Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Hilfe! Malware/Backdoor gefunden & Outlook stürzt nach Start ab

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 09.02.2014, 18:00   #1
dgone
 
Hilfe! Malware/Backdoor gefunden & Outlook stürzt nach Start ab - Standard

Hilfe! Malware/Backdoor gefunden & Outlook stürzt nach Start ab



Hallo und schönen guten Tag,

Eure Seite macht einen Klasse Eindruck, habe schon öfter interessante Tipps gefunden, freue mich, dass es sowas wie Euch gibt!

Folgendes Problem besteht:
Bei jedem Start von Outlook stürzt es neuerdings ab. Deinstallieren und erneutes Installieren half nicht.
Nun habe ich AntiMalewareBytes durchlaufen lassen und bin mir unsicher wie ich weiter verfahren sollte, um das Problem an der Wurzel zu packen und nicht nur oberflächlich Abhilfe zu schaffen.

Auf dem Rechner ist Kaspersky Internet Security in der aktuellsten Version installiert (wurde auf Grund Lizenzverlängerung am 22.Januar neu installiert, daher keine älteren Logs vorhanden)

Folgende Logs liegen vor (in Reihenfolge der Erstellung, älteste zuerst):

Kaspersky IS 2014:
Code:
ATTFilter
ojanisches Programm (1)	
Trojan-Dropper.Win32.Agent.jkcd	Gelöscht	22.01.2014 16:34:16	C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Temp\32.tmp//	data0001	
Typ: Unbekannt (1)	
32.tmp	Gelöscht	22.01.2014 16:34:15	C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Temp\	32.tmp
         
Malwarebytes Anti Malware:
Code:
ATTFilter
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.02.09.01

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
TanzZeit :: ACER-62802DF1A0 [Administrator]

09.02.2014 08:48:13
MBAM-log-2014-02-09 (14-55-45).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM | P2P
Deaktivierte Suchlaufeinstellungen: 
Durchsuchte Objekte: 427044
Laufzeit: 1 Stunde(n), 4 Minute(n), 11 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 4
HKCR\iminent (PUP.Optional.Iminent.A) -> Keine Aktion durchgeführt.
HKCR\AppID\Iminent.WebBooster.InternetExplorer.DLL (PUP.Optional.Iminent.A) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\SMARTBAR (PUP.Optional.SnapDo.A) -> Keine Aktion durchgeführt.
HKLM\Software\Iminent (PUP.Optional.Iminent.A) -> Keine Aktion durchgeführt.

Infizierte Registrierungswerte: 1
HKCU\Software\Smartbar|publisher (PUP.Optional.SnapDo.A) -> Daten: SnapdoSoftonicYB -> Keine Aktion durchgeführt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 2
C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Temp\bootstrapper.exe (PUP.Optional.Iminent.A) -> Keine Aktion durchgeführt.
C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Temp\OCS\Downloads\fc14996dfa99adfc7baae624196888c5\635e5489064fe0b451850a9c746595d2\TinyPicSetup.exe (Backdoor.Agent.FPA) -> Keine Aktion durchgeführt.

(Ende)
         
FRST Log:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 09-02-2014
Ran by TanzZeit (administrator) on ACER-62802DF1A0 on 09-02-2014 15:00:54
Running from C:\Dokumente und Einstellungen\TanzZeit\Eigene Dateien\Downloads
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal


==================== Processes (Whitelisted) =================

() C:\Programme\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
(Kaspersky Lab ZAO) C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Oracle Corporation) C:\Programme\Java\jre7\bin\jqs.exe
(Hewlett-Packard Company) C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
(Intel Corporation) C:\Programme\Intel\AMT\LMS.exe
() C:\Programme\CyberLink\Shared Files\RichVideo.exe
(Intel Corporation) C:\Programme\Gemeinsame Dateien\Intel\Privacy Icon\UNS\UNS.exe
(AVG Secure Search) C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\17.0.1\ToolbarUpdater.exe
() C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\17.0.1\loggingserver.exe
(Intel Corporation) C:\Programme\Intel\Intel Matrix Storage Manager\IAANTMon.exe
() C:\Programme\AVG Secure Search\vprot.exe
(Oracle Corporation) C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
(Kaspersky Lab ZAO) C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Spotify Ltd) C:\Dokumente und Einstellungen\TanzZeit\Anwendungsdaten\Spotify\Data\SpotifyWebHelper.exe
(Skype Technologies S.A.) C:\Programme\Skype\Phone\Skype.exe
(Dropbox, Inc.) C:\Dokumente und Einstellungen\TanzZeit\Anwendungsdaten\Dropbox\bin\Dropbox.exe
(Oracle Corporation) C:\Programme\Gemeinsame Dateien\Java\Java Update\jucheck.exe
(Malwarebytes Corporation) C:\Programme\Malwarebytes' Anti-Malware\mbam.exe
(TeamViewer GmbH) C:\Programme\TeamViewer\Version9\TeamViewer_Service.exe
(TeamViewer GmbH) C:\Programme\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Programme\TeamViewer\Version9\tv_w32.exe
(Google Inc.) C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [vProt] - C:\Programme\AVG Secure Search\vprot.exe [2404376 2013-09-30] ()
HKLM\...\Run: [SunJavaUpdateSched] - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [APSDaemon] - C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Programme\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [AVP] - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2014-01-22] (Kaspersky Lab ZAO)
HKLM\...\RunOnce: [ Malwarebytes Anti-Malware ] - C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)
Winlogon\Notify\klogon: C:\WINDOWS\system32\klogon.dll (Kaspersky Lab ZAO)
HKU\S-1-5-21-3576300238-2120361324-1700292190-1008\...\Run: [Google Update] - C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe [116648 2013-01-14] (Google Inc.)
HKU\S-1-5-21-3576300238-2120361324-1700292190-1008\...\Run: [Spotify Web Helper] - C:\Dokumente und Einstellungen\TanzZeit\Anwendungsdaten\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-16] (Spotify Ltd)
HKU\S-1-5-21-3576300238-2120361324-1700292190-1008\...\Run: [Skype] - C:\Programme\Skype\Phone\Skype.exe [20681584 2013-07-25] (Skype Technologies S.A.)
HKU\S-1-5-21-3576300238-2120361324-1700292190-1008\...\MountPoints2: {ecdf0dfd-9158-11e3-82cd-0025115cacdd} - E:\LaunchU3.exe -a
Lsa: [Authentication Packages] msv1_0 wvauth
Startup: C:\Dokumente und Einstellungen\TanzZeit\Startmenü\Programme\Autostart\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Dokumente und Einstellungen\TanzZeit\Anwendungsdaten\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=0&o=xpp&d=0211&m=veriton_m670g
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com/search?q={searchTerms}
SearchScopes: HKLM - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.bing.com/search?q={searchTerms}
SearchScopes: HKLM - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.bing.com/search?q={searchTerms}
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.bing.com/search?q={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.bing.com/search?q={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = 
BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Programme\AVG Secure Search\17.0.0.9\AVG Secure Search_toolbar.dll (AVG Secure Search)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO: Yontoo - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Programme\Yontoo\YontooIEClient.dll (Yontoo LLC)
Toolbar: HKLM - No Name - {0BF43445-2F28-4351-9252-17FE6E806AA0} -  No File
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Programme\AVG Secure Search\17.0.0.9\AVG Secure Search_toolbar.dll (AVG Secure Search)
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Programme\Gemeinsame Dateien\AVG Secure Search\ViProtocolInstaller\17.0.1\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Dokumente und Einstellungen\TanzZeit\Anwendungsdaten\Mozilla\Firefox\Profiles\l8xle910.default
FF user.js: detected! => C:\Dokumente und Einstellungen\TanzZeit\Anwendungsdaten\Mozilla\Firefox\Profiles\l8xle910.default\user.js
FF NewTab: about:blank
FF SearchEngineOrder.user_pref("browser.search.order.1", "");: user_pref("browser.search.order.1", "");
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.de/ncr
FF Keyword.URL: hxxp://www.google.com/search?rls=org.mozilla:en-US:official&client=firefox-a&q=
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Programme\Gemeinsame Dateien\AVG Secure Search\SiteSafetyInstaller\17.0.1\\npsitesafety.dll (AVG Technologies)
FF Plugin: @java.com/DTPlugin,version=10.40.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.40.2 - C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Programme\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Programme\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Dokumente und Einstellungen\TanzZeit\Anwendungsdaten\Mozilla\Firefox\Profiles\l8xle910.default\searchplugins\browsemngr.xml
FF SearchPlugin: C:\Programme\mozilla firefox\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: TubeSaver-1 - C:\Dokumente und Einstellungen\TanzZeit\Anwendungsdaten\Mozilla\Firefox\Profiles\l8xle910.default\Extensions\951bb5c8-a6ed-4af6-a53c-1d3eec03d6dd@b61ef5da-5b52-4500-a9b4-273eca044964.com [2013-11-13]
FF Extension: Yontoo - C:\Dokumente und Einstellungen\TanzZeit\Anwendungsdaten\Mozilla\Firefox\Profiles\l8xle910.default\Extensions\plugin@yontoo.com.xpi [2013-03-12]
FF Extension: Anti-Banner - C:\Programme\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak [2014-01-09]
FF Extension: Modul zur Link-Untersuchung - C:\Programme\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak [2014-01-09]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru
FF HKLM\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru
FF HKLM\...\Firefox\Extensions: [webbooster@iminent.com] - C:\Programme\Iminent\webbooster@iminent.com
FF HKLM\...\Firefox\Extensions: [avg@toolbar] - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVG Secure Search\FireFoxExt\17.0.0.9
FF Extension: AVG Security Toolbar - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVG Secure Search\FireFoxExt\17.0.0.9 [2013-09-30]
FF HKLM\...\Firefox\Extensions:  - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2014-01-22]
FF HKLM\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2014-01-22]
FF HKLM\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com
FF Extension: Content Blocker - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2014-01-22]
FF HKLM\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2014-01-22]
FF HKLM\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2014-01-22]

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR Plugin: (Shockwave Flash) - C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\32.0.1700.107\pdf.dll ()
CHR Plugin: (Application Manager) - C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\spext.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Programme\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Programme\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Programme\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Programme\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Programme\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Programme\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Programme\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Programme\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Microsoft® DRM) - C:\Programme\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Programme\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft® DRM) - C:\Programme\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (AVG SiteSafety plugin) - C:\Programme\Gemeinsame Dateien\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll (AVG Technologies)
CHR Plugin: (Google Earth Plugin) - C:\Programme\Google\Google Earth\plugin\npgeplugin.dll No File
CHR Plugin: (Google Update) - C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (Google Docs) - C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-01-14]
CHR Extension: (Google Drive) - C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-01-14]
CHR Extension: (YouTube) - C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-14]
CHR Extension: (Google-Suche) - C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-14]
CHR Extension: (Modul zur Link-Untersuchung) - C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-01-23]
CHR Extension: (Sicherer Zahlungsverkehr) - C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2014-01-23]
CHR Extension: (Virtuelle Tastatur) - C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2014-01-23]
CHR Extension: (AVG Secure Search) - C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2013-05-21]
CHR Extension: (Google Wallet) - C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Google Mail) - C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-14]
CHR Extension: (Anti-Banner) - C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2014-01-23]
CHR HKLM\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\urladvisor.crx [2012-08-18]
CHR HKLM\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\online_banking_chrome.crx [2012-08-18]
CHR HKLM\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\content_blocker_chrome.crx [2012-08-18]
CHR HKLM\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\virtkbd.crx [2012-08-18]
CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVG Secure Search\ChromeExt\17.0.0.9\avg.crx [2013-09-30]
CHR HKLM\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\DOKUME~1\TanzZeit\LOKALE~1\Temp\YontooLayers.crx [2012-10-11]
CHR HKLM\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx [2012-08-18]

========================== Services (Whitelisted) =================

R2 AVP; C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2014-01-22] (Kaspersky Lab ZAO)
S3 GoogleDesktopManager-080708-050100; C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe [24064 2011-02-23] (Google)
S2 gupdate; C:\Programme\Google\Update\GoogleUpdate.exe [136176 2012-10-11] (Google Inc.)
S3 gupdatem; C:\Programme\Google\Update\GoogleUpdate.exe [136176 2012-10-11] (Google Inc.)
R2 IAANTMON; C:\Programme\Intel\Intel Matrix Storage Manager\IAANTMon.exe [354840 2008-07-20] (Intel Corporation)
S3 IDriverT; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation)
R2 JavaQuickStarterService; C:\Programme\Java\jre7\bin\jqs.exe [182696 2013-09-19] (Oracle Corporation)
R2 LightScribeService; C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe [61440 2007-01-17] (Hewlett-Packard Company)
R2 LMS; C:\Programme\Intel\AMT\LMS.exe [174616 2008-07-25] (Intel Corporation)
S3 MozillaMaintenance; C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe [119408 2014-01-09] (Mozilla Foundation)
S3 odserv; C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE [441136 2006-10-26] (Microsoft Corporation)
S3 ose; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [145184 2006-10-26] (Microsoft Corporation)
R2 RichVideo; C:\Programme\CyberLink\Shared Files\RichVideo.exe [171040 2007-01-08] ()
S3 SecureStorageService; C:\Programme\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe [488448 2007-10-29] (Wave Systems Corp.)
S2 SkypeUpdate; C:\Programme\Skype\Updater\Updater.exe [162672 2013-07-25] (Skype Technologies)
S3 SQLWriter; C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe [87840 2006-04-14] (Microsoft Corporation)
R2 tcsd_win32.exe; C:\Programme\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [1249280 2008-03-10] ()
R2 TeamViewer9; C:\Programme\TeamViewer\Version9\TeamViewer_Service.exe [4915040 2014-02-05] (TeamViewer GmbH)
R2 UNS; C:\Programme\Gemeinsame Dateien\Intel\Privacy Icon\UNS\UNS.exe [2054680 2008-07-25] (Intel Corporation)
R2 vToolbarUpdater17.0.1; C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\17.0.1\ToolbarUpdater.exe [1734680 2013-09-30] (AVG Secure Search)
R2 Wave UCSPlus; C:\WINDOWS\system32\dllhost.exe [5120 2008-04-15] (Microsoft Corporation)
S3 WaveEnrollmentService; C:\Programme\Wave Systems Corp\Authentication Manager\WaveEnrollmentService.exe [192512 2008-05-02] (Wave Systems Corp.)
S3 WMPNetworkSvc; C:\Programme\Windows Media Player\WMPNetwk.exe [920576 2006-10-24] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [37664 2013-09-30] (AVG Technologies)
R3 e1kexpress; C:\WINDOWS\System32\DRIVERS\e1k5132.sys [144480 2008-06-05] (Intel Corporation)
R0 KL1; C:\WINDOWS\System32\DRIVERS\kl1.sys [135776 2014-01-22] (Kaspersky Lab ZAO)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [593504 2014-01-22] (Kaspersky Lab ZAO)
R3 klim5; C:\WINDOWS\System32\DRIVERS\klim5.sys [35672 2012-06-27] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\WINDOWS\System32\DRIVERS\klkbdflt.sys [24160 2014-01-22] (Kaspersky Lab ZAO)
R3 klmouflt; C:\WINDOWS\System32\DRIVERS\klmouflt.sys [24672 2014-01-22] (Kaspersky Lab ZAO)
R1 kltdi; C:\WINDOWS\System32\DRIVERS\kltdi.sys [44000 2014-01-22] (Kaspersky Lab ZAO)
R1 kneps; C:\WINDOWS\System32\DRIVERS\kneps.sys [145040 2014-01-22] (Kaspersky Lab ZAO)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\mbamswissarmy.sys [40776 2014-02-09] (Malwarebytes Corporation)
S3 NAL; C:\WINDOWS\system32\Drivers\iqvw32.sys [30816 2008-05-23] (Intel Corporation )
R3 tpm; C:\WINDOWS\System32\DRIVERS\tpm.sys [13824 2008-06-20] (Intel Corporation)
R0 UBHelper; C:\WINDOWS\system32\Drivers\UBHelper.sys [13952 2006-08-28] ()
R2 WavxDMgr; C:\WINDOWS\System32\DRIVERS\WavxDMgr.sys [164792 2008-07-19] (Wave Systems Corp.)
S2 eLock2BurnerLockDriver; \??\C:\WINDOWS\system32\eLock2BurnerLockDriver.sys [X]
S2 eLock2FSCTLDriver; \??\C:\WINDOWS\system32\eLock2FSCTLDriver.sys [X]
S4 IntelIde; No ImagePath
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [74336 2014-01-22] (Kaspersky Lab ZAO)
S3 psdfilter; \??\C:\WINDOWS\system32\Drivers\psdfilter.sys [X]
S3 psdvdisk; \??\C:\WINDOWS\system32\Drivers\psdvdisk.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-15] (Microsoft Corporation)
U1 WS2IFSL; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-09 15:00 - 2014-02-09 15:00 - 00000000 ____D () C:\FRST
2014-02-09 08:43 - 2014-02-09 08:43 - 00000791 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\TeamViewer 9.lnk
2014-02-09 08:43 - 2014-02-09 08:43 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\TeamViewer 8
2014-02-09 08:42 - 2014-02-09 08:43 - 00040776 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2014-02-09 08:42 - 2014-02-09 08:42 - 00000760 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-09 08:09 - 2014-02-09 08:39 - 00000000 ____D () C:\Dokumente und Einstellungen\TanzZeit\Anwendungsdaten\U3
2014-02-04 10:29 - 2014-02-04 10:29 - 00000000 ____D () C:\Programme\Microsoft Visual Studio
2014-01-31 08:46 - 2014-01-31 08:46 - 00000000 ____D () C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\McAfee
2014-01-29 11:23 - 2014-01-29 11:25 - 00000000 ____D () C:\Dokumente und Einstellungen\TanzZeit\Desktop\Mein Projekt
2014-01-22 11:36 - 2014-01-22 11:36 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Kaspersky Internet Security 2013
2014-01-22 11:31 - 2014-01-22 16:12 - 00074336 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klflt.sys
2014-01-16 22:03 - 2014-01-16 22:03 - 00005659 _____ () C:\WINDOWS\KB2914368.log
2014-01-16 22:03 - 2014-01-16 22:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2914368$
2014-01-10 16:25 - 2014-01-10 16:25 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NtiDvdCopy
2014-01-10 16:21 - 2013-02-08 10:14 - 195779508 _____ () C:\Dokumente und Einstellungen\TanzZeit\Desktop\2013-02-08 10.14.32.mp4

==================== One Month Modified Files and Folders =======

2014-07-28 15:38 - 2011-02-23 16:01 - 00000424 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{D74B1C07-CFA8-485D-AABD-998DFEB0D07B}.job
2014-02-09 15:00 - 2014-02-09 15:00 - 00000000 ____D () C:\FRST
2014-02-09 14:33 - 2011-02-23 14:31 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kaspersky Lab
2014-02-09 14:32 - 2012-10-11 10:52 - 00001094 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-09 14:32 - 2012-10-11 10:52 - 00001090 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-09 14:17 - 2013-01-14 14:41 - 00001222 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3576300238-2120361324-1700292190-1008UA.job
2014-02-09 14:16 - 2013-09-30 09:33 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-02-09 10:17 - 2013-01-14 14:41 - 00001170 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3576300238-2120361324-1700292190-1008Core.job
2014-02-09 08:50 - 2008-09-24 03:41 - 00091144 _____ () C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
2014-02-09 08:43 - 2014-02-09 08:43 - 00000791 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\TeamViewer 9.lnk
2014-02-09 08:43 - 2014-02-09 08:43 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\TeamViewer 8
2014-02-09 08:43 - 2014-02-09 08:42 - 00040776 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2014-02-09 08:43 - 2008-09-24 03:54 - 00000000 ___RD () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme
2014-02-09 08:42 - 2014-02-09 08:42 - 00000760 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-09 08:42 - 2013-10-11 16:12 - 00000000 ____D () C:\Programme\Malwarebytes' Anti-Malware
2014-02-09 08:42 - 2013-10-11 16:12 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
2014-02-09 08:42 - 2013-10-08 09:08 - 00000000 ____D () C:\Programme\TeamViewer
2014-02-09 08:41 - 2008-09-24 03:54 - 00000000 ___RD () C:\Programme
2014-02-09 08:41 - 2008-09-24 03:49 - 00000000 ___RD () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart
2014-02-09 08:39 - 2014-02-09 08:09 - 00000000 ____D () C:\Dokumente und Einstellungen\TanzZeit\Anwendungsdaten\U3
2014-02-09 08:10 - 2008-09-24 04:00 - 01335484 _____ () C:\WINDOWS\WindowsUpdate.log
2014-02-09 08:09 - 2013-03-28 14:25 - 00247166 _____ () C:\WINDOWS\setupapi.log
2014-02-09 08:09 - 2012-08-08 12:27 - 00000000 ___RD () C:\Dokumente und Einstellungen\TanzZeit\Eigene Dateien\Dropbox
2014-02-09 08:09 - 2012-08-08 12:25 - 00000000 ____D () C:\Dokumente und Einstellungen\TanzZeit\Anwendungsdaten\Dropbox
2014-02-09 08:08 - 2013-06-03 11:02 - 00000350 _____ () C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2014-02-09 08:08 - 2008-09-24 04:05 - 00000157 _____ () C:\WINDOWS\wiadebug.log
2014-02-09 08:08 - 2008-09-24 04:05 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2014-02-09 08:08 - 2008-09-24 04:00 - 00001158 _____ () C:\WINDOWS\system32\wpa.dbl
2014-02-09 08:08 - 2008-09-24 04:00 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-02-09 08:08 - 2008-09-24 03:59 - 00000000 ____D () C:\WINDOWS\Registration
2014-02-09 08:08 - 2008-09-24 03:58 - 00000000 ____D () C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\NTRU Cryptosystems
2014-02-08 09:19 - 2008-09-24 04:00 - 00032608 _____ () C:\WINDOWS\SchedLgU.Txt
2014-02-08 08:59 - 2008-09-24 03:08 - 00233348 _____ () C:\WINDOWS\setupact.log
2014-02-07 14:28 - 2011-02-23 14:08 - 00000190 ___SH () C:\Dokumente und Einstellungen\TanzZeit\ntuser.ini
2014-02-07 14:28 - 2011-02-23 14:08 - 00000000 ____D () C:\Dokumente und Einstellungen\TanzZeit
2014-02-07 14:28 - 2008-09-24 03:46 - 00196608 _____ () C:\WINDOWS\system32\config\ODiag.evt
2014-02-07 13:43 - 2011-03-02 18:08 - 00000000 ____D () C:\Dokumente und Einstellungen\TanzZeit\Anwendungsdaten\vlc
2014-02-07 10:16 - 2012-11-09 11:52 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-02-07 10:16 - 2011-07-05 09:34 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-02-05 09:20 - 2013-05-06 09:37 - 00000000 ____D () C:\Dokumente und Einstellungen\TanzZeit\Anwendungsdaten\Spotify
2014-02-05 08:02 - 2013-05-06 09:38 - 00000000 ____D () C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Spotify
2014-02-04 10:34 - 2008-09-24 03:47 - 00335464 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-02-04 10:29 - 2014-02-04 10:29 - 00000000 ____D () C:\Programme\Microsoft Visual Studio
2014-02-04 10:29 - 2008-09-24 03:45 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft Help
2014-02-04 10:29 - 2008-09-24 03:44 - 00000000 ____D () C:\Programme\Gemeinsame Dateien\Microsoft Shared
2014-02-04 10:29 - 2008-09-24 03:43 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Office
2014-02-04 10:28 - 2008-09-24 03:44 - 00000582 _____ () C:\WINDOWS\win.ini
2014-02-04 10:28 - 2008-09-24 03:43 - 00000000 ____D () C:\Programme\Microsoft Office
2014-02-04 10:25 - 2011-02-23 14:08 - 00000000 ___RD () C:\Dokumente und Einstellungen\TanzZeit\Startmenü\Programme
2014-02-04 10:18 - 2008-09-24 03:53 - 00000000 ____D () C:\Programme\Google
2014-01-31 08:46 - 2014-01-31 08:46 - 00000000 ____D () C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\McAfee
2014-01-31 08:25 - 2013-09-06 09:35 - 00000000 ____D () C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\CUSTPDF Writer
2014-01-31 08:17 - 2011-02-23 14:08 - 00000000 ____D () C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Adobe
2014-01-31 08:15 - 2011-02-23 14:12 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\McAfee
2014-01-29 14:26 - 2013-10-10 10:29 - 00000000 ____D () C:\Dokumente und Einstellungen\TanzZeit\Desktop\Club Oval
2014-01-29 14:17 - 2011-02-24 15:25 - 00000000 ____D () C:\Netzwerk
2014-01-29 13:21 - 2013-10-28 11:17 - 00000000 ____D () C:\Dokumente und Einstellungen\TanzZeit\Desktop\Dance for your rights
2014-01-29 11:25 - 2014-01-29 11:23 - 00000000 ____D () C:\Dokumente und Einstellungen\TanzZeit\Desktop\Mein Projekt
2014-01-25 17:35 - 2012-01-23 12:10 - 00000276 _____ () C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2014-01-22 16:12 - 2014-01-22 11:31 - 00074336 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klflt.sys
2014-01-22 16:12 - 2012-08-13 16:49 - 00145040 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\kneps.sys
2014-01-22 16:12 - 2012-06-19 17:28 - 00135776 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\kl1.sys
2014-01-22 16:12 - 2012-06-08 11:38 - 00044000 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\kltdi.sys
2014-01-22 16:12 - 2012-05-25 19:38 - 00024160 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klkbdflt.sys
2014-01-22 16:12 - 2011-02-23 14:31 - 00593504 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klif.sys
2014-01-22 16:12 - 2009-11-02 19:27 - 00024672 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klmouflt.sys
2014-01-22 11:36 - 2014-01-22 11:36 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Kaspersky Internet Security 2013
2014-01-22 11:36 - 2011-02-23 14:31 - 00000000 ____D () C:\Programme\Kaspersky Lab
2014-01-16 22:06 - 2013-08-14 16:10 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-01-16 22:03 - 2014-01-16 22:03 - 00005659 _____ () C:\WINDOWS\KB2914368.log
2014-01-16 22:03 - 2014-01-16 22:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2914368$
2014-01-16 22:03 - 2011-02-23 15:49 - 83425928 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-01-16 22:03 - 2008-09-24 04:00 - 01818134 _____ () C:\WINDOWS\iis6.log
2014-01-16 22:03 - 2008-09-24 04:00 - 00760614 _____ () C:\WINDOWS\tsoc.log
2014-01-16 22:03 - 2008-09-24 03:37 - 01664979 _____ () C:\WINDOWS\FaxSetup.log
2014-01-16 22:03 - 2008-09-24 03:37 - 00801004 _____ () C:\WINDOWS\ocgen.log
2014-01-16 22:03 - 2008-09-24 03:37 - 00558962 _____ () C:\WINDOWS\comsetup.log
2014-01-16 22:03 - 2008-09-24 03:37 - 00509964 _____ () C:\WINDOWS\msmqinst.log
2014-01-16 22:03 - 2008-09-24 03:37 - 00336283 _____ () C:\WINDOWS\ntdtcsetup.log
2014-01-16 22:03 - 2008-09-24 03:37 - 00289720 _____ () C:\WINDOWS\netfxocm.log
2014-01-16 22:03 - 2008-09-24 03:37 - 00117581 _____ () C:\WINDOWS\MedCtrOC.log
2014-01-16 22:03 - 2008-09-24 03:37 - 00091427 _____ () C:\WINDOWS\ocmsn.log
2014-01-16 22:03 - 2008-09-24 03:37 - 00083593 _____ () C:\WINDOWS\tabletoc.log
2014-01-16 22:03 - 2008-09-24 03:37 - 00082787 _____ () C:\WINDOWS\msgsocm.log
2014-01-16 22:03 - 2008-09-24 03:37 - 00001374 _____ () C:\WINDOWS\imsins.log
2014-01-10 16:25 - 2014-01-10 16:25 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NtiDvdCopy
2014-01-10 16:17 - 2012-08-08 12:25 - 00000000 ____D () C:\Dokumente und Einstellungen\TanzZeit\Startmenü\Programme\Dropbox
2014-01-10 16:17 - 2011-02-23 14:08 - 00000000 ___RD () C:\Dokumente und Einstellungen\TanzZeit\Startmenü\Programme\Autostart
2014-01-10 09:23 - 2013-01-14 14:51 - 00000000 ____D () C:\Programme\Mozilla Maintenance Service

