828 2436  PSKMAD - ok
21:56:38.0859 2436  [ 98A9D3236C6301503571DE79B86E8538 ] PSUAService    E:\programme\panda\PSUAService.exe
21:56:38.0859 2436  PSUAService - ok
21:56:38.0890 2436  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink        C:\WINDOWS\system32\DRIVERS\ptilink.sys
21:56:38.0953 2436  Ptilink - ok
21:56:38.0953 2436  ql1080 - ok
21:56:38.0953 2436  Ql10wnt - ok
21:56:38.0968 2436  ql12160 - ok
21:56:38.0968 2436  ql1240 - ok
21:56:38.0968 2436  ql1280 - ok
21:56:38.0984 2436  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:56:39.0046 2436  RasAcd - ok
21:56:39.0078 2436  [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto        C:\WINDOWS\System32\rasauto.dll
21:56:39.0140 2436  RasAuto - ok
21:56:39.0156 2436  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp        C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:56:39.0218 2436  Rasl2tp - ok
21:56:39.0234 2436  [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan          C:\WINDOWS\System32\rasmans.dll
21:56:39.0312 2436  RasMan - ok
21:56:39.0312 2436  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:56:39.0375 2436  RasPppoe - ok
21:56:39.0390 2436  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
21:56:39.0453 2436  Raspti - ok
21:56:39.0453 2436  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss          C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:56:39.0531 2436  Rdbss - ok
21:56:39.0531 2436  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:56:39.0593 2436  RDPCDD - ok
21:56:39.0609 2436  [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr          C:\WINDOWS\system32\DRIVERS\rdpdr.sys
21:56:39.0671 2436  rdpdr - ok
21:56:39.0703 2436  [ FC105DD312ED64EB66BFF111E8EC6EAC ] RDPWD          C:\WINDOWS\system32\drivers\RDPWD.sys
21:56:39.0703 2436  RDPWD - ok
21:56:39.0718 2436  [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr      C:\WINDOWS\system32\sessmgr.exe
21:56:39.0796 2436  RDSessMgr - ok
21:56:39.0812 2436  [ ED761D453856F795A7FE056E42C36365 ] redbook        C:\WINDOWS\system32\DRIVERS\redbook.sys
21:56:39.0875 2436  redbook - ok
21:56:39.0906 2436  [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
21:56:39.0968 2436  RemoteAccess - ok
21:56:39.0984 2436  [ E4CD1F3D84E1C2CA0B8CF7501E201593 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
21:56:40.0046 2436  RemoteRegistry - ok
21:56:40.0078 2436  [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator      C:\WINDOWS\system32\locator.exe
21:56:40.0140 2436  RpcLocator - ok
21:56:40.0156 2436  [ E970C2296916BF4A2F958680016FE312 ] RpcSs          C:\WINDOWS\system32\rpcss.dll
21:56:40.0234 2436  RpcSs - ok
21:56:40.0250 2436  [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP            C:\WINDOWS\system32\rsvp.exe
21:56:40.0312 2436  RSVP - ok
21:56:40.0343 2436  [ DC9CB32D3749AEB37C3250C3274121A5 ] RTIOdrvAPIC    C:\WINDOWS\system32\drivers\RTIOdrvAPIC.sys
21:56:40.0343 2436  RTIOdrvAPIC ( UnsignedFile.Multi.Generic ) - warning
21:56:40.0343 2436  RTIOdrvAPIC - detected UnsignedFile.Multi.Generic (1)
21:56:40.0375 2436  [ 4F7D38311DD316437CDFCA78AEA67733 ] RTIOdrvApplicom C:\WINDOWS\system32\drivers\RTIOdrvApplicom.sys
21:56:40.0375 2436  RTIOdrvApplicom ( UnsignedFile.Multi.Generic ) - warning
21:56:40.0375 2436  RTIOdrvApplicom - detected UnsignedFile.Multi.Generic (1)
21:56:40.0406 2436  [ 9391853D25F5A5B5769CB4B6E014199C ] RTIOdrvAutomata C:\WINDOWS\system32\drivers\RTIOdrvAutomata.sys
21:56:40.0421 2436  RTIOdrvAutomata ( UnsignedFile.Multi.Generic ) - warning
21:56:40.0421 2436  RTIOdrvAutomata - detected UnsignedFile.Multi.Generic (1)
21:56:40.0468 2436  [ CF48B576AC493546303ACC9E119970C6 ] RTIOdrvCP5613  C:\WINDOWS\system32\drivers\RTIOdrvCP5613.sys
21:56:40.0468 2436  RTIOdrvCP5613 ( UnsignedFile.Multi.Generic ) - warning
21:56:40.0468 2436  RTIOdrvCP5613 - detected UnsignedFile.Multi.Generic (1)
21:56:40.0484 2436  [ 4B2A5274EFB5EA9D9CE5714CE46E6AC8 ] RTIOdrvDAMP    C:\WINDOWS\system32\drivers\RTIOdrvDAMP.sys
21:56:40.0484 2436  RTIOdrvDAMP ( UnsignedFile.Multi.Generic ) - warning
21:56:40.0484 2436  RTIOdrvDAMP - detected UnsignedFile.Multi.Generic (1)
21:56:40.0500 2436  [ 0A7A2D1DF3129E581A183B0C048FE1F5 ] RTIOdrvFC310x  C:\WINDOWS\system32\drivers\RTIOdrvFC310x.sys
21:56:40.0515 2436  RTIOdrvFC310x ( UnsignedFile.Multi.Generic ) - warning
21:56:40.0515 2436  RTIOdrvFC310x - detected UnsignedFile.Multi.Generic (1)
21:56:40.0531 2436  [ 21CE27D9F015C7DE78C220B1D6316A3A ] RTIOdrvHilscherDPM C:\WINDOWS\system32\drivers\RTIOdrvHilscherDPM.sys
21:56:40.0531 2436  RTIOdrvHilscherDPM ( UnsignedFile.Multi.Generic ) - warning
21:56:40.0531 2436  RTIOdrvHilscherDPM - detected UnsignedFile.Multi.Generic (1)
21:56:40.0546 2436  [ D2F41F9E0F0F58EB79F269D8F0ECAD4D ] RTIOdrvHMS      C:\WINDOWS\system32\drivers\RTIOdrvHMS.sys
21:56:40.0562 2436  RTIOdrvHMS ( UnsignedFile.Multi.Generic ) - warning
21:56:40.0562 2436  RTIOdrvHMS - detected UnsignedFile.Multi.Generic (1)
21:56:40.0578 2436  [ 10997FCD12441587E2AFC51FBCCDA286 ] RTIOdrvKuhnkePBM C:\WINDOWS\system32\drivers\RTIOdrvKuhnkePBM.sys
21:56:40.0578 2436  RTIOdrvKuhnkePBM ( UnsignedFile.Multi.Generic ) - warning
21:56:40.0578 2436  RTIOdrvKuhnkePBM - detected UnsignedFile.Multi.Generic (1)
21:56:40.0609 2436  [ 8E4667211F883426456B8237FC83C326 ] RTIOdrvSJA      C:\WINDOWS\system32\drivers\RTIOdrvSJA.sys
21:56:40.0609 2436  RTIOdrvSJA ( UnsignedFile.Multi.Generic ) - warning
21:56:40.0609 2436  RTIOdrvSJA - detected UnsignedFile.Multi.Generic (1)
21:56:40.0687 2436  [ 0BB70D0CEF694D7FC7C9BDEC9B4D4496 ] RTService      E:\programme\3S\CoDeSys SP RTE\RTService.exe
21:56:40.0687 2436  RTService ( UnsignedFile.Multi.Generic ) - warning
21:56:40.0703 2436  RTService - detected UnsignedFile.Multi.Generic (1)
21:56:40.0718 2436  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs          C:\WINDOWS\system32\lsass.exe
21:56:40.0781 2436  SamSs - ok
21:56:40.0796 2436  [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
21:56:40.0859 2436  SCardSvr - ok
21:56:40.0890 2436  [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule        C:\WINDOWS\system32\schedsvc.dll
21:56:40.0968 2436  Schedule - ok
21:56:40.0968 2436  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
21:56:41.0015 2436  Secdrv - ok
21:56:41.0031 2436  [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon        C:\WINDOWS\System32\seclogon.dll
21:56:41.0093 2436  seclogon - ok
21:56:41.0109 2436  [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS            C:\WINDOWS\system32\sens.dll
21:56:41.0171 2436  SENS - ok
21:56:41.0187 2436  [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum        C:\WINDOWS\system32\DRIVERS\serenum.sys
21:56:41.0250 2436  serenum - ok
21:56:41.0250 2436  [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
21:56:41.0328 2436  Serial - ok
21:56:41.0328 2436  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy        C:\WINDOWS\system32\drivers\Sfloppy.sys
21:56:41.0406 2436  Sfloppy - ok
21:56:41.0421 2436  [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
21:56:41.0484 2436  SharedAccess - ok
21:56:41.0500 2436  [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
21:56:41.0515 2436  ShellHWDetection - ok
21:56:41.0515 2436  Simbad - ok
21:56:41.0546 2436  [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate    C:\Programme\Skype\Updater\Updater.exe
21:56:41.0546 2436  SkypeUpdate - ok
21:56:41.0578 2436  [ 1FFC44D6787EC1EA9A2B1440A90FA5C1 ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
21:56:41.0593 2436  SLIP - ok
21:56:41.0593 2436  Sparrow - ok
21:56:41.0609 2436  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
21:56:41.0671 2436  splitter - ok
21:56:41.0703 2436  [ 39356A9CDB6753A6D13A4072A9F5A4BB ] Spooler        C:\WINDOWS\system32\spoolsv.exe
21:56:41.0765 2436  Spooler - ok
21:56:41.0796 2436  [ 71E276F6D189413266EA22171806597B ] sptd            C:\WINDOWS\System32\Drivers\sptd.sys
21:56:41.0812 2436  sptd - ok
21:56:41.0828 2436  [ D2B096CD2F56FAC6EEEED9A77DDF6DC8 ] SQLBrowser      C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe
21:56:41.0843 2436  SQLBrowser - ok
21:56:41.0859 2436  [ 54902536AAD0E9B99BC65F89C0CAF93F ] SQLWriter      C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe
21:56:41.0859 2436  SQLWriter - ok
21:56:41.0906 2436  [ 50FA898F8C032796D3B1B9951BB5A90F ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
21:56:41.0937 2436  sr - ok
21:56:41.0953 2436  [ FE77A85495065F3AD59C5C65B6C54182 ] srservice      C:\WINDOWS\system32\srsvc.dll
21:56:41.0984 2436  srservice - ok
21:56:41.0984 2436  [ 5252605079810904E31C332E241CD59B ] Srv            C:\WINDOWS\system32\DRIVERS\srv.sys
21:56:42.0062 2436  Srv - ok
21:56:42.0078 2436  [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV        C:\WINDOWS\System32\ssdpsrv.dll
21:56:42.0109 2436  SSDPSRV - ok
21:56:42.0125 2436  [ F92254B0BCFCD10CAAC7BCCC7CB7F467 ] StarOpen        C:\WINDOWS\system32\drivers\StarOpen.sys
21:56:42.0140 2436  StarOpen ( UnsignedFile.Multi.Generic ) - warning
21:56:42.0140 2436  StarOpen - detected UnsignedFile.Multi.Generic (1)
21:56:42.0156 2436  [ BC2C5985611C5356B24AEB370953DED9 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
21:56:42.0234 2436  stisvc - ok
21:56:42.0250 2436  [ A9F9FD0212E572B84EDB9EB661F6BC04 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
21:56:42.0250 2436  streamip - ok
21:56:42.0265 2436  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
21:56:42.0328 2436  swenum - ok
21:56:42.0343 2436  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
21:56:42.0406 2436  swmidi - ok
21:56:42.0406 2436  SwPrv - ok
21:56:42.0421 2436  symc810 - ok
21:56:42.0421 2436  symc8xx - ok
21:56:42.0421 2436  sym_hi - ok
21:56:42.0437 2436  sym_u3 - ok
21:56:42.0437 2436  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
21:56:42.0515 2436  sysaudio - ok
21:56:42.0531 2436  [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog      C:\WINDOWS\system32\smlogsvc.exe
21:56:42.0609 2436  SysmonLog - ok
21:56:42.0625 2436  [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv        C:\WINDOWS\System32\tapisrv.dll
21:56:42.0703 2436  TapiSrv - ok
21:56:42.0718 2436  [ 68F06FE0021B01E670AF37B8C5964FDF ] Tcpip          C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:56:42.0734 2436  Tcpip ( UnsignedFile.Multi.Generic ) - warning
21:56:42.0734 2436  Tcpip - detected UnsignedFile.Multi.Generic (1)
21:56:42.0750 2436  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
21:56:42.0812 2436  TDPIPE - ok
21:56:42.0828 2436  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP          C:\WINDOWS\system32\drivers\TDTCP.sys
21:56:42.0906 2436  TDTCP - ok
21:56:42.0906 2436  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
21:56:42.0984 2436  TermDD - ok
