Trojaner-Board
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   mor.exe von Norton isoliert/entfernt - weitere Aktion erforderlich? (https://www.trojaner-board.de/118319-mor-exe-norton-isoliert-entfernt-aktion-erforderlich.html)

cosinus 09.07.2012 13:01
Starte Windows neu im abgesicherten Modus (mit Netzwerktreibern nach Möglichkeit), manchmal hakt das Fixen mit OTL im normalen Modus aber sehr oft funktioniert der Fix im abgesicherte Modus.

gr.nagus 09.07.2012 19:27
Zitat:
Zitat von cosinus (Beitrag 860188)
Starte Windows neu im abgesicherten Modus (mit Netzwerktreibern nach Möglichkeit), manchmal hakt das Fixen mit OTL im normalen Modus aber sehr oft funktioniert der Fix im abgesicherte Modus.
Befehl ausgeführt!

Code:
All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1229272821-1770027372-1177238915-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0D7562AE-8EF6-416d-A838-AB665251703A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1229272821-1770027372-1177238915-1003\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}\ not found.
J:\Dokumente und Einstellungen\Kuschelbär\Anwendungsdaten\Mozilla\Firefox\Profiles\mc4vrqv5.default\searchplugins\safesearch.xml moved successfully.
J:\Programme\Mozilla Firefox\searchplugins\fcmdSrch.xml moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{DB4E9724-F518-4dfd-9C7C-78B52103CAB9} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DB4E9724-F518-4dfd-9C7C-78B52103CAB9}\ deleted successfully.
J:\Programme\facemoods.com\facemoods\1.4.17.11\facemoodsTlbr.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\HonorAutoRunSetting deleted successfully.
Registry value HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry value HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun not found.
Registry key HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer not found.
Registry value HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1229272821-1770027372-1177238915-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\AUTOEXEC.BAT moved successfully.
ADS J:\WINDOWS:AA0B7C486F752FC7 deleted successfully.
========== FILES ==========
J:\Dokumente und Einstellungen\Kuschelbär\Anwendungsdaten\facemoods.com\facemoods folder moved successfully.
J:\Dokumente und Einstellungen\Kuschelbär\Anwendungsdaten\facemoods.com folder moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 402 bytes
->Flash cache emptied: 84 bytes
 
User: All Users
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41 bytes
 
User: e
->Temp folder emptied: 583659 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 84 bytes
 
User: Kuschelbär
->Temp folder emptied: 17415355 bytes
->Temporary Internet Files folder emptied: 1392002 bytes
->Java cache emptied: 44958491 bytes
->FireFox cache emptied: 49251107 bytes
->Flash cache emptied: 98546 bytes
 
User: LocalService
->Temp folder emptied: 82513 bytes
->Temporary Internet Files folder emptied: 49286 bytes
 
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: Spatzl
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 469 bytes
->Java cache emptied: 618662 bytes
->FireFox cache emptied: 168869038 bytes
->Flash cache emptied: 8833 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 3713927 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1358745 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 275,00 mb
 
 
[EMPTYFLASH]
 
User: Administrator
->Flash cache emptied: 0 bytes
 
User: All Users
 
User: Default User
->Flash cache emptied: 0 bytes
 
User: e
->Flash cache emptied: 0 bytes
 
User: Kuschelbär
->Flash cache emptied: 0 bytes
 
User: LocalService
 
User: NetworkService
 
User: Spatzl
->Flash cache emptied: 0 bytes
 
Total Flash Files Cleaned = 0,00 mb
 
J:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.53.1 log created on 07092012_202019

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
Was hab ich jetzt eigentlich gemacht? :wtf:

Gruß
gr.nagus

cosinus 10.07.2012 10:40
Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Search.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[R1].txt.

gr.nagus 12.07.2012 06:35
Hallo Cosinus,

hier ist der Log:
Code:
# AdwCleaner v1.701 - Logfile created 07/12/2012 at 07:33:08
# Updated 02/07/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Kuschelbär - KUSCHELBAER
# Running from : J:\Dokumente und Einstellungen\Kuschelbär\Eigene Dateien\Downloads\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : J:\Dokumente und Einstellungen\Kuschelbär\Anwendungsdaten\facemoods.com
Folder Found : J:\Dokumente und Einstellungen\Spatzl\Anwendungsdaten\facemoods.com
Folder Found : J:\Programme\facemoods.com

***** [Registry] *****

Key Found : HKCU\Software\facemoods.com
Key Found : HKCU\Software\Softonic
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Found : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Found : HKLM\SOFTWARE\Classes\esrv.escrtSrvc
Key Found : HKLM\SOFTWARE\Classes\esrv.escrtSrvc.1
Key Found : HKLM\SOFTWARE\Classes\facemoods.dskBnd
Key Found : HKLM\SOFTWARE\Classes\facemoods.dskBnd.1
Key Found : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr
Key Found : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr.1
Key Found : HKLM\SOFTWARE\Classes\facemoods.xtrnl
Key Found : HKLM\SOFTWARE\Classes\facemoods.xtrnl.1
Key Found : HKLM\SOFTWARE\Classes\facemoodsApp.appCore
Key Found : HKLM\SOFTWARE\Classes\facemoodsApp.appCore.1
Key Found : HKLM\SOFTWARE\Classes\S
Key Found : HKLM\SOFTWARE\facemoods.com
Key Found : HKLM\SOFTWARE\Google\chrome\Extensions\ihflimipbcaljfnojhhknppphnnciiif
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\facemoods
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [facemoods]

***** [Registre - GUID] *****

Key Found : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{AD25754E-D76C-42B3-A335-2F81478B722F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{38EE5CEE-4B62-11D3-854F-00A0C9C898E7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8D670533-270B-4549-B19B-414FB9C6EBDB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A3F2A195-0D11-463b-96BB-D2FF1B7490A1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A5B99E41-E157-4209-8AAC-DB003A816079}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AD20D01C-C939-4DD2-8C55-56935A48987E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DDE2C74F-58CC-4D71-8CE1-09DEBB8CFB78}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E95EAD3F-18C6-4304-9DC6-BD6FD8E11D37}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{ECD0ECC6-DCA4-4013-A915-12355AB70999}
Key Found : HKLM\SOFTWARE\Classes\Interface\{542FA950-C57A-4E17-B3E1-D935DFE15DEE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{5B035F86-41B5-40F1-AAAD-3D219F30244E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6365AC7B-9920-4D8B-AF5D-3BDFEAC340A8}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6A934270-717F-4BC3-BA59-BC9BED47A8D2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{74C012C4-00FB-4F04-9AFB-4AD5449D2018}
Key Found : HKLM\SOFTWARE\Classes\Interface\{78888F8B-D5E4-43CE-89F5-C8C18223AF64}
Key Found : HKLM\SOFTWARE\Classes\Interface\{79B13431-CCAC-4097-8889-D0289E5E924F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8B8558F6-DC26-4F39-8417-34B8934AA459}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8C8D5C57-3CAD-4CF9-BCAD-F873678DA883}
Key Found : HKLM\SOFTWARE\Classes\Interface\{981334CB-7B8B-431F-B86D-67B7426B125B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A3A2A5C0-1306-4D1A-A093-9CECA4230002}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C1C2FC43-F042-4F17-AEDB-C5ABF3B42E4B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F7EC6286-297C-4981-9DCC-FD7F57BC24C9}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{12A5F606-B1EC-474C-83ED-95E99FD8058E}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{AD25754E-D76C-42B3-A335-2F81478B722F}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FFDF9EF3-3C3A-4F05-9A6E-5D3B778EC567}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

*************************

AdwCleaner[R1].txt - [5441 octets] - [12/07/2012 07:33:08]

########## EOF - J:\AdwCleaner[R1].txt - [5569 octets] ##########
Gruß
gr.nagus

cosinus 12.07.2012 10:33
adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Delete.
  • Bestätige jeweils mit Ok.
  • Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[S1].txt.

gr.nagus 12.07.2012 21:28
Hallo Cosinus,

wieder alles ausgeführt. Langsam werde ich zum Profi :rolleyes:

Code:
# AdwCleaner v1.701 - Logfile created 07/12/2012 at 22:22:06
# Updated 02/07/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Kuschelbär - KUSCHELBAER
# Running from : J:\Dokumente und Einstellungen\Kuschelbär\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : J:\Dokumente und Einstellungen\Kuschelbär\Anwendungsdaten\facemoods.com
Folder Deleted : J:\Dokumente und Einstellungen\Spatzl\Anwendungsdaten\facemoods.com
Folder Deleted : J:\Programme\facemoods.com

***** [Registry] *****

Key Deleted : HKCU\Software\facemoods.com
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.escrtSrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.escrtSrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.xtrnl
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.xtrnl.1
Key Deleted : HKLM\SOFTWARE\Classes\facemoodsApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\facemoodsApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\facemoods.com
Key Deleted : HKLM\SOFTWARE\Google\chrome\Extensions\ihflimipbcaljfnojhhknppphnnciiif
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\facemoods
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [facemoods]

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{AD25754E-D76C-42B3-A335-2F81478B722F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{38EE5CEE-4B62-11D3-854F-00A0C9C898E7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8D670533-270B-4549-B19B-414FB9C6EBDB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A3F2A195-0D11-463b-96BB-D2FF1B7490A1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A5B99E41-E157-4209-8AAC-DB003A816079}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AD20D01C-C939-4DD2-8C55-56935A48987E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DDE2C74F-58CC-4D71-8CE1-09DEBB8CFB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E95EAD3F-18C6-4304-9DC6-BD6FD8E11D37}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ECD0ECC6-DCA4-4013-A915-12355AB70999}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{542FA950-C57A-4E17-B3E1-D935DFE15DEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5B035F86-41B5-40F1-AAAD-3D219F30244E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6365AC7B-9920-4D8B-AF5D-3BDFEAC340A8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6A934270-717F-4BC3-BA59-BC9BED47A8D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{74C012C4-00FB-4F04-9AFB-4AD5449D2018}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{78888F8B-D5E4-43CE-89F5-C8C18223AF64}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79B13431-CCAC-4097-8889-D0289E5E924F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8B8558F6-DC26-4F39-8417-34B8934AA459}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C8D5C57-3CAD-4CF9-BCAD-F873678DA883}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{981334CB-7B8B-431F-B86D-67B7426B125B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A3A2A5C0-1306-4D1A-A093-9CECA4230002}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1C2FC43-F042-4F17-AEDB-C5ABF3B42E4B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F7EC6286-297C-4981-9DCC-FD7F57BC24C9}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{12A5F606-B1EC-474C-83ED-95E99FD8058E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AD25754E-D76C-42B3-A335-2F81478B722F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FFDF9EF3-3C3A-4F05-9A6E-5D3B778EC567}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

*************************

AdwCleaner[R1].txt - [5570 octets] - [12/07/2012 07:33:08]
AdwCleaner[S1].txt - [5612 octets] - [12/07/2012 22:22:06]

########## EOF - J:\AdwCleaner[S1].txt - [5740 octets] ##########
Wie viele Programme gibts denn noch, die was finden können?