Some content of TEMP:
====================
C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Temp\7za.exe
C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Temp\AdobeUpdater12345.exe
C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Temp\avguidx.dll
C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Temp\bootstrapper.exe
C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Temp\CommonInstaller.exe
C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Temp\conduitinstaller_econa.exe
C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Temp\dotNetFx40_Client_setup.exe
C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Temp\FP_PL_PFS_INSTALLER.exe
C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Temp\Installer.exe
C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Temp\MachineIdCreator.exe
C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Temp\oi_{65921E05-63D5-42D9-9853-97AB9173127E}.exe
C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Temp\PhotoScape_V3.6.2.exe
C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Temp\sqlite3.exe
C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Temp\ToolbarInstaller.exe
C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Temp\vlc-2.0.8-win32.exe
C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Temp\YontooIEClient.dll
C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Temp\YontooSetup-Silent.exe


==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe
[2008-04-15 04:00] - [2008-04-15 04:00] - 1036800 ____A (Microsoft Corporation) 418045a93cd87a352098ab7dabe1b53e 

C:\WINDOWS\system32\winlogon.exe
[2008-04-15 04:00] - [2008-04-15 04:00] - 0513024 ____A (Microsoft Corporation) f09a527b422e25c478e38caa0e44417a 

C:\WINDOWS\system32\svchost.exe
[2008-04-15 04:00] - [2008-04-15 04:00] - 0014336 ____A (Microsoft Corporation) 4fbc75b74479c7a6f829e0ca19df3366 

C:\WINDOWS\system32\services.exe
[2008-04-15 04:00] - [2009-02-09 12:21] - 0111104 ____A (Microsoft Corporation) a3edbe9053889fb24ab22492472b39dc 

C:\WINDOWS\system32\User32.dll
[2008-04-15 04:00] - [2008-04-15 04:00] - 0580096 ____A (Microsoft Corporation) b0050cc5340e3a0760dd8b417ff7aebd 

C:\WINDOWS\system32\userinit.exe
[2008-04-15 04:00] - [2008-04-15 04:00] - 0026624 ____A (Microsoft Corporation) 788f95312e26389d596c0fa55834e106 

C:\WINDOWS\system32\rpcss.dll
[2008-04-15 04:00] - [2009-02-09 11:51] - 0401408 ____A (Microsoft Corporation) 3127afbf2c1ed0ab14a1bbb7aaecb85b 

 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\WINDOWS\system32\Drivers\volsnap.sys
[2008-04-15 04:00] - [2008-04-15 04:00] - 0053760 ____A (Microsoft Corporation) a5a712f4e880874a477af790b5186e1d 


==================== End Of Log ============================
         
--- --- ---


FRST additional:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 09-02-2014
Ran by TanzZeit at 2014-02-09 15:01:24
Running from C:\Dokumente und Einstellungen\TanzZeit\Eigene Dateien\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Kaspersky Internet Security (Disabled - Up to date) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security (Disabled) {2C4D4BC6-0793-4956-A9F9-E252435469C0}

==================== Installed Programs ======================

2007 Microsoft Office Suite Service Pack 1 (SP1) (Version:  - Microsoft) Hidden
Adobe Flash Player 12 Plugin (Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Flash Player ActiveX (Version: 9.0.124.0 - Adobe Systems Incorporated)
Adobe Reader 8.3.1 - Deutsch (Version: 8.3.1 - Adobe Systems Incorporated)
Apple Application Support (Version: 2.3.4 - Apple Inc.)
Apple Software Update (Version: 2.1.3.127 - Apple Inc.)
AuthenTec Fingerprint Sensor Minimum Install (Version: 7.9.0.0 - AuthenTec) Hidden
AVG Security Toolbar (Version: 17.0.0.9 - AVG Technologies)
Babylon toolbar  (Version:  - BabylonToolbar) <==== ATTENTION
biolsp patch (Version: 01.00.02.0005 - Wave Systems Corp) Hidden
Brother HL-4050CDN (Version: 1.00 - Brother)
CdCoverCreator 2.5.3 (Version: 2.5.3 - thyanté Software)
commercial (Version: 1.0.0 - Default Company Name)
Document Manager Lite (Version: 06.06.00.081 - Ihr Firmenname) Hidden
Dropbox (HKCU Version: 2.4.11 - Dropbox, Inc.)
EMBASSY Security Center Lite (Version: 03.06.01.000 - Ihr Firmenname) Hidden
EMBASSY Security Setup (Version: 03.06.02.003 - Ihr Firmenname) Hidden
Embassy Trust Suite - Acer Edition (Version: 06.02.03.006 - Wave Systems Corp)
ESC Home Page Plugin (Version: 03.01.00.018 - Ihr Firmenname) Hidden
ETS Upgrade (Version: 02.00.00.020 - Wave Systems Corp) Hidden
Google Chrome (HKCU Version: 32.0.1700.107 - Google Inc.)
Google Desktop (Version: 5.7.0808.07150 - Google)
Google Update Helper (Version: 1.3.22.3 - Google Inc.) Hidden
Hotfix für Windows Media Player 11 (KB939683) (Version:  - Microsoft Corporation)
Hotfix für Windows XP (KB2443685) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB2570791) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB2633952) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB2756822) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB2779562) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB952287) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB961118) (Version: 1 - Microsoft Corporation)
HP Deskjet 2050 J510 series - Grundlegende Software für das Gerät (Version: 22.0.334.0 - Hewlett-Packard Co.)
HP Deskjet 2050 J510 series Hilfe (Version: 140.0.61.61 - Hewlett Packard)
HP Photo Creations (Version: 1.0.0.3341 - HP Photo Creations Powered by RocketLife)
HP Update (Version: 5.002.005.003 - Hewlett-Packard)
Iminent (Version: 6.14.22.0 - Iminent) Hidden <==== ATTENTION
Intel(R) Graphics Media Accelerator Driver (Version:  - Intel Corporation)
Intel(R) Management Engine Interface (Version:  - Intel Corporation)
Intel(R) Network Connections 13.1.33.0 (Version: 13.1.33.0 - Intel)
Intel® Active-Management-Technologie (Version:  - Intel Corporation)
Intel® Matrix Storage Manager (Version:  - Intel Corporation)
Intel® Trusted Platform Module (Version:  - Intel Corporation)
IrfanView (remove only) (Version: 4.28 - Irfan Skiljan)
Java 7 Update 40 (Version: 7.0.400 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Kalender-Excel-8.9 (Version: 8.9 - MSDatec)
Kaspersky Internet Security 2013 (Version: 13.0.1.4190 - Kaspersky Lab)
Kaspersky Internet Security 2013 (Version: 13.0.1.4190 - Kaspersky Lab) Hidden
Kyocera Product Library (Version: 2.0.0713 - Kyocera Mita Corporation)
LightScribe  1.4.142.1 (Version: 1.4.142.1 - hxxp://www.lightscribe.com) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300 - Malwarebytes Corporation)
McAfee Security Scan Plus (Version: 3.8.130.10 - McAfee, Inc.)
Microsoft .NET Framework 1.1 (Version:  - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 German Language Pack (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 1.1 Security Update (KB2698023) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (Version:  - )
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1 - Microsoft Corporation)
Microsoft Internationalized Domain Names Mitigation APIs (Version:  - Microsoft Corporation) Hidden
Microsoft National Language Support Downlevel APIs (Version:  - Microsoft Corporation) Hidden
Microsoft Office 2003 Web Components (Version: 11.0.8003.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Outlook 2007 (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Outlook 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6213.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6213.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6213.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6213.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Small Business Connectivity Components (Version: 2.0.7024.0 - Microsoft Corporation)
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Software Update for Web Folders  (German) 12 (Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft SQL Server Native Client (Version: 9.00.2047.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (Version: 9.00.2047.00 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 26.0 (x86 de) (Version: 26.0 - Mozilla)
Mozilla Maintenance Service (Version: 26.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 6.0 Parser (Version: 6.00.3883.15 - Microsoft Corporation)
NTI Backup NOW! 4.7 (Version: 1.00.0000 - NewTech Infosystems)
NTI Backup NOW! 4.7 (Version: 1.00.0000 - NewTech Infosystems) Hidden
NTI CD & DVD-Maker (Version: 7 - NewTech Infosystems)
NTI CD & DVD-Maker (Version: 7 - NewTech Infosystems) Hidden
NTRU TCG Software Stack (Version: 2.1.27 - NTRU Cryptosystems) Hidden
PDF Creator (Version:  - )
PowerDVD (Version: 7.0.2802a - CyberLink Corporation)
Private Information Manager (Version: 06.01.01.001 - Ihr Firmenname) Hidden
QuickTime (Version: 7.74.80.86 - Apple Inc.)
Realtek High Definition Audio Driver (Version: 5.10.0.5648 - Realtek Semiconductor Corp.)
Secure Update (Version: 05.04.00.010 - Ihr Firmenname) Hidden
Security Wizards (Version: 01.04.00.014 - Ihr Firmenname) Hidden
Sicherheitsupdate für Microsoft Windows (KB2564958) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2482017) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2497640) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2510531) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2530548) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2544521) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2559049) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2586448) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2618444) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2647516) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2675157) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2699988) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2722913) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2744842) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2761465) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2792100) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2797052) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2799329) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2809289) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2817183) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2829530) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2838727) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2846071) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2847204) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2862772) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2870699) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2879017) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2888505) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2898785) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB971961) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB981332) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB2378111) (Version:  - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Media Player (KB2834904) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB2834904-v2) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB952069) (Version:  - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Media Player (KB954155) (Version:  - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Media Player (KB973540) (Version:  - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Media Player (KB975558) (Version:  - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Media Player (KB978695) (Version:  - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Media Player 11 (KB954154) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2079403) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2115168) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2121546) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2229593) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2259922) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2296011) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2347290) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2360937) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2387149) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2393802) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2412687) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2419632) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2423089) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2440591) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2443105) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2476490) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2476687) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2478960) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2478971) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2479628) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2479943) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2481109) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2483185) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2485376) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2485663) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2491683) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2503658) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2503665) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2506212) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2506223) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2507618) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2507938) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2508272) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2508429) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2509553) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2511455) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2524375) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2535512) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2536276) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2536276-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2544893) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2544893-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2555917) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2562937) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2566454) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2567053) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2567680) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2570222) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2570947) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2584146) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2585542) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2592799) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2598479) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2603381) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2618451) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2619339) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2620712) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2621440) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2624667) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2631813) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2633171) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2639417) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2641653) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2646524) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2647518) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2653956) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2655992) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2659262) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2660465) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2661637) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2676562) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2685939) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2686509) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2691442) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2695962) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2698365) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2705219) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2707511) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2709162) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2712808) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2718523) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2719985) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2723135) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2724197) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2727528) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2731847) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2753842) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2753842-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2757638) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2758857) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2761226) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2770660) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2778344) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2779030) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2780091) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2799494) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2802968) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2807986) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2808735) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2813170) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2813345) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2820197) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2820917) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2829361) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2834886) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2839229) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2845187) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2847311) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2849470) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2850851) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2850869) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2859537) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2862152) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2862330) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2862335) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2864063) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2868038) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2868626) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2876217) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2876315) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2876331) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2883150) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2892075) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2893294) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2893984) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2898715) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2900986) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2914368) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB923561) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB941569) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB946648) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB950762) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB950974) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB951376-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB951748) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB952004) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB952954) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB954459) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956572) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956744) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956802) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956803) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956844) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB958644) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB958869) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB959426) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB960803) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB960859) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB961501) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB969059) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB970430) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB971657) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB972270) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973507) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973869) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973904) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974112) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974318) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974392) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974571) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975025) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975467) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975560) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975562) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975713) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB977816) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB977914) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978338) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978542) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978601) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978706) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979309) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979482) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979687) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB980195) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB980232) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB980436) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB981322) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB981997) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB982132) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB982214) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB982665) (Version: 1 - Microsoft Corporation)
Skype™ 6.7 (Version: 6.7.102 - Skype Technologies S.A.)
Spotify (HKCU Version: 0.9.7.16.g4b197456 - Spotify AB)
TeamViewer 9 (Version: 9.0.25942 - TeamViewer)
tsp patch (Version: 01.00.00.0000 - Wave Systems Corp) Hidden
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (Version: 9.00.2047.00 - Microsoft Corporation)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1 - Microsoft Corporation)
Update für Windows Internet Explorer 8 (KB2447568) (Version: 1 - Microsoft Corporation)
Update für Windows Internet Explorer 8 (KB976662) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2141007) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2345886) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2467659) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2541763) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2607712) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2616676) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2641690) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update für Windows XP (KB2718704) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2736233) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2749655) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2863058) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2904266) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB951978) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB955759) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB967715) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB968389) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB971029) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB971737) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB973687) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB973815) (Version: 1 - Microsoft Corporation)
upekmsi (Version: 03.00.00.0000 - Wave Systems Corp) Hidden
VLC media player 2.0.8 (Version: 2.0.8 - VideoLAN)
Wave Infrastructure Installer (Version: 05.00.01.0185 - Wave Systems Corp) Hidden
Wave Support Software (Version: 05.07.01.003 - Ihr Firmenname) Hidden
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (Version:  - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 7 (Version: 20070813.185237 - Microsoft Corporation) Hidden
Windows Internet Explorer 8 (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format 11 runtime (Version:  - )
Windows Media Format 11 runtime (Version:  - Microsoft Corporation) Hidden
Windows Media Player 11 (Version:  - )
Windows Media Player 11 (Version:  - Microsoft Corporation) Hidden
WinRAR 4.11 (32-Bit) (Version: 4.11.0 - win.rar GmbH)
WinZip 15.0 (Version: 15.0.9411 - WinZip Computing, S.L. )
XML Paper Specification Shared Components Pack 1.0 (Version:  - Microsoft Corporation) Hidden

==================== Restore Points  =========================

12-11-2013 07:58:24 Systemprüfpunkt
13-11-2013 08:34:05 Systemprüfpunkt
14-11-2013 08:43:32 Systemprüfpunkt
14-11-2013 20:33:42 Software Distribution Service 3.0
18-11-2013 11:27:01 Systemprüfpunkt
19-11-2013 14:33:56 Systemprüfpunkt
20-11-2013 15:31:00 Systemprüfpunkt
21-11-2013 15:43:26 Systemprüfpunkt
22-11-2013 16:18:03 Systemprüfpunkt
25-11-2013 08:32:16 Systemprüfpunkt
26-11-2013 11:35:27 Systemprüfpunkt
27-11-2013 12:10:01 Systemprüfpunkt
28-11-2013 12:26:00 Systemprüfpunkt
29-11-2013 13:23:58 Systemprüfpunkt
02-12-2013 12:29:59 Systemprüfpunkt
03-12-2013 12:36:36 Systemprüfpunkt
04-12-2013 13:31:41 Systemprüfpunkt
05-12-2013 13:49:53 Systemprüfpunkt
06-12-2013 14:07:26 Systemprüfpunkt
09-12-2013 11:02:44 Systemprüfpunkt
10-12-2013 11:48:55 Systemprüfpunkt
11-12-2013 14:09:04 Systemprüfpunkt
12-12-2013 14:20:54 Systemprüfpunkt
12-12-2013 18:33:10 Software Distribution Service 3.0
13-12-2013 16:06:15 Software Distribution Service 3.0
16-12-2013 12:53:01 Systemprüfpunkt
17-12-2013 13:17:59 Systemprüfpunkt
18-12-2013 14:44:52 Systemprüfpunkt
19-12-2013 15:00:41 Systemprüfpunkt
06-01-2014 13:35:58 Systemprüfpunkt
08-01-2014 09:16:14 Systemprüfpunkt
09-01-2014 10:29:25 Systemprüfpunkt
10-01-2014 16:37:01 Systemprüfpunkt
13-01-2014 12:40:56 Systemprüfpunkt
14-01-2014 14:40:28 Systemprüfpunkt
16-01-2014 13:24:20 Systemprüfpunkt
16-01-2014 21:03:09 Software Distribution Service 3.0
12-01-2014 12:17:33 Systemprüfpunkt
20-01-2014 15:21:45 Systemprüfpunkt
22-01-2014 09:49:05 Systemprüfpunkt
22-01-2014 10:31:25 First Restore Point
22-01-2014 15:15:17 First Restore Point
22-01-2014 15:16:20 First Restore Point
22-01-2014 15:17:18 First Restore Point
23-01-2014 15:31:05 Systemprüfpunkt
24-01-2014 16:08:12 Systemprüfpunkt
25-01-2014 16:35:55 Systemprüfpunkt
27-01-2014 15:51:37 Systemprüfpunkt
29-01-2014 11:20:56 Systemprüfpunkt
30-01-2014 14:36:15 Systemprüfpunkt
03-02-2014 10:01:12 Systemprüfpunkt
04-02-2014 09:18:45 Entfernt Google Earth.
04-02-2014 09:19:55 Removed Microsoft Office Outlook 2007
04-02-2014 09:28:18 Installed Microsoft Office Outlook 2007
07-02-2014 09:46:21 Systemprüfpunkt
09-02-2014 07:25:17 Systemprüfpunkt

==================== Hosts content: ==========================

2008-04-15 04:00 - 2008-04-15 04:00 - 00000820 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Programme\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\WINDOWS\TEMP\{4329D931-DDF2-4456-B3F0-332323B02D8C}.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Programme\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Programme\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3576300238-2120361324-1700292190-1008Core.job => C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3576300238-2120361324-1700292190-1008UA.job => C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{D74B1C07-CFA8-485D-AABD-998DFEB0D07B}.job => C:\WINDOWS\system32\msfeedssync.exe

==================== Loaded Modules (whitelisted) =============

2012-10-11 10:17 - 2011-10-04 21:42 - 00086016 _____ () C:\WINDOWS\system32\custmon32i.dll
2008-06-04 06:53 - 2008-06-04 06:53 - 00026624 _____ () C:\WINDOWS\system32\sst3cl3.dll
2012-08-17 21:39 - 2014-01-22 15:51 - 01310136 _____ () C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\kpcengine.2.2.dll
2007-01-08 15:39 - 2007-01-08 15:39 - 00171040 ____N () C:\Programme\CyberLink\Shared Files\RichVideo.exe
2013-09-30 09:33 - 2013-09-30 09:32 - 00159768 _____ () C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\17.0.1\loggingserver.exe
2013-09-30 09:33 - 2013-09-30 09:32 - 00519704 _____ () C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\17.0.1\log4cplusU.dll
2008-05-10 15:20 - 2008-05-10 15:20 - 00155648 _____ () C:\Programme\Wave Systems Corp\Services Manager\DocMgr\bin\ContextMenuItem.dll
2008-05-10 15:19 - 2008-05-10 15:19 - 00262144 _____ () C:\WINDOWS\system32\wxvault.dll
2012-10-10 10:14 - 2013-09-30 09:32 - 02404376 _____ () C:\Programme\AVG Secure Search\vprot.exe
2013-09-30 09:33 - 2013-09-30 09:32 - 00142360 _____ () C:\Programme\Gemeinsame Dateien\AVG Secure Search\SiteSafetyInstaller\17.0.1\SiteSafety.dll
2012-08-17 21:38 - 2012-08-17 21:38 - 00479160 _____ () C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll
2008-04-15 04:00 - 2008-04-15 04:00 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2013-10-19 00:55 - 2013-10-19 00:55 - 25100288 _____ () C:\Dokumente und Einstellungen\TanzZeit\Anwendungsdaten\Dropbox\bin\libcef.dll
2014-02-04 10:19 - 2014-02-02 00:42 - 04055368 _____ () C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\32.0.1700.107\pdf.dll
2014-02-04 10:19 - 2014-02-02 00:42 - 00399688 _____ () C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll
2014-02-04 10:19 - 2014-02-02 00:41 - 01634632 _____ () C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\32.0.1700.107\ffmpegsumo.dll
2014-02-04 10:19 - 2014-02-02 00:42 - 13616456 _____ () C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Dokumente und Einstellungen\TanzZeit\Desktop\2013-02-08 10.14.32.mp4:com.dropbox.attributes

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: Microsoft PS/2-Maus
Description: Microsoft PS/2-Maus
Class Guid: {4D36E96F-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/25/2013 09:12:29 AM) (Source: COM+) (User: )
Description: Transaktionen, die zur Unterstützung von Transaktionskomponenten erforderlich sind, konnten von der Laufzeitumgebung nicht initialisiert werden. Stellen Sie sicher, dass MS DTC ausgeführt wird.(DtcGetTransactionManagerEx(): hr = 0x8004d027)

Error: (11/25/2013 09:12:29 AM) (Source: MSDTC Client) (User: )
Description: Fehler beim Initialisieren der benötigten Namensobjekte. Fehler: d:\comxp_sp3\com\com1x\dtc\dtc\msdtcprx\src\dtcinit.cpp:215, Pid: 3036
No Callstack,
 CmdLine: C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}

Error: (11/22/2013 02:14:51 PM) (Source: COM+) (User: )
Description: Transaktionen, die zur Unterstützung von Transaktionskomponenten erforderlich sind, konnten von der Laufzeitumgebung nicht initialisiert werden. Stellen Sie sicher, dass MS DTC ausgeführt wird.(DtcGetTransactionManagerEx(): hr = 0x8004d027)

Error: (11/22/2013 02:14:51 PM) (Source: MSDTC Client) (User: )
Description: Fehler beim Initialisieren der benötigten Namensobjekte. Fehler: d:\comxp_sp3\com\com1x\dtc\dtc\msdtcprx\src\dtcinit.cpp:215, Pid: 3124
No Callstack,
 CmdLine: C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}

Error: (11/21/2013 11:46:12 PM) (Source: Microsoft Office 12) (User: )
Description: Faulting application outlook.exe, version 12.0.4518.1014, stamp 4542840f, faulting module unknown, version 0.0.0.0, stamp 00000000, debug? 0, fault address 0x47020ed4.

Error: (11/21/2013 09:28:15 AM) (Source: COM+) (User: )
Description: Transaktionen, die zur Unterstützung von Transaktionskomponenten erforderlich sind, konnten von der Laufzeitumgebung nicht initialisiert werden. Stellen Sie sicher, dass MS DTC ausgeführt wird.(DtcGetTransactionManagerEx(): hr = 0x8004d027)

Error: (11/21/2013 09:28:15 AM) (Source: MSDTC Client) (User: )
Description: Fehler beim Initialisieren der benötigten Namensobjekte. Fehler: d:\comxp_sp3\com\com1x\dtc\dtc\msdtcprx\src\dtcinit.cpp:215, Pid: 3552
No Callstack,
 CmdLine: C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}

Error: (11/20/2013 09:26:43 AM) (Source: COM+) (User: )
Description: Transaktionen, die zur Unterstützung von Transaktionskomponenten erforderlich sind, konnten von der Laufzeitumgebung nicht initialisiert werden. Stellen Sie sicher, dass MS DTC ausgeführt wird.(DtcGetTransactionManagerEx(): hr = 0x8004d027)

Error: (11/20/2013 09:26:43 AM) (Source: MSDTC Client) (User: )
Description: Fehler beim Initialisieren der benötigten Namensobjekte. Fehler: d:\comxp_sp3\com\com1x\dtc\dtc\msdtcprx\src\dtcinit.cpp:215, Pid: 2960
No Callstack,
 CmdLine: C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}

Error: (11/19/2013 03:17:14 PM) (Source: COM+) (User: )
Description: Transaktionen, die zur Unterstützung von Transaktionskomponenten erforderlich sind, konnten von der Laufzeitumgebung nicht initialisiert werden. Stellen Sie sicher, dass MS DTC ausgeführt wird.(DtcGetTransactionManagerEx(): hr = 0x8004d027)


System errors:
=============
Error: (11/04/2013 09:28:10 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "eLock2FSCTLDriver" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (11/04/2013 09:28:10 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "eLock2BurnerLockDriver" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (11/03/2013 11:40:37 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "eLock2FSCTLDriver" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (11/03/2013 11:40:37 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "eLock2BurnerLockDriver" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (11/01/2013 09:34:24 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "eLock2FSCTLDriver" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (11/01/2013 09:34:24 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "eLock2BurnerLockDriver" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (10/31/2013 11:19:43 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "eLock2FSCTLDriver" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (10/31/2013 11:19:43 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "eLock2BurnerLockDriver" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (10/31/2013 11:57:39 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "eLock2FSCTLDriver" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (10/31/2013 11:57:39 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "eLock2BurnerLockDriver" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


Microsoft Office Sessions:
=========================
Error: (02/07/2014 02:25:37 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 5 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (02/07/2014 02:25:13 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 23 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (02/07/2014 01:24:40 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 18 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (02/04/2014 05:18:45 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 48 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (02/04/2014 02:38:25 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 46 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (02/04/2014 02:37:35 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 51 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (02/04/2014 01:30:47 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 37 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (02/04/2014 01:30:07 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 37 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (02/04/2014 01:29:27 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 65 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (02/04/2014 01:13:05 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 20 seconds with 0 seconds of active time.  This session ended with a crash.