21:56:43.0031 2436  [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService    C:\WINDOWS\System32\termsrv.dll
21:56:43.0093 2436  TermService - ok
21:56:43.0109 2436  [ 2DB7D303C36DDD055215052F118E8E75 ] Themes          C:\WINDOWS\System32\shsvcs.dll
21:56:43.0125 2436  Themes - ok
21:56:43.0140 2436  [ 03681A1CE77F51586903869A5AB1DEAB ] TlntSvr        C:\WINDOWS\system32\tlntsvr.exe
21:56:43.0187 2436  TlntSvr - ok
21:56:43.0187 2436  TosIde - ok
21:56:43.0203 2436  [ 626504572B175867F30F3215C04B3E2F ] TrkWks          C:\WINDOWS\system32\trkwks.dll
21:56:43.0281 2436  TrkWks - ok
21:56:43.0281 2436  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
21:56:43.0359 2436  Udfs - ok
21:56:43.0359 2436  ultra - ok
21:56:43.0375 2436  [ AB0A7CA90D9E3D6A193905DC1715DED0 ] UMWdf          C:\WINDOWS\system32\wdfmgr.exe
21:56:43.0390 2436  UMWdf - ok
21:56:43.0406 2436  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
21:56:43.0484 2436  Update - ok
21:56:43.0500 2436  [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost        C:\WINDOWS\System32\upnphost.dll
21:56:43.0531 2436  upnphost - ok
21:56:43.0546 2436  [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS            C:\WINDOWS\System32\ups.exe
21:56:43.0625 2436  UPS - ok
21:56:43.0640 2436  [ E919708DB44ED8543A7C017953148330 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
21:56:43.0703 2436  usbaudio - ok
21:56:43.0718 2436  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp        C:\WINDOWS\system32\DRIVERS\usbccgp.sys
21:56:43.0796 2436  usbccgp - ok
21:56:43.0796 2436  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci        C:\WINDOWS\system32\DRIVERS\usbehci.sys
21:56:43.0875 2436  usbehci - ok
21:56:43.0875 2436  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:56:43.0937 2436  usbhub - ok
21:56:43.0953 2436  [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci        C:\WINDOWS\system32\DRIVERS\usbohci.sys
21:56:44.0015 2436  usbohci - ok
21:56:44.0046 2436  [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR        C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:56:44.0109 2436  USBSTOR - ok
21:56:44.0109 2436  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave        C:\WINDOWS\System32\drivers\vga.sys
21:56:44.0171 2436  VgaSave - ok
21:56:44.0187 2436  ViaIde - ok
21:56:44.0203 2436  [ A5A712F4E880874A477AF790B5186E1D ] VolSnap        C:\WINDOWS\system32\drivers\VolSnap.sys
21:56:44.0265 2436  VolSnap - ok
21:56:44.0281 2436  [ 68F106273BE29E7B7EF8266977268E78 ] VSS            C:\WINDOWS\System32\vssvc.exe
21:56:44.0312 2436  VSS - ok
21:56:44.0328 2436  [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time        C:\WINDOWS\system32\w32time.dll
21:56:44.0406 2436  W32Time - ok
21:56:44.0406 2436  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:56:44.0484 2436  Wanarp - ok
21:56:44.0484 2436  WDICA - ok
21:56:44.0484 2436  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
21:56:44.0562 2436  wdmaud - ok
21:56:44.0578 2436  [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient      C:\WINDOWS\System32\webclnt.dll
21:56:44.0640 2436  WebClient - ok
21:56:44.0687 2436  [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt        C:\WINDOWS\system32\wbem\WMIsvc.dll
21:56:44.0765 2436  winmgmt - ok
21:56:44.0781 2436  [ 140EF97B64F560FD78643CAE2CDAD838 ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
21:56:44.0796 2436  WmdmPmSN - ok
21:56:44.0828 2436  [ 53E1CCF332A2F40B5E08476921CD8B44 ] Wmi            C:\WINDOWS\System32\advapi32.dll
21:56:44.0906 2436  Wmi - ok
21:56:44.0921 2436  [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
21:56:45.0000 2436  WmiApSrv - ok
21:56:45.0031 2436  [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL        C:\WINDOWS\System32\drivers\ws2ifsl.sys
21:56:45.0093 2436  WS2IFSL - ok
21:56:45.0109 2436  [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
21:56:45.0171 2436  wscsvc - ok
21:56:45.0203 2436  [ 233CDD1C06942115802EB7CE6669E099 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
21:56:45.0203 2436  WSTCODEC - ok
21:56:45.0218 2436  [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
21:56:45.0296 2436  wuauserv - ok
21:56:45.0312 2436  [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
21:56:45.0390 2436  WZCSVC - ok
21:56:45.0406 2436  [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov        C:\WINDOWS\System32\xmlprov.dll
21:56:45.0468 2436  xmlprov - ok
21:56:45.0468 2436  ================ Scan global ===============================
21:56:45.0484 2436  [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
21:56:45.0500 2436  [ 4CD408F799D4A72B0DE1F1116A77A48E ] C:\WINDOWS\system32\winsrv.dll
21:56:45.0500 2436  [ 4CD408F799D4A72B0DE1F1116A77A48E ] C:\WINDOWS\system32\winsrv.dll
21:56:45.0515 2436  [ 4BB6A83640F1D1792AD21CE767B621C6 ] C:\WINDOWS\system32\services.exe
21:56:45.0515 2436  [Global] - ok
21:56:45.0515 2436  ================ Scan MBR ==================================
21:56:45.0531 2436  [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
21:56:45.0750 2436  \Device\Harddisk0\DR0 - ok
21:56:45.0750 2436  ================ Scan VBR ==================================
21:56:45.0750 2436  [ 22A128A5FBC0968718F84ECC8245F120 ] \Device\Harddisk0\DR0\Partition1
21:56:45.0750 2436  \Device\Harddisk0\DR0\Partition1 - ok
21:56:45.0750 2436  [ 5F1178C9F8123418E398130A9C9C65C6 ] \Device\Harddisk0\DR0\Partition2
21:56:45.0750 2436  \Device\Harddisk0\DR0\Partition2 - ok
21:56:45.0781 2436  [ 887854459EF0FF587CA451B229A1F9B1 ] \Device\Harddisk0\DR0\Partition3
21:56:45.0781 2436  \Device\Harddisk0\DR0\Partition3 - ok
21:56:45.0781 2436  ============================================================
21:56:45.0781 2436  Scan finished
21:56:45.0781 2436  ============================================================
21:56:45.0796 2160  Detected object count: 30
21:56:45.0796 2160  Actual detected object count: 30
21:56:55.0062 2160  3SRTE ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:55.0062 2160  3SRTE ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:55.0062 2160  ATI Smart ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:55.0062 2160  ATI Smart ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:55.0062 2160  AVM IGD CTRL Service ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:55.0062 2160  AVM IGD CTRL Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:55.0062 2160  CoDeSys Control Win V3 ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:55.0062 2160  CoDeSys Control Win V3 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:55.0062 2160  CoDeSys Gateway V3 ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:55.0078 2160  CoDeSys Gateway V3 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:55.0078 2160  CoDeSys ServiceControl ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:55.0078 2160  CoDeSys ServiceControl ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:55.0078 2160  de_serv ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:55.0078 2160  de_serv ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:55.0078 2160  ENI Server ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:55.0078 2160  ENI Server ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:55.0078 2160  FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:55.0078 2160  FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:55.0078 2160  ForceWare Intelligent Application Manager (IAM) ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:55.0078 2160  ForceWare Intelligent Application Manager (IAM) ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:55.0078 2160  ForcewareWebInterface ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:55.0078 2160  ForcewareWebInterface ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:55.0078 2160  ibpcimpm ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:55.0078 2160  ibpcimpm ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:55.0078 2160  idsvc ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:55.0078 2160  idsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:55.0078 2160  NetTcpPortSharing ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:55.0078 2160  NetTcpPortSharing ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:55.0078 2160  nSvcIp ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:55.0078 2160  nSvcIp ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:55.0078 2160  nSvcLog ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:55.0078 2160  nSvcLog ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:55.0093 2160  ntiomin ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:55.0093 2160  ntiomin ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:55.0093 2160  RTIOdrvAPIC ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:55.0093 2160  RTIOdrvAPIC ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:55.0093 2160  RTIOdrvApplicom ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:55.0093 2160  RTIOdrvApplicom ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:55.0093 2160  RTIOdrvAutomata ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:55.0093 2160  RTIOdrvAutomata ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:55.0093 2160  RTIOdrvCP5613 ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:55.0093 2160  RTIOdrvCP5613 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:55.0093 2160  RTIOdrvDAMP ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:55.0093 2160  RTIOdrvDAMP ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:55.0093 2160  RTIOdrvFC310x ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:55.0093 2160  RTIOdrvFC310x ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:55.0093 2160  RTIOdrvHilscherDPM ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:55.0093 2160  RTIOdrvHilscherDPM ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:55.0093 2160  RTIOdrvHMS ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:55.0093 2160  RTIOdrvHMS ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:55.0093 2160  RTIOdrvKuhnkePBM ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:55.0093 2160  RTIOdrvKuhnkePBM ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:55.0093 2160  RTIOdrvSJA ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:55.0093 2160  RTIOdrvSJA ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:55.0093 2160  RTService ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:55.0093 2160  RTService ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:55.0109 2160  StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:55.0109 2160  StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:56:55.0109 2160  Tcpip ( UnsignedFile.Multi.Generic ) - skipped by user
21:56:55.0109 2160  Tcpip ( UnsignedFile.Multi.Generic ) - User select action: Skip