Gruß
gr.nagus

cosinus 13.07.2012 11:06
Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C:) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg

gr.nagus 13.07.2012 11:29
Hey,

ich werde immer schneller! :singsing:

...auch wenn ich nicht weiß, was ich da eigentlich mache....

Code:
12:23:53.0156 3716        TDSS rootkit removing tool 2.7.45.0 Jul  9 2012 12:46:35
12:23:53.0343 3716        ============================================================
12:23:53.0343 3716        Current date / time: 2012/07/13 12:23:53.0343
12:23:53.0343 3716        SystemInfo:
12:23:53.0343 3716       
12:23:53.0343 3716        OS Version: 5.1.2600 ServicePack: 3.0
12:23:53.0343 3716        Product type: Workstation
12:23:53.0343 3716        ComputerName: KUSCHELBAER
12:23:53.0343 3716        UserName: Kuschelbär
12:23:53.0343 3716        Windows directory: J:\WINDOWS
12:23:53.0343 3716        System windows directory: J:\WINDOWS
12:23:53.0343 3716        Processor architecture: Intel x86
12:23:53.0343 3716        Number of processors: 2
12:23:53.0343 3716        Page size: 0x1000
12:23:53.0343 3716        Boot type: Normal boot
12:23:53.0343 3716        ============================================================
12:23:56.0468 3716        Drive \Device\Harddisk1\DR1 - Size: 0x25432CDE00 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
12:23:56.0468 3716        Drive \Device\Harddisk2\DR2 - Size: 0x3B9C00000 (14.90 Gb), SectorSize: 0x200, Cylinders: 0x799, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
12:23:56.0468 3716        Drive \Device\Harddisk0\DR0 - Size: 0x773800000 (29.80 Gb), SectorSize: 0x200, Cylinders: 0xF32, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
12:23:56.0484 3716        ============================================================
12:23:56.0484 3716        \Device\Harddisk1\DR1:
12:23:56.0484 3716        MBR partitions:
12:23:56.0484 3716        \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xBCC043
12:23:56.0484 3716        \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0xBCC082, BlocksNum 0x4745B2C
12:23:56.0484 3716        \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x5311BED, BlocksNum 0x27FCB73
12:23:56.0500 3716        \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0x7B0E79F, BlocksNum 0x4E036A5
12:23:56.0515 3716        \Device\Harddisk1\DR1\Partition4: MBR, Type 0x7, StartLBA 0xC911E83, BlocksNum 0x36ECC82
12:23:56.0515 3716        \Device\Harddisk1\DR1\Partition5: MBR, Type 0x7, StartLBA 0xFFFEB05, BlocksNum 0x2A19FBC
12:23:56.0515 3716        \Device\Harddisk2\DR2:
12:23:56.0515 3716        MBR partitions:
12:23:56.0515 3716        \Device\Harddisk2\DR2\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1DCC81A
12:23:56.0515 3716        \Device\Harddisk0\DR0:
12:23:56.0515 3716        MBR partitions:
12:23:56.0515 3716        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3B951B2
12:23:56.0515 3716        ============================================================
12:23:56.0546 3716        C: <-> \Device\Harddisk1\DR1\Partition0
12:23:56.0656 3716        D: <-> \Device\Harddisk1\DR1\Partition2
12:23:56.0687 3716        E: <-> \Device\Harddisk1\DR1\Partition3
12:23:56.0703 3716        F: <-> \Device\Harddisk1\DR1\Partition4
12:23:56.0734 3716        G: <-> \Device\Harddisk1\DR1\Partition1
12:23:56.0734 3716        J: <-> \Device\Harddisk0\DR0\Partition0
12:23:56.0734 3716        K: <-> \Device\Harddisk2\DR2\Partition0
12:23:56.0781 3716        L: <-> \Device\Harddisk1\DR1\Partition5
12:23:56.0781 3716        ============================================================
12:23:56.0781 3716        Initialize success
12:23:56.0781 3716        ============================================================
12:24:39.0187 0760        ============================================================
12:24:39.0187 0760        Scan started
12:24:39.0187 0760        Mode: Manual; SigCheck; TDLFS;
12:24:39.0187 0760        ============================================================
12:24:40.0390 0760        Abiosdsk - ok
12:24:40.0390 0760        abp480n5 - ok
12:24:40.0406 0760        ACPI            (ac407f1a62c3a300b4f2b5a9f1d55b2c) J:\WINDOWS\system32\DRIVERS\ACPI.sys
12:24:41.0250 0760        ACPI - ok
12:24:41.0250 0760        ACPIEC          (9e1ca3160dafb159ca14f83b1e317f75) J:\WINDOWS\system32\drivers\ACPIEC.sys
12:24:41.0312 0760        ACPIEC - ok
12:24:41.0312 0760        Adobe LM Service (6d182c31acf16213407f2768f1107fe3) J:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
12:24:41.0312 0760        Adobe LM Service ( UnsignedFile.Multi.Generic ) - warning
12:24:41.0312 0760        Adobe LM Service - detected UnsignedFile.Multi.Generic (1)
12:24:41.0328 0760        AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) J:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
12:24:41.0343 0760        AdobeFlashPlayerUpdateSvc - ok
12:24:41.0343 0760        adpu160m - ok
12:24:41.0343 0760        aec            (8bed39e3c35d6a489438b8141717a557) J:\WINDOWS\system32\drivers\aec.sys
12:24:41.0406 0760        aec - ok
12:24:41.0484 0760        AFD            (1e44bc1e83d8fd2305f8d452db109cf9) J:\WINDOWS\System32\drivers\afd.sys
12:24:41.0500 0760        AFD - ok
12:24:41.0500 0760        Aha154x - ok
12:24:41.0500 0760        aic78u2 - ok
12:24:41.0515 0760        aic78xx - ok
12:24:41.0515 0760        Alerter        (738d80cc01d7bc7584be917b7f544394) J:\WINDOWS\system32\alrsvc.dll
12:24:41.0562 0760        Alerter - ok
12:24:41.0578 0760        ALG            (190cd73d4984f94d823f9444980513e5) J:\WINDOWS\System32\alg.exe
12:24:41.0609 0760        ALG - ok
12:24:41.0609 0760        AliIde - ok
12:24:41.0609 0760        Amfilter        (0984b58956a211c3675d116bc2a750bc) J:\WINDOWS\system32\DRIVERS\Amfilter.sys
12:24:41.0609 0760        Amfilter ( UnsignedFile.Multi.Generic ) - warning
12:24:41.0609 0760        Amfilter - detected UnsignedFile.Multi.Generic (1)
12:24:41.0609 0760        amsint - ok
12:24:41.0625 0760        Amusbprt        (27d4ebb04adabbfec6352add579fa746) J:\WINDOWS\system32\DRIVERS\Amusbprt.sys
12:24:41.0625 0760        Amusbprt ( UnsignedFile.Multi.Generic ) - warning
12:24:41.0625 0760        Amusbprt - detected UnsignedFile.Multi.Generic (1)
12:24:41.0625 0760        AppMgmt        (d45960be52c3c610d361977057f98c54) J:\WINDOWS\System32\appmgmts.dll
12:24:41.0656 0760        AppMgmt - ok
12:24:41.0656 0760        asc - ok
12:24:41.0656 0760        asc3350p - ok
12:24:41.0671 0760        asc3550 - ok
12:24:41.0671 0760        aspnet_state    (776acefa0ca9df0faa51a5fb2f435705) J:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
12:24:41.0687 0760        aspnet_state - ok
12:24:41.0687 0760        Asset Management Daemon (20adf8a7e99baab64bdca272fcfd0db2) J:\Programme\Gemeinsame Dateien\Portrait Displays\Plugins\AM\dtsslsrv.exe
12:24:41.0687 0760        Asset Management Daemon ( UnsignedFile.Multi.Generic ) - warning
12:24:41.0687 0760        Asset Management Daemon - detected UnsignedFile.Multi.Generic (1)
12:24:41.0687 0760        AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) J:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:24:41.0750 0760        AsyncMac - ok
12:24:41.0750 0760        atapi          (9f3a2f5aa6875c72bf062c712cfa2674) J:\WINDOWS\system32\DRIVERS\atapi.sys
12:24:41.0812 0760        atapi - ok
12:24:41.0812 0760        Atdisk - ok
12:24:41.0812 0760        Atmarpc        (9916c1225104ba14794209cfa8012159) J:\WINDOWS\system32\DRIVERS\atmarpc.sys
12:24:41.0875 0760        Atmarpc - ok
12:24:41.0875 0760        AudioSrv        (58ed0d5452df7be732193e7999c6b9a4) J:\WINDOWS\System32\audiosrv.dll
12:24:41.0921 0760        AudioSrv - ok