==================== Memory info =========================== 

Percentage of memory in use: 45%
Total physical RAM: 3021.06 MB
Available physical RAM: 1631.98 MB
Total Pagefile: 4901.38 MB
Available Pagefile: 3545.85 MB
Total Virtual: 2047.88 MB
Available Virtual: 1922.13 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:298.09 GB) (Free:169.67 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive n: (Acer) (Network) (Total:298.09 GB) (Free:169.67 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298 GB) (Disk ID: B83C7B69)
Partition 1: (Active) - (Size=298 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
GMER (lief nur im abgesicherten Modus, sonst BlueScreen):
Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-02-09 17:33:45
Windows 5.1.2600 Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 Intel___ rev.1.0. 298,09GB
Running: Gmer-19357.exe; Driver: C:\DOKUME~1\TanzZeit\LOKALE~1\Temp\pwporaod.sys


---- Disk sectors - GMER 2.1 ----

Disk  \Device\Harddisk0\DR0  unknown MBR code
Disk  \Device\Harddisk0\DR0  malicious Win32:MBRoot code @ sector 625136713 !

---- EOF - GMER 2.1 ----
         
So weit, ich hoffe Ihr könnt mir weiterhelfen. Ganz dickes Danke schon mal im voraus.

Alt 09.02.2014, 18:10   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Hilfe! Malware/Backdoor gefunden & Outlook stürzt nach Start ab - Standard

Hilfe! Malware/Backdoor gefunden & Outlook stürzt nach Start ab



hi,

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________

__________________

Alt 09.02.2014, 18:25   #3
dgone
 
Hilfe! Malware/Backdoor gefunden & Outlook stürzt nach Start ab - Standard

Hilfe! Malware/Backdoor gefunden & Outlook stürzt nach Start ab



Moin Schrauber,

und danke für die flinke Antwort.

Anweisung befolgt, Log siehe weiter unten.

Vorab: Nach dem starten von TDSSKiller wurde aufgefordert eine aktuellere Version runterzuladen, wurde gemacht.
Bei den Optionen des TDSSKiller war bei mir noch ein weiterer Punkt aufgeführt als in Eurer Anleitung: "Use KSN to scan objects", siehe Anhang. Ich hab den aktiviert gelassen, dies als Info.