cosinus 11.10.2012 13:25
Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

ForWoody 11.10.2012 15:37
Code:
ComboFix 12-10-11.03 - *** 11.10.2012  14:44:06.1.2 - x86
Microsoft Windows XP Professional  5.1.2600.3.1252.49.1031.18.2046.1378 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\***\Desktop\ComboFix.exe
AV: Panda Cloud Antivirus *Disabled/Updated* {5AD27692-540A-464E-B625-78275FA38393}
FW: ActiveArmor Firewall *Enabled* {EDC10449-64D1-46c7-A59A-EC20D662F26D}
FW: Cloud Antivirus Firewall *Disabled* {1337562C-110A-4AF8-B12B-750C0B30E802}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\dokumente und einstellungen\All Users\Anwendungsdaten\TEMP
c:\dokumente und einstellungen\***\Anwendungsdaten\Deen
c:\dokumente und einstellungen\***\Anwendungsdaten\Deen\oqdex.doe
c:\dokumente und einstellungen\***\Anwendungsdaten\Local
c:\dokumente und einstellungen\***\Anwendungsdaten\Local\Temp\DDM\Settings\0.ddi
c:\dokumente und einstellungen\***\Anwendungsdaten\Local\Temp\DDM\Settings\1.ddi
c:\dokumente und einstellungen\***\Anwendungsdaten\Local\Temp\DDM\Settings\2.ddi
c:\dokumente und einstellungen\***\Anwendungsdaten\Local\Temp\DDM\Settings\3.ddi
c:\dokumente und einstellungen\***\Anwendungsdaten\Local\Temp\DDM\Settings\4.ddi
c:\dokumente und einstellungen\***\Anwendungsdaten\Local\Temp\DDM\Settings\5.ddi
c:\dokumente und einstellungen\***\Anwendungsdaten\Local\Temp\DDM\Settings\52339834b0cea8515bfe4c38471b8888.avi.ddr
c:\dokumente und einstellungen\***\Anwendungsdaten\Local\Temp\DDM\Settings\6.ddi
c:\dokumente und einstellungen\***\Anwendungsdaten\Local\Temp\DDM\Settings\a20ae4c4a6c8749337bb79519b5adddc.avi(2).ddr
c:\dokumente und einstellungen\***\Anwendungsdaten\Local\Temp\DDM\Settings\a20ae4c4a6c8749337bb79519b5adddc.avi.ddr
c:\dokumente und einstellungen\***\Anwendungsdaten\Local\Temp\DDM\Settings\a83e81c4739ee4419746b5f932b8b1bd.avi.ddr
c:\dokumente und einstellungen\***\Anwendungsdaten\Local\Temp\DDM\Settings\ca4083f1cb5525e97622a5e571fd3e51.avi.ddr
c:\dokumente und einstellungen\***\Anwendungsdaten\Local\Temp\DDM\Settings\Post_Install_RB_HiQ_de.divx.ddr
c:\dokumente und einstellungen\***\Anwendungsdaten\Local\Temp\DDM\Settings\settings.ddi
c:\dokumente und einstellungen\***\Anwendungsdaten\Local\Temp\DDM\Settings\Temporary Downloaded Files\52339834b0cea8515bfe4c38471b8888.avi
c:\dokumente und einstellungen\***\Anwendungsdaten\Local\Temp\DDM\Settings\Temporary Downloaded Files\a20ae4c4a6c8749337bb79519b5adddc.avi
c:\dokumente und einstellungen\***\Anwendungsdaten\Local\Temp\DDM\Settings\Temporary Downloaded Files\a20ae4c4a6c8749337bb79519b5adddc.avi.ddp
c:\dokumente und einstellungen\***\Anwendungsdaten\Local\Temp\DDM\Settings\Temporary Downloaded Files\a83e81c4739ee4419746b5f932b8b1bd.avi.ddp
c:\dokumente und einstellungen\***\Anwendungsdaten\Local\Temp\DDM\Settings\Temporary Downloaded Files\ca4083f1cb5525e97622a5e571fd3e51.avi
c:\dokumente und einstellungen\***\Anwendungsdaten\Local\Temp\DDM\Settings\Temporary Downloaded Files\Post_Install_RB_HiQ_de.divx
c:\dokumente und einstellungen\***\Lokale Einstellungen\Anwendungsdaten\assembly\tmp
c:\dokumente und einstellungen\***\WINDOWS
c:\windows\IsUn0407.exe
c:\windows\system32\html
c:\windows\system32\html\calendar.html
c:\windows\system32\html\calendarbottom.html
c:\windows\system32\html\calendartop.html
c:\windows\system32\html\crystalexportdialog.htm
c:\windows\system32\html\crystalprinthost.html
c:\windows\system32\images
c:\windows\system32\images\toolbar\calendar.gif
c:\windows\system32\images\toolbar\crlogo.gif
c:\windows\system32\images\toolbar\export.gif
c:\windows\system32\images\toolbar\export_over.gif
c:\windows\system32\images\toolbar\exportd.gif
c:\windows\system32\images\toolbar\First.gif
c:\windows\system32\images\toolbar\first_over.gif
c:\windows\system32\images\toolbar\Firstd.gif
c:\windows\system32\images\toolbar\gotopage.gif
c:\windows\system32\images\toolbar\gotopage_over.gif
c:\windows\system32\images\toolbar\gotopaged.gif
c:\windows\system32\images\toolbar\grouptree.gif
c:\windows\system32\images\toolbar\grouptree_over.gif
c:\windows\system32\images\toolbar\grouptreed.gif
c:\windows\system32\images\toolbar\grouptreepressed.gif
c:\windows\system32\images\toolbar\Last.gif
c:\windows\system32\images\toolbar\last_over.gif
c:\windows\system32\images\toolbar\Lastd.gif
c:\windows\system32\images\toolbar\Next.gif
c:\windows\system32\images\toolbar\next_over.gif
c:\windows\system32\images\toolbar\Nextd.gif
c:\windows\system32\images\toolbar\Prev.gif
c:\windows\system32\images\toolbar\prev_over.gif
c:\windows\system32\images\toolbar\Prevd.gif
c:\windows\system32\images\toolbar\print.gif
c:\windows\system32\images\toolbar\print_over.gif
c:\windows\system32\images\toolbar\printd.gif
c:\windows\system32\images\toolbar\Refresh.gif
c:\windows\system32\images\toolbar\refresh_over.gif
c:\windows\system32\images\toolbar\refreshd.gif
c:\windows\system32\images\toolbar\Search.gif
c:\windows\system32\images\toolbar\search_over.gif
c:\windows\system32\images\toolbar\searchd.gif
c:\windows\system32\images\toolbar\up.gif
c:\windows\system32\images\toolbar\up_over.gif
c:\windows\system32\images\toolbar\upd.gif
c:\windows\system32\images\tree\begindots.gif
c:\windows\system32\images\tree\beginminus.gif
c:\windows\system32\images\tree\beginplus.gif
c:\windows\system32\images\tree\blank.gif
c:\windows\system32\images\tree\blankdots.gif
c:\windows\system32\images\tree\dots.gif
c:\windows\system32\images\tree\lastdots.gif
c:\windows\system32\images\tree\lastminus.gif
c:\windows\system32\images\tree\lastplus.gif
c:\windows\system32\images\tree\Magnify.gif
c:\windows\system32\images\tree\minus.gif
c:\windows\system32\images\tree\minusbox.gif
c:\windows\system32\images\tree\plus.gif
c:\windows\system32\images\tree\plusbox.gif
c:\windows\system32\images\tree\singleminus.gif
c:\windows\system32\images\tree\singleplus.gif
.
.
(((((((((((((((((((((((  Dateien erstellt von 2012-09-11 bis 2012-10-11  ))))))))))))))))))))))))))))))
.
.
2012-10-11 11:08 . 2011-03-10 16:04        46280        ----a-w-        c:\windows\system32\drivers\PSKMAD.sys
2012-10-09 00:27 . 2012-10-09 00:27        --------        d-----w-        c:\programme\ESET
2012-10-08 20:51 . 2012-10-08 20:51        --------        d-----w-        c:\programme\Malwarebytes' Anti-Malware
2012-10-08 20:51 . 2012-09-07 15:04        22856        ----a-w-        c:\windows\system32\drivers\mbam.sys
2012-10-08 11:52 . 2011-06-21 04:09        200976        ----a-w-        c:\windows\system32\drivers\tmcomm.sys
2012-10-04 17:32 . 2012-10-04 17:32        --------        d-----w-        c:\dokumente und einstellungen\***\Anwendungsdaten\Thunderbird
2012-10-03 17:04 . 2012-10-03 17:04        --------        d-----w-        c:\dokumente und einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Identities
2012-10-03 17:04 . 2012-10-08 15:55        --------        d-----w-        c:\dokumente und einstellungen\***\Anwendungsdaten\Raavak
2012-09-23 12:24 . 2012-09-23 12:24        --------        d-----w-        c:\windows\system32\config\systemprofile\Lokale Einstellungen\Anwendungsdaten\Google
2012-09-18 20:14 . 2012-09-18 20:17        --------        d-----w-        c:\dokumente und einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Google