12:24:41.0937 0760        audstub        (d9f724aa26c010a217c97606b160ed68) J:\WINDOWS\system32\DRIVERS\audstub.sys
12:24:41.0984 0760        audstub - ok
12:24:41.0984 0760        Beep            (da1f27d85e0d1525f6621372e7b685e9) J:\WINDOWS\system32\drivers\Beep.sys
12:24:42.0046 0760        Beep - ok
12:24:42.0062 0760        BHDrvx86        (a9e111a358ac5f7eba7ac61e43fc6725) J:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\Definitions\BASHDefs\20120711.002\BHDrvx86.sys
12:24:42.0109 0760        BHDrvx86 - ok
12:24:42.0109 0760        BITS            (d6f603772a789bb3228f310d650b8bd1) J:\WINDOWS\system32\qmgr.dll
12:24:42.0187 0760        BITS - ok
12:24:42.0187 0760        Browser        (b42057f06bbb98b31876c0b3f2b54e33) J:\WINDOWS\System32\browser.dll
12:24:42.0234 0760        Browser - ok
12:24:42.0250 0760        cbidf2k        (90a673fc8e12a79afbed2576f6a7aaf9) J:\WINDOWS\system32\drivers\cbidf2k.sys
12:24:42.0296 0760        cbidf2k - ok
12:24:42.0296 0760        ccSet_N360      (599e7f6259a127c174c49938d2aa6a60) J:\WINDOWS\system32\drivers\N360\0602010.005\ccSetx86.sys
12:24:42.0312 0760        ccSet_N360 - ok
12:24:42.0312 0760        cd20xrnt - ok
12:24:42.0312 0760        Cdaudio        (c1b486a7658353d33a10cc15211a873b) J:\WINDOWS\system32\drivers\Cdaudio.sys
12:24:42.0375 0760        Cdaudio - ok
12:24:42.0375 0760        Cdfs            (c885b02847f5d2fd45a24e219ed93b32) J:\WINDOWS\system32\drivers\Cdfs.sys
12:24:42.0437 0760        Cdfs - ok
12:24:42.0437 0760        Cdrom          (1f4260cc5b42272d71f79e570a27a4fe) J:\WINDOWS\system32\DRIVERS\cdrom.sys
12:24:42.0500 0760        Cdrom - ok
12:24:42.0500 0760        Changer - ok
12:24:42.0500 0760        CiSvc          (28e3040d1f1ca2008cd6b29dfebc9a5e) J:\WINDOWS\system32\cisvc.exe
12:24:42.0562 0760        CiSvc - ok
12:24:42.0562 0760        ClipSrv        (778a30ed3c134eb7e406afc407e9997d) J:\WINDOWS\system32\clipsrv.exe
12:24:42.0609 0760        ClipSrv - ok
12:24:42.0625 0760        clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) J:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:24:42.0640 0760        clr_optimization_v2.0.50727_32 - ok
12:24:42.0640 0760        clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) J:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:24:42.0656 0760        clr_optimization_v4.0.30319_32 - ok
12:24:42.0656 0760        CmdIde - ok
12:24:42.0656 0760        COMSysApp - ok
12:24:42.0656 0760        Cpqarray - ok
12:24:42.0656 0760        CryptSvc        (611f824e5c703a5a899f84c5f1699e4d) J:\WINDOWS\System32\cryptsvc.dll
12:24:42.0718 0760        CryptSvc - ok
12:24:42.0718 0760        dac2w2k - ok
12:24:42.0718 0760        dac960nt - ok
12:24:42.0734 0760        DcomLaunch      (3127afbf2c1ed0ab14a1bbb7aaecb85b) J:\WINDOWS\system32\rpcss.dll
12:24:42.0750 0760        DcomLaunch - ok
12:24:42.0750 0760        DgiVecp        (770471de2550820feeb7e5d24bf2e273) J:\WINDOWS\system32\Drivers\DgiVecp.sys
12:24:42.0750 0760        DgiVecp ( UnsignedFile.Multi.Generic ) - warning
12:24:42.0750 0760        DgiVecp - detected UnsignedFile.Multi.Generic (1)
12:24:42.0765 0760        Dhcp            (c29a1c9b75ba38fa37f8c44405dec360) J:\WINDOWS\System32\dhcpcsvc.dll
12:24:42.0828 0760        Dhcp - ok
12:24:42.0828 0760        Disk            (044452051f3e02e7963599fc8f4f3e25) J:\WINDOWS\system32\DRIVERS\disk.sys
12:24:42.0890 0760        Disk - ok
12:24:42.0890 0760        dmadmin - ok
12:24:42.0921 0760        dmboot          (0dcfc8395a99fecbb1ef771cec7fe4ea) J:\WINDOWS\system32\drivers\dmboot.sys
12:24:43.0000 0760        dmboot - ok
12:24:43.0015 0760        dmio            (53720ab12b48719d00e327da470a619a) J:\WINDOWS\system32\drivers\dmio.sys
12:24:43.0062 0760        dmio - ok
12:24:43.0062 0760        dmload          (e9317282a63ca4d188c0df5e09c6ac5f) J:\WINDOWS\system32\drivers\dmload.sys
12:24:43.0125 0760        dmload - ok
12:24:43.0125 0760        dmserver        (25c83ffbba13b554eb6d59a9b2e2ee78) J:\WINDOWS\System32\dmserver.dll
12:24:43.0187 0760        dmserver - ok
12:24:43.0187 0760        DMusic          (8a208dfcf89792a484e76c40e5f50b45) J:\WINDOWS\system32\drivers\DMusic.sys
12:24:43.0250 0760        DMusic - ok
12:24:43.0250 0760        Dnscache        (407f3227ac618fd1ca54b335b083de07) J:\WINDOWS\System32\dnsrslvr.dll
12:24:43.0250 0760        Dnscache - ok
12:24:43.0265 0760        Dot3svc        (676e36c4ff5bcea1900f44182b9723e6) J:\WINDOWS\System32\dot3svc.dll
12:24:43.0312 0760        Dot3svc - ok
12:24:43.0312 0760        dpti2o - ok
12:24:43.0328 0760        drmkaud        (8f5fcff8e8848afac920905fbd9d33c8) J:\WINDOWS\system32\drivers\drmkaud.sys
12:24:43.0375 0760        drmkaud - ok
12:24:43.0375 0760        DTSRVC          (a564c3b47cb376163705106cc53f6283) J:\Programme\Gemeinsame Dateien\Portrait Displays\Shared\DTSRVC.exe
12:24:43.0390 0760        DTSRVC ( UnsignedFile.Multi.Generic ) - warning
12:24:43.0390 0760        DTSRVC - detected UnsignedFile.Multi.Generic (1)
12:24:43.0390 0760        EapHost        (4e4f2fddab0a0736d7671134dcce91fb) J:\WINDOWS\System32\eapsvc.dll
12:24:43.0437 0760        EapHost - ok
12:24:43.0453 0760        eeCtrl          (fce87ba643d5e9a8b6e0378508d1b22d) J:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\eeCtrl.sys
12:24:43.0468 0760        eeCtrl - ok
12:24:43.0468 0760        EraserUtilRebootDrv (115dc729465a8c386615207f28875255) J:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
12:24:43.0484 0760        EraserUtilRebootDrv - ok
12:24:43.0484 0760        ERSvc          (877c18558d70587aa7823a1a308ac96b) J:\WINDOWS\System32\ersvc.dll
12:24:43.0531 0760        ERSvc - ok
12:24:43.0546 0760        Eventlog        (a3edbe9053889fb24ab22492472b39dc) J:\WINDOWS\system32\services.exe
12:24:43.0546 0760        Eventlog - ok
12:24:43.0562 0760        EventSystem    (af4f6b5739d18ca7972ab53e091cbc74) J:\WINDOWS\system32\es.dll
12:24:43.0578 0760        EventSystem - ok
12:24:43.0578 0760        Fastfat        (38d332a6d56af32635675f132548343e) J:\WINDOWS\system32\drivers\Fastfat.sys
12:24:43.0625 0760        Fastfat - ok
12:24:43.0640 0760        FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) J:\WINDOWS\System32\shsvcs.dll
12:24:43.0640 0760        FastUserSwitchingCompatibility - ok
12:24:43.0656 0760        Fdc            (92cdd60b6730b9f50f6a1a0c1f8cdc81) J:\WINDOWS\system32\DRIVERS\fdc.sys
12:24:43.0703 0760        Fdc - ok
12:24:43.0718 0760        FinePrint Dispatcher v5 (eb6dffd7174054c9ed56d6ef68057eaf) J:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe
12:24:43.0734 0760        FinePrint Dispatcher v5 ( UnsignedFile.Multi.Generic ) - warning
12:24:43.0734 0760        FinePrint Dispatcher v5 - detected UnsignedFile.Multi.Generic (1)
12:24:43.0734 0760        Fips            (b0678a548587c5f1967b0d70bacad6c1) J:\WINDOWS\system32\drivers\Fips.sys
12:24:43.0796 0760        Fips - ok
12:24:43.0796 0760        Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) J:\WINDOWS\system32\DRIVERS\flpydisk.sys
12:24:43.0859 0760        Flpydisk - ok
12:24:43.0859 0760        FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) J:\WINDOWS\system32\DRIVERS\fltMgr.sys
12:24:43.0921 0760        FltMgr - ok
12:24:43.0921 0760        FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) J:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
12:24:43.0937 0760        FontCache3.0.0.0 - ok
12:24:43.0937 0760        Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) J:\WINDOWS\system32\drivers\Fs_Rec.sys
12:24:43.0984 0760        Fs_Rec - ok
12:24:44.0000 0760        Ftdisk          (8f1955ce42e1484714b542f341647778) J:\WINDOWS\system32\DRIVERS\ftdisk.sys
12:24:44.0046 0760        Ftdisk - ok