TDSSKiller:
Code:
ATTFilter
18:13:39.0343 0x165c  TDSS rootkit removing tool 3.0.0.22 Feb  3 2014 16:45:35
18:13:50.0484 0x165c  ============================================================
18:13:50.0484 0x165c  Current date / time: 2014/02/09 18:13:50.0484
18:13:50.0484 0x165c  SystemInfo:
18:13:50.0484 0x165c  
18:13:50.0484 0x165c  OS Version: 5.1.2600 ServicePack: 3.0
18:13:50.0484 0x165c  Product type: Workstation
18:13:50.0484 0x165c  ComputerName: ACER-62802DF1A0
18:13:50.0484 0x165c  UserName: TanzZeit
18:13:50.0484 0x165c  Windows directory: C:\WINDOWS
18:13:50.0484 0x165c  System windows directory: C:\WINDOWS
18:13:50.0484 0x165c  Processor architecture: Intel x86
18:13:50.0484 0x165c  Number of processors: 2
18:13:50.0484 0x165c  Page size: 0x1000
18:13:50.0484 0x165c  Boot type: Normal boot
18:13:50.0484 0x165c  ============================================================
18:13:55.0156 0x165c  KLMD registered as C:\WINDOWS\system32\drivers\54469495.sys
18:13:55.0375 0x165c  System UUID: {93E65690-67EB-868B-50E0-6184CC58553B}
18:13:55.0875 0x165c  Drive \Device\Harddisk0\DR0 - Size: 0x4A85B00000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:13:55.0890 0x165c  Drive \Device\Harddisk1\DR2 - Size: 0x3BB3FFE00 (14.93 Gb), SectorSize: 0x200, Cylinders: 0x79C, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:13:55.0890 0x165c  ============================================================
18:13:55.0890 0x165c  \Device\Harddisk0\DR0:
18:13:55.0890 0x165c  MBR partitions:
18:13:55.0890 0x165c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2542D407
18:13:55.0890 0x165c  \Device\Harddisk1\DR2:
18:13:55.0890 0x165c  GPT partitions:
18:13:55.0890 0x165c  \Device\Harddisk1\DR2\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {970BC5AE-5058-41F6-A1FC-52AA01740B54}, Name: primary, StartLBA 0x800, BlocksNum 0xAB8FFF
18:13:55.0890 0x165c  \Device\Harddisk1\DR2\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {0E7984D1-4758-4E4B-909B-85AC9E2A9FC5}, Name: primary, StartLBA 0xAB97FF, BlocksNum 0x300000
18:13:55.0890 0x165c  \Device\Harddisk1\DR2\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {40B96404-516E-4864-BBF1-D6E2B1D8119F}, Name: primary, StartLBA 0xDB97FF, BlocksNum 0x1000000
18:13:55.0890 0x165c  \Device\Harddisk1\DR2\Partition4: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {B99B4EEC-4F8D-4D3A-81E4-828E08E8D2E0}, Name: primary, StartLBA 0x1DB97FF, BlocksNum 0x20000
18:13:55.0890 0x165c  MBR partitions:
18:13:55.0890 0x165c  ============================================================
18:13:55.0953 0x165c  C: <-> \Device\Harddisk0\DR0\Partition1
18:13:55.0953 0x165c  ============================================================
18:13:55.0953 0x165c  Initialize success
18:13:55.0953 0x165c  ============================================================
18:15:50.0843 0x105c  ============================================================
18:15:50.0843 0x105c  Scan started
18:15:50.0843 0x105c  Mode: Manual; SigCheck; TDLFS; 
18:15:50.0843 0x105c  ============================================================
18:15:50.0843 0x105c  KSN ping started
18:16:05.0218 0x105c  KSN ping finished: true
18:16:05.0421 0x105c  ================ Scan system memory ========================
18:16:05.0421 0x105c  System memory - ok
18:16:05.0421 0x105c  ================ Scan services =============================
18:16:05.0687 0x105c  Abiosdsk - ok
18:16:05.0687 0x105c  abp480n5 - ok
18:16:05.0734 0x105c  [ AC407F1A62C3A300B4F2B5A9F1D55B2C, 31F5FC61B37E22100B3A52A590295A7E827FFC581FA9960C64B9032452AAECED ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
18:16:07.0187 0x105c  ACPI - ok
18:16:07.0281 0x105c  [ 9E1CA3160DAFB159CA14F83B1E317F75, 13B3E897B0E819BF734449416D9EC6EBCAC89538EC69BF48C068593B82D57004 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
18:16:07.0375 0x105c  ACPIEC - ok
18:16:07.0453 0x105c  [ C8C6C0D659734FDBF63F6F421A5416BC, 11C452D77D0A8A5E430D0D0C9949797FFC03D2E3DADB8FBB9B63EDA868AFF83C ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:16:07.0468 0x105c  AdobeFlashPlayerUpdateSvc - ok
18:16:07.0468 0x105c  adpu160m - ok
18:16:07.0515 0x105c  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys
18:16:07.0609 0x105c  aec - ok
18:16:07.0656 0x105c  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
18:16:07.0765 0x105c  AFD - ok
18:16:07.0765 0x105c  Aha154x - ok
18:16:07.0765 0x105c  aic78u2 - ok
18:16:07.0765 0x105c  aic78xx - ok
18:16:07.0828 0x105c  [ 738D80CC01D7BC7584BE917B7F544394, DCC17AAEF5CDDF52FAAC3CC6904EF421CD595F66318A2370BEE261D5C3A8E340 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
18:16:07.0921 0x105c  Alerter - ok
18:16:07.0953 0x105c  [ 190CD73D4984F94D823F9444980513E5, 93A32C2495CCA094F768BA707C74DA5C00B8A88A9236DD1A297439A7C2E6C6FA ] ALG             C:\WINDOWS\System32\alg.exe
18:16:08.0062 0x105c  ALG - ok
18:16:08.0062 0x105c  AliIde - ok
18:16:08.0062 0x105c  amsint - ok
18:16:08.0093 0x105c  [ D45960BE52C3C610D361977057F98C54, 9186589B502F46B47672CFB8EBD558D51B0F3CBFE4E0DDBA625A4265236518CE ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
18:16:08.0156 0x105c  AppMgmt - ok
18:16:08.0156 0x105c  asc - ok
18:16:08.0156 0x105c  asc3350p - ok
18:16:08.0171 0x105c  asc3550 - ok
18:16:08.0281 0x105c  [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
18:16:08.0296 0x105c  aspnet_state - ok
18:16:08.0312 0x105c  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:16:08.0390 0x105c  AsyncMac - ok
18:16:08.0406 0x105c  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
18:16:08.0484 0x105c  atapi - ok
18:16:08.0484 0x105c  Atdisk - ok
18:16:08.0515 0x105c  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
18:16:08.0578 0x105c  Atmarpc - ok
18:16:08.0625 0x105c  [ 58ED0D5452DF7BE732193E7999C6B9A4, 254E2ECF592DDA2E3E6CA9F6F3E77926E2265586A7937BA95199ED47BCDE69A3 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
18:16:08.0703 0x105c  AudioSrv - ok
18:16:08.0734 0x105c  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
18:16:08.0812 0x105c  audstub - ok
18:16:08.0843 0x105c  [ 15ACA2AD17ACECA4814F249783E63AD3, AB8E74A5B8FC2FD04BA2B495610A8BE76408E9362A447D7069D5AAB8F3512F33 ] avgtp           C:\WINDOWS\system32\drivers\avgtpx86.sys
18:16:08.0859 0x105c  avgtp - ok
18:16:08.0953 0x105c  AVP - ok
18:16:08.0968 0x105c  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
18:16:09.0031 0x105c  Beep - ok
18:16:09.0093 0x105c  [ D6F603772A789BB3228F310D650B8BD1, A539025C70FD998A9B8703DE05CAE5E99BC721D8852EA561EBC2DD20CB371D2E ] BITS            C:\WINDOWS\system32\qmgr.dll
18:16:09.0203 0x105c  BITS - ok
18:16:09.0250 0x105c  [ B71549F23736ADF83A571061C47777FD, A1D0320736EE777030A543DCA086367EB5A5B6F95088B9C22D8E09326C3A39A9 ] Browser         C:\WINDOWS\System32\browser.dll
18:16:09.0328 0x105c  Browser - ok
18:16:09.0375 0x105c  [ 2FE6D5BE0629F706197B30C0AA05DE30, 528ED3AA8129FDD6C8EF698E5ECE9BB93C0249CF0200115F13B36410A353F353 ] BrPar           C:\WINDOWS\System32\drivers\BrPar.sys
18:16:09.0406 0x105c  BrPar - detected UnsignedFile.Multi.Generic ( 1 )
18:16:11.0828 0x105c  Detect skipped due to KSN trusted
18:16:11.0828 0x105c  BrPar - ok
18:16:11.0843 0x105c  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
18:16:11.0906 0x105c  cbidf2k - ok
18:16:11.0906 0x105c  cd20xrnt - ok
18:16:11.0921 0x105c  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
18:16:11.0984 0x105c  Cdaudio - ok
18:16:12.0015 0x105c  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
18:16:12.0078 0x105c  Cdfs - ok
18:16:12.0093 0x105c  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
18:16:12.0187 0x105c  Cdrom - ok
18:16:12.0187 0x105c  Changer - ok
18:16:12.0203 0x105c  [ 28E3040D1F1CA2008CD6B29DFEBC9A5E, ACB458E8A11AA2143734A5A0281973D95158E6402A6453F98F9832D1E19B01F9 ] CiSvc           C:\WINDOWS\system32\cisvc.exe
18:16:12.0281 0x105c  CiSvc - ok
18:16:12.0296 0x105c  [ 778A30ED3C134EB7E406AFC407E9997D, 3E6AD115AB2596EB001BC21AEADDBC75F27C42DB90C986B7AD17743CE631234E ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
18:16:12.0375 0x105c  ClipSrv - ok
18:16:12.0421 0x105c  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:16:12.0437 0x105c  clr_optimization_v2.0.50727_32 - ok
18:16:12.0531 0x105c  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:16:12.0546 0x105c  clr_optimization_v4.0.30319_32 - ok
18:16:12.0546 0x105c  CmdIde - ok
18:16:12.0562 0x105c  COMSysApp - ok
18:16:12.0562 0x105c  Cpqarray - ok
18:16:12.0609 0x105c  [ 611F824E5C703A5A899F84C5F1699E4D, 9EFA5612FE58E9974E4CC13D39D91D7B5DEA3ED66BEFBED3AAE6D2800FD8162A ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
18:16:12.0703 0x105c  CryptSvc - ok
18:16:12.0703 0x105c  dac2w2k - ok
18:16:12.0718 0x105c  dac960nt - ok
18:16:12.0812 0x105c  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
18:16:12.0859 0x105c  DcomLaunch - ok
18:16:12.0906 0x105c  [ C29A1C9B75BA38FA37F8C44405DEC360, 7476D8BC4380CDE56764B2034AF3741DA4ED00F315E41C9A02B5EAD04374F241 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
18:16:13.0015 0x105c  Dhcp - ok
18:16:13.0046 0x105c  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
18:16:13.0125 0x105c  Disk - ok
18:16:13.0125 0x105c  dmadmin - ok
18:16:13.0156 0x105c  [ 0DCFC8395A99FECBB1EF771CEC7FE4EA, 89B0AEE5BE01B9FE4FF2989FF16DB6121721ACDFCE6D9655C0ACD321D8C308BE ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
18:16:13.0296 0x105c  dmboot - ok
18:16:13.0328 0x105c  [ 53720AB12B48719D00E327DA470A619A, 800264866A6267C9000A85D00095D57908D059D737E5F28C9C4049B884C46228 ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
18:16:13.0406 0x105c  dmio - ok
18:16:13.0406 0x105c  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
18:16:13.0500 0x105c  dmload - ok
18:16:13.0500 0x105c  [ 25C83FFBBA13B554EB6D59A9B2E2EE78, 9FBD655ED3E9163AE11EC207F283E387EFBA5A23108EC790BAE4846B35E66F16 ] dmserver        C:\WINDOWS\System32\dmserver.dll
18:16:13.0562 0x105c  dmserver - ok
18:16:13.0593 0x105c  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
18:16:13.0671 0x105c  DMusic - ok
18:16:13.0718 0x105c  [ 407F3227AC618FD1CA54B335B083DE07, 96B8E734648FE9A4EBA59C096C8779BD1A11A93A6303AFD438A406C8122D36C6 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
18:16:13.0750 0x105c  Dnscache - ok
18:16:13.0781 0x105c  [ 676E36C4FF5BCEA1900F44182B9723E6, 740CF18BD40E00FEA26CF0E6340C5D18F7D0B4390055FAEEC258B3AA790C4AE9 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
18:16:13.0859 0x105c  Dot3svc - ok
18:16:13.0875 0x105c  dpti2o - ok
18:16:13.0906 0x105c  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
18:16:13.0968 0x105c  drmkaud - ok
18:16:14.0000 0x105c  [ D60759140694150360BBEFD9CAB7C920, EDD0630640842BA55B3537C14CD79B5A6A34C40EAD1B0159992F1750A8313455 ] e1kexpress      C:\WINDOWS\system32\DRIVERS\e1k5132.sys
18:16:14.0015 0x105c  e1kexpress - ok
18:16:14.0046 0x105c  [ 4E4F2FDDAB0A0736D7671134DCCE91FB, 8E2C57D1A006856C47CBDD5765A9DD317DB205B26DA8BFC70555A506257A1CD9 ] EapHost         C:\WINDOWS\System32\eapsvc.dll
18:16:14.0109 0x105c  EapHost - ok
18:16:14.0109 0x105c  eLock2BurnerLockDriver - ok
18:16:14.0109 0x105c  eLock2FSCTLDriver - ok
18:16:14.0140 0x105c  [ 877C18558D70587AA7823A1A308AC96B, 6B336A62112988D855513F45153F73F8470C41A448E9B7438B4A8EC1813AABF1 ] ERSvc           C:\WINDOWS\System32\ersvc.dll
18:16:14.0218 0x105c  ERSvc - ok
18:16:14.0265 0x105c  [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] Eventlog        C:\WINDOWS\system32\services.exe
18:16:14.0281 0x105c  Eventlog - ok
18:16:14.0296 0x105c  [ AF4F6B5739D18CA7972AB53E091CBC74, A399E2CC026730D3A429727AAB48093B9F1E5DD8EB6336519C7F16182FDB3905 ] EventSystem     C:\WINDOWS\system32\es.dll
18:16:14.0343 0x105c  EventSystem - ok
18:16:14.0375 0x105c  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
18:16:14.0468 0x105c  Fastfat - ok
18:16:14.0500 0x105c  [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
18:16:14.0546 0x105c  FastUserSwitchingCompatibility - ok
18:16:14.0593 0x105c  [ 08B8B302AF0D1B3B8543429BBAC8F21F, F3370FE5C4BECB16F0668E6605792EF8096FE06A79D8234E3D6E1B584F2D4E5A ] Fax             C:\WINDOWS\system32\fxssvc.exe
18:16:14.0671 0x105c  Fax - ok
18:16:14.0703 0x105c  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys
18:16:14.0765 0x105c  Fdc - ok
18:16:14.0796 0x105c  [ B0678A548587C5F1967B0D70BACAD6C1, 7E49910212ED87313F926E4800EA8D34809C287A686CA69B82B79C1A6451F88C ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
18:16:14.0859 0x105c  Fips - ok
18:16:14.0890 0x105c  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
18:16:14.0984 0x105c  Flpydisk - ok
18:16:15.0015 0x105c  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
18:16:15.0078 0x105c  FltMgr - ok
18:16:15.0140 0x105c  [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
18:16:15.0156 0x105c  FontCache3.0.0.0 - ok
18:16:15.0187 0x105c  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:16:15.0296 0x105c  Fs_Rec - ok
18:16:15.0312 0x105c  [ 8F1955CE42E1484714B542F341647778, 8EB3F99625F409D3032561E8AB44BEFBFBFBA4EC873C2151C92A5CAAF7F2AA55 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
18:16:15.0390 0x105c  Ftdisk - ok
18:16:15.0515 0x105c  [ 2101F77D1E6E1B7CDB01E5958FCB36BD, D2D368D6B8486C25562B7BA751C5CF2E28AE17F892647778413E6C92528E4B71 ] GoogleDesktopManager-080708-050100 C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe
18:16:15.0531 0x105c  GoogleDesktopManager-080708-050100 - detected UnsignedFile.Multi.Generic ( 1 )
18:16:17.0937 0x105c  Detect skipped due to KSN trusted
18:16:17.0937 0x105c  GoogleDesktopManager-080708-050100 - ok
18:16:17.0984 0x105c  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
18:16:18.0062 0x105c  Gpc - ok
18:16:18.0109 0x105c  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate         C:\Programme\Google\Update\GoogleUpdate.exe
18:16:18.0125 0x105c  gupdate - ok
18:16:18.0140 0x105c  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem        C:\Programme\Google\Update\GoogleUpdate.exe
18:16:18.0156 0x105c  gupdatem - ok
18:16:18.0171 0x105c  [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
18:16:18.0265 0x105c  HDAudBus - ok
18:16:18.0281 0x105c  [ E4A123AD734A3731D29EBD3A01B3E535, 39B2B3EA68974C75007BEAA73AD95C937673A8896A1510DC5ED1F4878EF9F65E ] HECI            C:\WINDOWS\system32\DRIVERS\HECI.sys
18:16:18.0328 0x105c  HECI - ok
18:16:18.0375 0x105c  [ CB66BF85BF599BEFD6C6A57C2E20357F, 55D3A0F9279FF316766F42548FCB61C452942B08A37590C4892DF110BE4E53C6 ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
18:16:18.0468 0x105c  helpsvc - ok
18:16:18.0484 0x105c  [ B35DA85E60C0103F2E4104532DA2F12B, E13C9F73DF7713554CB614B36123D75014F5121AA1FC9069733E61758751CBE4 ] HidServ         C:\WINDOWS\System32\hidserv.dll
18:16:18.0546 0x105c  HidServ - ok
18:16:18.0578 0x105c  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] hidusb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
18:16:18.0656 0x105c  hidusb - ok
18:16:18.0687 0x105c  [ ED29F14101523A6E0E808107405D452C, B8FA987637787BEECC2EB06D36293DAC355523392B49A8C5A9491EEE961917E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
18:16:18.0750 0x105c  hkmsvc - ok
18:16:18.0750 0x105c  hpn - ok
18:16:18.0843 0x105c  [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
18:16:18.0890 0x105c  HTTP - ok
18:16:18.0921 0x105c  [ 9E4ADB854CEBCFB81A4B36718FEECD16, 677AB64460775686F8366D6BF35D420A2486C3F07338A00A7C2788A5142B9F08 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
18:16:19.0000 0x105c  HTTPFilter - ok
18:16:19.0015 0x105c  i2omgmt - ok
18:16:19.0015 0x105c  i2omp - ok
18:16:19.0031 0x105c  [ E283B97CFBEB86C1D86BAED5F7846A92, 7664F791D08C80DF1E52B34BE69F073AA645610C4BD975F498254807602374AB ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
18:16:19.0125 0x105c  i8042prt - ok
18:16:19.0250 0x105c  [ 3E42C4691AAD4B1E8D0466F9CBF05CBE, 8F53A86B97A25CE92D6A3EB9720F86308252C5B7A4BC62218FF8788229B132B8 ] IAANTMON        C:\Programme\Intel\Intel Matrix Storage Manager\IAANTMon.exe
18:16:19.0265 0x105c  IAANTMON - ok
18:16:19.0515 0x105c  [ 1312E0141A7BD409AFADD52FA565927E, A25B81AFA771CD2E46261CF954329383340BCCBB780CCD5A0C86B1B41A51152B ] ialm            C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
18:16:19.0859 0x105c  ialm - ok
18:16:19.0937 0x105c  [ 707C1692214B1C290271067197F075F6, 7D0DB754604AABC4AA09AB8BA94326B1A1C2A76F3C2C2C7D6FA14F964BE68A51 ] iaStor          C:\WINDOWS\system32\drivers\iaStor.sys
18:16:19.0953 0x105c  iaStor - ok
18:16:20.0000 0x105c  [ DAF66902F08796F9C694901660E5A64A, F4A4764DED05980426BAB54AAF040BC27A39C80315F5161E8D0B4C7F694BD8E6 ] IDriverT        C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe
18:16:20.0015 0x105c  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
18:16:22.0437 0x105c  Detect skipped due to KSN trusted
18:16:22.0437 0x105c  IDriverT - ok
18:16:22.0500 0x105c  [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc           C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:16:22.0593 0x105c  idsvc - ok
18:16:22.0609 0x105c  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
18:16:22.0687 0x105c  Imapi - ok
18:16:22.0781 0x105c  [ D4B413AA210C21E46AEDD2BA5B68D38E, 2309622867AA8FC832A729FA78F48742D4BD6CA0DAFBFB9DDB0772D671E1ED75 ] ImapiService    C:\WINDOWS\system32\imapi.exe
18:16:22.0906 0x105c  ImapiService - ok
18:16:22.0906 0x105c  ini910u - ok
18:16:23.0093 0x105c  [ 06AE6FA81E2AB6C4DF6ED1B2E7E95B4D, DD6092CDC45869937C7A7FFFC5AE05FC7ED03A61034C37A8A4F3EED1A8B53A93 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
18:16:23.0312 0x105c  IntcAzAudAddService - ok
18:16:23.0343 0x105c  [ 64C301D73DB18EBDC8680CA82D82AF2D, 1C0619E006E441EA588E0F0986CD85B7CDDD99CA59B4EB8E709A9C09CA4FF7C8 ] IntcHdmiAddService C:\WINDOWS\system32\drivers\IntcHdmi.sys
18:16:23.0390 0x105c  IntcHdmiAddService - ok
18:16:23.0390 0x105c  IntelIde - ok
18:16:23.0421 0x105c  [ 4C7D2750158ED6E7AD642D97BFFAE351, C05E4799752F090DCB632F07F62ADE38D31534621064D269AD535CA0BDFED448 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
18:16:23.0484 0x105c  intelppm - ok
18:16:23.0515 0x105c  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
18:16:23.0578 0x105c  Ip6Fw - ok
18:16:23.0593 0x105c  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:16:23.0656 0x105c  IpFilterDriver - ok
18:16:23.0687 0x105c  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
18:16:23.0750 0x105c  IpInIp - ok
18:16:23.0843 0x105c  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
18:16:23.0937 0x105c  IpNat - ok
18:16:23.0968 0x105c  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
18:16:24.0046 0x105c  IPSec - ok
18:16:24.0062 0x105c  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
18:16:24.0140 0x105c  IRENUM - ok
18:16:24.0171 0x105c  [ 6DFB88F64135C525433E87648BDA30DE, 8233EEFBEF36AAA152F2C55D23D7118F0DE40C9C22EB5D9793405A4770889540 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
18:16:24.0250 0x105c  isapnp - ok
18:16:24.0359 0x105c  [ A5937B2A94424CF1B13A4AD503AF6B2E, E96CE4E526E053FB410987BD444627BC7B26FCE48DC0A61916ADD0A69EFA6941 ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe
18:16:24.0375 0x105c  JavaQuickStarterService - ok
18:16:24.0375 0x105c  [ 1704D8C4C8807B889E43C649B478A452, E854C90CD301F42BE2520CEDAD35E49DF2D43606CF4EEED861B74882118D04D1 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
18:16:24.0468 0x105c  Kbdclass - ok
18:16:24.0484 0x105c  [ B6D6C117D771C98130497265F26D1882, E79CC4EA5C088F988BA61F80764F9CAD9B78BC56A7E17DD54622C75483BC5DF4 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
18:16:24.0562 0x105c  kbdhid - ok
18:16:24.0609 0x105c  [ 871C226234A48C24DFE7478F36C0050C, 657CAB49387E0E40311D4DEC93D9860B2DAC2C05F223698CFA2F9BB50B5F3022 ] KL1             C:\WINDOWS\system32\DRIVERS\kl1.sys
18:16:24.0625 0x105c  KL1 - ok
18:16:24.0687 0x105c  [ 2ECDD644A261423EF0F3424434DBAD0E, 113BA917EFBED5D78C0F411FD43EC6B2DC065A73B7BB7B22E81481CFC67C2A40 ] KLIF            C:\WINDOWS\system32\DRIVERS\klif.sys
18:16:24.0718 0x105c  KLIF - ok
18:16:24.0781 0x105c  [ 05E5504E5E06F75F18BBEA7291601FE2, 6A874BA7ACC57F817C9FA48D8320A1914BF197DBA288FC5C302AE26B447CE68B ] klim5           C:\WINDOWS\system32\DRIVERS\klim5.sys
18:16:24.0781 0x105c  klim5 - ok
18:16:24.0812 0x105c  [ E46C091AE3B8CEDD234DA57020870A0A, 8929707859ED3860B17EFB0551CA4E5F69580A095B1A9C0AF10C6CF98858730C ] klkbdflt        C:\WINDOWS\system32\DRIVERS\klkbdflt.sys
18:16:24.0828 0x105c  klkbdflt - ok
18:16:24.0843 0x105c  [ 480E19A71C6EDE70B7536E96B223CE1F, B9C5E76F68B2DAB0DC9F6DB080D3E785D18AA86ADB2AB0F497B68A58222CF59C ] klmouflt        C:\WINDOWS\system32\DRIVERS\klmouflt.sys
18:16:24.0859 0x105c  klmouflt - ok
18:16:24.0875 0x105c  [ 8FD802F86D4AB3FB329B8E51517BFF2A, 321750DC0C664FE5580C855D7B70AC74753DDD881F0C4482A2B4505BB2D88345 ] kltdi           C:\WINDOWS\system32\DRIVERS\kltdi.sys
18:16:24.0890 0x105c  kltdi - ok
18:16:24.0953 0x105c  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
18:16:25.0031 0x105c  kmixer - ok
18:16:25.0062 0x105c  [ 8F932DF10408BCABA2FCF6163C843F8E, 26BB4E2A2562CF6C687EC9F61C7B3C80992C1D57C47BBAEA8ED2AB6643A91C0E ] kneps           C:\WINDOWS\system32\DRIVERS\kneps.sys
18:16:25.0078 0x105c  kneps - ok
18:16:25.0093 0x105c  [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
18:16:25.0140 0x105c  KSecDD - ok
18:16:25.0187 0x105c  [ 2BBDCB79900990F0716DFCB714E72DE7, 6283789201164A9254632D9A3C8A54FE697717D5F8D5A37804D924DC2B70C8E3 ] LanmanServer    C:\WINDOWS\System32\srvsvc.dll
18:16:25.0250 0x105c  LanmanServer - ok
18:16:25.0296 0x105c  [ 1869B14B06B44B44AF70548E1EA3303F, 4D63B4DAF580C86F86837C7D1753E2105B4C52E26D4CA0CAAFE83755EFF7AFBE ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
18:16:25.0343 0x105c  lanmanworkstation - ok
18:16:25.0343 0x105c  lbrtfdc - ok
18:16:25.0390 0x105c  [ 793FF718477345CD5D232C50BED1E452, 1D39CF9F10742C79FF99B9B4E0361EAEA63B4FC545C58B54B55537D18C802941 ] LightScribeService C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
18:16:25.0421 0x105c  LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
18:16:27.0828 0x105c  Detect skipped due to KSN trusted
18:16:27.0828 0x105c  LightScribeService - ok
18:16:27.0890 0x105c  [ 636714B7D43C8D0C80449123FD266920, F06F6C7DC49B26EFCAC3570C67BA9BD934F62C6F382DA4DD2AB302C7B970F414 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
18:16:27.0968 0x105c  LmHosts - ok
18:16:28.0000 0x105c  [ CA8E887D035ED9C8AD1032A7AFDD8CD6, 74F8DD3ECC5A8B82C5420EB9644A610EF8FA20FFFC0517C9B29EF6798FD4B240 ] LMS             C:\Programme\Intel\AMT\LMS.exe
18:16:28.0031 0x105c  LMS - ok
18:16:28.0078 0x105c  [ B7550A7107281D170CE85524B1488C98, A3854B16A65436BEF6BEDE918B43B3BE8F00D303660DB5831DD376271DC43239 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
18:16:28.0140 0x105c  Messenger - ok
18:16:28.0187 0x105c  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
18:16:28.0250 0x105c  mnmdd - ok
18:16:28.0281 0x105c  [ C2F1D365FD96791B037EE504868065D3, 87BD87E08FD00D115524B049F1A3A719AB86557D68968E7090CD0F271F985CAF ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
18:16:28.0375 0x105c  mnmsrvc - ok
18:16:28.0375 0x105c  [ 6FB74EBD4EC57A6F1781DE3852CC3362, 0454509D9A31E0202C08AE17294E2682F227D177A3C73B303E4C8332757AFCA1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
18:16:28.0437 0x105c  Modem - ok
18:16:28.0468 0x105c  [ B24CE8005DEAB254C0251E15CB71D802, 6804A8ABDAD5EC846E7F8077D1EE9BA45D6226ACFF42C70BE3DE7C8980EF9EC4 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
18:16:28.0531 0x105c  Mouclass - ok
18:16:28.0546 0x105c  [ 66A6F73C74E1791464160A7065CE711A, 3C570FA1E8EF976B83759220FE95BAC9D7D48D607F91B113EDE4790D34ACBD46 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
18:16:28.0625 0x105c  mouhid - ok
18:16:28.0687 0x105c  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
18:16:28.0750 0x105c  MountMgr - ok
18:16:28.0906 0x105c  [ 3B9398E0146855B1DC0E3D9769C80F01, DF69DB5CA30A5577648635C27DD468AF98515D07DF379B3FFDCC6B40744EDE66 ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
18:16:28.0921 0x105c  MozillaMaintenance - ok
18:16:28.0921 0x105c  mraid35x - ok
18:16:28.0953 0x105c  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
18:16:29.0031 0x105c  MRxDAV - ok
18:16:29.0062 0x105c  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:16:29.0156 0x105c  MRxSmb - ok
18:16:29.0187 0x105c  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
18:16:29.0265 0x105c  Msfs - ok
18:16:29.0281 0x105c  MSIServer - ok
18:16:29.0296 0x105c  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:16:29.0375 0x105c  MSKSSRV - ok
18:16:29.0390 0x105c  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:16:29.0468 0x105c  MSPCLOCK - ok
18:16:29.0484 0x105c  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
18:16:29.0562 0x105c  MSPQM - ok
18:16:29.0578 0x105c  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
18:16:29.0640 0x105c  mssmbios - ok
18:16:29.0703 0x105c  [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
18:16:29.0765 0x105c  Mup - ok
18:16:29.0796 0x105c  [ 03CA886BA148B6B9996BE1368DDC3FC0, 0EA78CB430FBF8EF4C9F3D1EADF2B057939081B1367BC6610E918FA3C6D8920C ] NAL             C:\WINDOWS\system32\Drivers\iqvw32.sys
18:16:29.0796 0x105c  NAL - ok
18:16:29.0875 0x105c  [ 46BB15AE2AC7D025D6D2567B876817BD, 102A101B96D1078C98FA0F871C801A9A8538E20E5686AB0C7680B2F6C92B3165 ] napagent        C:\WINDOWS\System32\qagentrt.dll
18:16:29.0984 0x105c  napagent - ok