2012-09-18 20:14 . 2012-09-18 20:16        --------        d-----w-        c:\programme\Google
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-10 19:05 . 2012-04-17 08:19        696520        ----a-w-        c:\windows\system32\FlashPlayerApp.exe
2012-09-10 19:05 . 2011-11-02 12:35        73416        ----a-w-        c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-14 13:48 . 2012-07-14 11:13        102400        ----a-w-        c:\windows\RegBootClean.exe
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2010-04-05 . 68F06FE0021B01E670AF37B8C5964FDF . 361344 . . [5.1.2600.5512] . . c:\windows\system32\drivers\tcpip.sys
.
[-] 2010-04-05 . 5369751495AAC607F51DF5D057A96006 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20        64792        ----a-w-        c:\programme\Gemeinsame Dateien\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20        64792        ----a-w-        c:\programme\Gemeinsame Dateien\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20        64792        ----a-w-        c:\programme\Gemeinsame Dateien\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20        64792        ----a-w-        c:\programme\Gemeinsame Dateien\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20        64792        ----a-w-        c:\programme\Gemeinsame Dateien\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20        64792        ----a-w-        c:\programme\Gemeinsame Dateien\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20        64792        ----a-w-        c:\programme\Gemeinsame Dateien\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20        64792        ----a-w-        c:\programme\Gemeinsame Dateien\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20        64792        ----a-w-        c:\programme\Gemeinsame Dateien\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36        94208        ----a-w-        c:\dokumente und einstellungen\***\Anwendungsdaten\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36        94208        ----a-w-        c:\dokumente und einstellungen\***\Anwendungsdaten\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36        94208        ----a-w-        c:\dokumente und einstellungen\***\Anwendungsdaten\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36        94208        ----a-w-        c:\dokumente und einstellungen\***\Anwendungsdaten\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="e:\programme\RocketDock\RocketDock.exe" [2007-09-02 495616]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nTrayFw"="c:\programme\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe" [2006-02-17 270336]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2004-10-08 221184]
"SunJavaUpdateSched"="c:\programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [2011-06-09 254696]
"PSUAMain"="e:\programme\panda\PSUAMain.exe" [2012-07-13 37152]
"Panda Security URL Filtering"="c:\dokumente und einstellungen\All Users\Anwendungsdaten\Panda Security URL Filtering\Panda_URL_Filtering.exe" [2012-03-15 217256]
"RTHDCPL"="RTHDCPL.EXE" [2012-06-06 20065936]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_3"="advpack.dll" [2009-03-08 128512]
.
c:\dokumente und einstellungen\***\Startmenü\Programme\Autostart\
E-Mail.lnk -  [N/A]
Internet.lnk -  [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableStatusMessages"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMMyPictures"= 0 (0x0)
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMMyPictures"= 0 (0x0)
.
[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^CodeMeter Control Center.lnk]
path=c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\CodeMeter Control Center.lnk
backup=c:\windows\pss\CodeMeter Control Center.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
2008-06-11 20:43        640376        ----a-w-        e:\programme\adobe\acrreader\Acrobat\acrotray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher]
2008-06-12 00:25        37232        ----a-w-        e:\programme\adobe\acrreader\Acrobat\acrobat_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-03 13:10        843712        ----a-w-        c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2010-11-03 16:13        64104        ----a-w-        c:\windows\ALCMTR.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CoDeSysControlSysTray]
2011-10-28 09:56        397312        ----a-w-        e:\programme\3s Codesys\GatewayPLC\CoDeSysControlSysTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2010-09-16 20:04        1164584        ----a-w-        c:\programme\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ENISysTray]
2009-01-20 07:45        245760        ----a-w-        e:\programme\3S\CoDeSys ENI Server\ENISysTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GatewaySysTray]
2011-10-28 09:56        397312        ----a-w-        e:\programme\3s Codesys\GatewayPLC\GatewaySysTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\JMB36X Configure]
2006-10-30 12:44        1953792        ------r-        c:\windows\system32\JMRaidSetup.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\JMB36X IDE Setup]
2006-10-30 12:44        36864        ------r-        c:\windows\JM\JMInsIDE.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
2010-11-03 16:15        1833576        ----a-w-        c:\windows\SkyTel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2006-11-10 10:35        90112        ------w-        c:\programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TortoiseHgOverlayIconServer]
2012-07-02 21:24        47880        ----a-w-        c:\programme\TortoiseHg\TortoiseHgOverlayServer.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programme\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"=
"e:\\programme\\FRITZ!DSL\\IGDCTRL.EXE"=
"e:\\programme\\Pidgin\\pidgin.exe"=
"e:\\programme\\eclipse\\eclipse.exe"=
"e:\\programme\\XAMPP\\xampp\\mysql\\bin\\mysqld.exe"=
"e:\\programme\\Maple\\jre\\bin\\maple.exe"=
"e:\\programme\\Maple\\jre\\bin\\java.exe"=
"e:\\programme\\XAMPP\\xampp\\apache\\bin\\httpd.exe"=
"c:\\WINDOWS\\system32\\java.exe"=
"e:\\programme\\Mozilla Firefox\\firefox.exe"=
"e:\\programme\\IBM\\RMC75\\rmc\\rmc.exe"=
"e:\\programme\\java\\jre6\\bin\\java.exe"=
"e:\\programme\\epf-composer-1.2.0.4-win32\\epf.exe"=
"e:\\programme\\java\\jre6\\bin\\javaw.exe"=
"e:\\programme\\yEd\\yEd.exe"=
"c:\\Dokumente und Einstellungen\\***\\Anwendungsdaten\\Wuala\\Roaming\\Wuala.exe"=
"c:\\Dokumente und Einstellungen\\***\\Anwendungsdaten\\Dropbox\\bin\\Dropbox.exe"=
"e:\\programme\\FRITZ!DSL\\FBOXUPD.EXE"=
"c:\\Programme\\Orbitdownloader\\orbitdm.exe"=
"c:\\Programme\\Orbitdownloader\\orbitnet.exe"=
"e:\\programme\\Mozilla Firefox\\plugin-container.exe"=
"e:\\programme\\3S\\CoDeSys SP PLCWinNT\\PLCWinNT24.exe"=
"c:\\Programme\\CodeMeter\\Runtime\\bin\\CodeMeter.exe"=
"e:\\programme\\3s Codesys\\CoDeSys\\Common\\CoDeSys.exe"=
"e:\\programme\\3s Codesys\\CoDeSys\\Common\\RepTool.exe"=
"e:\\programme\\3s Codesys\\CoDeSys\\Common\\IPMCLI.exe"=
"e:\\programme\\3s Codesys\\GatewayPLC\\GatewayService.exe"=
"c:\\WINDOWS\\system32\\Gateway.exe"=
"c:\\WINDOWS\\system32\\GatewayDDE.exe"=
"e:\\programme\\3s Codesys\\GatewayPLC\\CoDeSysControlService.exe"=
"e:\\programme\\3s Codesys\\GatewayPLC\\CoDeSysHMI.exe"=
"e:\\programme\\BORIS\\Boris.exe"=