12:24:44.0046 0760        gdrv            (d556cb79967e92b5cc69686d16c1d846) J:\WINDOWS\gdrv.sys
12:24:44.0062 0760        gdrv - ok
12:24:44.0062 0760        GEST Service    (2ddd5cbb203c3c3fd6f74979ebd8cc92) J:\Programme\GIGABYTE\EnergySaver\GSvr.exe
12:24:44.0078 0760        GEST Service - ok
12:24:44.0078 0760        giveio          (77ebf3e9386daa51551af429052d88d0) J:\WINDOWS\system32\giveio.sys
12:24:44.0078 0760        giveio ( UnsignedFile.Multi.Generic ) - warning
12:24:44.0078 0760        giveio - detected UnsignedFile.Multi.Generic (1)
12:24:44.0078 0760        Gpc            (0a02c63c8b144bd8c86b103dee7c86a2) J:\WINDOWS\system32\DRIVERS\msgpc.sys
12:24:44.0140 0760        Gpc - ok
12:24:44.0140 0760        gupdate1c9aa7918f7f3bc (626a24ed1228580b9518c01930936df9) J:\Programme\Google\Update\GoogleUpdate.exe
12:24:44.0156 0760        gupdate1c9aa7918f7f3bc - ok
12:24:44.0156 0760        gupdatem        (626a24ed1228580b9518c01930936df9) J:\Programme\Google\Update\GoogleUpdate.exe
12:24:44.0156 0760        gupdatem - ok
12:24:44.0171 0760        HDAudBus        (573c7d0a32852b48f3058cfd8026f511) J:\WINDOWS\system32\DRIVERS\HDAudBus.sys
12:24:44.0218 0760        HDAudBus - ok
12:24:44.0218 0760        helpsvc        (cb66bf85bf599befd6c6a57c2e20357f) J:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
12:24:44.0281 0760        helpsvc - ok
12:24:44.0281 0760        HidServ        (b35da85e60c0103f2e4104532da2f12b) J:\WINDOWS\System32\hidserv.dll
12:24:44.0343 0760        HidServ - ok
12:24:44.0343 0760        hidusb          (ccf82c5ec8a7326c3066de870c06daf1) J:\WINDOWS\system32\DRIVERS\hidusb.sys
12:24:44.0390 0760        hidusb - ok
12:24:44.0406 0760        hkmsvc          (ed29f14101523a6e0e808107405d452c) J:\WINDOWS\System32\kmsvc.dll
12:24:44.0453 0760        hkmsvc - ok
12:24:44.0468 0760        HPM1210RcvFaxSrvc (9442228d256ce6c874cfb5dc39a20540) J:\Programme\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe
12:24:44.0468 0760        HPM1210RcvFaxSrvc ( UnsignedFile.Multi.Generic ) - warning
12:24:44.0468 0760        HPM1210RcvFaxSrvc - detected UnsignedFile.Multi.Generic (1)
12:24:44.0468 0760        hpn - ok
12:24:44.0468 0760        HPSIService    (61bffbf840eb7285f630b5b4f1ccbc08) J:\WINDOWS\system32\HPSIsvc.exe
12:24:44.0484 0760        HPSIService - ok
12:24:44.0484 0760        HTTP            (f80a415ef82cd06ffaf0d971528ead38) J:\WINDOWS\system32\Drivers\HTTP.sys
12:24:44.0500 0760        HTTP - ok
12:24:44.0500 0760        HTTPFilter      (9e4adb854cebcfb81a4b36718feecd16) J:\WINDOWS\System32\w3ssl.dll
12:24:44.0562 0760        HTTPFilter - ok
12:24:44.0562 0760        i2omgmt - ok
12:24:44.0562 0760        i2omp - ok
12:24:44.0578 0760        i8042prt        (e283b97cfbeb86c1d86baed5f7846a92) J:\WINDOWS\system32\DRIVERS\i8042prt.sys
12:24:44.0625 0760        i8042prt - ok
12:24:44.0656 0760        idsvc          (c01ac32dc5c03076cfb852cb5da5229c) J:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:24:44.0687 0760        idsvc - ok
12:24:44.0703 0760        IDSxpx86        (eeebf3616db90124c1c57019d39aa9a2) J:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\Definitions\IPSDefs\20120711.001\IDSxpx86.sys
12:24:44.0718 0760        IDSxpx86 - ok
12:24:44.0718 0760        Imapi          (083a052659f5310dd8b6a6cb05edcf8e) J:\WINDOWS\system32\DRIVERS\imapi.sys
12:24:44.0781 0760        Imapi - ok
12:24:44.0781 0760        ImapiService    (d4b413aa210c21e46aedd2ba5b68d38e) J:\WINDOWS\system32\imapi.exe
12:24:44.0843 0760        ImapiService - ok
12:24:44.0843 0760        ini910u - ok
12:24:44.0968 0760        IntcAzAudAddService (557e20484a095d949912883f5ab29e88) J:\WINDOWS\system32\drivers\RtkHDAud.sys
12:24:45.0062 0760        IntcAzAudAddService - ok
12:24:45.0109 0760        IntelIde - ok
12:24:45.0109 0760        intelppm        (4c7d2750158ed6e7ad642d97bffae351) J:\WINDOWS\system32\DRIVERS\intelppm.sys
12:24:45.0171 0760        intelppm - ok
12:24:45.0171 0760        Ip6Fw          (3bb22519a194418d5fec05d800a19ad0) J:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
12:24:45.0234 0760        Ip6Fw - ok
12:24:45.0234 0760        IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) J:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:24:45.0281 0760        IpFilterDriver - ok
12:24:45.0296 0760        IpInIp          (b87ab476dcf76e72010632b5550955f5) J:\WINDOWS\system32\DRIVERS\ipinip.sys
12:24:45.0343 0760        IpInIp - ok
12:24:45.0343 0760        IpNat          (cc748ea12c6effde940ee98098bf96bb) J:\WINDOWS\system32\DRIVERS\ipnat.sys
12:24:45.0406 0760        IpNat - ok
12:24:45.0406 0760        IPSec          (23c74d75e36e7158768dd63d92789a91) J:\WINDOWS\system32\DRIVERS\ipsec.sys
12:24:45.0468 0760        IPSec - ok
12:24:45.0468 0760        IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) J:\WINDOWS\system32\DRIVERS\irenum.sys
12:24:45.0500 0760        IRENUM - ok
12:24:45.0500 0760        isapnp          (6dfb88f64135c525433e87648bda30de) J:\WINDOWS\system32\DRIVERS\isapnp.sys
12:24:45.0562 0760        isapnp - ok
12:24:45.0562 0760        JavaQuickStarterService (de5d05fd449798ef88cc34ad4b1e7f85) J:\Programme\Java\jre6\bin\jqs.exe
12:24:45.0578 0760        JavaQuickStarterService - ok
12:24:45.0578 0760        Kbdclass        (1704d8c4c8807b889e43c649b478a452) J:\WINDOWS\system32\DRIVERS\kbdclass.sys
12:24:45.0640 0760        Kbdclass - ok
12:24:45.0640 0760        kbdhid          (b6d6c117d771c98130497265f26d1882) J:\WINDOWS\system32\DRIVERS\kbdhid.sys
12:24:45.0687 0760        kbdhid - ok
12:24:45.0703 0760        kmixer          (692bcf44383d056aed41b045a323d378) J:\WINDOWS\system32\drivers\kmixer.sys
12:24:45.0750 0760        kmixer - ok
12:24:45.0765 0760        KSecDD          (b467646c54cc746128904e1654c750c1) J:\WINDOWS\system32\drivers\KSecDD.sys
12:24:45.0765 0760        KSecDD - ok
12:24:45.0781 0760        LanmanServer    (2bbdcb79900990f0716dfcb714e72de7) J:\WINDOWS\System32\srvsvc.dll
12:24:45.0781 0760        LanmanServer - ok
12:24:45.0781 0760        lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) J:\WINDOWS\System32\wkssvc.dll
12:24:45.0796 0760        lanmanworkstation - ok
12:24:45.0796 0760        lbrtfdc - ok
12:24:45.0796 0760        LGScsiCommandService (f2999ae01973f938a5ae1c69c7b0d7de) J:\WINDOWS\system32\LGScsiCommandService.exe
12:24:45.0812 0760        LGScsiCommandService ( UnsignedFile.Multi.Generic ) - warning
12:24:45.0812 0760        LGScsiCommandService - detected UnsignedFile.Multi.Generic (1)
12:24:45.0812 0760        LmHosts        (636714b7d43c8d0c80449123fd266920) J:\WINDOWS\System32\lmhsvc.dll
12:24:45.0859 0760        LmHosts - ok
12:24:45.0875 0760        MBAMProtector  (fb097bbc1a18f044bd17bd2fccf97865) J:\WINDOWS\system32\drivers\mbam.sys
12:24:45.0875 0760        MBAMProtector - ok
12:24:45.0890 0760        MBAMService    (ba400ed640bca1eae5c727ae17c10207) J:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
12:24:45.0921 0760        MBAMService - ok
12:24:45.0921 0760        Messenger      (b7550a7107281d170ce85524b1488c98) J:\WINDOWS\System32\msgsvc.dll
12:24:45.0984 0760        Messenger - ok
12:24:45.0984 0760        mnmdd          (4ae068242760a1fb6e1a44bf4e16afa6) J:\WINDOWS\system32\drivers\mnmdd.sys
12:24:46.0031 0760        mnmdd - ok
12:24:46.0031 0760        mnmsrvc        (c2f1d365fd96791b037ee504868065d3) J:\WINDOWS\system32\mnmsrvc.exe
12:24:46.0093 0760        mnmsrvc - ok
12:24:46.0093 0760        Modem          (6fb74ebd4ec57a6f1781de3852cc3362) J:\WINDOWS\system32\drivers\Modem.sys
12:24:46.0156 0760        Modem - ok
12:24:46.0156 0760        Mouclass        (b24ce8005deab254c0251e15cb71d802) J:\WINDOWS\system32\DRIVERS\mouclass.sys
12:24:46.0218 0760        Mouclass - ok