18:16:30.0031 0x105c  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
18:16:30.0093 0x105c  NDIS - ok
18:16:30.0156 0x105c  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:16:30.0218 0x105c  NdisTapi - ok
18:16:30.0281 0x105c  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:16:30.0359 0x105c  Ndisuio - ok
18:16:30.0375 0x105c  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:16:30.0437 0x105c  NdisWan - ok
18:16:30.0468 0x105c  [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
18:16:30.0546 0x105c  NDProxy - ok
18:16:30.0562 0x105c  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
18:16:30.0640 0x105c  NetBIOS - ok
18:16:30.0703 0x105c  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
18:16:30.0796 0x105c  NetBT - ok
18:16:30.0843 0x105c  [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDE          C:\WINDOWS\system32\netdde.exe
18:16:30.0921 0x105c  NetDDE - ok
18:16:30.0921 0x105c  [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
18:16:30.0984 0x105c  NetDDEdsdm - ok
18:16:31.0031 0x105c  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] Netlogon        C:\WINDOWS\system32\lsass.exe
18:16:31.0109 0x105c  Netlogon - ok
18:16:31.0187 0x105c  [ E6D88F1F6745BF00B57E7855A2AB696C, 12A5EDD853600FF5EBF91E127077745AE1E61E66DBC1D4D4306570F171AF4A39 ] Netman          C:\WINDOWS\System32\netman.dll
18:16:31.0296 0x105c  Netman - ok
18:16:31.0312 0x105c  [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:16:31.0328 0x105c  NetTcpPortSharing - ok
18:16:31.0375 0x105c  [ F1B67B6B0751AE0E6E964B02821206A3, 3D5A7593ABDEE2047C5738671C85DC8B95A4ECF58D5D7B04EEE13A689839A540 ] Nla             C:\WINDOWS\System32\mswsock.dll
18:16:31.0421 0x105c  Nla - ok
18:16:31.0453 0x105c  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
18:16:31.0515 0x105c  Npfs - ok
18:16:31.0531 0x105c  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
18:16:31.0640 0x105c  Ntfs - ok
18:16:31.0671 0x105c  [ 7F1C1F78D709C4A54CBB46EDE7E0B48D, 52135D41983A9E9E1DCA250A63017076AE22AA06D77CCF2E5EF41154F958584A ] NTIDrvr         C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys
18:16:31.0687 0x105c  NTIDrvr - detected UnsignedFile.Multi.Generic ( 1 )
18:16:34.0109 0x105c  Detect skipped due to KSN trusted
18:16:34.0109 0x105c  NTIDrvr - ok
18:16:34.0109 0x105c  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
18:16:34.0171 0x105c  NtLmSsp - ok
18:16:34.0203 0x105c  [ 56AF4064996FA5BAC9C449B1514B4770, 154602EFEC22728503D4ABA025DF711B0F2CFC983F5E3BF25F2A4BCD1AE250EC ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
18:16:34.0281 0x105c  NtmsSvc - ok
18:16:34.0312 0x105c  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys
18:16:34.0375 0x105c  Null - ok
18:16:34.0390 0x105c  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
18:16:34.0468 0x105c  NwlnkFlt - ok
18:16:34.0484 0x105c  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
18:16:34.0546 0x105c  NwlnkFwd - ok
18:16:34.0703 0x105c  [ 84DE1DD996B48B05ACE31AD015FA108A, 4B9D1E4EF83ECED6C77F23D9879C124534F7053D7423E3A2D0F67A4A720CEA94 ] odserv          C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE
18:16:34.0734 0x105c  odserv - ok
18:16:34.0796 0x105c  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
18:16:34.0828 0x105c  ose - ok
18:16:34.0875 0x105c  [ F84785660305B9B903FB3BCA8BA29837, BDBDE61076800415D98759077E9E039C80B55DBE68E31F8BF44A909C6C3D3276 ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
18:16:34.0968 0x105c  Parport - ok
18:16:35.0000 0x105c  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
18:16:35.0078 0x105c  PartMgr - ok
18:16:35.0109 0x105c  [ C2BF987829099A3EAA2CA6A0A90ECB4F, 1DF21EA8E43875CFEECD869407429F82FB449707CFB845718499468E699BAAAA ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
18:16:35.0187 0x105c  ParVdm - ok
18:16:35.0203 0x105c  [ 387E8DEDC343AA2D1EFBC30580273ACD, 5F3E642BDB759777E570ED5B22AC7E93CDCD362708F281657AD7BAB44EDEC802 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
18:16:35.0312 0x105c  PCI - ok
18:16:35.0312 0x105c  PCIDump - ok
18:16:35.0312 0x105c  [ 59BA86D9A61CBCF4DF8E598C331F5B82, 822D11C5CE77BFD7B2F25350CCBF92B0B9388EEA6D86ED220B768C720976D839 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
18:16:35.0390 0x105c  PCIIde - ok
18:16:35.0406 0x105c  [ A2A966B77D61847D61A3051DF87C8C97, 6CED7CA26DC62B0AAFC83A2E07336DAD25954491201BB8E06103971F3F0B8B51 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
18:16:35.0500 0x105c  Pcmcia - ok
18:16:35.0500 0x105c  PDCOMP - ok
18:16:35.0500 0x105c  PDFRAME - ok
18:16:35.0500 0x105c  PDRELI - ok
18:16:35.0500 0x105c  PDRFRAME - ok
18:16:35.0515 0x105c  perc2 - ok
18:16:35.0515 0x105c  perc2hib - ok
18:16:35.0546 0x105c  [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] PlugPlay        C:\WINDOWS\system32\services.exe
18:16:35.0562 0x105c  PlugPlay - ok
18:16:35.0578 0x105c  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
18:16:35.0640 0x105c  PolicyAgent - ok
18:16:35.0671 0x105c  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:16:35.0734 0x105c  PptpMiniport - ok
18:16:35.0750 0x105c  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
18:16:35.0812 0x105c  ProtectedStorage - ok
18:16:35.0812 0x105c  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
18:16:35.0875 0x105c  PSched - ok
18:16:35.0875 0x105c  psdfilter - ok
18:16:35.0875 0x105c  psdvdisk - ok
18:16:35.0875 0x105c  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
18:16:35.0968 0x105c  Ptilink - ok
18:16:35.0968 0x105c  ql1080 - ok
18:16:35.0968 0x105c  Ql10wnt - ok
18:16:35.0968 0x105c  ql12160 - ok
18:16:35.0968 0x105c  ql1240 - ok
18:16:35.0968 0x105c  ql1280 - ok
18:16:36.0000 0x105c  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:16:36.0078 0x105c  RasAcd - ok
18:16:36.0093 0x105c  [ F5BA6CACCDB66C8F048E867563203246, AFEAD8FC02313F7EBC8F9F39E7ED2868852B480BE3902FA7BD0AFD81492AB243 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
18:16:36.0171 0x105c  RasAuto - ok
18:16:36.0187 0x105c  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:16:36.0265 0x105c  Rasl2tp - ok
18:16:36.0296 0x105c  [ F9A7B66EA345726EDB5862A46B1ECCD5, 5D35429D394D36A1692A7E219BA1A85CD8096FEAE0F90BFE036A63118FEDBF57 ] RasMan          C:\WINDOWS\System32\rasmans.dll
18:16:36.0375 0x105c  RasMan - ok
18:16:36.0406 0x105c  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:16:36.0468 0x105c  RasPppoe - ok
18:16:36.0468 0x105c  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
18:16:36.0531 0x105c  Raspti - ok
18:16:36.0546 0x105c  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:16:36.0640 0x105c  Rdbss - ok
18:16:36.0656 0x105c  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
18:16:36.0718 0x105c  RDPCDD - ok
18:16:36.0750 0x105c  [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
18:16:36.0812 0x105c  rdpdr - ok
18:16:36.0859 0x105c  [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
18:16:36.0906 0x105c  RDPWD - ok
18:16:36.0937 0x105c  [ 263AF18AF0F3DB99F574C95F284CCEC9, 2BFA9952E97EFEB386FC56EC2C125080CD12DAC078DBE43C395CB4D9F22165D3 ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
18:16:37.0031 0x105c  RDSessMgr - ok
18:16:37.0062 0x105c  [ ED761D453856F795A7FE056E42C36365, EF026585B33415D8FCE94A9F27D7A4396C7C35C88E06A4CF0FEA702401E8597A ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
18:16:37.0125 0x105c  redbook - ok
18:16:37.0156 0x105c  [ 0E97EC96D6942CEEC2D188CC2EB69A01, D4253B4420BEF19451A55AB91E4834482181A31A31134F6E2AFE05C8E20C81A5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
18:16:37.0218 0x105c  RemoteAccess - ok
18:16:37.0250 0x105c  [ E4CD1F3D84E1C2CA0B8CF7501E201593, 649CC0B04F94D407EB6B4C7FDE2C6E4D2B1531307BC67C5775E44D66EF2E4F8A ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
18:16:37.0359 0x105c  RemoteRegistry - ok
18:16:37.0406 0x105c  [ 2AF094B1CE4725E4551F38FDA2348637, 80CB4987B3C3A66CC233738653A878A93783C1513C4898E0A475EB2101845DD4 ] RichVideo       C:\Programme\CyberLink\Shared Files\RichVideo.exe
18:16:37.0421 0x105c  RichVideo - detected UnsignedFile.Multi.Generic ( 1 )
18:16:39.0828 0x105c  Detect skipped due to KSN trusted
18:16:39.0828 0x105c  RichVideo - ok
18:16:39.0875 0x105c  [ 2A02E21867497DF20B8FC95631395169, D89E2D17ED4E1C727847C0E92D2DF68AEB70BF0B956BD2FE024ED70A961759D2 ] RpcLocator      C:\WINDOWS\system32\locator.exe
18:16:39.0953 0x105c  RpcLocator - ok
18:16:40.0000 0x105c  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
18:16:40.0031 0x105c  RpcSs - ok
18:16:40.0093 0x105c  [ 4BDD71B4B521521499DFD14735C4F398, 7B1498D3C67E56D05B58B7DA319ECB0117C37963AABB0E59B42831C087469DA1 ] RSVP            C:\WINDOWS\system32\rsvp.exe
18:16:40.0171 0x105c  RSVP - ok
18:16:40.0203 0x105c  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] SamSs           C:\WINDOWS\system32\lsass.exe
18:16:40.0265 0x105c  SamSs - ok
18:16:40.0281 0x105c  [ DCEC079FAD95D36C8DD5CB6D779DFE32, F8546552D939A225853A0CE4913701A93738DF02C999D16E141E9A828814BBC6 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
18:16:40.0359 0x105c  SCardSvr - ok
18:16:40.0390 0x105c  [ A050194A44D7FA8D7186ED2F4E8367AE, BCDF56D5A2F9E202DC67E7FE4BCC617BCC0BDFF2D221A621020068B17B2855BB ] Schedule        C:\WINDOWS\system32\schedsvc.dll
18:16:40.0484 0x105c  Schedule - ok
18:16:40.0515 0x105c  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
18:16:40.0578 0x105c  Secdrv - ok
18:16:40.0625 0x105c  [ BEE4CFD1D48C23B44CF4B974B0B79B2B, DF3B02D713F8A4602BE75F004074D5DF79AFF2D58FF37110B2A6AC29F680758B ] seclogon        C:\WINDOWS\System32\seclogon.dll
18:16:40.0687 0x105c  seclogon - ok
18:16:40.0796 0x105c  [ FB8D34963EE4D7F8C061DFFC593F0EE1, 32EA16F7BAE52BE000263CD9D3A8CAFF392055CEE57D9732C1CEF86E2D24EA92 ] SecureStorageService C:\Programme\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe
18:16:40.0828 0x105c  SecureStorageService - detected UnsignedFile.Multi.Generic ( 1 )
18:16:43.0234 0x105c  Detect skipped due to KSN trusted
18:16:43.0234 0x105c  SecureStorageService - ok
18:16:43.0265 0x105c  [ 2AAC9B6ED9EDDFFB721D6452E34D67E3, 95D83F054A6610328D56E56CD948A6618C590231853E56FC20E7557DB61384A4 ] SENS            C:\WINDOWS\system32\sens.dll
18:16:43.0343 0x105c  SENS - ok
18:16:43.0375 0x105c  [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
18:16:43.0453 0x105c  serenum - ok
18:16:43.0484 0x105c  [ CF24EB4F0412C82BCD1F4F35A025E31D, B74CB094126F5C23F601C34D53B2DF5BE3E5918230AC9DCFCFFA8E66B3A0FA25 ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
18:16:43.0562 0x105c  Serial - ok
18:16:43.0593 0x105c  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
18:16:43.0687 0x105c  Sfloppy - ok
18:16:43.0765 0x105c  [ CAD058D5F8B889A87CA3EB3CF624DCEF, A7CDCF44261D1F4D820927253EA8EBB63714B7BAFF8B08DE073507D9A7EEA5BB ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
18:16:43.0843 0x105c  SharedAccess - ok
18:16:43.0890 0x105c  [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
18:16:43.0906 0x105c  ShellHWDetection - ok
18:16:43.0906 0x105c  Simbad - ok
18:16:43.0937 0x105c  [ 004179B6C039D39B71FBE3D07C5DFE79, 4B4FCD4F33D81AF6A787DD0F1DED84874961D3488A8E2B0BF1D4D1A9EFDD25BC ] SkypeUpdate     C:\Programme\Skype\Updater\Updater.exe
18:16:43.0953 0x105c  SkypeUpdate - ok
18:16:43.0953 0x105c  Sparrow - ok
18:16:44.0000 0x105c  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
18:16:44.0078 0x105c  splitter - ok
18:16:44.0109 0x105c  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
18:16:44.0187 0x105c  Spooler - ok
18:16:44.0234 0x105c  [ 9263C8898732E2B890F7E954E7729AB7, DEBFD81E702893427972A6565A9AAA54A09B9F7F30CA9391011C6F7FB758A3F4 ] SQLWriter       C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe
18:16:44.0250 0x105c  SQLWriter - ok
18:16:44.0281 0x105c  [ 50FA898F8C032796D3B1B9951BB5A90F, 1C86273EC19EB96D6DB9CE6670C00683B77C99C42CC2F7E75BC50872B93446B1 ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
18:16:44.0375 0x105c  sr - ok
18:16:44.0390 0x105c  [ FE77A85495065F3AD59C5C65B6C54182, EB4BAF992F961B2FD5D24BFCB6BCB2142BC32933139A818835FEAB190E4283BB ] srservice       C:\WINDOWS\system32\srsvc.dll
18:16:44.0468 0x105c  srservice - ok
18:16:44.0500 0x105c  [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
18:16:44.0562 0x105c  Srv - ok
18:16:44.0578 0x105c  [ 4DF5B05DFAEC29E13E1ED6F6EE12C500, 2971D7D45D6942D310D47DBD19B9680D2D29527E79B86133C72217FD29259465 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
18:16:44.0656 0x105c  SSDPSRV - ok
18:16:44.0703 0x105c  [ BC2C5985611C5356B24AEB370953DED9, 15CBAB8166827DC098E2B16AB6F49A1441A4CB52AF3588F0AD964CAB596DFE10 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
18:16:44.0765 0x105c  stisvc - ok
18:16:44.0812 0x105c  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
18:16:44.0875 0x105c  swenum - ok
18:16:44.0921 0x105c  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
18:16:45.0000 0x105c  swmidi - ok
18:16:45.0000 0x105c  SwPrv - ok
18:16:45.0015 0x105c  symc810 - ok
18:16:45.0015 0x105c  symc8xx - ok
18:16:45.0015 0x105c  sym_hi - ok
18:16:45.0015 0x105c  sym_u3 - ok
18:16:45.0046 0x105c  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
18:16:45.0125 0x105c  sysaudio - ok
18:16:45.0156 0x105c  [ 2903FFFA2523926D6219428040DCE6B9, 4F13181931B0499F6C3F08138054DBCD1F84CB9806999A9172B80DE79D446F62 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
18:16:45.0234 0x105c  SysmonLog - ok
18:16:45.0296 0x105c  [ 05903CAC4B98908D55EA5774775B382E, AC3666CBD894D737874A5998DC7F46A0A51A7B23B1835FC735B9AD503A2191CC ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
18:16:45.0390 0x105c  TapiSrv - ok
18:16:45.0437 0x105c  [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:16:45.0484 0x105c  Tcpip - ok
18:16:45.0593 0x105c  [ BA9202E263A6FC1FFD7889FEA186A2C4, 8085E1F5144F8E54EDBA283E3BACCFDC2D560B9BFBCC5C2BD0143E1A17646DAA ] tcsd_win32.exe  C:\Programme\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
18:16:45.0703 0x105c  tcsd_win32.exe - detected UnsignedFile.Multi.Generic ( 1 )
18:16:48.0125 0x105c  Detect skipped due to KSN trusted
18:16:48.0125 0x105c  tcsd_win32.exe - ok
18:16:48.0140 0x105c  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
18:16:48.0203 0x105c  TDPIPE - ok
18:16:48.0218 0x105c  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
18:16:48.0296 0x105c  TDTCP - ok
18:16:48.0593 0x105c  [ C32E6295D7D024B2302EFF1A7FEFD720, A9E5C78FD8765367863FFCA4954E52EEC77BE4956A6910CD09BBBF9D5BC96D4E ] TeamViewer9     C:\Programme\TeamViewer\Version9\TeamViewer_Service.exe
18:16:48.0765 0x105c  TeamViewer9 - ok
18:16:48.0796 0x105c  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
18:16:48.0875 0x105c  TermDD - ok
18:16:48.0906 0x105c  [ B7DE02C863D8F5A005A7BF375375A6A4, 6DE05A7B28CA5A78D58536347FC47F15883EEDBEF487CEA0117CC280FC582DCC ] TermService     C:\WINDOWS\System32\termsrv.dll
18:16:48.0984 0x105c  TermService - ok
18:16:49.0015 0x105c  [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] Themes          C:\WINDOWS\System32\shsvcs.dll
18:16:49.0031 0x105c  Themes - ok
18:16:49.0062 0x105c  [ 03681A1CE77F51586903869A5AB1DEAB, E2EC0A481412166B654682C2F3D953E96E757466135CBD2D813B967EDB13C721 ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
18:16:49.0140 0x105c  TlntSvr - ok
18:16:49.0140 0x105c  TosIde - ok
18:16:49.0171 0x105c  [ 298572A7E0D5A63A90E134BB34CCACEB, 4B368C9DC7DC3F64884DA11F3F2E82C908EE909A35B3292D0AAE0DE98DB34D70 ] tpm             C:\WINDOWS\system32\DRIVERS\tpm.sys
18:16:49.0203 0x105c  tpm - detected UnsignedFile.Multi.Generic ( 1 )
18:16:51.0625 0x105c  Detect skipped due to KSN trusted
18:16:51.0625 0x105c  tpm - ok
18:16:51.0656 0x105c  [ 626504572B175867F30F3215C04B3E2F, 47E87CE9BC666D5CB5953C5D497DC00A7CC28F8EC0A064B3E47700279C5C4B91 ] TrkWks          C:\WINDOWS\system32\trkwks.dll
18:16:51.0750 0x105c  TrkWks - ok
18:16:51.0796 0x105c  [ E0C67BE430C6DE490D6CCAECFA071F9E, 831858F9A07122FBE513FC56D79F39F973FC9BA757D509C113AA975DE8A70EE5 ] UBHelper        C:\WINDOWS\system32\drivers\UBHelper.sys
18:16:51.0796 0x105c  UBHelper - detected UnsignedFile.Multi.Generic ( 1 )
18:16:54.0218 0x105c  Detect skipped due to KSN trusted
18:16:54.0218 0x105c  UBHelper - ok
18:16:54.0234 0x105c  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
18:16:54.0312 0x105c  Udfs - ok
18:16:54.0312 0x105c  ultra - ok
18:16:54.0421 0x105c  [ 22C01FC9E65070514FEDC846D51B2E53, 9329CBB1E6950DF0C9CC5E385636E99D797257A21823961F8FA408ECBEAD2297 ] UNS             C:\Programme\Gemeinsame Dateien\Intel\Privacy Icon\UNS\UNS.exe
18:16:54.0546 0x105c  UNS - ok
18:16:54.0593 0x105c  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
18:16:54.0671 0x105c  Update - ok
18:16:54.0703 0x105c  [ 1DFD8975D8C89214B98D9387C1125B49, 0B6B268487C8E45E9B86BF4A0A9DB669E0E45D600DE3C82B63F9986CA9E01082 ] upnphost        C:\WINDOWS\System32\upnphost.dll
18:16:54.0781 0x105c  upnphost - ok
18:16:54.0812 0x105c  [ 9B11E6118958E63E1FEF129466E2BDA7, 97168BCE3F4A9BB9E6500F05E34851FB957B219C598944FADC28AC0011C0503B ] UPS             C:\WINDOWS\System32\ups.exe
18:16:54.0890 0x105c  UPS - ok
18:16:54.0921 0x105c  [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
18:16:54.0984 0x105c  usbccgp - ok
18:16:55.0000 0x105c  [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
18:16:55.0015 0x105c  usbehci - ok
18:16:55.0031 0x105c  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
18:16:55.0125 0x105c  usbhub - ok
18:16:55.0156 0x105c  [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
18:16:55.0234 0x105c  usbprint - ok
18:16:55.0265 0x105c  [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
18:16:55.0296 0x105c  usbscan - ok
18:16:55.0328 0x105c  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
18:16:55.0406 0x105c  USBSTOR - ok
18:16:55.0421 0x105c  [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
18:16:55.0515 0x105c  usbuhci - ok
18:16:55.0562 0x105c  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
18:16:55.0625 0x105c  VgaSave - ok
18:16:55.0625 0x105c  ViaIde - ok
18:16:55.0640 0x105c  [ A5A712F4E880874A477AF790B5186E1D, FE885ED04C3EAFC379787F836738A2769E43D07CF52DD917D90C38E001957A5E ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
18:16:55.0703 0x105c  VolSnap - ok
18:16:55.0765 0x105c  [ 68F106273BE29E7B7EF8266977268E78, 1488AB7A654EBC94C73E1D494067189ACB95BC233980110CAC4C0297CDC4115A ] VSS             C:\WINDOWS\System32\vssvc.exe
18:16:55.0843 0x105c  VSS - ok
18:16:56.0031 0x105c  [ 3456619FC9CF2941084809B5D9E955BB, AF1CF7C4C35AC75E55CC4F2C23525B99E989202B3212B6590F4E003C874A2B03 ] vToolbarUpdater17.0.1 C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\17.0.1\ToolbarUpdater.exe
18:16:56.0203 0x105c  vToolbarUpdater17.0.1 - ok
18:16:56.0281 0x105c  [ 7B353059E665F8B7AD2BBEAEF597CF45, 84A4311F18A4B8DCB364741DEA7D18E2363F19564B2EF25214965DC729527068 ] W32Time         C:\WINDOWS\system32\w32time.dll
18:16:56.0343 0x105c  W32Time - ok
18:16:56.0343 0x105c  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:16:56.0437 0x105c  Wanarp - ok
18:16:56.0437 0x105c  Wave UCSPlus - ok
18:16:56.0468 0x105c  [ 2C88100C5691C1E283E283553BEE2729, D84FD669F758F73AA26B1A6962AA4347A10A8CC0638FEE5F30FDAACD2FE09F92 ] WaveEnrollmentService C:\Programme\Wave Systems Corp\Authentication Manager\WaveEnrollmentService.exe
18:16:56.0484 0x105c  WaveEnrollmentService - detected UnsignedFile.Multi.Generic ( 1 )
18:16:58.0906 0x105c  Detect skipped due to KSN trusted
18:16:58.0906 0x105c  WaveEnrollmentService - ok
18:16:58.0953 0x105c  [ 8D08539A4B17A0CFEF623CCB7AFB70D3, 2CADF8AA856F5B98D4F1262839507C1D4A2A5972C1A5FF099D77D6492D6F0F3B ] WavxDMgr        C:\WINDOWS\system32\DRIVERS\WavxDMgr.sys
18:16:58.0968 0x105c  WavxDMgr - ok
18:16:58.0968 0x105c  WDICA - ok
18:16:58.0984 0x105c  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
18:16:59.0062 0x105c  wdmaud - ok
18:16:59.0093 0x105c  [ 81727C9873E3905A2FFC1EBD07265002, 6AC2383A1DCBB7FA3DB90FBB874C8E1819F5B7492717FF41E303EFC7BF72F93E ] WebClient       C:\WINDOWS\System32\webclnt.dll
18:16:59.0187 0x105c  WebClient - ok
18:16:59.0296 0x105c  [ 6F3F3973D97714CC5F906A19FE883729, 7817118BE94D0F6FAE0F9CE48AD70FFE0AEF886CCE09C666768FAB61047F992F ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
18:16:59.0390 0x105c  winmgmt - ok
18:16:59.0421 0x105c  [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
18:16:59.0468 0x105c  WmdmPmSN - ok
18:16:59.0515 0x105c  [ FFA4D901D46D07A5BAB2D8307FBB51A6, 53C6D04D111EDF774C7F7EEB8D032B372E6244774D56B1B34CF1236027EC9450 ] Wmi             C:\WINDOWS\System32\advapi32.dll
18:16:59.0593 0x105c  Wmi - ok
18:16:59.0609 0x105c  [ C42584FD66CE9E17403AEBCA199F7BDB, E3F2E1066F36AE5D33D4482239B2E556BE0C137923C9A120DFB36EC82F2E77B0 ] WmiAcpi         C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
18:16:59.0671 0x105c  WmiAcpi - ok
18:16:59.0718 0x105c  [ 93908111BA57A6E60EC2FA2DE202105C, F395F25F18D15C6B9FEDB45FD31E10295FFE5517E2BC86ACAC11904EA0664BE2 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
18:16:59.0828 0x105c  WmiApSrv - ok
18:16:59.0921 0x105c  [ BF05650BB7DF5E9EBDD25974E22403BB, AF173D89B768CFC7AB03DFADD4F049CAC40AC59A0C9208AF5AB92CB368983077 ] WMPNetworkSvc   C:\Programme\Windows Media Player\WMPNetwk.exe
18:16:59.0984 0x105c  WMPNetworkSvc - ok
18:17:00.0015 0x105c  [ CF4DEF1BF66F06964DC0D91844239104, CC1D9CECE2056D29A9651D51BB57C3F4F9BF9E90A4808CF7496C683C874FBD51 ] WpdUsb          C:\WINDOWS\system32\DRIVERS\wpdusb.sys
18:17:00.0031 0x105c  WpdUsb - ok
18:17:00.0109 0x105c  [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
18:17:00.0187 0x105c  WPFFontCache_v0400 - ok
18:17:00.0234 0x105c  [ 300B3E84FAF1A5C1F791C159BA28035D, 0194856BDF94C1F274AF70AD558290ACDACDDEA331BD66FEB8E167ABD1E36786 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
18:17:00.0343 0x105c  wscsvc - ok
18:17:00.0390 0x105c  [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085, A1DB8909FA73337DB613D01824945485186654364A4DF129B8CB913CF87D1D2E ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
18:17:00.0468 0x105c  wuauserv - ok
18:17:00.0515 0x105c  [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
18:17:00.0546 0x105c  WudfPf - ok
18:17:00.0562 0x105c  [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
18:17:00.0578 0x105c  WudfRd - ok
18:17:00.0593 0x105c  [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
18:17:00.0640 0x105c  WudfSvc - ok
18:17:00.0671 0x105c  [ C4F109C005F6725162D2D12CA751E4A7, AC996B44338328BDD4442FE48406F286A64526F0EC77BE00A19FA7FDB0407CFE ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
18:17:00.0781 0x105c  WZCSVC - ok
18:17:00.0828 0x105c  [ 0ADA34871A2E1CD2CAAFED1237A47750, 45BEF8649078BD74C1A347B5F2D3A1958E5A7DCD6C6BA8A2E0CAD277A929C64E ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
18:17:00.0906 0x105c  xmlprov - ok
18:17:00.0906 0x105c  ================ Scan global ===============================
18:17:00.0953 0x105c  [ 2C60091CA5F67C3032EAB3B30390C27F, 9E205C8E67F4B61FCFA2A82AA1968D522C3B6410D7075BE813F7F1564D61632E ] C:\WINDOWS\system32\basesrv.dll
18:17:01.0015 0x105c  [ E62178BC21EAC63A3B9A2DBD46C1B505, CAA5480CC4DAA37758F0CF445F865FD6F4630080B044EF2E606C2F62DAA4061A ] C:\WINDOWS\system32\winsrv.dll
18:17:01.0031 0x105c  [ E62178BC21EAC63A3B9A2DBD46C1B505, CAA5480CC4DAA37758F0CF445F865FD6F4630080B044EF2E606C2F62DAA4061A ] C:\WINDOWS\system32\winsrv.dll
18:17:01.0046 0x105c  [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] C:\WINDOWS\system32\services.exe
18:17:01.0046 0x105c  [ Global ] - ok
18:17:01.0046 0x105c  ================ Scan MBR ==================================
18:17:01.0078 0x105c  [ BEEDF9B7F43A72A91456F7131AFC11B2 ] \Device\Harddisk0\DR0
18:17:01.0421 0x105c  \Device\Harddisk0\DR0 - ok
18:17:01.0421 0x105c  [ F120205471A79E72E8C3F099A8E368F1 ] \Device\Harddisk1\DR2
18:17:01.0515 0x105c  \Device\Harddisk1\DR2 - ok
18:17:01.0515 0x105c  ================ Scan VBR ==================================
18:17:01.0515 0x105c  [ 8103BEF32C9DB3714583420008773047 ] \Device\Harddisk0\DR0\Partition1
18:17:01.0515 0x105c  \Device\Harddisk0\DR0\Partition1 - ok
18:17:01.0515 0x105c  [ 772A88EB299E7F89D235268EF1C56F09 ] \Device\Harddisk1\DR2\Partition1
18:17:01.0515 0x105c  \Device\Harddisk1\DR2\Partition1 - ok
18:17:01.0531 0x105c  [ 1D2A7E4F6D5A05CD187EAFA47FAE5A54 ] \Device\Harddisk1\DR2\Partition2
18:17:01.0531 0x105c  \Device\Harddisk1\DR2\Partition2 - ok
18:17:01.0531 0x105c  [ F1F36C44F68957970569C1A4D1079D50 ] \Device\Harddisk1\DR2\Partition3
18:17:01.0531 0x105c  \Device\Harddisk1\DR2\Partition3 - ok
18:17:01.0531 0x105c  [ 367FF8BE969D86CE7B800022CB293DA3 ] \Device\Harddisk1\DR2\Partition4
18:17:01.0531 0x105c  \Device\Harddisk1\DR2\Partition4 - ok
18:17:01.0531 0x105c  Waiting for KSN requests completion. In queue: 37
18:17:02.0531 0x105c  Waiting for KSN requests completion. In queue: 37
18:17:03.0531 0x105c  Waiting for KSN requests completion. In queue: 37
18:17:04.0578 0x105c  AV detected via SS1: Kaspersky Internet Security, 13.0.1.4190, enabled, updated
18:17:04.0578 0x105c  FW detected via SS1: Kaspersky Internet Security, 13.0.1.4190, enabled
18:17:18.0921 0x105c  ============================================================
18:17:18.0921 0x105c  Scan finished
18:17:18.0921 0x105c  ============================================================
18:17:18.0937 0x1058  Detected object count: 0
18:17:18.0937 0x1058  Actual detected object count: 0
         