"c:\\Programme\\Skype\\Phone\\Skype.exe"=
"c:\\av-cls\\wget.exe"= c:\\AV-CLS\\WGET.EXE
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
.
R1 NNSALPC;NNSAlpc;c:\windows\system32\drivers\NNSAlpc.sys [27.06.2012 15:51 82472]
R1 NNSHTTP;NNSHttp;c:\windows\system32\drivers\NNSHttp.sys [27.06.2012 15:51 120744]
R1 NNSIDS;NNSids;c:\windows\system32\drivers\NNSIds.sys [27.06.2012 15:51 122664]
R1 NNSPICC;NNSPicc;c:\windows\system32\drivers\NNSpicc.sys [27.06.2012 15:51 93992]
R1 NNSPOP3;NNSPop3;c:\windows\system32\drivers\NNSPop3.sys [27.06.2012 15:51 104104]
R1 NNSPROT;NNSProt;c:\windows\system32\drivers\NNSProt.sys [27.06.2012 15:51 286376]
R1 NNSPRV;NNSPrv;c:\windows\system32\drivers\NNSPrv.sys [27.06.2012 15:51 153000]
R1 NNSSMTP;NNSSmtp;c:\windows\system32\drivers\NNSSmtp.sys [27.06.2012 15:51 106536]
R1 NNSSTRM;NNSStrm;c:\windows\system32\drivers\NNSStrm.sys [12.07.2012 11:18 206632]
R1 NNSTLSC;NNSTlsc;c:\windows\system32\drivers\NNStlsc.sys [27.06.2012 15:51 92840]
R1 ntiomin;ntiomin;c:\windows\system32\drivers\ntiomin.sys [10.08.2010 15:49 11392]
R1 PSINKNC;PSINKNC;c:\windows\system32\drivers\PSINKNC.sys [13.07.2012 07:02 179112]
R2 NanoServiceMain;Panda Cloud Antivirus Service;e:\programme\panda\PSANHost.exe [13.07.2012 06:57 140064]
R2 PSINAflt;PSINAflt;c:\windows\system32\drivers\PSINAflt.sys [13.07.2012 07:02 149032]
R2 PSINFile;PSINFile;c:\windows\system32\drivers\PSINFile.sys [13.07.2012 07:02 101544]
R2 PSINProc;PSINProc;c:\windows\system32\drivers\PSINProc.sys [13.07.2012 07:02 114728]
R2 PSINProt;PSINProt;c:\windows\system32\drivers\PSINProt.sys [13.07.2012 07:02 120616]
R2 PSUAService;Panda Product Service;e:\programme\panda\PSUAService.exe [13.07.2012 07:15 36640]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [30.05.2011 12:55 101904]
R3 PSKMAD;PSKMAD;c:\windows\system32\drivers\PSKMAD.sys [11.10.2012 13:08 46280]
S2 gupdate;Google Update-Dienst (gupdate);c:\programme\Google\Update\GoogleUpdate.exe [18.09.2012 22:14 116648]
S2 SkypeUpdate;Skype Updater;c:\programme\Skype\Updater\Updater.exe [03.07.2012 13:19 160944]
S3 3SRTE;RTE 3S System Driver;c:\windows\system32\drivers\3SRTE.sys [30.10.2011 22:28 334446]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [19.07.2012 12:49 1691480]
S3 gupdatem;Google Update-Dienst (gupdatem);c:\programme\Google\Update\GoogleUpdate.exe [18.09.2012 22:14 116648]
S3 ibpcimpm;ibpcimpm;c:\windows\system32\drivers\ibpcimpm.sys [30.10.2011 22:28 267912]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\programme\Mozilla Maintenance Service\maintenanceservice.exe [02.05.2012 16:52 114144]
S3 NNSNAHS;Network Activity Hook Server Service;c:\windows\system32\drivers\NNSNAHS.sys [09.09.2011 13:54 38536]
S3 RTIOdrvAPIC;RTIOdrvAPIC;c:\windows\system32\drivers\RTIOdrvAPIC.sys [30.10.2011 22:28 19584]
S3 RTIOdrvApplicom;RTIOdrvApplicom;c:\windows\system32\drivers\RTIOdrvApplicom.sys [30.10.2011 22:28 222852]
S3 RTIOdrvAutomata;RTIOdrvAutomata;c:\windows\system32\drivers\RTIOdrvAutomata.sys [30.10.2011 22:28 307020]
S3 RTIOdrvCP5613;RTIOdrvCP5613;c:\windows\system32\drivers\RTIOdrvCP5613.sys [30.10.2011 22:28 403408]
S3 RTIOdrvDAMP;RTIOdrvDAMP;c:\windows\system32\drivers\RTIOdrvDAMP.sys [30.10.2011 22:28 84096]
S3 RTIOdrvFC310x;RTIOdrvFC310x;c:\windows\system32\drivers\RTIOdrvFC310x.sys [30.10.2011 22:28 44164]
S3 RTIOdrvHilscherDPM;RTIOdrvHilscherDPM;c:\windows\system32\drivers\RTIOdrvHilscherDPM.sys [30.10.2011 22:28 65678]
S3 RTIOdrvHMS;RTIOdrvHMS;c:\windows\system32\drivers\RTIOdrvHMS.sys [30.10.2011 22:28 31358]
S3 RTIOdrvKuhnkePBM;RTIOdrvKuhnkePBM;c:\windows\system32\drivers\RTIOdrvKuhnkePBM.sys [30.10.2011 22:28 62602]
S3 RTIOdrvSJA;RTIOdrvSJA;c:\windows\system32\drivers\RTIOdrvSJA.sys [30.10.2011 22:28 111596]
S3 RTService;RT Service 3S KM;e:\programme\3S\CoDeSys SP RTE\RTService.exe [30.10.2011 22:28 548983]
S4 CodeMeter.exe;CodeMeter Runtime Server;c:\programme\CodeMeter\Runtime\bin\CodeMeter.exe [06.07.2011 05:30 2304912]
S4 CoDeSys Control Win V3;CoDeSys Control Win V3 Version 3.4.4.20;e:\programme\3s Codesys\GatewayPLC\CoDeSysControlService.exe [28.10.2011 11:55 262144]
S4 CoDeSys Gateway V3;CoDeSys Gateway V3 Version 3.4.4.20;e:\programme\3s Codesys\GatewayPLC\GatewayService.exe [28.10.2011 11:57 663552]
S4 CoDeSys ServiceControl;CoDeSys ServiceControl Version 3.4.4.20;e:\programme\3s Codesys\GatewayPLC\ServiceControl.exe [28.10.2011 11:57 303104]
S4 ENI Server;ENI Server;e:\programme\3S\CoDeSys ENI Server\ENI.exe [30.10.2011 22:27 651264]
S4 NNSPIHS;NNSPihs;c:\windows\system32\drivers\NNSpihs.sys [27.06.2012 15:51 51496]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [06.04.2010 21:49 717296]
.
Inhalt des "geplante Tasks" Ordners
.
2012-10-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programme\Google\Update\GoogleUpdate.exe [2012-09-18 20:14]
.
2012-10-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programme\Google\Update\GoogleUpdate.exe [2012-09-18 20:14]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = about:blank
IE: &Download by Orbit - c:\programme\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\programme\Orbitdownloader\orbitmxt.dll/204
IE: An vorhandene PDF-Datei anfügen - c:\programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Do&wnload selected by Orbit - c:\programme\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\programme\Orbitdownloader\orbitmxt.dll/202
IE: Free YouTube to Mp3 Converter - c:\dokumente und einstellungen\***\Anwendungsdaten\DVDVideoSoftIEHelpers\youtubetomp3.htm
IE: In Adobe PDF konvertieren - c:\programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Linkziel an vorhandene PDF-Datei anhängen - c:\programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Linkziel in Adobe PDF konvertieren - c:\programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
LSP: %SYSTEMROOT%\system32\nvappfilter.dll
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\dokumente und einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\l8z18207.default\
FF - prefs.js: browser.startup.homepage - www.google.de
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
HKCU-Run-WallpaperChanger - e:\programme\Wallpaper Master\Wallpaper.exe
MSConfigStartUp-Adobe Reader Speed Launcher - e:\programme\adobe\adobe\Reader\Reader_sl.exe
MSConfigStartUp-DivX Download Manager - c:\programme\DivX\DivX Plus Web Player\DDmService.exe
MSConfigStartUp-WinampAgent - e:\programme\Winamp\winampa.exe
AddRemove-Adobe Photoshop 5.5 - c:\windows\ISUN0407.EXE
AddRemove-Foxit PDF Editor - e:\programme\Neuer Ordner\PDF Editor\uninstall.exe
AddRemove-FRITZ!DSL - c:\windows\IsUn0407.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2012-10-11 14:49
Windows 5.1.2600 Service Pack 3 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'winlogon.exe'(1524)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
- - - - - - - > 'lsass.exe'(1588)
c:\windows\system32\nvappfilter.dll
.
Zeit der Fertigstellung: 2012-10-11  14:53:08
ComboFix-quarantined-files.txt  2012-10-11 12:53
.
Vor Suchlauf: 12 Verzeichnis(se), 11.156.770.816 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 11.119.046.656 Bytes frei
.
WindowsXP-KB310994-SP2-Pro-BootDisk-DEU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 94EE95DD74DE690FD976EC560145F42F
Hm auf dem Desktop habe ich jetzt ein Internet Explorer Symbol. -> normal?