12:24:46.0218 0760        mouhid          (66a6f73c74e1791464160a7065ce711a) J:\WINDOWS\system32\DRIVERS\mouhid.sys
12:24:46.0265 0760        mouhid - ok
12:24:46.0265 0760        MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) J:\WINDOWS\system32\drivers\MountMgr.sys
12:24:46.0328 0760        MountMgr - ok
12:24:46.0328 0760        MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) J:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
12:24:46.0343 0760        MozillaMaintenance - ok
12:24:46.0343 0760        mraid35x - ok
12:24:46.0343 0760        MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) J:\WINDOWS\system32\DRIVERS\mrxdav.sys
12:24:46.0468 0760        MRxDAV - ok
12:24:46.0500 0760        MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) J:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:24:46.0515 0760        MRxSmb - ok
12:24:46.0515 0760        MSDTC          (35a031af38c55f92d28aa03ee9f12cc9) J:\WINDOWS\system32\msdtc.exe
12:24:46.0578 0760        MSDTC - ok
12:24:46.0578 0760        Msfs            (c941ea2454ba8350021d774daf0f1027) J:\WINDOWS\system32\drivers\Msfs.sys
12:24:46.0640 0760        Msfs - ok
12:24:46.0640 0760        MSIServer - ok
12:24:46.0640 0760        MSKSSRV        (d1575e71568f4d9e14ca56b7b0453bf1) J:\WINDOWS\system32\drivers\MSKSSRV.sys
12:24:46.0687 0760        MSKSSRV - ok
12:24:46.0703 0760        MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) J:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:24:46.0750 0760        MSPCLOCK - ok
12:24:46.0750 0760        MSPQM          (bad59648ba099da4a17680b39730cb3d) J:\WINDOWS\system32\drivers\MSPQM.sys
12:24:46.0796 0760        MSPQM - ok
12:24:46.0812 0760        mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) J:\WINDOWS\system32\DRIVERS\mssmbios.sys
12:24:46.0859 0760        mssmbios - ok
12:24:46.0859 0760        Mup            (de6a75f5c270e756c5508d94b6cf68f5) J:\WINDOWS\system32\drivers\Mup.sys
12:24:46.0875 0760        Mup - ok
12:24:46.0875 0760        N360            (c6948f034d7edabcfa2234d399fc78bc) J:\Programme\Norton 360\Engine\6.2.1.5\ccSvcHst.exe
12:24:46.0890 0760        N360 - ok
12:24:46.0906 0760        napagent        (46bb15ae2ac7d025d6d2567b876817bd) J:\WINDOWS\System32\qagentrt.dll
12:24:46.0953 0760        napagent - ok
12:24:46.0968 0760        NAVENG          (f11033730b38260b6892e837c457fb4b) J:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\Definitions\VirusDefs\20120711.018\NAVENG.SYS
12:24:46.0968 0760        NAVENG - ok
12:24:47.0015 0760        NAVEX15        (4e4e7c0259d3bb97de24a636c0e06aba) J:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\Definitions\VirusDefs\20120711.018\NAVEX15.SYS
12:24:47.0046 0760        NAVEX15 - ok
12:24:47.0078 0760        NDIS            (1df7f42665c94b825322fae71721130d) J:\WINDOWS\system32\drivers\NDIS.sys
12:24:47.0125 0760        NDIS - ok
12:24:47.0140 0760        NdisTapi        (0109c4f3850dfbab279542515386ae22) J:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:24:47.0140 0760        NdisTapi - ok
12:24:47.0140 0760        Ndisuio        (f927a4434c5028758a842943ef1a3849) J:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:24:47.0203 0760        Ndisuio - ok
12:24:47.0203 0760        NdisWan        (edc1531a49c80614b2cfda43ca8659ab) J:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:24:47.0265 0760        NdisWan - ok
12:24:47.0265 0760        NDProxy        (9282bd12dfb069d3889eb3fcc1000a9b) J:\WINDOWS\system32\drivers\NDProxy.sys
12:24:47.0265 0760        NDProxy - ok
12:24:47.0281 0760        Nero BackItUp Scheduler 4.0 - ok
12:24:47.0281 0760        NetBIOS        (5d81cf9a2f1a3a756b66cf684911cdf0) J:\WINDOWS\system32\DRIVERS\netbios.sys
12:24:47.0328 0760        NetBIOS - ok
12:24:47.0343 0760        NetBT          (74b2b2f5bea5e9a3dc021d685551bd3d) J:\WINDOWS\system32\DRIVERS\netbt.sys
12:24:47.0390 0760        NetBT - ok
12:24:47.0406 0760        NetDDE          (8ace4251bffd09ce75679fe940e996cc) J:\WINDOWS\system32\netdde.exe
12:24:47.0453 0760        NetDDE - ok
12:24:47.0453 0760        NetDDEdsdm      (8ace4251bffd09ce75679fe940e996cc) J:\WINDOWS\system32\netdde.exe
12:24:47.0515 0760        NetDDEdsdm - ok
12:24:47.0515 0760        Netlogon        (afb8261b56cba0d86aeb6df682af9785) J:\WINDOWS\system32\lsass.exe
12:24:47.0562 0760        Netlogon - ok
12:24:47.0578 0760        Netman          (e6d88f1f6745bf00b57e7855a2ab696c) J:\WINDOWS\System32\netman.dll
12:24:47.0625 0760        Netman - ok
12:24:47.0640 0760        NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) J:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:24:47.0656 0760        NetTcpPortSharing - ok
12:24:47.0656 0760        Nla            (f1b67b6b0751ae0e6e964b02821206a3) J:\WINDOWS\System32\mswsock.dll
12:24:47.0671 0760        Nla - ok
12:24:47.0687 0760        NMIndexingService (cb992ae1506985d9167e85883b4c3240) J:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe
12:24:47.0703 0760        NMIndexingService - ok
12:24:47.0703 0760        Npfs            (3182d64ae053d6fb034f44b6def8034a) J:\WINDOWS\system32\drivers\Npfs.sys
12:24:47.0765 0760        Npfs - ok
12:24:47.0781 0760        Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) J:\WINDOWS\system32\drivers\Ntfs.sys
12:24:47.0843 0760        Ntfs - ok
12:24:47.0843 0760        NtLmSsp        (afb8261b56cba0d86aeb6df682af9785) J:\WINDOWS\system32\lsass.exe
12:24:47.0906 0760        NtLmSsp - ok
12:24:47.0968 0760        NtmsSvc        (56af4064996fa5bac9c449b1514b4770) J:\WINDOWS\system32\ntmssvc.dll
12:24:48.0031 0760        NtmsSvc - ok
12:24:48.0031 0760        Null            (73c1e1f395918bc2c6dd67af7591a3ad) J:\WINDOWS\system32\drivers\Null.sys
12:24:48.0093 0760        Null - ok
12:24:48.0250 0760        nv              (0ae3a22dbe88dc219f8c0fdd30239e4f) J:\WINDOWS\system32\DRIVERS\nv4_mini.sys
12:24:48.0421 0760        nv - ok
12:24:48.0484 0760        NVSvc          (b54c19b0cda652a65f99701490c9d20f) J:\WINDOWS\system32\nvsvc32.exe
12:24:48.0484 0760        NVSvc - ok
12:24:48.0500 0760        NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) J:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
12:24:48.0546 0760        NwlnkFlt - ok
12:24:48.0546 0760        NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) J:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
12:24:48.0609 0760        NwlnkFwd - ok
12:24:48.0609 0760        Parport        (f84785660305b9b903fb3bca8ba29837) J:\WINDOWS\system32\DRIVERS\parport.sys
12:24:48.0671 0760        Parport - ok
12:24:48.0671 0760        PartMgr        (beb3ba25197665d82ec7065b724171c6) J:\WINDOWS\system32\drivers\PartMgr.sys
12:24:48.0718 0760        PartMgr - ok
12:24:48.0718 0760        ParVdm          (c2bf987829099a3eaa2ca6a0a90ecb4f) J:\WINDOWS\system32\drivers\ParVdm.sys
12:24:48.0781 0760        ParVdm - ok
12:24:48.0781 0760        PCI            (387e8dedc343aa2d1efbc30580273acd) J:\WINDOWS\system32\DRIVERS\pci.sys
12:24:48.0843 0760        PCI - ok
12:24:48.0843 0760        PCIDump - ok
12:24:48.0843 0760        PCIIde          (59ba86d9a61cbcf4df8e598c331f5b82) J:\WINDOWS\system32\DRIVERS\pciide.sys
12:24:48.0890 0760        PCIIde - ok
12:24:48.0890 0760        Pcmcia          (a2a966b77d61847d61a3051df87c8c97) J:\WINDOWS\system32\drivers\Pcmcia.sys
12:24:48.0953 0760        Pcmcia - ok
12:24:48.0953 0760        pcouffin        (5b6c11de7e839c05248ced8825470fef) J:\WINDOWS\system32\Drivers\pcouffin.sys
12:24:48.0953 0760        pcouffin ( UnsignedFile.Multi.Generic ) - warning
12:24:48.0953 0760        pcouffin - detected UnsignedFile.Multi.Generic (1)
12:24:48.0953 0760        PDCOMP - ok
12:24:48.0968 0760        PDFRAME - ok