__________________
Miniaturansicht angehängter Grafiken
-tdsskiller-options.jpg  

Alt 09.02.2014, 18:38   #4
dgone
 
Hilfe! Malware/Backdoor gefunden & Outlook stürzt nach Start ab - Standard

Hilfe! Malware/Backdoor gefunden & Outlook stürzt nach Start ab



Hab einen weiteren Scan durchführen lassen, ohne diese (für mich) ominöse Option.
Nun findet er einiges:
Hier sind die Logs von beiden Scans enthalten (sorry teil des ersten Logs musste ich löschen, weil Post zu lang):
Code:
ATTFilter
18:13:39.0343 0x165c  TDSS rootkit removing tool 3.0.0.22 Feb  3 2014 16:45:35
18:13:50.0484 0x165c  ============================================================
18:13:50.0484 0x165c  Current date / time: 2014/02/09 18:13:50.0484
18:13:50.0484 0x165c  SystemInfo:
18:13:50.0484 0x165c  
18:13:50.0484 0x165c  OS Version: 5.1.2600 ServicePack: 3.0
18:13:50.0484 0x165c  Product type: Workstation
18:13:50.0484 0x165c  ComputerName: ACER-62802DF1A0
18:13:50.0484 0x165c  UserName: TanzZeit
18:13:50.0484 0x165c  Windows directory: C:\WINDOWS
18:13:50.0484 0x165c  System windows directory: C:\WINDOWS
18:13:50.0484 0x165c  Processor architecture: Intel x86
18:13:50.0484 0x165c  Number of processors: 2
18:13:50.0484 0x165c  Page size: 0x1000
18:13:50.0484 0x165c  Boot type: Normal boot
18:13:50.0484 0x165c  ============================================================
18:13:55.0156 0x165c  KLMD registered as C:\WINDOWS\system32\drivers\54469495.sys
18:13:55.0375 0x165c  System UUID: {93E65690-67EB-868B-50E0-6184CC58553B}
18:13:55.0875 0x165c  Drive \Device\Harddisk0\DR0 - Size: 0x4A85B00000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:13:55.0890 0x165c  Drive \Device\Harddisk1\DR2 - Size: 0x3BB3FFE00 (14.93 Gb), SectorSize: 0x200, Cylinders: 0x79C, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:13:55.0890 0x165c  ============================================================
18:13:55.0890 0x165c  \Device\Harddisk0\DR0:
18:13:55.0890 0x165c  MBR partitions:
18:13:55.0890 0x165c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2542D407
18:13:55.0890 0x165c  \Device\Harddisk1\DR2:
18:13:55.0890 0x165c  GPT partitions:
18:13:55.0890 0x165c  \Device\Harddisk1\DR2\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {970BC5AE-5058-41F6-A1FC-52AA01740B54}, Name: primary, StartLBA 0x800, BlocksNum 0xAB8FFF
18:13:55.0890 0x165c  \Device\Harddisk1\DR2\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {0E7984D1-4758-4E4B-909B-85AC9E2A9FC5}, Name: primary, StartLBA 0xAB97FF, BlocksNum 0x300000
18:13:55.0890 0x165c  \Device\Harddisk1\DR2\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {40B96404-516E-4864-BBF1-D6E2B1D8119F}, Name: primary, StartLBA 0xDB97FF, BlocksNum 0x1000000
18:13:55.0890 0x165c  \Device\Harddisk1\DR2\Partition4: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {B99B4EEC-4F8D-4D3A-81E4-828E08E8D2E0}, Name: primary, StartLBA 0x1DB97FF, BlocksNum 0x20000
18:13:55.0890 0x165c  MBR partitions:
18:13:55.0890 0x165c  ============================================================
18:13:55.0953 0x165c  C: <-> \Device\Harddisk0\DR0\Partition1
18:13:55.0953 0x165c  ============================================================
18:13:55.0953 0x165c  Initialize success
18:13:55.0953 0x165c  ============================================================
18:15:50.0843 0x105c  ============================================================
18:15:50.0843 0x105c  Scan started
18:15:50.0843 0x105c  Mode: Manual; SigCheck; TDLFS; 
18:15:50.0843 0x105c  ============================================================
...
!!!hier wurde einiges gelöscht!!!
...
============================================================
18:17:18.0921 0x105c  Scan finished
18:17:18.0921 0x105c  ============================================================
18:17:18.0937 0x1058  Detected object count: 0
18:17:18.0937 0x1058  Actual detected object count: 0
18:26:23.0750 0x16ac  ============================================================
18:26:23.0750 0x16ac  Scan started
18:26:23.0750 0x16ac  Mode: Manual; SigCheck; TDLFS; 
18:26:23.0750 0x16ac  ============================================================
18:26:23.0750 0x16ac  KSN ping started
18:26:37.0109 0x16ac  KSN ping finished: true
18:26:37.0265 0x16ac  ================ Scan system memory ========================
18:26:37.0265 0x16ac  System memory - ok
18:26:37.0265 0x16ac  ================ Scan services =============================
18:26:37.0593 0x16ac  Abiosdsk - ok
18:26:37.0593 0x16ac  abp480n5 - ok
18:26:37.0625 0x16ac  [ AC407F1A62C3A300B4F2B5A9F1D55B2C, 31F5FC61B37E22100B3A52A590295A7E827FFC581FA9960C64B9032452AAECED ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
18:26:37.0843 0x16ac  ACPI - ok
18:26:37.0875 0x16ac  [ 9E1CA3160DAFB159CA14F83B1E317F75, 13B3E897B0E819BF734449416D9EC6EBCAC89538EC69BF48C068593B82D57004 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
18:26:37.0937 0x16ac  ACPIEC - ok
18:26:37.0984 0x16ac  [ C8C6C0D659734FDBF63F6F421A5416BC, 11C452D77D0A8A5E430D0D0C9949797FFC03D2E3DADB8FBB9B63EDA868AFF83C ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:26:38.0000 0x16ac  AdobeFlashPlayerUpdateSvc - ok
18:26:38.0000 0x16ac  adpu160m - ok
18:26:38.0046 0x16ac  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys
18:26:38.0125 0x16ac  aec - ok
18:26:38.0171 0x16ac  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
18:26:38.0218 0x16ac  AFD - ok
18:26:38.0218 0x16ac  Aha154x - ok
18:26:38.0234 0x16ac  aic78u2 - ok
18:26:38.0234 0x16ac  aic78xx - ok
18:26:38.0250 0x16ac  [ 738D80CC01D7BC7584BE917B7F544394, DCC17AAEF5CDDF52FAAC3CC6904EF421CD595F66318A2370BEE261D5C3A8E340 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
18:26:38.0328 0x16ac  Alerter - ok
18:26:38.0359 0x16ac  [ 190CD73D4984F94D823F9444980513E5, 93A32C2495CCA094F768BA707C74DA5C00B8A88A9236DD1A297439A7C2E6C6FA ] ALG             C:\WINDOWS\System32\alg.exe
18:26:38.0437 0x16ac  ALG - ok
18:26:38.0437 0x16ac  AliIde - ok
18:26:38.0453 0x16ac  amsint - ok
18:26:38.0468 0x16ac  [ D45960BE52C3C610D361977057F98C54, 9186589B502F46B47672CFB8EBD558D51B0F3CBFE4E0DDBA625A4265236518CE ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
18:26:38.0531 0x16ac  AppMgmt - ok
18:26:38.0531 0x16ac  asc - ok
18:26:38.0531 0x16ac  asc3350p - ok
18:26:38.0546 0x16ac  asc3550 - ok
18:26:38.0671 0x16ac  [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
18:26:38.0687 0x16ac  aspnet_state - ok
18:26:38.0703 0x16ac  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:26:38.0765 0x16ac  AsyncMac - ok
18:26:38.0796 0x16ac  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
18:26:38.0843 0x16ac  atapi - ok
18:26:38.0859 0x16ac  Atdisk - ok
18:26:38.0875 0x16ac  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
18:26:38.0937 0x16ac  Atmarpc - ok
18:26:38.0984 0x16ac  [ 58ED0D5452DF7BE732193E7999C6B9A4, 254E2ECF592DDA2E3E6CA9F6F3E77926E2265586A7937BA95199ED47BCDE69A3 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
18:26:39.0062 0x16ac  AudioSrv - ok
18:26:39.0093 0x16ac  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
18:26:39.0156 0x16ac  audstub - ok
18:26:39.0203 0x16ac  [ 15ACA2AD17ACECA4814F249783E63AD3, AB8E74A5B8FC2FD04BA2B495610A8BE76408E9362A447D7069D5AAB8F3512F33 ] avgtp           C:\WINDOWS\system32\drivers\avgtpx86.sys
18:26:39.0218 0x16ac  avgtp - ok
18:26:39.0359 0x16ac  AVP - ok
18:26:39.0375 0x16ac  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
18:26:39.0437 0x16ac  Beep - ok
18:26:39.0484 0x16ac  [ D6F603772A789BB3228F310D650B8BD1, A539025C70FD998A9B8703DE05CAE5E99BC721D8852EA561EBC2DD20CB371D2E ] BITS            C:\WINDOWS\system32\qmgr.dll
18:26:39.0562 0x16ac  BITS - ok
18:26:39.0609 0x16ac  [ B71549F23736ADF83A571061C47777FD, A1D0320736EE777030A543DCA086367EB5A5B6F95088B9C22D8E09326C3A39A9 ] Browser         C:\WINDOWS\System32\browser.dll
18:26:39.0625 0x16ac  Browser - ok
18:26:39.0656 0x16ac  [ 2FE6D5BE0629F706197B30C0AA05DE30, 528ED3AA8129FDD6C8EF698E5ECE9BB93C0249CF0200115F13B36410A353F353 ] BrPar           C:\WINDOWS\System32\drivers\BrPar.sys
18:26:39.0687 0x16ac  BrPar - detected UnsignedFile.Multi.Generic ( 1 )
18:26:39.0765 0x16ac  BrPar ( UnsignedFile.Multi.Generic ) - warning
18:26:39.0765 0x16ac  Force sending object to P2P due to detect: C:\WINDOWS\System32\drivers\BrPar.sys
18:26:42.0218 0x16ac  Object send P2P result: true
18:26:44.0593 0x16ac  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
18:26:44.0640 0x16ac  cbidf2k - ok
18:26:44.0656 0x16ac  cd20xrnt - ok
18:26:44.0656 0x16ac  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
18:26:44.0718 0x16ac  Cdaudio - ok
18:26:44.0750 0x16ac  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
18:26:44.0796 0x16ac  Cdfs - ok
18:26:44.0828 0x16ac  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
18:26:44.0906 0x16ac  Cdrom - ok
18:26:44.0906 0x16ac  Changer - ok
18:26:44.0921 0x16ac  [ 28E3040D1F1CA2008CD6B29DFEBC9A5E, ACB458E8A11AA2143734A5A0281973D95158E6402A6453F98F9832D1E19B01F9 ] CiSvc           C:\WINDOWS\system32\cisvc.exe
18:26:44.0984 0x16ac  CiSvc - ok
18:26:45.0000 0x16ac  [ 778A30ED3C134EB7E406AFC407E9997D, 3E6AD115AB2596EB001BC21AEADDBC75F27C42DB90C986B7AD17743CE631234E ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
18:26:45.0078 0x16ac  ClipSrv - ok
18:26:45.0109 0x16ac  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:26:45.0125 0x16ac  clr_optimization_v2.0.50727_32 - ok
18:26:45.0203 0x16ac  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:26:45.0218 0x16ac  clr_optimization_v4.0.30319_32 - ok
18:26:45.0218 0x16ac  CmdIde - ok
18:26:45.0218 0x16ac  COMSysApp - ok
18:26:45.0218 0x16ac  Cpqarray - ok
18:26:45.0265 0x16ac  [ 611F824E5C703A5A899F84C5F1699E4D, 9EFA5612FE58E9974E4CC13D39D91D7B5DEA3ED66BEFBED3AAE6D2800FD8162A ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
18:26:45.0328 0x16ac  CryptSvc - ok
18:26:45.0343 0x16ac  dac2w2k - ok
18:26:45.0343 0x16ac  dac960nt - ok
18:26:45.0390 0x16ac  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
18:26:45.0453 0x16ac  DcomLaunch - ok
18:26:45.0484 0x16ac  [ C29A1C9B75BA38FA37F8C44405DEC360, 7476D8BC4380CDE56764B2034AF3741DA4ED00F315E41C9A02B5EAD04374F241 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
18:26:45.0562 0x16ac  Dhcp - ok
18:26:45.0593 0x16ac  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
18:26:45.0671 0x16ac  Disk - ok
18:26:45.0671 0x16ac  dmadmin - ok
18:26:45.0718 0x16ac  [ 0DCFC8395A99FECBB1EF771CEC7FE4EA, 89B0AEE5BE01B9FE4FF2989FF16DB6121721ACDFCE6D9655C0ACD321D8C308BE ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
18:26:45.0812 0x16ac  dmboot - ok
18:26:45.0843 0x16ac  [ 53720AB12B48719D00E327DA470A619A, 800264866A6267C9000A85D00095D57908D059D737E5F28C9C4049B884C46228 ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
18:26:45.0921 0x16ac  dmio - ok
18:26:45.0921 0x16ac  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
18:26:45.0984 0x16ac  dmload - ok
18:26:46.0000 0x16ac  [ 25C83FFBBA13B554EB6D59A9B2E2EE78, 9FBD655ED3E9163AE11EC207F283E387EFBA5A23108EC790BAE4846B35E66F16 ] dmserver        C:\WINDOWS\System32\dmserver.dll
18:26:46.0062 0x16ac  dmserver - ok
18:26:46.0109 0x16ac  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
18:26:46.0187 0x16ac  DMusic - ok
18:26:46.0218 0x16ac  [ 407F3227AC618FD1CA54B335B083DE07, 96B8E734648FE9A4EBA59C096C8779BD1A11A93A6303AFD438A406C8122D36C6 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
18:26:46.0234 0x16ac  Dnscache - ok
18:26:46.0265 0x16ac  [ 676E36C4FF5BCEA1900F44182B9723E6, 740CF18BD40E00FEA26CF0E6340C5D18F7D0B4390055FAEEC258B3AA790C4AE9 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
18:26:46.0328 0x16ac  Dot3svc - ok
18:26:46.0328 0x16ac  dpti2o - ok
18:26:46.0375 0x16ac  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
18:26:46.0453 0x16ac  drmkaud - ok
18:26:46.0484 0x16ac  [ D60759140694150360BBEFD9CAB7C920, EDD0630640842BA55B3537C14CD79B5A6A34C40EAD1B0159992F1750A8313455 ] e1kexpress      C:\WINDOWS\system32\DRIVERS\e1k5132.sys
18:26:46.0500 0x16ac  e1kexpress - ok
18:26:46.0515 0x16ac  [ 4E4F2FDDAB0A0736D7671134DCCE91FB, 8E2C57D1A006856C47CBDD5765A9DD317DB205B26DA8BFC70555A506257A1CD9 ] EapHost         C:\WINDOWS\System32\eapsvc.dll
18:26:46.0593 0x16ac  EapHost - ok
18:26:46.0593 0x16ac  eLock2BurnerLockDriver - ok
18:26:46.0593 0x16ac  eLock2FSCTLDriver - ok
18:26:46.0593 0x16ac  [ 877C18558D70587AA7823A1A308AC96B, 6B336A62112988D855513F45153F73F8470C41A448E9B7438B4A8EC1813AABF1 ] ERSvc           C:\WINDOWS\System32\ersvc.dll
18:26:46.0656 0x16ac  ERSvc - ok
18:26:46.0703 0x16ac  [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] Eventlog        C:\WINDOWS\system32\services.exe
18:26:46.0750 0x16ac  Eventlog - ok
18:26:46.0796 0x16ac  [ AF4F6B5739D18CA7972AB53E091CBC74, A399E2CC026730D3A429727AAB48093B9F1E5DD8EB6336519C7F16182FDB3905 ] EventSystem     C:\WINDOWS\system32\es.dll
18:26:46.0843 0x16ac  EventSystem - ok
18:26:46.0875 0x16ac  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
18:26:46.0937 0x16ac  Fastfat - ok
18:26:46.0984 0x16ac  [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
18:26:47.0000 0x16ac  FastUserSwitchingCompatibility - ok
18:26:47.0031 0x16ac  [ 08B8B302AF0D1B3B8543429BBAC8F21F, F3370FE5C4BECB16F0668E6605792EF8096FE06A79D8234E3D6E1B584F2D4E5A ] Fax             C:\WINDOWS\system32\fxssvc.exe
18:26:47.0125 0x16ac  Fax - ok
18:26:47.0140 0x16ac  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys
18:26:47.0203 0x16ac  Fdc - ok
18:26:47.0250 0x16ac  [ B0678A548587C5F1967B0D70BACAD6C1, 7E49910212ED87313F926E4800EA8D34809C287A686CA69B82B79C1A6451F88C ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
18:26:47.0312 0x16ac  Fips - ok
18:26:47.0343 0x16ac  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
18:26:47.0421 0x16ac  Flpydisk - ok
18:26:47.0453 0x16ac  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
18:26:47.0515 0x16ac  FltMgr - ok
18:26:47.0593 0x16ac  [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
18:26:47.0609 0x16ac  FontCache3.0.0.0 - ok
18:26:47.0625 0x16ac  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:26:47.0703 0x16ac  Fs_Rec - ok
18:26:47.0734 0x16ac  [ 8F1955CE42E1484714B542F341647778, 8EB3F99625F409D3032561E8AB44BEFBFBFBA4EC873C2151C92A5CAAF7F2AA55 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
18:26:47.0812 0x16ac  Ftdisk - ok
18:26:47.0953 0x16ac  [ 2101F77D1E6E1B7CDB01E5958FCB36BD, D2D368D6B8486C25562B7BA751C5CF2E28AE17F892647778413E6C92528E4B71 ] GoogleDesktopManager-080708-050100 C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe
18:26:47.0968 0x16ac  GoogleDesktopManager-080708-050100 - detected UnsignedFile.Multi.Generic ( 1 )
18:26:47.0968 0x16ac  GoogleDesktopManager-080708-050100 ( UnsignedFile.Multi.Generic ) - warning
18:26:50.0343 0x16ac  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
18:26:50.0421 0x16ac  Gpc - ok
18:26:50.0468 0x16ac  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate         C:\Programme\Google\Update\GoogleUpdate.exe
18:26:50.0484 0x16ac  gupdate - ok
18:26:50.0484 0x16ac  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem        C:\Programme\Google\Update\GoogleUpdate.exe
18:26:50.0500 0x16ac  gupdatem - ok
18:26:50.0500 0x16ac  [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
18:26:50.0593 0x16ac  HDAudBus - ok
18:26:50.0625 0x16ac  [ E4A123AD734A3731D29EBD3A01B3E535, 39B2B3EA68974C75007BEAA73AD95C937673A8896A1510DC5ED1F4878EF9F65E ] HECI            C:\WINDOWS\system32\DRIVERS\HECI.sys
18:26:50.0656 0x16ac  HECI - ok
18:26:50.0687 0x16ac  [ CB66BF85BF599BEFD6C6A57C2E20357F, 55D3A0F9279FF316766F42548FCB61C452942B08A37590C4892DF110BE4E53C6 ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
18:26:50.0765 0x16ac  helpsvc - ok
18:26:50.0812 0x16ac  [ B35DA85E60C0103F2E4104532DA2F12B, E13C9F73DF7713554CB614B36123D75014F5121AA1FC9069733E61758751CBE4 ] HidServ         C:\WINDOWS\System32\hidserv.dll
18:26:50.0890 0x16ac  HidServ - ok
18:26:50.0937 0x16ac  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] hidusb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
18:26:51.0015 0x16ac  hidusb - ok
18:26:51.0046 0x16ac  [ ED29F14101523A6E0E808107405D452C, B8FA987637787BEECC2EB06D36293DAC355523392B49A8C5A9491EEE961917E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
18:26:51.0109 0x16ac  hkmsvc - ok
18:26:51.0109 0x16ac  hpn - ok
18:26:51.0171 0x16ac  [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
18:26:51.0203 0x16ac  HTTP - ok
18:26:51.0250 0x16ac  [ 9E4ADB854CEBCFB81A4B36718FEECD16, 677AB64460775686F8366D6BF35D420A2486C3F07338A00A7C2788A5142B9F08 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
18:26:51.0328 0x16ac  HTTPFilter - ok
18:26:51.0328 0x16ac  i2omgmt - ok
18:26:51.0328 0x16ac  i2omp - ok
18:26:51.0359 0x16ac  [ E283B97CFBEB86C1D86BAED5F7846A92, 7664F791D08C80DF1E52B34BE69F073AA645610C4BD975F498254807602374AB ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
18:26:51.0437 0x16ac  i8042prt - ok
18:26:51.0531 0x16ac  [ 3E42C4691AAD4B1E8D0466F9CBF05CBE, 8F53A86B97A25CE92D6A3EB9720F86308252C5B7A4BC62218FF8788229B132B8 ] IAANTMON        C:\Programme\Intel\Intel Matrix Storage Manager\IAANTMon.exe
18:26:51.0562 0x16ac  IAANTMON - ok
18:26:51.0843 0x16ac  [ 1312E0141A7BD409AFADD52FA565927E, A25B81AFA771CD2E46261CF954329383340BCCBB780CCD5A0C86B1B41A51152B ] ialm            C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
18:26:52.0046 0x16ac  ialm - ok
18:26:52.0093 0x16ac  [ 707C1692214B1C290271067197F075F6, 7D0DB754604AABC4AA09AB8BA94326B1A1C2A76F3C2C2C7D6FA14F964BE68A51 ] iaStor          C:\WINDOWS\system32\drivers\iaStor.sys
18:26:52.0109 0x16ac  iaStor - ok
18:26:52.0187 0x16ac  [ DAF66902F08796F9C694901660E5A64A, F4A4764DED05980426BAB54AAF040BC27A39C80315F5161E8D0B4C7F694BD8E6 ] IDriverT        C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe
18:26:52.0203 0x16ac  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
18:26:52.0203 0x16ac  IDriverT ( UnsignedFile.Multi.Generic ) - warning
18:26:54.0625 0x16ac  [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc           C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:26:54.0671 0x16ac  idsvc - ok
18:26:54.0703 0x16ac  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
18:26:54.0750 0x16ac  Imapi - ok
18:26:54.0828 0x16ac  [ D4B413AA210C21E46AEDD2BA5B68D38E, 2309622867AA8FC832A729FA78F48742D4BD6CA0DAFBFB9DDB0772D671E1ED75 ] ImapiService    C:\WINDOWS\system32\imapi.exe
18:26:54.0937 0x16ac  ImapiService - ok
18:26:54.0953 0x16ac  ini910u - ok
18:26:55.0125 0x16ac  [ 06AE6FA81E2AB6C4DF6ED1B2E7E95B4D, DD6092CDC45869937C7A7FFFC5AE05FC7ED03A61034C37A8A4F3EED1A8B53A93 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
18:26:55.0359 0x16ac  IntcAzAudAddService - ok
18:26:55.0390 0x16ac  [ 64C301D73DB18EBDC8680CA82D82AF2D, 1C0619E006E441EA588E0F0986CD85B7CDDD99CA59B4EB8E709A9C09CA4FF7C8 ] IntcHdmiAddService C:\WINDOWS\system32\drivers\IntcHdmi.sys
18:26:55.0406 0x16ac  IntcHdmiAddService - ok
18:26:55.0406 0x16ac  IntelIde - ok
18:26:55.0453 0x16ac  [ 4C7D2750158ED6E7AD642D97BFFAE351, C05E4799752F090DCB632F07F62ADE38D31534621064D269AD535CA0BDFED448 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
18:26:55.0515 0x16ac  intelppm - ok
18:26:55.0546 0x16ac  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
18:26:55.0609 0x16ac  Ip6Fw - ok
18:26:55.0640 0x16ac  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:26:55.0703 0x16ac  IpFilterDriver - ok
18:26:55.0718 0x16ac  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
18:26:55.0796 0x16ac  IpInIp - ok
18:26:55.0859 0x16ac  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
18:26:55.0953 0x16ac  IpNat - ok
18:26:55.0984 0x16ac  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
18:26:56.0062 0x16ac  IPSec - ok
18:26:56.0078 0x16ac  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
18:26:56.0156 0x16ac  IRENUM - ok
18:26:56.0187 0x16ac  [ 6DFB88F64135C525433E87648BDA30DE, 8233EEFBEF36AAA152F2C55D23D7118F0DE40C9C22EB5D9793405A4770889540 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
18:26:56.0265 0x16ac  isapnp - ok
18:26:56.0375 0x16ac  [ A5937B2A94424CF1B13A4AD503AF6B2E, E96CE4E526E053FB410987BD444627BC7B26FCE48DC0A61916ADD0A69EFA6941 ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe
18:26:56.0390 0x16ac  JavaQuickStarterService - ok
18:26:56.0406 0x16ac  [ 1704D8C4C8807B889E43C649B478A452, E854C90CD301F42BE2520CEDAD35E49DF2D43606CF4EEED861B74882118D04D1 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
18:26:56.0484 0x16ac  Kbdclass - ok
18:26:56.0515 0x16ac  [ B6D6C117D771C98130497265F26D1882, E79CC4EA5C088F988BA61F80764F9CAD9B78BC56A7E17DD54622C75483BC5DF4 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
18:26:56.0593 0x16ac  kbdhid - ok
18:26:56.0640 0x16ac  [ 871C226234A48C24DFE7478F36C0050C, 657CAB49387E0E40311D4DEC93D9860B2DAC2C05F223698CFA2F9BB50B5F3022 ] KL1             C:\WINDOWS\system32\DRIVERS\kl1.sys
18:26:56.0656 0x16ac  KL1 - ok
18:26:56.0703 0x16ac  [ 2ECDD644A261423EF0F3424434DBAD0E, 113BA917EFBED5D78C0F411FD43EC6B2DC065A73B7BB7B22E81481CFC67C2A40 ] KLIF            C:\WINDOWS\system32\DRIVERS\klif.sys
18:26:56.0734 0x16ac  KLIF - ok
18:26:56.0796 0x16ac  [ 05E5504E5E06F75F18BBEA7291601FE2, 6A874BA7ACC57F817C9FA48D8320A1914BF197DBA288FC5C302AE26B447CE68B ] klim5           C:\WINDOWS\system32\DRIVERS\klim5.sys
18:26:56.0812 0x16ac  klim5 - ok
18:26:56.0828 0x16ac  [ E46C091AE3B8CEDD234DA57020870A0A, 8929707859ED3860B17EFB0551CA4E5F69580A095B1A9C0AF10C6CF98858730C ] klkbdflt        C:\WINDOWS\system32\DRIVERS\klkbdflt.sys
18:26:56.0828 0x16ac  klkbdflt - ok
18:26:56.0843 0x16ac  [ 480E19A71C6EDE70B7536E96B223CE1F, B9C5E76F68B2DAB0DC9F6DB080D3E785D18AA86ADB2AB0F497B68A58222CF59C ] klmouflt        C:\WINDOWS\system32\DRIVERS\klmouflt.sys
18:26:56.0859 0x16ac  klmouflt - ok
18:26:56.0875 0x16ac  [ 8FD802F86D4AB3FB329B8E51517BFF2A, 321750DC0C664FE5580C855D7B70AC74753DDD881F0C4482A2B4505BB2D88345 ] kltdi           C:\WINDOWS\system32\DRIVERS\kltdi.sys
18:26:56.0890 0x16ac  kltdi - ok
18:26:56.0937 0x16ac  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
18:26:57.0031 0x16ac  kmixer - ok
18:26:57.0046 0x16ac  [ 8F932DF10408BCABA2FCF6163C843F8E, 26BB4E2A2562CF6C687EC9F61C7B3C80992C1D57C47BBAEA8ED2AB6643A91C0E ] kneps           C:\WINDOWS\system32\DRIVERS\kneps.sys
18:26:57.0062 0x16ac  kneps - ok
18:26:57.0109 0x16ac  [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
18:26:57.0140 0x16ac  KSecDD - ok
18:26:57.0187 0x16ac  [ 2BBDCB79900990F0716DFCB714E72DE7, 6283789201164A9254632D9A3C8A54FE697717D5F8D5A37804D924DC2B70C8E3 ] LanmanServer    C:\WINDOWS\System32\srvsvc.dll
18:26:57.0203 0x16ac  LanmanServer - ok
18:26:57.0281 0x16ac  [ 1869B14B06B44B44AF70548E1EA3303F, 4D63B4DAF580C86F86837C7D1753E2105B4C52E26D4CA0CAAFE83755EFF7AFBE ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
18:26:57.0312 0x16ac  lanmanworkstation - ok
18:26:57.0312 0x16ac  lbrtfdc - ok
18:26:57.0406 0x16ac  [ 793FF718477345CD5D232C50BED1E452, 1D39CF9F10742C79FF99B9B4E0361EAEA63B4FC545C58B54B55537D18C802941 ] LightScribeService C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
18:26:57.0406 0x16ac  LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
18:26:57.0406 0x16ac  LightScribeService ( UnsignedFile.Multi.Generic ) - warning
18:26:59.0781 0x16ac  [ 636714B7D43C8D0C80449123FD266920, F06F6C7DC49B26EFCAC3570C67BA9BD934F62C6F382DA4DD2AB302C7B970F414 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
18:26:59.0875 0x16ac  LmHosts - ok
18:26:59.0875 0x16ac  [ CA8E887D035ED9C8AD1032A7AFDD8CD6, 74F8DD3ECC5A8B82C5420EB9644A610EF8FA20FFFC0517C9B29EF6798FD4B240 ] LMS             C:\Programme\Intel\AMT\LMS.exe
18:26:59.0890 0x16ac  LMS - ok
18:26:59.0921 0x16ac  [ B7550A7107281D170CE85524B1488C98, A3854B16A65436BEF6BEDE918B43B3BE8F00D303660DB5831DD376271DC43239 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
18:26:59.0984 0x16ac  Messenger - ok
18:27:00.0031 0x16ac  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
18:27:00.0078 0x16ac  mnmdd - ok
18:27:00.0125 0x16ac  [ C2F1D365FD96791B037EE504868065D3, 87BD87E08FD00D115524B049F1A3A719AB86557D68968E7090CD0F271F985CAF ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
18:27:00.0187 0x16ac  mnmsrvc - ok
18:27:00.0203 0x16ac  [ 6FB74EBD4EC57A6F1781DE3852CC3362, 0454509D9A31E0202C08AE17294E2682F227D177A3C73B303E4C8332757AFCA1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
18:27:00.0265 0x16ac  Modem - ok
18:27:00.0296 0x16ac  [ B24CE8005DEAB254C0251E15CB71D802, 6804A8ABDAD5EC846E7F8077D1EE9BA45D6226ACFF42C70BE3DE7C8980EF9EC4 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
18:27:00.0343 0x16ac  Mouclass - ok
18:27:00.0359 0x16ac  [ 66A6F73C74E1791464160A7065CE711A, 3C570FA1E8EF976B83759220FE95BAC9D7D48D607F91B113EDE4790D34ACBD46 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
18:27:00.0453 0x16ac  mouhid - ok
18:27:00.0468 0x16ac  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
18:27:00.0531 0x16ac  MountMgr - ok
18:27:00.0625 0x16ac  [ 3B9398E0146855B1DC0E3D9769C80F01, DF69DB5CA30A5577648635C27DD468AF98515D07DF379B3FFDCC6B40744EDE66 ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
18:27:00.0640 0x16ac  MozillaMaintenance - ok
18:27:00.0640 0x16ac  mraid35x - ok
18:27:00.0656 0x16ac  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
18:27:00.0734 0x16ac  MRxDAV - ok
18:27:00.0750 0x16ac  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:27:00.0796 0x16ac  MRxSmb - ok
18:27:00.0828 0x16ac  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
18:27:00.0890 0x16ac  Msfs - ok
18:27:00.0890 0x16ac  MSIServer - ok
18:27:00.0921 0x16ac  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:27:00.0968 0x16ac  MSKSSRV - ok
18:27:00.0984 0x16ac  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:27:01.0046 0x16ac  MSPCLOCK - ok
18:27:01.0062 0x16ac  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
18:27:01.0125 0x16ac  MSPQM - ok
18:27:01.0156 0x16ac  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
18:27:01.0203 0x16ac  mssmbios - ok
18:27:01.0234 0x16ac  [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
18:27:01.0250 0x16ac  Mup - ok
18:27:01.0265 0x16ac  [ 03CA886BA148B6B9996BE1368DDC3FC0, 0EA78CB430FBF8EF4C9F3D1EADF2B057939081B1367BC6610E918FA3C6D8920C ] NAL             C:\WINDOWS\system32\Drivers\iqvw32.sys
18:27:01.0265 0x16ac  NAL - ok
18:27:01.0312 0x16ac  [ 46BB15AE2AC7D025D6D2567B876817BD, 102A101B96D1078C98FA0F871C801A9A8538E20E5686AB0C7680B2F6C92B3165 ] napagent        C:\WINDOWS\System32\qagentrt.dll