cosinus 11.10.2012 16:03
Code:
FW: ActiveArmor Firewall *Enabled* {EDC10449-64D1-46c7-A59A-EC20D662F26D}
FW: Cloud Antivirus Firewall *Disabled* {1337562C-110A-4AF8-B12B-750C0B30E802}
Kann es sein, dass du da mit Firewalls übertreibst oder ist die Anzeige einfach nur falsch?
Wirklich notwendig ist keins der beiden, die Windows-Firewall reicht aus

ForWoody 11.10.2012 16:09
Ähm, also die Cloud Firewall kam glaube ich mit dem Panda Antiviren Programm. Die ActiveArmor ist vom Nvidia Netzwerkcontroller... soll ich beide deinstallieren?

cosinus 11.10.2012 16:17
Ja, nach Möglichkeit beides runter

ForWoody 11.10.2012 16:23
ok, muss ich sonst noch etwas tun?

cosinus 11.10.2012 18:34
Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.

Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM!

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).



Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.

ForWoody 11.10.2012 22:00
gmer:
Code:
GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-10-11 22:03:13
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\00000074 WDC_WD5000AAKS-00V1A0 rev.05.01D05
Running: 1b2to83l.exe; Driver: C:\DOKUME~1\***\LOKALE~1\Temp\uxtdapoc.sys


---- System - GMER 1.0.15 ----

SSDT  \SystemRoot\system32\DRIVERS\PSINProc.sys (PSINProc Filter Driver for for XP32/Panda Security, S.L.)                ZwTerminateProcess [0x9FD046B0]

---- Kernel code sections - GMER 1.0.15 ----

.text  C:\WINDOWS\system32\DRIVERS\ati2mtag.sys                                                                            section is writeable [0xB8782000, 0x2A1A98, 0xE8000020]

---- Registry - GMER 1.0.15 ----

Reg    HKLM\SYSTEM\ControlSet001\Control\Session Manager@PendingFileRenameOperations                                        ???O?????????????????????????;????????????????T??6???????????2??? ???????????????????????????????????????????????8???n??????-B???????8???????????????????????i?????s2.??????? ???5??????????????????????? ????????????????F??b???????A??????????????HDAUDIO\FUNC_01&VEN_1002&DEV_AA01&SUBSYS_00AA0100&REV_1000\5&2926ef50&0&0001?????????;???????????????????????T?????e.d??hdaudio\func_01&ven_1002&dev_aa01&subsys_00aa0100&rev_1000????????N??A???4???????4???????A???9???????;??????????????????????????????????? ??????????????????????AMD High Definition Audio Device?nition Audio - ATI AA01?????????????????????????????8????N??A??????????????? D??=???a?????MRx??????????Avivo(TM)????-??1????4???????????????????????4??????0????4??????????1????4???F??????0????4???????A???????????4??????????1????4???????4??????0????4???F??? @??5???4???????4??Box:0,Narrow-tent:1,Wide-tent:2??4???????5???5???????T??????1????4???????????5??????0????4???????5??????1????5??????????0(Box:2,Narrow-tent:4,Wide-tent:6) 2(Box:2,Narrow-tent:4,Wide-tent:6) 4
Reg    HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)               
Reg    HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0                                      E:\programme\Daemon Tools\DAEMON Tools Lite\
Reg    HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0                                      0
Reg    HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh                                  0xBD 0x82 0x4B 0x75 ...
Reg    HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)       
Reg    HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0                            0x20 0x01 0x00 0x00 ...
Reg    HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh                          0xAF 0xEA 0x16 0xCE ...
Reg    HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet) 
Reg    HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh                    0x9F 0xFF 0xD5 0x5B ...
Reg    HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4                                   
Reg    HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0                                  E:\programme\Daemon Tools\DAEMON Tools Lite\
Reg    HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0                                  0
Reg    HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh                              0xBD 0x82 0x4B 0x75 ...
Reg    HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001                           
Reg    HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0                        0x20 0x01 0x00 0x00 ...
Reg    HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh                      0xAF 0xEA 0x16 0xCE ...
Reg    HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40                     
Reg    HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh                0x9F 0xFF 0xD5 0x5B ...
Reg    HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)               
Reg    HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0                                      E:\programme\Daemon Tools\DAEMON Tools Lite\
Reg    HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0                                      0
Reg    HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh                                  0xBD 0x82 0x4B 0x75 ...
Reg    HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)       
Reg    HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0                            0x20 0x01 0x00 0x00 ...
Reg    HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh                          0xAF 0xEA 0x16 0xCE ...
Reg    HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet) 
Reg    HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh                    0x9F 0xFF 0xD5 0x5B ...

---- EOF - GMER 1.0.15 ----
osam:
Code:
Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 22:13:56 on 11.10.2012

OS: Windows XP Professional Service Pack 3 (Build 2600)
Default Browser: Mozilla Corporation Firefox 15.0.1

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Common]
-----( %SystemRoot%\Tasks )-----
"GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"DivXControlPanelApplet.cpl" - "DivX, Inc." - C:\WINDOWS\system32\DivXControlPanelApplet.cpl
"FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
"infocardcpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\infocardcpl.cpl
"javacpl.cpl" - "Sun Microsystems, Inc." - C:\WINDOWS\system32\javacpl.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"catchme" (catchme) - ? - C:\DOKUME~1\***\LOKALE~1\Temp\catchme.sys  (File not found)
"Changer" (Changer) - ? - C:\WINDOWS\system32\drivers\Changer.sys  (File not found)
"i2omgmt" (i2omgmt) - ? - C:\WINDOWS\system32\drivers\i2omgmt.sys  (File not found)
"ibpcimpm" (ibpcimpm) - "3s" - C:\WINDOWS\system32\drivers\ibpcimpm.sys
"lbrtfdc" (lbrtfdc) - ? - C:\WINDOWS\system32\drivers\lbrtfdc.sys  (File not found)
"NNSAlpc" (NNSALPC) - "Panda Security, S.L." - C:\WINDOWS\System32\DRIVERS\NNSAlpc.sys
"NNSHttp" (NNSHTTP) - "Panda Security, S.L." - C:\WINDOWS\System32\DRIVERS\NNSHttp.sys
"NNSids" (NNSIDS) - "Panda Security, S.L." - C:\WINDOWS\System32\DRIVERS\NNSIds.sys
"NNSPicc" (NNSPICC) - "Panda Security, S.L." - C:\WINDOWS\System32\DRIVERS\NNSPicc.sys
"NNSPop3" (NNSPOP3) - "Panda Security, S.L." - C:\WINDOWS\System32\DRIVERS\NNSPop3.sys
"NNSProt" (NNSPROT) - "Panda Security, S.L." - C:\WINDOWS\System32\DRIVERS\NNSProt.sys
"NNSPrv" (NNSPRV) - "Panda Security, S.L." - C:\WINDOWS\System32\DRIVERS\NNSPrv.sys
"NNSSmtp" (NNSSMTP) - "Panda Security, S.L." - C:\WINDOWS\System32\DRIVERS\NNSSmtp.sys
"NNSStrm" (NNSSTRM) - "Panda Security, S.L." - C:\WINDOWS\System32\DRIVERS\NNSStrm.sys
"NNSTlsc" (NNSTLSC) - "Panda Security, S.L." - C:\WINDOWS\System32\DRIVERS\NNSTlsc.sys
"ntiomin" (ntiomin) - ? - C:\WINDOWS\system32\drivers\ntiomin.sys
"ntiopnp" (ntiopnp) - ? - C:\WINDOWS\system32\drivers\ntiopnp.sys
"PCIDump" (PCIDump) - ? - C:\WINDOWS\system32\drivers\PCIDump.sys  (File not found)
"PDCOMP" (PDCOMP) - ? - C:\WINDOWS\system32\drivers\PDCOMP.sys  (File not found)
"PDFRAME" (PDFRAME) - ? - C:\WINDOWS\system32\drivers\PDFRAME.sys  (File not found)
"PDRELI" (PDRELI) - ? - C:\WINDOWS\system32\drivers\PDRELI.sys  (File not found)
"PDRFRAME" (PDRFRAME) - ? - C:\WINDOWS\system32\drivers\PDRFRAME.sys  (File not found)
"PSINAflt" (PSINAflt) - "Panda Security, S.L." - C:\WINDOWS\System32\DRIVERS\PSINAflt.sys
"PSINFile" (PSINFile) - "Panda Security, S.L." - C:\WINDOWS\System32\DRIVERS\PSINFile.sys
"PSINKNC" (PSINKNC) - "Panda Security, S.L." - C:\WINDOWS\System32\DRIVERS\psinknc.sys
"PSINProc" (PSINProc) - "Panda Security, S.L." - C:\WINDOWS\System32\DRIVERS\PSINProc.sys
"PSINProt" (PSINProt) - "Panda Security, S.L." - C:\WINDOWS\System32\DRIVERS\PSINProt.sys
"PSKMAD" (PSKMAD) - "Panda Security" - C:\WINDOWS\System32\DRIVERS\PSKMAD.sys
"RTE 3S System Driver" (3SRTE) - "3S - Smart Software Solutions GmbH" - C:\WINDOWS\system32\drivers\3SRTE.sys
"RTIOdrvAPIC" (RTIOdrvAPIC) - "3S" - C:\WINDOWS\system32\drivers\RTIOdrvAPIC.sys
"RTIOdrvApplicom" (RTIOdrvApplicom) - "3s" - C:\WINDOWS\system32\drivers\RTIOdrvApplicom.sys
"RTIOdrvAutomata" (RTIOdrvAutomata) - "3s" - C:\WINDOWS\system32\drivers\RTIOdrvAutomata.sys
"RTIOdrvCP5613" (RTIOdrvCP5613) - "3s" - C:\WINDOWS\system32\drivers\RTIOdrvCP5613.sys
"RTIOdrvDAMP" (RTIOdrvDAMP) - "3s" - C:\WINDOWS\system32\drivers\RTIOdrvDAMP.sys
"RTIOdrvFC310x" (RTIOdrvFC310x) - "3s" - C:\WINDOWS\system32\drivers\RTIOdrvFC310x.sys
"RTIOdrvHilscherDPM" (RTIOdrvHilscherDPM) - "3s" - C:\WINDOWS\system32\drivers\RTIOdrvHilscherDPM.sys
"RTIOdrvHMS" (RTIOdrvHMS) - "3s" - C:\WINDOWS\system32\drivers\RTIOdrvHMS.sys
"RTIOdrvKuhnkePBM" (RTIOdrvKuhnkePBM) - "3s" - C:\WINDOWS\system32\drivers\RTIOdrvKuhnkePBM.sys
"RTIOdrvSJA" (RTIOdrvSJA) - "3s" - C:\WINDOWS\system32\drivers\RTIOdrvSJA.sys
"StarOpen" (StarOpen) - ? - C:\WINDOWS\system32\drivers\StarOpen.sys  (File found, but it contains no detailed information)
"TCP/IP-Protokolltreiber" (Tcpip) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\tcpip.sys
"WDICA" (WDICA) - ? - C:\WINDOWS\system32\drivers\WDICA.sys  (File not found)