12:24:48.0968 0760        PdiPorts        (18ed1d71fef6f71d38c24263500bbd01) J:\WINDOWS\system32\Drivers\PdiPorts.sys
12:24:48.0968 0760        PdiPorts - ok
12:24:48.0968 0760        PDRELI - ok
12:24:48.0968 0760        PDRFRAME - ok
12:24:48.0984 0760        perc2 - ok
12:24:48.0984 0760        perc2hib - ok
12:24:48.0984 0760        PlugPlay        (a3edbe9053889fb24ab22492472b39dc) J:\WINDOWS\system32\services.exe
12:24:49.0000 0760        PlugPlay - ok
12:24:49.0000 0760        PolicyAgent    (afb8261b56cba0d86aeb6df682af9785) J:\WINDOWS\system32\lsass.exe
12:24:49.0046 0760        PolicyAgent - ok
12:24:49.0046 0760        PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) J:\WINDOWS\system32\DRIVERS\raspptp.sys
12:24:49.0109 0760        PptpMiniport - ok
12:24:49.0109 0760        ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) J:\WINDOWS\system32\lsass.exe
12:24:49.0156 0760        ProtectedStorage - ok
12:24:49.0171 0760        PSched          (09298ec810b07e5d582cb3a3f9255424) J:\WINDOWS\system32\DRIVERS\psched.sys
12:24:49.0218 0760        PSched - ok
12:24:49.0234 0760        Ptilink        (80d317bd1c3dbc5d4fe7b1678c60cadd) J:\WINDOWS\system32\DRIVERS\ptilink.sys
12:24:49.0281 0760        Ptilink - ok
12:24:49.0281 0760        PxHelp20        (153d02480a0a2f45785522e814c634b6) J:\WINDOWS\system32\Drivers\PxHelp20.sys
12:24:49.0296 0760        PxHelp20 - ok
12:24:49.0296 0760        ql1080 - ok
12:24:49.0296 0760        Ql10wnt - ok
12:24:49.0296 0760        ql12160 - ok
12:24:49.0296 0760        ql1240 - ok
12:24:49.0296 0760        ql1280 - ok
12:24:49.0296 0760        RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) J:\WINDOWS\system32\DRIVERS\rasacd.sys
12:24:49.0359 0760        RasAcd - ok
12:24:49.0359 0760        RasAuto        (f5ba6caccdb66c8f048e867563203246) J:\WINDOWS\System32\rasauto.dll
12:24:49.0406 0760        RasAuto - ok
12:24:49.0406 0760        Rasl2tp        (11b4a627bc9614b885c4969bfa5ff8a6) J:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:24:49.0468 0760        Rasl2tp - ok
12:24:49.0468 0760        RasMan          (f9a7b66ea345726edb5862a46b1eccd5) J:\WINDOWS\System32\rasmans.dll
12:24:49.0531 0760        RasMan - ok
12:24:49.0531 0760        RasPppoe        (5bc962f2654137c9909c3d4603587dee) J:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:24:49.0578 0760        RasPppoe - ok
12:24:49.0578 0760        Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) J:\WINDOWS\system32\DRIVERS\raspti.sys
12:24:49.0625 0760        Raspti - ok
12:24:49.0640 0760        Rdbss          (7ad224ad1a1437fe28d89cf22b17780a) J:\WINDOWS\system32\DRIVERS\rdbss.sys
12:24:49.0687 0760        Rdbss - ok
12:24:49.0687 0760        RDPCDD          (4912d5b403614ce99c28420f75353332) J:\WINDOWS\system32\DRIVERS\RDPCDD.sys
12:24:49.0750 0760        RDPCDD - ok
12:24:49.0750 0760        rdpdr          (15cabd0f7c00c47c70124907916af3f1) J:\WINDOWS\system32\DRIVERS\rdpdr.sys
12:24:49.0812 0760        rdpdr - ok
12:24:49.0812 0760        RDPWD          (6589db6e5969f8eee594cf71171c5028) J:\WINDOWS\system32\drivers\RDPWD.sys
12:24:49.0828 0760        RDPWD - ok
12:24:49.0828 0760        RDSessMgr      (263af18af0f3db99f574c95f284ccec9) J:\WINDOWS\system32\sessmgr.exe
12:24:49.0890 0760        RDSessMgr - ok
12:24:49.0890 0760        redbook        (ed761d453856f795a7fe056e42c36365) J:\WINDOWS\system32\DRIVERS\redbook.sys
12:24:49.0937 0760        redbook - ok
12:24:49.0937 0760        RemoteAccess    (0e97ec96d6942ceec2d188cc2eb69a01) J:\WINDOWS\System32\mprdim.dll
12:24:50.0000 0760        RemoteAccess - ok
12:24:50.0000 0760        RemoteRegistry  (e4cd1f3d84e1c2ca0b8cf7501e201593) J:\WINDOWS\system32\regsvc.dll
12:24:50.0046 0760        RemoteRegistry - ok
12:24:50.0062 0760        RpcLocator      (2a02e21867497df20b8fc95631395169) J:\WINDOWS\system32\locator.exe
12:24:50.0109 0760        RpcLocator - ok
12:24:50.0125 0760        RpcSs          (3127afbf2c1ed0ab14a1bbb7aaecb85b) J:\WINDOWS\system32\rpcss.dll
12:24:50.0140 0760        RpcSs - ok
12:24:50.0140 0760        RSVP            (4bdd71b4b521521499dfd14735c4f398) J:\WINDOWS\system32\rsvp.exe
12:24:50.0187 0760        RSVP - ok
12:24:50.0203 0760        RTLE8023xp      (eeb84629064abcb6198864d25bf15b1a) J:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
12:24:50.0218 0760        RTLE8023xp - ok
12:24:50.0218 0760        SaiH075C        (99c7c809b34d2dbc383de491860eb4a3) J:\WINDOWS\system32\DRIVERS\SaiH075C.sys
12:24:50.0234 0760        SaiH075C - ok
12:24:50.0234 0760        SaiMini        (92b13996a122024374107605e34c6b59) J:\WINDOWS\system32\DRIVERS\SaiMini.sys
12:24:50.0234 0760        SaiMini ( UnsignedFile.Multi.Generic ) - warning
12:24:50.0234 0760        SaiMini - detected UnsignedFile.Multi.Generic (1)
12:24:50.0234 0760        SaiNtBus        (60bd55d3a37e94e7952af68c7f74d6b9) J:\WINDOWS\system32\drivers\SaiBus.sys
12:24:50.0234 0760        SaiNtBus ( UnsignedFile.Multi.Generic ) - warning
12:24:50.0234 0760        SaiNtBus - detected UnsignedFile.Multi.Generic (1)
12:24:50.0250 0760        SamSs          (afb8261b56cba0d86aeb6df682af9785) J:\WINDOWS\system32\lsass.exe
12:24:50.0296 0760        SamSs - ok
12:24:50.0296 0760        SANDRA          (230fd3749904ca045ea5ec0aa14006e9) J:\Programme\SiSoftware\SiSoftware Sandra Lite 2012.SP4a\WNt500x86\Sandra.sys
12:24:50.0312 0760        SANDRA - ok
12:24:50.0312 0760        SandraAgentSrv  (dd063e84112e3cca3773d594d97259c8) J:\Programme\SiSoftware\SiSoftware Sandra Lite 2012.SP4a\RpcAgentSrv.exe
12:24:50.0312 0760        SandraAgentSrv ( UnsignedFile.Multi.Generic ) - warning
12:24:50.0312 0760        SandraAgentSrv - detected UnsignedFile.Multi.Generic (1)
12:24:50.0312 0760        SCardSvr        (dcec079fad95d36c8dd5cb6d779dfe32) J:\WINDOWS\System32\SCardSvr.exe
12:24:50.0375 0760        SCardSvr - ok
12:24:50.0375 0760        Schedule        (a050194a44d7fa8d7186ed2f4e8367ae) J:\WINDOWS\system32\schedsvc.dll
12:24:50.0437 0760        Schedule - ok
12:24:50.0437 0760        Secdrv          (90a3935d05b494a5a39d37e71f09a677) J:\WINDOWS\system32\DRIVERS\secdrv.sys
12:24:50.0468 0760        Secdrv - ok
12:24:50.0468 0760        seclogon        (bee4cfd1d48c23b44cf4b974b0b79b2b) J:\WINDOWS\System32\seclogon.dll
12:24:50.0515 0760        seclogon - ok
12:24:50.0515 0760        SENS            (2aac9b6ed9eddffb721d6452e34d67e3) J:\WINDOWS\system32\sens.dll
12:24:50.0578 0760        SENS - ok
12:24:50.0578 0760        serenum        (0f29512ccd6bead730039fb4bd2c85ce) J:\WINDOWS\system32\DRIVERS\serenum.sys
12:24:50.0625 0760        serenum - ok
12:24:50.0640 0760        Serial          (cf24eb4f0412c82bcd1f4f35a025e31d) J:\WINDOWS\system32\DRIVERS\serial.sys
12:24:50.0687 0760        Serial - ok
12:24:50.0687 0760        Sfloppy        (8e6b8c671615d126fdc553d1e2de5562) J:\WINDOWS\system32\drivers\Sfloppy.sys
12:24:50.0750 0760        Sfloppy - ok
12:24:50.0750 0760        SharedAccess    (cad058d5f8b889a87ca3eb3cf624dcef) J:\WINDOWS\System32\ipnathlp.dll
12:24:50.0812 0760        SharedAccess - ok
12:24:50.0812 0760        ShellHWDetection (2db7d303c36ddd055215052f118e8e75) J:\WINDOWS\System32\shsvcs.dll
12:24:50.0828 0760        ShellHWDetection - ok
12:24:50.0828 0760        Simbad - ok
12:24:50.0828 0760        Sparrow - ok
12:24:50.0828 0760        speedfan        (3fa2e254bfbce52b3c6f1bf23aab6911) J:\WINDOWS\system32\speedfan.sys
12:24:50.0843 0760        speedfan - ok
12:24:50.0843 0760        splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) J:\WINDOWS\system32\drivers\splitter.sys
12:24:50.0890 0760        splitter - ok
12:24:50.0906 0760        Spooler        (60784f891563fb1b767f70117fc2428f) J:\WINDOWS\system32\spoolsv.exe
12:24:50.0906 0760        Spooler - ok