18:27:01.0390 0x16ac  napagent - ok
18:27:01.0421 0x16ac  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
18:27:01.0484 0x16ac  NDIS - ok
18:27:01.0531 0x16ac  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:27:01.0546 0x16ac  NdisTapi - ok
18:27:01.0593 0x16ac  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:27:01.0671 0x16ac  Ndisuio - ok
18:27:01.0687 0x16ac  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:27:01.0750 0x16ac  NdisWan - ok
18:27:01.0750 0x16ac  [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
18:27:01.0812 0x16ac  NDProxy - ok
18:27:01.0859 0x16ac  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
18:27:02.0015 0x16ac  NetBIOS - ok
18:27:02.0031 0x16ac  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
18:27:02.0125 0x16ac  NetBT - ok
18:27:02.0156 0x16ac  [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDE          C:\WINDOWS\system32\netdde.exe
18:27:02.0218 0x16ac  NetDDE - ok
18:27:02.0218 0x16ac  [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
18:27:02.0281 0x16ac  NetDDEdsdm - ok
18:27:02.0328 0x16ac  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] Netlogon        C:\WINDOWS\system32\lsass.exe
18:27:02.0406 0x16ac  Netlogon - ok
18:27:02.0437 0x16ac  [ E6D88F1F6745BF00B57E7855A2AB696C, 12A5EDD853600FF5EBF91E127077745AE1E61E66DBC1D4D4306570F171AF4A39 ] Netman          C:\WINDOWS\System32\netman.dll
18:27:02.0500 0x16ac  Netman - ok
18:27:02.0546 0x16ac  [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:27:02.0562 0x16ac  NetTcpPortSharing - ok
18:27:02.0593 0x16ac  [ F1B67B6B0751AE0E6E964B02821206A3, 3D5A7593ABDEE2047C5738671C85DC8B95A4ECF58D5D7B04EEE13A689839A540 ] Nla             C:\WINDOWS\System32\mswsock.dll
18:27:02.0609 0x16ac  Nla - ok
18:27:02.0656 0x16ac  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
18:27:02.0718 0x16ac  Npfs - ok
18:27:02.0734 0x16ac  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
18:27:02.0843 0x16ac  Ntfs - ok
18:27:02.0859 0x16ac  [ 7F1C1F78D709C4A54CBB46EDE7E0B48D, 52135D41983A9E9E1DCA250A63017076AE22AA06D77CCF2E5EF41154F958584A ] NTIDrvr         C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys
18:27:02.0875 0x16ac  NTIDrvr - detected UnsignedFile.Multi.Generic ( 1 )
18:27:02.0875 0x16ac  NTIDrvr ( UnsignedFile.Multi.Generic ) - warning
18:27:05.0234 0x16ac  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
18:27:05.0296 0x16ac  NtLmSsp - ok
18:27:05.0312 0x16ac  [ 56AF4064996FA5BAC9C449B1514B4770, 154602EFEC22728503D4ABA025DF711B0F2CFC983F5E3BF25F2A4BCD1AE250EC ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
18:27:05.0390 0x16ac  NtmsSvc - ok
18:27:05.0406 0x16ac  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys
18:27:05.0484 0x16ac  Null - ok
18:27:05.0500 0x16ac  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
18:27:05.0562 0x16ac  NwlnkFlt - ok
18:27:05.0593 0x16ac  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
18:27:05.0687 0x16ac  NwlnkFwd - ok
18:27:05.0812 0x16ac  [ 84DE1DD996B48B05ACE31AD015FA108A, 4B9D1E4EF83ECED6C77F23D9879C124534F7053D7423E3A2D0F67A4A720CEA94 ] odserv          C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE
18:27:05.0828 0x16ac  odserv - ok
18:27:05.0875 0x16ac  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
18:27:05.0875 0x16ac  ose - ok
18:27:05.0906 0x16ac  [ F84785660305B9B903FB3BCA8BA29837, BDBDE61076800415D98759077E9E039C80B55DBE68E31F8BF44A909C6C3D3276 ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
18:27:05.0968 0x16ac  Parport - ok
18:27:06.0015 0x16ac  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
18:27:06.0078 0x16ac  PartMgr - ok
18:27:06.0078 0x16ac  [ C2BF987829099A3EAA2CA6A0A90ECB4F, 1DF21EA8E43875CFEECD869407429F82FB449707CFB845718499468E699BAAAA ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
18:27:06.0140 0x16ac  ParVdm - ok
18:27:06.0140 0x16ac  [ 387E8DEDC343AA2D1EFBC30580273ACD, 5F3E642BDB759777E570ED5B22AC7E93CDCD362708F281657AD7BAB44EDEC802 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
18:27:06.0218 0x16ac  PCI - ok
18:27:06.0218 0x16ac  PCIDump - ok
18:27:06.0218 0x16ac  [ 59BA86D9A61CBCF4DF8E598C331F5B82, 822D11C5CE77BFD7B2F25350CCBF92B0B9388EEA6D86ED220B768C720976D839 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
18:27:06.0296 0x16ac  PCIIde - ok
18:27:06.0312 0x16ac  [ A2A966B77D61847D61A3051DF87C8C97, 6CED7CA26DC62B0AAFC83A2E07336DAD25954491201BB8E06103971F3F0B8B51 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
18:27:06.0375 0x16ac  Pcmcia - ok
18:27:06.0375 0x16ac  PDCOMP - ok
18:27:06.0390 0x16ac  PDFRAME - ok
18:27:06.0390 0x16ac  PDRELI - ok
18:27:06.0390 0x16ac  PDRFRAME - ok
18:27:06.0390 0x16ac  perc2 - ok
18:27:06.0390 0x16ac  perc2hib - ok
18:27:06.0421 0x16ac  [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] PlugPlay        C:\WINDOWS\system32\services.exe
18:27:06.0437 0x16ac  PlugPlay - ok
18:27:06.0453 0x16ac  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
18:27:06.0515 0x16ac  PolicyAgent - ok
18:27:06.0531 0x16ac  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:27:06.0593 0x16ac  PptpMiniport - ok
18:27:06.0593 0x16ac  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
18:27:06.0656 0x16ac  ProtectedStorage - ok
18:27:06.0656 0x16ac  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
18:27:06.0718 0x16ac  PSched - ok
18:27:06.0718 0x16ac  psdfilter - ok
18:27:06.0718 0x16ac  psdvdisk - ok
18:27:06.0734 0x16ac  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
18:27:06.0781 0x16ac  Ptilink - ok
18:27:06.0796 0x16ac  ql1080 - ok
18:27:06.0796 0x16ac  Ql10wnt - ok
18:27:06.0796 0x16ac  ql12160 - ok
18:27:06.0796 0x16ac  ql1240 - ok
18:27:06.0796 0x16ac  ql1280 - ok
18:27:06.0828 0x16ac  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:27:06.0875 0x16ac  RasAcd - ok
18:27:06.0921 0x16ac  [ F5BA6CACCDB66C8F048E867563203246, AFEAD8FC02313F7EBC8F9F39E7ED2868852B480BE3902FA7BD0AFD81492AB243 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
18:27:06.0984 0x16ac  RasAuto - ok
18:27:06.0984 0x16ac  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:27:07.0046 0x16ac  Rasl2tp - ok
18:27:07.0078 0x16ac  [ F9A7B66EA345726EDB5862A46B1ECCD5, 5D35429D394D36A1692A7E219BA1A85CD8096FEAE0F90BFE036A63118FEDBF57 ] RasMan          C:\WINDOWS\System32\rasmans.dll
18:27:07.0140 0x16ac  RasMan - ok
18:27:07.0140 0x16ac  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:27:07.0203 0x16ac  RasPppoe - ok
18:27:07.0234 0x16ac  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
18:27:07.0296 0x16ac  Raspti - ok
18:27:07.0312 0x16ac  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:27:07.0375 0x16ac  Rdbss - ok
18:27:07.0421 0x16ac  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
18:27:07.0500 0x16ac  RDPCDD - ok
18:27:07.0500 0x16ac  [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
18:27:07.0578 0x16ac  rdpdr - ok
18:27:07.0625 0x16ac  [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
18:27:07.0656 0x16ac  RDPWD - ok
18:27:07.0687 0x16ac  [ 263AF18AF0F3DB99F574C95F284CCEC9, 2BFA9952E97EFEB386FC56EC2C125080CD12DAC078DBE43C395CB4D9F22165D3 ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
18:27:07.0765 0x16ac  RDSessMgr - ok
18:27:07.0796 0x16ac  [ ED761D453856F795A7FE056E42C36365, EF026585B33415D8FCE94A9F27D7A4396C7C35C88E06A4CF0FEA702401E8597A ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
18:27:07.0875 0x16ac  redbook - ok
18:27:07.0906 0x16ac  [ 0E97EC96D6942CEEC2D188CC2EB69A01, D4253B4420BEF19451A55AB91E4834482181A31A31134F6E2AFE05C8E20C81A5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
18:27:07.0968 0x16ac  RemoteAccess - ok
18:27:08.0015 0x16ac  [ E4CD1F3D84E1C2CA0B8CF7501E201593, 649CC0B04F94D407EB6B4C7FDE2C6E4D2B1531307BC67C5775E44D66EF2E4F8A ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
18:27:08.0093 0x16ac  RemoteRegistry - ok
18:27:08.0140 0x16ac  [ 2AF094B1CE4725E4551F38FDA2348637, 80CB4987B3C3A66CC233738653A878A93783C1513C4898E0A475EB2101845DD4 ] RichVideo       C:\Programme\CyberLink\Shared Files\RichVideo.exe
18:27:08.0156 0x16ac  RichVideo - detected UnsignedFile.Multi.Generic ( 1 )
18:27:08.0156 0x16ac  RichVideo ( UnsignedFile.Multi.Generic ) - warning
18:27:10.0546 0x16ac  [ 2A02E21867497DF20B8FC95631395169, D89E2D17ED4E1C727847C0E92D2DF68AEB70BF0B956BD2FE024ED70A961759D2 ] RpcLocator      C:\WINDOWS\system32\locator.exe
18:27:10.0625 0x16ac  RpcLocator - ok
18:27:10.0656 0x16ac  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
18:27:10.0687 0x16ac  RpcSs - ok
18:27:10.0734 0x16ac  [ 4BDD71B4B521521499DFD14735C4F398, 7B1498D3C67E56D05B58B7DA319ECB0117C37963AABB0E59B42831C087469DA1 ] RSVP            C:\WINDOWS\system32\rsvp.exe
18:27:10.0796 0x16ac  RSVP - ok
18:27:10.0828 0x16ac  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] SamSs           C:\WINDOWS\system32\lsass.exe
18:27:10.0890 0x16ac  SamSs - ok
18:27:10.0906 0x16ac  [ DCEC079FAD95D36C8DD5CB6D779DFE32, F8546552D939A225853A0CE4913701A93738DF02C999D16E141E9A828814BBC6 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
18:27:10.0968 0x16ac  SCardSvr - ok
18:27:11.0015 0x16ac  [ A050194A44D7FA8D7186ED2F4E8367AE, BCDF56D5A2F9E202DC67E7FE4BCC617BCC0BDFF2D221A621020068B17B2855BB ] Schedule        C:\WINDOWS\system32\schedsvc.dll
18:27:11.0109 0x16ac  Schedule - ok
18:27:11.0125 0x16ac  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
18:27:11.0187 0x16ac  Secdrv - ok
18:27:11.0234 0x16ac  [ BEE4CFD1D48C23B44CF4B974B0B79B2B, DF3B02D713F8A4602BE75F004074D5DF79AFF2D58FF37110B2A6AC29F680758B ] seclogon        C:\WINDOWS\System32\seclogon.dll
18:27:11.0296 0x16ac  seclogon - ok
18:27:11.0390 0x16ac  [ FB8D34963EE4D7F8C061DFFC593F0EE1, 32EA16F7BAE52BE000263CD9D3A8CAFF392055CEE57D9732C1CEF86E2D24EA92 ] SecureStorageService C:\Programme\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe
18:27:11.0406 0x16ac  SecureStorageService - detected UnsignedFile.Multi.Generic ( 1 )
18:27:11.0406 0x16ac  SecureStorageService ( UnsignedFile.Multi.Generic ) - warning
18:27:13.0750 0x16ac  [ 2AAC9B6ED9EDDFFB721D6452E34D67E3, 95D83F054A6610328D56E56CD948A6618C590231853E56FC20E7557DB61384A4 ] SENS            C:\WINDOWS\system32\sens.dll
18:27:13.0828 0x16ac  SENS - ok
18:27:13.0859 0x16ac  [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
18:27:13.0937 0x16ac  serenum - ok
18:27:13.0968 0x16ac  [ CF24EB4F0412C82BCD1F4F35A025E31D, B74CB094126F5C23F601C34D53B2DF5BE3E5918230AC9DCFCFFA8E66B3A0FA25 ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
18:27:14.0062 0x16ac  Serial - ok
18:27:14.0093 0x16ac  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
18:27:14.0156 0x16ac  Sfloppy - ok
18:27:14.0234 0x16ac  [ CAD058D5F8B889A87CA3EB3CF624DCEF, A7CDCF44261D1F4D820927253EA8EBB63714B7BAFF8B08DE073507D9A7EEA5BB ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
18:27:14.0343 0x16ac  SharedAccess - ok
18:27:14.0390 0x16ac  [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
18:27:14.0406 0x16ac  ShellHWDetection - ok
18:27:14.0406 0x16ac  Simbad - ok
18:27:14.0437 0x16ac  [ 004179B6C039D39B71FBE3D07C5DFE79, 4B4FCD4F33D81AF6A787DD0F1DED84874961D3488A8E2B0BF1D4D1A9EFDD25BC ] SkypeUpdate     C:\Programme\Skype\Updater\Updater.exe
18:27:14.0453 0x16ac  SkypeUpdate - ok
18:27:14.0453 0x16ac  Sparrow - ok
18:27:14.0484 0x16ac  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
18:27:14.0546 0x16ac  splitter - ok
18:27:14.0609 0x16ac  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
18:27:14.0625 0x16ac  Spooler - ok
18:27:14.0671 0x16ac  [ 9263C8898732E2B890F7E954E7729AB7, DEBFD81E702893427972A6565A9AAA54A09B9F7F30CA9391011C6F7FB758A3F4 ] SQLWriter       C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe
18:27:14.0687 0x16ac  SQLWriter - ok
18:27:14.0718 0x16ac  [ 50FA898F8C032796D3B1B9951BB5A90F, 1C86273EC19EB96D6DB9CE6670C00683B77C99C42CC2F7E75BC50872B93446B1 ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
18:27:14.0812 0x16ac  sr - ok
18:27:14.0859 0x16ac  [ FE77A85495065F3AD59C5C65B6C54182, EB4BAF992F961B2FD5D24BFCB6BCB2142BC32933139A818835FEAB190E4283BB ] srservice       C:\WINDOWS\system32\srsvc.dll
18:27:14.0921 0x16ac  srservice - ok
18:27:14.0937 0x16ac  [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
18:27:14.0953 0x16ac  Srv - ok
18:27:14.0984 0x16ac  [ 4DF5B05DFAEC29E13E1ED6F6EE12C500, 2971D7D45D6942D310D47DBD19B9680D2D29527E79B86133C72217FD29259465 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
18:27:15.0062 0x16ac  SSDPSRV - ok
18:27:15.0109 0x16ac  [ BC2C5985611C5356B24AEB370953DED9, 15CBAB8166827DC098E2B16AB6F49A1441A4CB52AF3588F0AD964CAB596DFE10 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
18:27:15.0203 0x16ac  stisvc - ok
18:27:15.0234 0x16ac  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
18:27:15.0296 0x16ac  swenum - ok
18:27:15.0328 0x16ac  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
18:27:15.0421 0x16ac  swmidi - ok
18:27:15.0421 0x16ac  SwPrv - ok
18:27:15.0421 0x16ac  symc810 - ok
18:27:15.0421 0x16ac  symc8xx - ok
18:27:15.0437 0x16ac  sym_hi - ok
18:27:15.0437 0x16ac  sym_u3 - ok
18:27:15.0453 0x16ac  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
18:27:15.0531 0x16ac  sysaudio - ok
18:27:15.0562 0x16ac  [ 2903FFFA2523926D6219428040DCE6B9, 4F13181931B0499F6C3F08138054DBCD1F84CB9806999A9172B80DE79D446F62 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
18:27:15.0640 0x16ac  SysmonLog - ok
18:27:15.0687 0x16ac  [ 05903CAC4B98908D55EA5774775B382E, AC3666CBD894D737874A5998DC7F46A0A51A7B23B1835FC735B9AD503A2191CC ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
18:27:15.0781 0x16ac  TapiSrv - ok
18:27:15.0828 0x16ac  [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:27:15.0890 0x16ac  Tcpip - ok
18:27:15.0984 0x16ac  [ BA9202E263A6FC1FFD7889FEA186A2C4, 8085E1F5144F8E54EDBA283E3BACCFDC2D560B9BFBCC5C2BD0143E1A17646DAA ] tcsd_win32.exe  C:\Programme\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
18:27:16.0062 0x16ac  tcsd_win32.exe - detected UnsignedFile.Multi.Generic ( 1 )
18:27:16.0062 0x16ac  tcsd_win32.exe ( UnsignedFile.Multi.Generic ) - warning
18:27:16.0062 0x16ac  Force sending object to P2P due to detect: C:\Programme\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
18:27:18.0781 0x16ac  Object send P2P result: true
18:27:21.0171 0x16ac  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
18:27:21.0234 0x16ac  TDPIPE - ok
18:27:21.0250 0x16ac  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
18:27:21.0328 0x16ac  TDTCP - ok
18:27:21.0671 0x16ac  [ C32E6295D7D024B2302EFF1A7FEFD720, A9E5C78FD8765367863FFCA4954E52EEC77BE4956A6910CD09BBBF9D5BC96D4E ] TeamViewer9     C:\Programme\TeamViewer\Version9\TeamViewer_Service.exe
18:27:21.0828 0x16ac  TeamViewer9 - ok
18:27:21.0875 0x16ac  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
18:27:21.0953 0x16ac  TermDD - ok
18:27:21.0984 0x16ac  [ B7DE02C863D8F5A005A7BF375375A6A4, 6DE05A7B28CA5A78D58536347FC47F15883EEDBEF487CEA0117CC280FC582DCC ] TermService     C:\WINDOWS\System32\termsrv.dll
18:27:22.0078 0x16ac  TermService - ok
18:27:22.0109 0x16ac  [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] Themes          C:\WINDOWS\System32\shsvcs.dll
18:27:22.0125 0x16ac  Themes - ok
18:27:22.0156 0x16ac  [ 03681A1CE77F51586903869A5AB1DEAB, E2EC0A481412166B654682C2F3D953E96E757466135CBD2D813B967EDB13C721 ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
18:27:22.0234 0x16ac  TlntSvr - ok
18:27:22.0234 0x16ac  TosIde - ok
18:27:22.0281 0x16ac  [ 298572A7E0D5A63A90E134BB34CCACEB, 4B368C9DC7DC3F64884DA11F3F2E82C908EE909A35B3292D0AAE0DE98DB34D70 ] tpm             C:\WINDOWS\system32\DRIVERS\tpm.sys
18:27:22.0312 0x16ac  tpm - detected UnsignedFile.Multi.Generic ( 1 )
18:27:22.0312 0x16ac  tpm ( UnsignedFile.Multi.Generic ) - warning
18:27:24.0703 0x16ac  [ 626504572B175867F30F3215C04B3E2F, 47E87CE9BC666D5CB5953C5D497DC00A7CC28F8EC0A064B3E47700279C5C4B91 ] TrkWks          C:\WINDOWS\system32\trkwks.dll
18:27:24.0890 0x16ac  TrkWks - ok
18:27:24.0921 0x16ac  [ E0C67BE430C6DE490D6CCAECFA071F9E, 831858F9A07122FBE513FC56D79F39F973FC9BA757D509C113AA975DE8A70EE5 ] UBHelper        C:\WINDOWS\system32\drivers\UBHelper.sys
18:27:24.0921 0x16ac  UBHelper - detected UnsignedFile.Multi.Generic ( 1 )
18:27:24.0921 0x16ac  UBHelper ( UnsignedFile.Multi.Generic ) - warning
18:27:27.0296 0x16ac  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
18:27:27.0359 0x16ac  Udfs - ok
18:27:27.0359 0x16ac  ultra - ok
18:27:27.0468 0x16ac  [ 22C01FC9E65070514FEDC846D51B2E53, 9329CBB1E6950DF0C9CC5E385636E99D797257A21823961F8FA408ECBEAD2297 ] UNS             C:\Programme\Gemeinsame Dateien\Intel\Privacy Icon\UNS\UNS.exe
18:27:27.0562 0x16ac  UNS - ok
18:27:27.0609 0x16ac  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
18:27:27.0687 0x16ac  Update - ok
18:27:27.0703 0x16ac  [ 1DFD8975D8C89214B98D9387C1125B49, 0B6B268487C8E45E9B86BF4A0A9DB669E0E45D600DE3C82B63F9986CA9E01082 ] upnphost        C:\WINDOWS\System32\upnphost.dll
18:27:27.0781 0x16ac  upnphost - ok
18:27:27.0796 0x16ac  [ 9B11E6118958E63E1FEF129466E2BDA7, 97168BCE3F4A9BB9E6500F05E34851FB957B219C598944FADC28AC0011C0503B ] UPS             C:\WINDOWS\System32\ups.exe
18:27:27.0875 0x16ac  UPS - ok
18:27:27.0906 0x16ac  [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
18:27:27.0937 0x16ac  usbccgp - ok
18:27:27.0953 0x16ac  [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
18:27:27.0968 0x16ac  usbehci - ok
18:27:28.0000 0x16ac  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
18:27:28.0062 0x16ac  usbhub - ok
18:27:28.0093 0x16ac  [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
18:27:28.0156 0x16ac  usbprint - ok
18:27:28.0218 0x16ac  [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
18:27:28.0218 0x16ac  usbscan - ok
18:27:28.0265 0x16ac  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
18:27:28.0328 0x16ac  USBSTOR - ok
18:27:28.0359 0x16ac  [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
18:27:28.0453 0x16ac  usbuhci - ok
18:27:28.0484 0x16ac  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
18:27:28.0578 0x16ac  VgaSave - ok
18:27:28.0578 0x16ac  ViaIde - ok
18:27:28.0625 0x16ac  [ A5A712F4E880874A477AF790B5186E1D, FE885ED04C3EAFC379787F836738A2769E43D07CF52DD917D90C38E001957A5E ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
18:27:28.0687 0x16ac  VolSnap - ok
18:27:28.0718 0x16ac  [ 68F106273BE29E7B7EF8266977268E78, 1488AB7A654EBC94C73E1D494067189ACB95BC233980110CAC4C0297CDC4115A ] VSS             C:\WINDOWS\System32\vssvc.exe
18:27:28.0796 0x16ac  VSS - ok
18:27:29.0031 0x16ac  [ 3456619FC9CF2941084809B5D9E955BB, AF1CF7C4C35AC75E55CC4F2C23525B99E989202B3212B6590F4E003C874A2B03 ] vToolbarUpdater17.0.1 C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\17.0.1\ToolbarUpdater.exe
18:27:29.0109 0x16ac  vToolbarUpdater17.0.1 - ok
18:27:29.0187 0x16ac  [ 7B353059E665F8B7AD2BBEAEF597CF45, 84A4311F18A4B8DCB364741DEA7D18E2363F19564B2EF25214965DC729527068 ] W32Time         C:\WINDOWS\system32\w32time.dll
18:27:29.0250 0x16ac  W32Time - ok
18:27:29.0281 0x16ac  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:27:29.0343 0x16ac  Wanarp - ok
18:27:29.0359 0x16ac  Wave UCSPlus - ok
18:27:29.0390 0x16ac  [ 2C88100C5691C1E283E283553BEE2729, D84FD669F758F73AA26B1A6962AA4347A10A8CC0638FEE5F30FDAACD2FE09F92 ] WaveEnrollmentService C:\Programme\Wave Systems Corp\Authentication Manager\WaveEnrollmentService.exe
18:27:29.0406 0x16ac  WaveEnrollmentService - detected UnsignedFile.Multi.Generic ( 1 )
18:27:29.0406 0x16ac  WaveEnrollmentService ( UnsignedFile.Multi.Generic ) - warning
18:27:31.0781 0x16ac  [ 8D08539A4B17A0CFEF623CCB7AFB70D3, 2CADF8AA856F5B98D4F1262839507C1D4A2A5972C1A5FF099D77D6492D6F0F3B ] WavxDMgr        C:\WINDOWS\system32\DRIVERS\WavxDMgr.sys
18:27:31.0796 0x16ac  WavxDMgr - ok
18:27:31.0796 0x16ac  WDICA - ok
18:27:31.0812 0x16ac  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
18:27:31.0890 0x16ac  wdmaud - ok
18:27:31.0968 0x16ac  [ 81727C9873E3905A2FFC1EBD07265002, 6AC2383A1DCBB7FA3DB90FBB874C8E1819F5B7492717FF41E303EFC7BF72F93E ] WebClient       C:\WINDOWS\System32\webclnt.dll
18:27:32.0031 0x16ac  WebClient - ok
18:27:32.0125 0x16ac  [ 6F3F3973D97714CC5F906A19FE883729, 7817118BE94D0F6FAE0F9CE48AD70FFE0AEF886CCE09C666768FAB61047F992F ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
18:27:32.0218 0x16ac  winmgmt - ok
18:27:32.0281 0x16ac  [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
18:27:32.0296 0x16ac  WmdmPmSN - ok
18:27:32.0328 0x16ac  [ FFA4D901D46D07A5BAB2D8307FBB51A6, 53C6D04D111EDF774C7F7EEB8D032B372E6244774D56B1B34CF1236027EC9450 ] Wmi             C:\WINDOWS\System32\advapi32.dll
18:27:32.0359 0x16ac  Wmi - ok
18:27:32.0406 0x16ac  [ C42584FD66CE9E17403AEBCA199F7BDB, E3F2E1066F36AE5D33D4482239B2E556BE0C137923C9A120DFB36EC82F2E77B0 ] WmiAcpi         C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
18:27:32.0468 0x16ac  WmiAcpi - ok
18:27:32.0609 0x16ac  [ 93908111BA57A6E60EC2FA2DE202105C, F395F25F18D15C6B9FEDB45FD31E10295FFE5517E2BC86ACAC11904EA0664BE2 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
18:27:32.0687 0x16ac  WmiApSrv - ok
18:27:32.0765 0x16ac  [ BF05650BB7DF5E9EBDD25974E22403BB, AF173D89B768CFC7AB03DFADD4F049CAC40AC59A0C9208AF5AB92CB368983077 ] WMPNetworkSvc   C:\Programme\Windows Media Player\WMPNetwk.exe
18:27:32.0828 0x16ac  WMPNetworkSvc - ok
18:27:32.0859 0x16ac  [ CF4DEF1BF66F06964DC0D91844239104, CC1D9CECE2056D29A9651D51BB57C3F4F9BF9E90A4808CF7496C683C874FBD51 ] WpdUsb          C:\WINDOWS\system32\DRIVERS\wpdusb.sys
18:27:32.0859 0x16ac  WpdUsb - ok
18:27:32.0968 0x16ac  [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
18:27:33.0000 0x16ac  WPFFontCache_v0400 - ok
18:27:33.0046 0x16ac  [ 300B3E84FAF1A5C1F791C159BA28035D, 0194856BDF94C1F274AF70AD558290ACDACDDEA331BD66FEB8E167ABD1E36786 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
18:27:33.0125 0x16ac  wscsvc - ok
18:27:33.0171 0x16ac  [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085, A1DB8909FA73337DB613D01824945485186654364A4DF129B8CB913CF87D1D2E ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
18:27:33.0250 0x16ac  wuauserv - ok
18:27:33.0296 0x16ac  [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
18:27:33.0312 0x16ac  WudfPf - ok
18:27:33.0328 0x16ac  [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
18:27:33.0343 0x16ac  WudfRd - ok
18:27:33.0390 0x16ac  [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
18:27:33.0421 0x16ac  WudfSvc - ok
18:27:33.0468 0x16ac  [ C4F109C005F6725162D2D12CA751E4A7, AC996B44338328BDD4442FE48406F286A64526F0EC77BE00A19FA7FDB0407CFE ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
18:27:33.0578 0x16ac  WZCSVC - ok
18:27:33.0609 0x16ac  [ 0ADA34871A2E1CD2CAAFED1237A47750, 45BEF8649078BD74C1A347B5F2D3A1958E5A7DCD6C6BA8A2E0CAD277A929C64E ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
18:27:33.0687 0x16ac  xmlprov - ok
18:27:33.0687 0x16ac  ================ Scan global ===============================
18:27:33.0734 0x16ac  [ 2C60091CA5F67C3032EAB3B30390C27F, 9E205C8E67F4B61FCFA2A82AA1968D522C3B6410D7075BE813F7F1564D61632E ] C:\WINDOWS\system32\basesrv.dll
18:27:33.0781 0x16ac  [ E62178BC21EAC63A3B9A2DBD46C1B505, CAA5480CC4DAA37758F0CF445F865FD6F4630080B044EF2E606C2F62DAA4061A ] C:\WINDOWS\system32\winsrv.dll
18:27:33.0796 0x16ac  [ E62178BC21EAC63A3B9A2DBD46C1B505, CAA5480CC4DAA37758F0CF445F865FD6F4630080B044EF2E606C2F62DAA4061A ] C:\WINDOWS\system32\winsrv.dll
18:27:33.0796 0x16ac  [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] C:\WINDOWS\system32\services.exe
18:27:33.0812 0x16ac  [ Global ] - ok
18:27:33.0812 0x16ac  ================ Scan MBR ==================================
18:27:33.0828 0x16ac  [ BEEDF9B7F43A72A91456F7131AFC11B2 ] \Device\Harddisk0\DR0
18:27:34.0062 0x16ac  \Device\Harddisk0\DR0 - ok
18:27:34.0062 0x16ac  ================ Scan VBR ==================================
18:27:34.0078 0x16ac  [ 8103BEF32C9DB3714583420008773047 ] \Device\Harddisk0\DR0\Partition1
18:27:34.0078 0x16ac  \Device\Harddisk0\DR0\Partition1 - ok
18:27:34.0093 0x16ac  AV detected via SS1: Kaspersky Internet Security, 13.0.1.4190, enabled, updated
18:27:34.0093 0x16ac  FW detected via SS1: Kaspersky Internet Security, 13.0.1.4190, enabled
18:27:36.0437 0x16ac  ============================================================
18:27:36.0437 0x16ac  Scan finished
18:27:36.0437 0x16ac  ============================================================
18:27:36.0453 0x16a4  Detected object count: 11
18:27:36.0453 0x16a4  Actual detected object count: 11
18:27:45.0359 0x16a4  BrPar ( UnsignedFile.Multi.Generic ) - skipped by user
18:27:45.0359 0x16a4  BrPar ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:27:45.0359 0x16a4  GoogleDesktopManager-080708-050100 ( UnsignedFile.Multi.Generic ) - skipped by user
18:27:45.0359 0x16a4  GoogleDesktopManager-080708-050100 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:27:45.0359 0x16a4  IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
18:27:45.0359 0x16a4  IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:27:45.0359 0x16a4  LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
18:27:45.0359 0x16a4  LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:27:45.0359 0x16a4  NTIDrvr ( UnsignedFile.Multi.Generic ) - skipped by user
18:27:45.0359 0x16a4  NTIDrvr ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:27:45.0359 0x16a4  RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
18:27:45.0359 0x16a4  RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:27:45.0359 0x16a4  SecureStorageService ( UnsignedFile.Multi.Generic ) - skipped by user
18:27:45.0359 0x16a4  SecureStorageService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:27:45.0359 0x16a4  tcsd_win32.exe ( UnsignedFile.Multi.Generic ) - skipped by user
18:27:45.0359 0x16a4  tcsd_win32.exe ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:27:45.0359 0x16a4  tpm ( UnsignedFile.Multi.Generic ) - skipped by user
18:27:45.0359 0x16a4  tpm ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:27:45.0375 0x16a4  UBHelper ( UnsignedFile.Multi.Generic ) - skipped by user
18:27:45.0375 0x16a4  UBHelper ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:27:45.0375 0x16a4  WaveEnrollmentService ( UnsignedFile.Multi.Generic ) - skipped by user
18:27:45.0375 0x16a4  WaveEnrollmentService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:32:11.0468 0x1644  Deinitialize success
         