[Explorer]
-----( HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? -  (File not found | COM-object registry key not found)
{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? -  (File not found | COM-object registry key not found)
{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? -  (File not found | COM-object registry key not found)
{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? -  (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )-----
{89B4C1CD-B018-4511-B0A1-5476DBF70820} "StubPath" - "Microsoft Corporation" - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.dll
{B2F55D43-C7A4-4B7C-90D7-7A860DFA9F2A} "PXCInfoShlExt Class" - "Tracker Software Products Ltd." - E:\programme\PDFXChange\Shell Extensions\XCShInfo.dll
{00020000-0000-1011-8004-0000C06B5161} "WIBU-SYSTEMS Shell Extension" - "WIBU-SYSTEMS AG" - C:\Programme\WIBU-SYSTEMS\System\WibuShellExt.dll
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - "The Document Foundation" - E:\programme\LibreOffice\Basis\program\shlxthdl\shlxthdl.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
-----( HKLM\Software\Classes\Protocols\Handler )-----
{314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll
{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} "Acrobat Elements Context Menu" - "Adobe Systems Inc." - E:\programme\adobe\acrreader\Acrobat Elements\ContextMenu.dll
{42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" - ? -  (File not found | COM-object registry key not found)
{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? -  (File not found | COM-object registry key not found)
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung" - ? -  (File not found | COM-object registry key not found)
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE14\msoshext.dll
{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE14\msoshext.dll
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - "The Document Foundation" - E:\programme\LibreOffice\Basis\program\shlxthdl\shlxthdl.dll
{087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - "The Document Foundation" - E:\programme\LibreOffice\Basis\program\shlxthdl\shlxthdl.dll
{63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - "The Document Foundation" - E:\programme\LibreOffice\Basis\program\shlxthdl\shlxthdl.dll
{3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - "The Document Foundation" - E:\programme\LibreOffice\Basis\program\shlxthdl\shlxthdl.dll
{CF822AB4-6DB5-4FDA-BC28-E61DF36D2583} "PDF-XChange PDF Preview Provider" - "Tracker Software Products Ltd." - E:\programme\PDFXChange\Shell Extensions\XCShInfo.dll
{67EB453C-1BE1-48EC-AAF3-23B10277FCC1} "PDF-XChange PDF Property Handler" - "Tracker Software Products Ltd." - E:\programme\PDFXChange\Shell Extensions\XCShInfo.dll
{EBD0B8F4-A9A0-41B7-9695-030CD264D9C8} "PDF-XChange PDF Thumbnail Provider" - "Tracker Software Products Ltd." - E:\programme\PDFXChange\Shell Extensions\XCShInfo.dll
{B2F55D43-C7A4-4B7C-90D7-7A860DFA9F2A} "PXCInfoShlExt Class" - "Tracker Software Products Ltd." - E:\programme\PDFXChange\Shell Extensions\XCShInfo.dll
{5B043439-4F53-436E-8CFE-28F80934DBE6} "PXCPreviewHandlerXP Class" - "Tracker Software Products Ltd." - E:\programme\PDFXChange\Shell Extensions\PXCPrevHost.exe
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - ? -  (File not found | COM-object registry key not found)
{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} "Shell Icon Handler for Application References" - "Microsoft Corporation" - C:\WINDOWS\system32\dfshim.dll
{764BF0E1-F219-11ce-972D-00AA00A14F56} "Shellerweiterungen für die Dateikomprimierung" - ? -  (File not found | COM-object registry key not found)
{e82a2d71-5b2f-43a0-97b8-81be15854de8} "ShellLink for Application References" - "Microsoft Corporation" - C:\WINDOWS\system32\dfshim.dll
{5E2121EE-0300-11D4-8D3B-444553540000} "SimpleShlExt Class" - ? - C:\Programme\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll
{46605027-5B8C-4DCE-BFE0-051B7972D64C} "TortoiseHg cmenu" - "TortoiseHg Project" - C:\Programme\TortoiseHg\ThgShellx86.dll
{CEBD95BE-B733-415F-82A8-673D9158466E} "TortoiseHg drop" - "TortoiseHg Project" - C:\Programme\TortoiseHg\ThgShellx86.dll
{869C8877-2C3C-438D-844B-31B86BFE5E8A} "TortoiseHg overlay" - "TortoiseHg Project" - C:\Programme\TortoiseHg\ThgShellx86.dll
{9E3D4EC9-0624-4393-8B48-204C217ED1FF} "TortoiseHg overlay" - "TortoiseHg Project" - C:\Programme\TortoiseHg\ThgShellx86.dll
{AF42ADAB-8C2E-4285-B746-99B31094708E} "TortoiseHg overlay" - "TortoiseHg Project" - C:\Programme\TortoiseHg\ThgShellx86.dll
{CDA1C89D-E9B5-4981-A857-82DD932EA2FD} "TortoiseHg overlay" - "TortoiseHg Project" - C:\Programme\TortoiseHg\ThgShellx86.dll
{C5994560-53D9-4125-87C9-F193FC689CB2} "TortoiseSVN" - "hxxp://tortoisesvn.net" - C:\Programme\Gemeinsame Dateien\TortoiseOverlays\TortoiseOverlays.dll
{C5994561-53D9-4125-87C9-F193FC689CB2} "TortoiseSVN" - "hxxp://tortoisesvn.net" - C:\Programme\Gemeinsame Dateien\TortoiseOverlays\TortoiseOverlays.dll
{C5994562-53D9-4125-87C9-F193FC689CB2} "TortoiseSVN" - "hxxp://tortoisesvn.net" - C:\Programme\Gemeinsame Dateien\TortoiseOverlays\TortoiseOverlays.dll
{C5994563-53D9-4125-87C9-F193FC689CB2} "TortoiseSVN" - "hxxp://tortoisesvn.net" - C:\Programme\Gemeinsame Dateien\TortoiseOverlays\TortoiseOverlays.dll
{C5994564-53D9-4125-87C9-F193FC689CB2} "TortoiseSVN" - "hxxp://tortoisesvn.net" - C:\Programme\Gemeinsame Dateien\TortoiseOverlays\TortoiseOverlays.dll
{C5994565-53D9-4125-87C9-F193FC689CB2} "TortoiseSVN" - "hxxp://tortoisesvn.net" - C:\Programme\Gemeinsame Dateien\TortoiseOverlays\TortoiseOverlays.dll
{C5994566-53D9-4125-87C9-F193FC689CB2} "TortoiseSVN" - "hxxp://tortoisesvn.net" - C:\Programme\Gemeinsame Dateien\TortoiseOverlays\TortoiseOverlays.dll
{C5994567-53D9-4125-87C9-F193FC689CB2} "TortoiseSVN" - "hxxp://tortoisesvn.net" - C:\Programme\Gemeinsame Dateien\TortoiseOverlays\TortoiseOverlays.dll
{C5994568-53D9-4125-87C9-F193FC689CB2} "TortoiseSVN" - "hxxp://tortoisesvn.net" - C:\Programme\Gemeinsame Dateien\TortoiseOverlays\TortoiseOverlays.dll
{00020000-0000-1011-8004-0000C06B5161} "WIBU-SYSTEMS Shell Extension" - "WIBU-SYSTEMS AG" - C:\Programme\WIBU-SYSTEMS\System\WibuShellExt.dll
{45670FA8-ED97-4F44-BC93-305082590BFB} "Windows XPS Document Metadata Handler" - "Microsoft Corporation" - C:\WINDOWS\System32\XPSSHHDR.DLL
{44121072-A222-48f2-A58A-6D9AD51EBBE9} "Windows XPS Document Thumbnail Handler" - "Microsoft Corporation" - C:\WINDOWS\System32\XPSSHHDR.DLL
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - ? - E:\programme\WinRAR\rarext.dll  (File found, but it contains no detailed information)