12:24:50.0921 0760        sr              (50fa898f8c032796d3b1b9951bb5a90f) J:\WINDOWS\system32\DRIVERS\sr.sys
12:24:50.0937 0760        sr - ok
12:24:50.0953 0760        srservice      (fe77a85495065f3ad59c5c65b6c54182) J:\WINDOWS\system32\srsvc.dll
12:24:50.0984 0760        srservice - ok
12:24:51.0000 0760        SRTSP          (9dd258ee034afd36259cb7357e19d0b1) J:\WINDOWS\System32\Drivers\N360\0602010.005\SRTSP.SYS
12:24:51.0015 0760        SRTSP - ok
12:24:51.0015 0760        SRTSPX          (0cc3a10f363436c7b478419eb73f8d91) J:\WINDOWS\system32\drivers\N360\0602010.005\SRTSPX.SYS
12:24:51.0015 0760        SRTSPX - ok
12:24:51.0031 0760        Srv            (47ddfc2f003f7f9f0592c6874962a2e7) J:\WINDOWS\system32\DRIVERS\srv.sys
12:24:51.0046 0760        Srv - ok
12:24:51.0046 0760        SSDPSRV        (4df5b05dfaec29e13e1ed6f6ee12c500) J:\WINDOWS\System32\ssdpsrv.dll
12:24:51.0078 0760        SSDPSRV - ok
12:24:51.0078 0760        SSPORT - ok
12:24:51.0093 0760        StillCam        (a2dbcc4c8860449df1ab758ea28b4de0) J:\WINDOWS\system32\DRIVERS\serscan.sys
12:24:51.0140 0760        StillCam - ok
12:24:51.0140 0760        stisvc          (bc2c5985611c5356b24aeb370953ded9) J:\WINDOWS\system32\wiaservc.dll
12:24:51.0203 0760        stisvc - ok
12:24:51.0203 0760        swenum          (3941d127aef12e93addf6fe6ee027e0f) J:\WINDOWS\system32\DRIVERS\swenum.sys
12:24:51.0265 0760        swenum - ok
12:24:51.0265 0760        swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) J:\WINDOWS\system32\drivers\swmidi.sys
12:24:51.0312 0760        swmidi - ok
12:24:51.0312 0760        SwPrv - ok
12:24:51.0312 0760        symc810 - ok
12:24:51.0312 0760        symc8xx - ok
12:24:51.0328 0760        SymDS          (690fa0e61b90084c4d9a721bd4f3d779) J:\WINDOWS\system32\drivers\N360\0602010.005\SYMDS.SYS
12:24:51.0343 0760        SymDS - ok
12:24:51.0375 0760        SymEFA          (4e55148a2e044d02245cbcdbb266b98c) J:\WINDOWS\system32\drivers\N360\0602010.005\SYMEFA.SYS
12:24:51.0453 0760        SymEFA - ok
12:24:51.0468 0760        SymEvent        (74e2521e96176a4449570e50be91954d) J:\WINDOWS\system32\Drivers\SYMEVENT.SYS
12:24:51.0484 0760        SymEvent - ok
12:24:51.0500 0760        SymIRON        (2c356cca706505cf63cbe39d532b9236) J:\WINDOWS\system32\drivers\N360\0602010.005\Ironx86.SYS
12:24:51.0515 0760        SymIRON - ok
12:24:51.0531 0760        SYMTDI          (508bd882040f9cb12319e3a4fc78edb9) J:\WINDOWS\System32\Drivers\N360\0602010.005\SYMTDI.SYS
12:24:51.0593 0760        SYMTDI - ok
12:24:51.0593 0760        sym_hi - ok
12:24:51.0593 0760        sym_u3 - ok
12:24:51.0609 0760        sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) J:\WINDOWS\system32\drivers\sysaudio.sys
12:24:51.0656 0760        sysaudio - ok
12:24:51.0656 0760        SysmonLog      (2903fffa2523926d6219428040dce6b9) J:\WINDOWS\system32\smlogsvc.exe
12:24:51.0718 0760        SysmonLog - ok
12:24:51.0734 0760        TapiSrv        (05903cac4b98908d55ea5774775b382e) J:\WINDOWS\System32\tapisrv.dll
12:24:51.0781 0760        TapiSrv - ok
12:24:51.0796 0760        Tcpip          (9aefa14bd6b182d61e3119fa5f436d3d) J:\WINDOWS\system32\DRIVERS\tcpip.sys
12:24:51.0812 0760        Tcpip - ok
12:24:51.0812 0760        TDPIPE          (6471a66807f5e104e4885f5b67349397) J:\WINDOWS\system32\drivers\TDPIPE.sys
12:24:51.0859 0760        TDPIPE - ok
12:24:51.0859 0760        TDTCP          (c56b6d0402371cf3700eb322ef3aaf61) J:\WINDOWS\system32\drivers\TDTCP.sys
12:24:51.0921 0760        TDTCP - ok
12:24:51.0921 0760        TermDD          (88155247177638048422893737429d9e) J:\WINDOWS\system32\DRIVERS\termdd.sys
12:24:51.0968 0760        TermDD - ok
12:24:51.0984 0760        TermService    (b7de02c863d8f5a005a7bf375375a6a4) J:\WINDOWS\System32\termsrv.dll
12:24:52.0031 0760        TermService - ok
12:24:52.0046 0760        Themes          (2db7d303c36ddd055215052f118e8e75) J:\WINDOWS\System32\shsvcs.dll
12:24:52.0046 0760        Themes - ok
12:24:52.0046 0760        TlntSvr        (03681a1ce77f51586903869a5ab1deab) J:\WINDOWS\system32\tlntsvr.exe
12:24:52.0078 0760        TlntSvr - ok
12:24:52.0078 0760        TosIde - ok
12:24:52.0093 0760        TrkWks          (626504572b175867f30f3215c04b3e2f) J:\WINDOWS\system32\trkwks.dll
12:24:52.0140 0760        TrkWks - ok
12:24:52.0156 0760        TUWinStylerThemeSvc (8f5d673617d0101fc85dd30a27fc20c4) J:\Programme\TuneUp Utilities 2006\WinStylerThemeSvc.exe
12:24:52.0156 0760        TUWinStylerThemeSvc ( UnsignedFile.Multi.Generic ) - warning
12:24:52.0156 0760        TUWinStylerThemeSvc - detected UnsignedFile.Multi.Generic (1)
12:24:52.0156 0760        Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) J:\WINDOWS\system32\drivers\Udfs.sys
12:24:52.0203 0760        Udfs - ok
12:24:52.0218 0760        ultra - ok
12:24:52.0218 0760        Update          (402ddc88356b1bac0ee3dd1580c76a31) J:\WINDOWS\system32\DRIVERS\update.sys
12:24:52.0281 0760        Update - ok
12:24:52.0296 0760        upnphost        (1dfd8975d8c89214b98d9387c1125b49) J:\WINDOWS\System32\upnphost.dll
12:24:52.0328 0760        upnphost - ok
12:24:52.0328 0760        UPS            (9b11e6118958e63e1fef129466e2bda7) J:\WINDOWS\System32\ups.exe
12:24:52.0375 0760        UPS - ok
12:24:52.0375 0760        usbbus          (9419faac6552a51542dbba02971c841c) J:\WINDOWS\system32\DRIVERS\lgusbbus.sys
12:24:52.0390 0760        usbbus - ok
12:24:52.0390 0760        usbccgp        (173f317ce0db8e21322e71b7e60a27e8) J:\WINDOWS\system32\DRIVERS\usbccgp.sys
12:24:52.0453 0760        usbccgp - ok
12:24:52.0453 0760        UsbDiag        (c0a466fa4ffec464320e159bc1bbdc0c) J:\WINDOWS\system32\DRIVERS\lgusbdiag.sys
12:24:52.0453 0760        UsbDiag - ok
12:24:52.0468 0760        usbehci        (65dcf09d0e37d4c6b11b5b0b76d470a7) J:\WINDOWS\system32\DRIVERS\usbehci.sys
12:24:52.0515 0760        usbehci - ok
12:24:52.0531 0760        usbhub          (1ab3cdde553b6e064d2e754efe20285c) J:\WINDOWS\system32\DRIVERS\usbhub.sys
12:24:52.0578 0760        usbhub - ok
12:24:52.0578 0760        USBModem        (f74a54774a9b0afeb3c40adec68aa600) J:\WINDOWS\system32\DRIVERS\lgusbmodem.sys
12:24:52.0593 0760        USBModem - ok
12:24:52.0593 0760        usbprint        (a717c8721046828520c9edf31288fc00) J:\WINDOWS\system32\DRIVERS\usbprint.sys
12:24:52.0640 0760        usbprint - ok
12:24:52.0640 0760        usbscan        (a0b8cf9deb1184fbdd20784a58fa75d4) J:\WINDOWS\system32\DRIVERS\usbscan.sys
12:24:52.0703 0760        usbscan - ok
12:24:52.0703 0760        USBSTOR        (a32426d9b14a089eaa1d922e0c5801a9) J:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
12:24:52.0750 0760        USBSTOR - ok
12:24:52.0750 0760        usbuhci        (26496f9dee2d787fc3e61ad54821ffe6) J:\WINDOWS\system32\DRIVERS\usbuhci.sys
12:24:52.0812 0760        usbuhci - ok
12:24:52.0812 0760        usb_rndisx      (b6cc50279d6cd28e090a5d33244adc9a) J:\WINDOWS\system32\DRIVERS\usb8023x.sys
12:24:52.0859 0760        usb_rndisx - ok
12:24:52.0859 0760        VgaSave        (0d3a8fafceacd8b7625cd549757a7df1) J:\WINDOWS\System32\drivers\vga.sys
12:24:52.0921 0760        VgaSave - ok
12:24:52.0921 0760        ViaIde - ok
12:24:52.0921 0760        VolSnap        (a5a712f4e880874a477af790b5186e1d) J:\WINDOWS\system32\drivers\VolSnap.sys
12:24:52.0968 0760        VolSnap - ok
12:24:52.0984 0760        VSS            (68f106273be29e7b7ef8266977268e78) J:\WINDOWS\System32\vssvc.exe
12:24:53.0015 0760        VSS - ok
12:24:53.0015 0760        W32Time        (7b353059e665f8b7ad2bbeaef597cf45) J:\WINDOWS\system32\w32time.dll
12:24:53.0078 0760        W32Time - ok
12:24:53.0078 0760        Wanarp          (e20b95baedb550f32dd489265c1da1f6) J:\WINDOWS\system32\DRIVERS\wanarp.sys