Alt 10.02.2014, 16:16   #5
schrauber
/// the machine
/// TB-Ausbilder
 

Hilfe! Malware/Backdoor gefunden & Outlook stürzt nach Start ab - Standard

Hilfe! Malware/Backdoor gefunden & Outlook stürzt nach Start ab



Passt soweit.


Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.


__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 10.02.2014, 23:21   #6
dgone
 
Hilfe! Malware/Backdoor gefunden & Outlook stürzt nach Start ab - Standard

Hilfe! Malware/Backdoor gefunden & Outlook stürzt nach Start ab



Moin moin Schrauber,

mal wieder danke für deine Antwort.

Es ist soeben die Überlegung gereift, den PC zu ersetzen. Das Windows ist alt, der SMART-Status der Platte ist auch nicht mehr so dolle. Somit können wir das hier vermutlich abkürzen und du musst nicht unnütz deine Zeit opfern.
Wie das so ist, würde ich gerne die Daten von der Platte retten, allerdings traue ich mich da nicht so recht ran, denn in einem Log stand das ein MBR infiziert ist.
Wenn die Platte an einem anderen Rechner über so'nen USB HDD-Dock betrieben wird, laufe ich Gefahr mir die Infektion auf den anderen Rechner zu ziehen, oder wie sieht dat aus?

Falls ja, gibt es ne andere simple Art und Weise die Daten runterzuholen?

Bis denn dann...

PS: Combofix meckerte erst, dass es veraltet ist und nur eingeschränkt läuft, dann wurde noch die Wiederherstellungskonsole nachinstalliert. Dazu wurde Internet wieder verbunden, Kaspersky angeworfen und vor dem Scan wieder deaktiviert.


Combofix Log
Code:
ATTFilter
ComboFix 14-02-05.02 - TanzZeit 10.02.2014  23:24:33.1.2 - x86
Microsoft Windows XP Professional  5.1.2600.3.1252.49.1031.18.3021.2347 [GMT 1:00]
ausgeführt von:: c:\dokumente und einstellungen\TanzZeit\Eigene Dateien\Downloads\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Updated* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *Disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
.
- REDUZIERTER FUNKTIONALITÄTSMODUS -
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\Cache
c:\windows\system32\Cache\0722854d66fa0718.fb
c:\windows\system32\Cache\0ec7aaf51fb13ef8.fb
c:\windows\system32\Cache\16b7cfba39dd8666.fb
c:\windows\system32\Cache\26c630d098e22dd5.fb
c:\windows\system32\Cache\272512937d9e61a4.fb
c:\windows\system32\Cache\287204568329e189.fb
c:\windows\system32\Cache\28bc8f716fd76a47.fb
c:\windows\system32\Cache\28c68deefc18e08c.fb
c:\windows\system32\Cache\31a0997e9a5b5eb3.fb
c:\windows\system32\Cache\3274c8c1daa7e682.fb
c:\windows\system32\Cache\32c84fe32bb74d60.fb
c:\windows\system32\Cache\3917078cb68ec657.fb
c:\windows\system32\Cache\3e6ab7d2e6386180.fb
c:\windows\system32\Cache\43b0b6cd197ff57f.fb
c:\windows\system32\Cache\590ba23ce359fd0c.fb
c:\windows\system32\Cache\610289e025a3ee9a.fb
c:\windows\system32\Cache\621d521a62cb9cad.fb
c:\windows\system32\Cache\651c5d3cdbfb8bd1.fb
c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb
c:\windows\system32\Cache\6d03dad1035885d3.fb
c:\windows\system32\Cache\95f567698be8a182.fb
c:\windows\system32\Cache\9dc6c22d3b8dcee9.fb
c:\windows\system32\Cache\a8556537add6dfc5.fb
c:\windows\system32\Cache\ad10a52aff5e038d.fb
c:\windows\system32\Cache\c1fa887b03019701.fb
c:\windows\system32\Cache\c4d28dca2e7648be.fb
c:\windows\system32\Cache\d201ef9910cd39de.fb
c:\windows\system32\Cache\d2e94710a5708128.fb
c:\windows\system32\Cache\d79b9dfe81484ec4.fb
c:\windows\system32\Cache\f998975c9cc711ee.fb
c:\windows\system32\test
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-01-10 bis 2014-02-10  ))))))))))))))))))))))))))))))
.
.
2014-02-10 09:34 . 2014-02-10 09:34	--------	d-----w-	c:\programme\CrystalDiskInfo
2014-02-09 14:07 . 2014-02-09 14:07	--------	d-----w-	C:\AdwCleaner
2014-02-09 14:00 . 2014-02-09 14:01	--------	d-----w-	C:\FRST
2014-02-09 07:09 . 2014-02-09 16:55	--------	d-----w-	c:\dokumente und einstellungen\TanzZeit\Anwendungsdaten\U3
2014-01-31 07:46 . 2014-01-31 07:46	--------	d-----w-	c:\dokumente und einstellungen\LocalService\Anwendungsdaten\McAfee
2014-01-22 10:31 . 2014-01-22 15:12	74336	----a-w-	c:\windows\system32\drivers\klflt.sys
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-07 09:16 . 2012-11-09 10:52	692616	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2014-02-07 09:16 . 2011-07-05 08:34	71048	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2014-01-22 15:12 . 2012-08-13 15:49	145040	----a-w-	c:\windows\system32\drivers\kneps.sys
2014-01-22 15:12 . 2012-06-08 10:38	44000	----a-w-	c:\windows\system32\drivers\kltdi.sys
2014-01-22 15:12 . 2012-05-25 18:38	24160	----a-w-	c:\windows\system32\drivers\klkbdflt.sys
2014-01-22 15:12 . 2009-11-02 18:27	24672	----a-w-	c:\windows\system32\drivers\klmouflt.sys
2014-01-22 15:12 . 2012-06-19 16:28	135776	----a-w-	c:\windows\system32\drivers\kl1.sys
2013-11-27 20:21 . 2008-04-15 03:00	40960	----a-w-	c:\windows\system32\drivers\ndproxy.sys
2013-11-13 02:59 . 2008-04-15 03:00	150528	----a-w-	c:\windows\system32\imagehlp.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2013-09-30 08:32	3353624	----a-w-	c:\programme\AVG Secure Search\17.0.0.9\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\programme\AVG Secure Search\17.0.0.9\AVG Secure Search_toolbar.dll" [2013-09-30 3353624]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	131248	----a-w-	c:\dokumente und einstellungen\TanzZeit\Anwendungsdaten\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	131248	----a-w-	c:\dokumente und einstellungen\TanzZeit\Anwendungsdaten\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	131248	----a-w-	c:\dokumente und einstellungen\TanzZeit\Anwendungsdaten\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	131248	----a-w-	c:\dokumente und einstellungen\TanzZeit\Anwendungsdaten\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"="c:\dokumente und einstellungen\TanzZeit\Anwendungsdaten\Spotify\Data\SpotifyWebHelper.exe" [2014-01-16 1171968]
"Skype"="c:\programme\Skype\Phone\Skype.exe" [2013-07-25 20681584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"vProt"="c:\programme\AVG Secure Search\vprot.exe" [2013-09-30 2404376]
"SunJavaUpdateSched"="c:\programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [2013-07-02 254336]
"APSDaemon"="c:\programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"QuickTime Task"="c:\programme\QuickTime\QTTask.exe" [2013-05-01 421888]
"AVP"="c:\programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe" [2014-01-22 356128]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360]
.
c:\dokumente und einstellungen\TanzZeit\Startmenü\Programme\Autostart\
Dropbox.lnk - c:\dokumente und einstellungen\TanzZeit\Anwendungsdaten\Dropbox\bin\Dropbox.exe /systemstartup [2014-1-3 30714328]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages	REG_MULTI_SZ   	msv1_0 wvauth
.
[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^WinZip Quick Pick.lnk]
path=c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\WinZip Quick Pick.lnk
backup=c:\windows\pss\WinZip Quick Pick.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^TanzZeit^Startmenü^Programme^Autostart^Dropbox.lnk]
path=c:\dokumente und einstellungen\TanzZeit\Startmenü\Programme\Autostart\Dropbox.lnk
backup=c:\windows\pss\Dropbox.lnkStartup
.
[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^TanzZeit^Startmenü^Programme^Autostart^OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk]
path=c:\dokumente und einstellungen\TanzZeit\Startmenü\Programme\Autostart\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
backup=c:\windows\pss\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2011-03-29 19:59	937920	----a-r-	c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-08-31 01:57	40368	----a-w-	c:\programme\Adobe\Reader 8.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2008-06-19 23:20	57344	----a-w-	c:\windows\Alcmtr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2013-04-21 19:43	59720	----a-w-	c:\programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EmbassySecurityCheck]
2008-07-19 07:37	75064	----a-w-	c:\programme\Wave Systems Corp\Embassy Security Setup\EmbassySecurityCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eRecoveryService]
2007-07-11 13:07	421888	----a-w-	c:\acer\Empowering Technology\eRecovery\eRAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
2011-02-23 13:15	24064	----a-w-	c:\programme\Google\Google Desktop Search\GoogleDesktop.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2013-01-14 13:41	116648	----atw-	c:\dokumente und einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2008-10-27 04:31	178712	----a-w-	c:\windows\system32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2010-03-12 11:08	49208	----a-w-	c:\programme\HP\HP Software Update\hpwuschd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
2008-07-20 15:45	182808	----a-w-	c:\programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2008-10-27 04:31	150040	----a-w-	c:\windows\system32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMEKRMIG6.1]
2008-04-15 03:00	44032	----a-w-	c:\windows\ime\imkr6_1\imekrmig.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
2008-04-15 03:00	208952	----a-w-	c:\windows\ime\imjp8_1\imjpmig.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
2007-01-08 20:17	52256	----a-w-	c:\programme\CyberLink\PowerDVD\Language\Language.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 05:52	1695232	------w-	c:\programme\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002]
2008-04-15 03:00	59392	----a-w-	c:\windows\system32\IME\PINTLGNT\IMSCINST.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2008-10-27 04:31	150040	----a-w-	c:\windows\system32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
2008-04-15 03:00	455168	----a-w-	c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
2008-04-15 03:00	455168	----a-w-	c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\picon]
2008-07-25 00:43	773144	----a-w-	c:\programme\Gemeinsame Dateien\Intel\Privacy Icon\PrivacyIconClient.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2013-05-01 01:59	421888	----a-w-	c:\programme\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2007-01-08 20:26	68640	------w-	c:\programme\CyberLink\PowerDVD\PDVDServ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2008-06-20 23:57	16872448	----a-w-	c:\windows\RTHDCPL.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SecureUpgrade]
2008-07-19 07:37	218424	----a-w-	c:\programme\Wave Systems Corp\SecureUpgrade.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify]
2014-01-16 12:26	6118400	----a-w-	c:\dokumente und einstellungen\TanzZeit\Anwendungsdaten\Spotify\spotify.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
2014-01-16 12:26	1171968	----a-w-	c:\dokumente und einstellungen\TanzZeit\Anwendungsdaten\Spotify\Data\SpotifyWebHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt]
2013-09-30 08:32	2404376	----a-w-	c:\programme\AVG Secure Search\vprot.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WavXMgr]
2008-05-10 14:20	92160	----a-w-	c:\programme\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programme\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Dokumente und Einstellungen\\TanzZeit\\Anwendungsdaten\\Dropbox\\bin\\Dropbox.exe"=
"c:\\Dokumente und Einstellungen\\TanzZeit\\Anwendungsdaten\\Spotify\\spotify.exe"=
"c:\\Programme\\Skype\\Phone\\Skype.exe"=
"c:\\Programme\\Gemeinsame Dateien\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Programme\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Programme\\TeamViewer\\Version9\\TeamViewer.exe"=
"c:\\Programme\\TeamViewer\\Version9\\TeamViewer_Service.exe"=
.
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [10.10.2012 10:14 37664]
R1 kltdi;kltdi;c:\windows\system32\drivers\kltdi.sys [08.06.2012 11:38 44000]
R1 kneps;kneps;c:\windows\system32\drivers\kneps.sys [13.08.2012 16:49 145040]
R2 TeamViewer9;TeamViewer 9;c:\programme\TeamViewer\Version9\TeamViewer_Service.exe [09.02.2014 08:42 4915040]
R2 UNS;Intel(R) Active Management Technology User Notification Service;c:\programme\Gemeinsame Dateien\Intel\Privacy Icon\UNS\UNS.exe [25.07.2008 01:43 2054680]
R2 vToolbarUpdater17.0.1;vToolbarUpdater17.0.1;c:\programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\17.0.1\ToolbarUpdater.exe [30.09.2013 09:33 1734680]
R2 Wave UCSPlus;Wave UCSPlus;c:\windows\system32\dllhost.exe [15.04.2008 04:00 5120]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\drivers\e1k5132.sys [05.06.2008 19:58 144480]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [23.02.2011 14:09 110080]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [07.05.2010 11:06 35672]
R3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\drivers\klkbdflt.sys [25.05.2012 19:38 24160]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [02.11.2009 19:27 24672]
S2 eLock2BurnerLockDriver;eLock2BurnerLockDriver;\??\c:\windows\system32\eLock2BurnerLockDriver.sys --> c:\windows\system32\eLock2BurnerLockDriver.sys [?]
S2 eLock2FSCTLDriver;eLock2FSCTLDriver;\??\c:\windows\system32\eLock2FSCTLDriver.sys --> c:\windows\system32\eLock2FSCTLDriver.sys [?]
S2 SkypeUpdate;Skype Updater;c:\programme\Skype\Updater\Updater.exe [25.07.2013 08:10 162672]
S3 GoogleDesktopManager-080708-050100;Google Desktop Manager 5.7.808.7150;c:\programme\Google\Google Desktop Search\GoogleDesktop.exe [23.02.2011 14:14 24064]
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ecdf0dfd-9158-11e3-82cd-0025115cacdd}]
\Shell\AutoRun\command - E:\LaunchU3.exe -a
.
Inhalt des "geplante Tasks" Ordners
.
2014-02-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-30 09:16]
.
2014-01-25 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programme\Apple Software Update\SoftwareUpdate.exe [2011-06-01 16:57]
.
2014-02-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programme\Google\Update\GoogleUpdate.exe [2012-10-11 09:52]
.
2014-02-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programme\Google\Update\GoogleUpdate.exe [2012-10-11 09:52]
.
2014-02-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3576300238-2120361324-1700292190-1008Core.job
- c:\dokumente und einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe [2013-01-14 13:41]
.
2014-02-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3576300238-2120361324-1700292190-1008UA.job
- c:\dokumente und einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe [2013-01-14 13:41]
.
2014-07-28 c:\windows\Tasks\User_Feed_Synchronization-{D74B1C07-CFA8-485D-AABD-998DFEB0D07B}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 03:31]
.
.
------- Zusätzlicher Suchlauf -------
.
uInternet Connection Wizard,ShellNext = "c:\programme\Outlook Express\msimn.exe"
uSearchAssistant = hxxp://www.bing.com/search?q={searchTerms}
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\programme\Gemeinsame Dateien\AVG Secure Search\ViProtocolInstaller\17.0.1\ViProtocol.dll
FF - ProfilePath - c:\dokumente und einstellungen\TanzZeit\Anwendungsdaten\Mozilla\Firefox\Profiles\l8xle910.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/ncr
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?rls=org.mozilla:en-US:official&client=firefox-a&q=
FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_def&mntrId=b09064800000000000000025115cacdd&q=
FF - user.js: extensions.BabylonToolbar.id - b09064800000000000000025115cacdd
FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB}
FF - user.js: extensions.BabylonToolbar.instlDay - 15624
FF - user.js: extentions.y2layers.installId - ab3d0708-e39c-4c61-a6d7-7ffd1eda15f4
FF - user.js: extentions.y2layers.defaultEnableAppsList - DropDownDeals,BestVideoDownloader,EzLooker,TwitTube,TopRelatedTopics,Buzzdock,
FF - user.js: extensions.BabylonToolbar.vrsni - 1.8.0.7
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.8.0.711:17
FF - user.js: extensions.BabylonToolbar.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar.tlbrId - tb9
FF - user.js: extensions.BabylonToolbar.instlRef - sst
FF - user.js: extensions.BabylonToolbar.dfltLng - en
FF - user.js: extensions.BabylonToolbar.excTlbr - false
FF - user.js: extensions.BabylonToolbar.admin - false
FF - user.js: browser.search.defaultenginename - Google
FF - user.js: browser.search.selectedEngine - Google
FF - user.js: browser.startup.homepage - hxxp://www.google.de/ncr
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
MSConfigStartUp-eDataSecurity Loader - c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe
MSConfigStartUp-IminentMessenger - c:\programme\Iminent\Iminent.Messengers.exe
MSConfigStartUp-Optimizer Pro - c:\programme\Optimizer Pro\OptProLauncher.exe
AddRemove-BabylonToolbar - c:\programme\BabylonToolbar\BabylonToolbar\1.8.0.7\uninstall.exe
AddRemove-McAfee Security Scan - c:\programme\McAfee Security Scan\uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2014-02-10 23:25
Windows 5.1.2600 Service Pack 3 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
.
c:\dokume~1\TanzZeit\LOKALE~1\Temp\catchme.dll 53248 bytes executable
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 1
.
**************************************************************************
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'lsass.exe'(1232)
c:\windows\system32\wvauth.dll
c:\windows\system32\biolsp.dll
.
Zeit der Fertigstellung: 2014-02-10  23:26:52
ComboFix-quarantined-files.txt  2014-02-10 22:26
.
Vor Suchlauf: 18 Verzeichnis(se), 181.845.925.888 Bytes frei
Nach Suchlauf: 21 Verzeichnis(se), 187.126.140.928 Bytes frei
.
WindowsXP-KB310994-SP2-Pro-BootDisk-DEU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 28954F8A5AC84618A8CCB7015FDB5558
BEEDF9B7F43A72A91456F7131AFC11B2
         

Geändert von dgone (10.02.2014 um 23:39 Uhr) Grund: Log angefügt

Alt 11.02.2014, 18:09   #7
schrauber
/// the machine
/// TB-Ausbilder
 

Hilfe! Malware/Backdoor gefunden & Outlook stürzt nach Start ab - Standard

Hilfe! Malware/Backdoor gefunden & Outlook stürzt nach Start ab



MBR schauen wir uns kurz an:

Lade dir bitte Emsisoft MBR Master herunter und speichere es auf den Desktop.
  • Führe die mbrmastr.exe aus.
  • Drücke auf Backup MBR und speichere es als emsi auf den Desktop.
  • Schliesse dann das Programm wieder.
  • Packe die erstellte emsi.mbr in ein zip-Archiv (Rechtsklick -> Senden an -> Zip-komprimierten Ordner) und hänge die Datei hier an.
  • Auf dem Desktop wird ebenfalls eine Textdatei MBRMastr_<date>_<time>.txt erstellt. Poste deren Inhalt bitte hier.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 11.02.2014, 22:17   #8
dgone
 
Hilfe! Malware/Backdoor gefunden & Outlook stürzt nach Start ab - Standard

Hilfe! Malware/Backdoor gefunden & Outlook stürzt nach Start ab



Mahlzeit,

hier die Ergebnisse von Emsi MBRmaster:

Code:
ATTFilter
Detected Windows version: 5.1 Build 2600 Service Pack 3
Installing direct disk access driver ...
Driver connection handle: 0x00000094
1 valid drive(s) found.

Details for Disk 0 - Intel Raid 1 Volume Rev 1.0.:
  Device name              : \\.\PhysicalDrive0
  Geometry (C/H/S)         : 38913/255/63
  Boot loader reputation   : Unknown
  Cross view comparison    : Passed
  Partition table integrity: Passed

  Boot loader hashes
    SHA-1                  : 00DA077E92625BC67BBA239DB4218A4A12648922
    MD5                    : BEEDF9B7F43A72A91456F7131AFC11B2
         

Und mal wieder Danke!

Alt 12.02.2014, 18:21   #9
schrauber
/// the machine
/// TB-Ausbilder
 

Hilfe! Malware/Backdoor gefunden & Outlook stürzt nach Start ab - Standard

Hilfe! Malware/Backdoor gefunden & Outlook stürzt nach Start ab



Die Datei emsi.zip bitte mal bei www.virustotal.com scannen lassen.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 12.02.2014, 18:28   #10
dgone
 
Hilfe! Malware/Backdoor gefunden & Outlook stürzt nach Start ab - Standard

Hilfe! Malware/Backdoor gefunden & Outlook stürzt nach Start ab



es scheint mir, als wenn da nix gefunden wurde...Das heißt der MBR ist sauber? Das würde allerdings einem vorigen Scan widersprechen... *kopfkratz* ...widerspricht dem Scan mit GMER

Geändert von dgone (12.02.2014 um 18:30 Uhr) Grund: letzten "Satz" ergänzt

Alt 13.02.2014, 21:17   #11
schrauber
/// the machine
/// TB-Ausbilder
 

Hilfe! Malware/Backdoor gefunden & Outlook stürzt nach Start ab - Standard

Hilfe! Malware/Backdoor gefunden & Outlook stürzt nach Start ab



Lösche bitte mal Combofix und lade es neu, lass es laufen. Ich glaub GMER zeigt da Schmarn an.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Hilfe! Malware/Backdoor gefunden & Outlook stürzt nach Start ab
administrator, adobe, adware, avg, avg security toolbar, backdoor.agent.fpa, bluescreen, desktop, dllhost.exe, ebanking, einstellungen, explorer, google, internet, kaspersky, mozilla, newtab, problem, programm, programme, pup.optional.iminent.a, pup.optional.snapdo.a, registry, scan, secure search, smartbar, software, spotify web helper, tastatur, vtoolbarupdater



Ähnliche Themen: Hilfe! Malware/Backdoor gefunden & Outlook stürzt nach Start ab


  1. Bitdefender meldet nach Start von Firefox virtualcloudnow.com Malware
    Plagegeister aller Art und deren Bekämpfung - 26.04.2015 (13)
  2. Backdoor.Bot - gefunden durch Malewarebytes Anti Malware
    Plagegeister aller Art und deren Bekämpfung - 10.03.2015 (5)
  3. Beim Virenscan Malware backdoor.win32.androm.eutw gefunden
    Log-Analyse und Auswertung - 25.10.2014 (9)
  4. Windows 7: Firefox stürzt nach Start sofort ab
    Log-Analyse und Auswertung - 19.09.2014 (15)
  5. Computer stürzt kurz nach Windows Start ab - abgesicherter Modus funktioniert
    Log-Analyse und Auswertung - 11.08.2014 (11)
  6. Malwarebytes Anti-Malware angesprungen + wgsdgsdgdsgsd.dll Fehlermeldung nach Start
    Plagegeister aller Art und deren Bekämpfung - 16.12.2013 (9)
  7. Nach Wiederherstellung Trojan.Banker und Backdoor.bot gefunden
    Log-Analyse und Auswertung - 13.10.2013 (29)
  8. Trojane/Malware etc. , weißer Monitor nach Start !
    Log-Analyse und Auswertung - 30.05.2013 (17)
  9. Weißer Bildschirm bei Windows XP nach start - zuvor Malware gefunden
    Log-Analyse und Auswertung - 23.05.2013 (19)
  10. "Explorer.exe" stürzt nach start von Windows 7 ab
    Log-Analyse und Auswertung - 15.10.2012 (1)
  11. PC stürzt kurze Zeit nach jeweils erstem Start ab oder friert ein
    Plagegeister aller Art und deren Bekämpfung - 28.12.2011 (1)
  12. Nach Start Fehler nach Laden xxxx.dll Modul wurde nicht gefunden
    Log-Analyse und Auswertung - 19.09.2011 (6)
  13. Problem 'BDS/VB.mar' [backdoor]. gefunden !? HILFE
    Plagegeister aller Art und deren Bekämpfung - 23.08.2011 (4)
  14. Rootkid.Agend gefunden - Internet stürzt beim Start eines PC ab
    Plagegeister aller Art und deren Bekämpfung - 30.08.2010 (3)
  15. Pc lahmt .Backdoor.ieboot,siszpe.exe und Malware gefunden und nun?
    Plagegeister aller Art und deren Bekämpfung - 26.06.2010 (19)
  16. PC Stürzt ohne Grund nach dem Start ab.
    Alles rund um Windows - 24.09.2009 (74)
  17. Windows stürzt nach dem Start sofort ab
    Log-Analyse und Auswertung - 01.07.2009 (0)

Zum Thema Hilfe! Malware/Backdoor gefunden & Outlook stürzt nach Start ab - Hallo und schönen guten Tag, Eure Seite macht einen Klasse Eindruck, habe schon öfter interessante Tipps gefunden, freue mich, dass es sowas wie Euch gibt! Folgendes Problem besteht: Bei jedem - Hilfe! Malware/Backdoor gefunden & Outlook stürzt nach Start ab...
Archiv
Du betrachtest: Hilfe! Malware/Backdoor gefunden & Outlook stürzt nach Start ab auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.