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
<binary data> "Adobe PDF" - "Adobe Systems Incorporated" - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
<binary data> "Grab Pro" - ? - C:\Programme\Orbitdownloader\GrabPro.dll
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_30" - "Sun Microsystems, Inc." - E:\programme\java\jre6\bin\npjpi160_30.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} "Java Plug-in 1.6.0_30" - "Sun Microsystems, Inc." - E:\programme\java\jre6\bin\npjpi160_30.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_30" - "Sun Microsystems, Inc." - E:\programme\java\jre6\bin\npjpi160_30.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} "{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}" - ? -  (File not found | COM-object registry key not found) / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} "{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}" - ? -  (File not found | COM-object registry key not found) / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
<binary data> "Adobe PDF" - "Adobe Systems Incorporated" - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
<binary data> "Grab Pro" - ? - C:\Programme\Orbitdownloader\GrabPro.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{AE7CD045-E861-484f-8273-0445EE161910} "Adobe PDF Conversion Toolbar Helper" - "Adobe Systems Incorporated" - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - E:\programme\java\jre6\bin\jp2ssv.dll
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Sun Microsystems, Inc." - E:\programme\java\jre6\bin\ssv.dll
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} "JQSIEStartDetectorImpl Class" - "Sun Microsystems, Inc." - E:\programme\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
{000123B4-9B42-4900-B3F7-F4B073EFC214} "Octh Class" - "Orbitdownloader.com" - C:\Programme\Orbitdownloader\orbitcth.dll
{F4971EE7-DAA0-4053-9964-665D8EE6A077} "SmartSelect Class" - "Adobe Systems Incorporated" - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

[Logon]
-----( %AllUsersProfile%\Startmenü\Programme\Autostart )-----
"desktop.ini" - ? - C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini
-----( %UserProfile%\Startmenü\Programme\Autostart )-----
"desktop.ini" - ? - C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\desktop.ini
"E-Mail.lnk" - ? - C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\E-Mail.lnk  (Shortcut exists | File not found)
"Internet.lnk" - ? - C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\Internet.lnk  (Shortcut exists | File not found)
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"RocketDock" - ? - "E:\programme\RocketDock\RocketDock.exe"  (File found, but it contains no detailed information)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"LVCOMSX" - "Logitech Inc." - C:\WINDOWS\system32\LVCOMSX.EXE
"Panda Security URL Filtering" - "Panda Security" - "C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Panda Security URL Filtering\Panda_URL_Filtering.exe"
"PSUAMain" - "Panda Security, S.L." - "E:\programme\panda\PSUAMain.exe" /LaunchSysTray
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe"

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"avm:" - "AVM Berlin GmbH" - C:\WINDOWS\system32\avmprmon.dll
"PDFCreator" - ? - C:\WINDOWS\system32\pdfcmnnt.dll  (File found, but it contains no detailed information)

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
".NET Runtime Optimization Service v2.0.50727_X86" (clr_optimization_v2.0.50727_32) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
"ASP.NET State Service" (aspnet_state) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
"ATI Smart" (ATI Smart) - ? - C:\WINDOWS\system32\ati2sgag.exe
"AVM FRITZ!web Routing Service" (de_serv) - "AVM Berlin" - C:\Programme\Gemeinsame Dateien\AVM\de_serv.exe
"AVM IGD CTRL Service" (AVM IGD CTRL Service) - "AVM Berlin" - e:\programme\FRITZ!DSL\IGDCTRL.EXE
"CPUCooLServer Service" (CPUCooLServer) - ? - "C:\Programme\CPUCooL\CooLSrv.exe"  (File not found)
"FLEXnet Licensing Service" (FLEXnet Licensing Service) - "Macrovision Europe Ltd." - C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
"ForceWare Intelligent Application Manager (IAM)" (ForceWare Intelligent Application Manager (IAM)) - ? - C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
"ForceWare IP service" (nSvcIp) - "NVIDIA Corporation" - C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
"ForceWare user log service" (nSvcLog) - "NVIDIA" - C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
"Forceware Web Interface" (ForcewareWebInterface) - "Apache Software Foundation" - C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
"Google Update-Dienst (gupdate)" (gupdate) - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe
"Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe
"Java Quick Starter" (JavaQuickStarterService) - "Sun Microsystems, Inc." - E:\programme\java\jre6\bin\jqs.exe
"Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
"NMSAccess" (NMSAccess) - ? - E:\programme\CDBurnerXP\NMSAccessU.exe  (File found, but it contains no detailed information)
"Office Source Engine" (ose) - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
"OpcEnum" (OpcEnum) - "OPC Foundation" - C:\WINDOWS\system32\OpcEnum.exe
"Panda Cloud Antivirus Service" (NanoServiceMain) - "Panda Security, S.L." - E:\programme\panda\PSANHost.exe
"Panda Product Service" (PSUAService) - "Panda Security, S.L." - E:\programme\panda\PSUAService.exe
"RT Service 3S KM" (RTService) - "3S-Smart Software Solutions GmbH" - E:\programme\3S\CoDeSys SP RTE\RTService.exe
"Skype Updater" (SkypeUpdate) - "Skype Technologies" - C:\Programme\Skype\Updater\Updater.exe
"Windows CardSpace" (idsvc) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

[Winlogon]
-----( HKCU\Control Panel\IOProcs )-----
"MVB" - ? - mvfs32.dll  (File not found)

[Winsock Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries )-----
"NVIDIA App Filter" - "NVIDIA" - C:\WINDOWS\system32\nvappfilter.dll

===[ Logfile end ]=========================================[ Logfile end ]===

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru
aswmbr:
Code:
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-10-11 22:18:18
-----------------------------
22:18:18.359    OS Version: Windows 5.1.2600 Service Pack 3
22:18:18.359    Number of processors: 2 586 0xF0D
22:18:18.359    ComputerName: ***  UserName:
22:18:18.796    Initialize success
22:19:41.625    AVAST engine defs: 12101100
22:19:44.968    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000073
22:19:44.968    Disk 0 Vendor: WDC_WD5000AAKS-00V1A0 05.01D05 Size: 476940MB BusType: 3
22:19:44.984    Disk 0 MBR read successfully
22:19:44.984    Disk 0 MBR scan
22:19:44.984    Disk 0 Windows XP default MBR code
22:19:44.984    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS        49999 MB offset 63
22:19:44.984    Disk 0 Partition - 00    0F Extended LBA            426930 MB offset 102398310
22:19:45.000    Disk 0 Partition 2 00    07    HPFS/NTFS NTFS      199996 MB offset 102398373
22:19:45.000    Disk 0 Partition - 00    05    Extended            226933 MB offset 511991550
22:19:45.015    Disk 0 Partition 3 00    07    HPFS/NTFS NTFS      226933 MB offset 511991613
22:19:45.015    Disk 0 scanning sectors +976752000
22:19:45.078    Disk 0 scanning C:\WINDOWS\system32\drivers
22:19:50.750    Service scanning
22:20:02.000    Modules scanning
22:20:04.953    Disk 0 trace - called modules:
22:20:04.968    ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll nvata.sys
22:20:04.968    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8ac748d8]
22:20:04.968    3 CLASSPNP.SYS[ba118fd7] -> nt!IofCallDriver -> \Device\00000075[0x8ac76ac0]
22:20:04.968    5 ACPI.sys[b9f7e620] -> nt!IofCallDriver -> \Device\00000073[0x8abf1030]
22:20:05.515    AVAST engine scan C:\WINDOWS
22:20:12.828    AVAST engine scan C:\WINDOWS\system32
22:22:55.515    AVAST engine scan C:\WINDOWS\system32\drivers
22:23:05.609    AVAST engine scan C:\Dokumente und Einstellungen\***
22:41:16.515    AVAST engine scan C:\Dokumente und Einstellungen\All Users
22:46:49.812    Scan finished successfully
22:57:55.062    Disk 0 MBR has been saved successfully to "C:\Dokumente und Einstellungen\***\Desktop\MBR.dat"
22:57:55.062    The log file has been saved successfully to "C:\Dokumente und Einstellungen\***\Desktop\aswMBR.txt"

cosinus 12.10.2012 12:08
Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SASW und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!


Alle Zeitangaben in WEZ +1. Es ist jetzt 01:33 Uhr.
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131