12:24:53.0125 0760        Wanarp - ok
12:24:53.0140 0760        wceusbsh        (46a247f6617526afe38b6f12f5512120) J:\WINDOWS\system32\DRIVERS\wceusbsh.sys
12:24:53.0140 0760        wceusbsh - ok
12:24:53.0140 0760        WDICA - ok
12:24:53.0156 0760        wdmaud          (6768acf64b18196494413695f0c3a00f) J:\WINDOWS\system32\drivers\wdmaud.sys
12:24:53.0203 0760        wdmaud - ok
12:24:53.0203 0760        WebClient      (81727c9873e3905a2ffc1ebd07265002) J:\WINDOWS\System32\webclnt.dll
12:24:53.0265 0760        WebClient - ok
12:24:53.0265 0760        winmgmt        (6f3f3973d97714cc5f906a19fe883729) J:\WINDOWS\system32\wbem\WMIsvc.dll
12:24:53.0328 0760        winmgmt - ok
12:24:53.0328 0760        WmdmPmSN        (c51b4a5c05a5475708e3c81c7765b71d) J:\WINDOWS\system32\MsPMSNSv.dll
12:24:53.0343 0760        WmdmPmSN - ok
12:24:53.0359 0760        Wmi            (ffa4d901d46d07a5bab2d8307fbb51a6) J:\WINDOWS\System32\advapi32.dll
12:24:53.0375 0760        Wmi - ok
12:24:53.0375 0760        WmiApSrv        (93908111ba57a6e60ec2fa2de202105c) J:\WINDOWS\system32\wbem\wmiapsrv.exe
12:24:53.0437 0760        WmiApSrv - ok
12:24:53.0468 0760        WMPNetworkSvc  (bf05650bb7df5e9ebdd25974e22403bb) J:\Programme\Windows Media Player\WMPNetwk.exe
12:24:53.0500 0760        WMPNetworkSvc - ok
12:24:53.0500 0760        WpdUsb          (cf4def1bf66f06964dc0d91844239104) J:\WINDOWS\system32\DRIVERS\wpdusb.sys
12:24:53.0500 0760        WpdUsb - ok
12:24:53.0531 0760        WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) J:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
12:24:53.0562 0760        WPFFontCache_v0400 - ok
12:24:53.0562 0760        wscsvc          (300b3e84faf1a5c1f791c159ba28035d) J:\WINDOWS\system32\wscsvc.dll
12:24:53.0625 0760        wscsvc - ok
12:24:53.0625 0760        wuauserv        (7b4fe05202aa6bf9f4dfd0e6a0d8a085) J:\WINDOWS\system32\wuauserv.dll
12:24:53.0671 0760        wuauserv - ok
12:24:53.0671 0760        WudfPf          (f15feafffbb3644ccc80c5da584e6311) J:\WINDOWS\system32\DRIVERS\WudfPf.sys
12:24:53.0687 0760        WudfPf - ok
12:24:53.0703 0760        WudfRd          (28b524262bce6de1f7ef9f510ba3985b) J:\WINDOWS\system32\DRIVERS\wudfrd.sys
12:24:53.0718 0760        WudfRd - ok
12:24:53.0718 0760        WudfSvc        (05231c04253c5bc30b26cbaae680ed89) J:\WINDOWS\System32\WUDFSvc.dll
12:24:53.0734 0760        WudfSvc - ok
12:24:53.0796 0760        WZCSVC          (c4f109c005f6725162d2d12ca751e4a7) J:\WINDOWS\System32\wzcsvc.dll
12:24:53.0843 0760        WZCSVC - ok
12:24:53.0859 0760        xmlprov        (0ada34871a2e1cd2caafed1237a47750) J:\WINDOWS\System32\xmlprov.dll
12:24:53.0906 0760        xmlprov - ok
12:24:53.0906 0760        MBR (0x1B8)    (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk1\DR1
12:24:54.0078 0760        \Device\Harddisk1\DR1 - ok
12:24:54.0078 0760        MBR (0x1B8)    (8f558eb6672622401da993e1e865c861) \Device\Harddisk2\DR2
12:24:54.0093 0760        \Device\Harddisk2\DR2 - ok
12:24:54.0093 0760        MBR (0x1B8)    (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
12:24:54.0250 0760        \Device\Harddisk0\DR0 - ok
12:24:54.0250 0760        Boot (0x1200)  (844d369df2b32f2e05d3a3f7cd7f8a20) \Device\Harddisk1\DR1\Partition0
12:24:54.0250 0760        \Device\Harddisk1\DR1\Partition0 - ok
12:24:54.0250 0760        Boot (0x1200)  (62bee03d70dd5d71109ebe49b7c301f1) \Device\Harddisk1\DR1\Partition1
12:24:54.0250 0760        \Device\Harddisk1\DR1\Partition1 - ok
12:24:54.0250 0760        Boot (0x1200)  (6b1992f763183aaff3ee87c897d352ba) \Device\Harddisk1\DR1\Partition2
12:24:54.0250 0760        \Device\Harddisk1\DR1\Partition2 - ok
12:24:54.0265 0760        Boot (0x1200)  (cafa043c4ed054193114a9c121a81e52) \Device\Harddisk1\DR1\Partition3
12:24:54.0265 0760        \Device\Harddisk1\DR1\Partition3 - ok
12:24:54.0265 0760        Boot (0x1200)  (969f9f43b04d73cc2472eb8f8bb5b55d) \Device\Harddisk1\DR1\Partition4
12:24:54.0265 0760        \Device\Harddisk1\DR1\Partition4 - ok
12:24:54.0265 0760        Boot (0x1200)  (4a0c41a042620074f77991a09b05b6d9) \Device\Harddisk1\DR1\Partition5
12:24:54.0265 0760        \Device\Harddisk1\DR1\Partition5 - ok
12:24:54.0265 0760        Boot (0x1200)  (888bb6a16dbeafd2ba9847fc15778254) \Device\Harddisk2\DR2\Partition0
12:24:54.0265 0760        \Device\Harddisk2\DR2\Partition0 - ok
12:24:54.0265 0760        Boot (0x1200)  (30ba88ae0d89fd5540b6500b4dad25c8) \Device\Harddisk0\DR0\Partition0
12:24:54.0265 0760        \Device\Harddisk0\DR0\Partition0 - ok
12:24:54.0265 0760        ============================================================
12:24:54.0265 0760        Scan finished
12:24:54.0265 0760        ============================================================
12:24:54.0375 0768        Detected object count: 15
12:24:54.0375 0768        Actual detected object count: 15
12:25:08.0546 0768        Adobe LM Service ( UnsignedFile.Multi.Generic ) - skipped by user
12:25:08.0546 0768        Adobe LM Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:25:08.0546 0768        Amfilter ( UnsignedFile.Multi.Generic ) - skipped by user
12:25:08.0546 0768        Amfilter ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:25:08.0546 0768        Amusbprt ( UnsignedFile.Multi.Generic ) - skipped by user
12:25:08.0546 0768        Amusbprt ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:25:08.0546 0768        Asset Management Daemon ( UnsignedFile.Multi.Generic ) - skipped by user
12:25:08.0546 0768        Asset Management Daemon ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:25:08.0546 0768        DgiVecp ( UnsignedFile.Multi.Generic ) - skipped by user
12:25:08.0546 0768        DgiVecp ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:25:08.0546 0768        DTSRVC ( UnsignedFile.Multi.Generic ) - skipped by user
12:25:08.0546 0768        DTSRVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:25:08.0546 0768        FinePrint Dispatcher v5 ( UnsignedFile.Multi.Generic ) - skipped by user
12:25:08.0546 0768        FinePrint Dispatcher v5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:25:08.0562 0768        giveio ( UnsignedFile.Multi.Generic ) - skipped by user
12:25:08.0562 0768        giveio ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:25:08.0562 0768        HPM1210RcvFaxSrvc ( UnsignedFile.Multi.Generic ) - skipped by user
12:25:08.0562 0768        HPM1210RcvFaxSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:25:08.0562 0768        LGScsiCommandService ( UnsignedFile.Multi.Generic ) - skipped by user
12:25:08.0562 0768        LGScsiCommandService ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:25:08.0562 0768        pcouffin ( UnsignedFile.Multi.Generic ) - skipped by user
12:25:08.0562 0768        pcouffin ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:25:08.0562 0768        SaiMini ( UnsignedFile.Multi.Generic ) - skipped by user
12:25:08.0562 0768        SaiMini ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:25:08.0562 0768        SaiNtBus ( UnsignedFile.Multi.Generic ) - skipped by user
12:25:08.0562 0768        SaiNtBus ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:25:08.0562 0768        SandraAgentSrv ( UnsignedFile.Multi.Generic ) - skipped by user
12:25:08.0562 0768        SandraAgentSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:25:08.0562 0768        TUWinStylerThemeSvc ( UnsignedFile.Multi.Generic ) - skipped by user
12:25:08.0562 0768        TUWinStylerThemeSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
Gruß
gr.nagus

cosinus 13.07.2012 20:28
Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.


Alle Zeitangaben in WEZ +1. Es ist jetzt 22:17 Uhr.
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19