Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Trojan.Win32.Yakes.cmpu und not-a-virus:RemoteAdmin.Win32.WinVNC.mx durch Kasperky gefunden - Vorgehen?

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 22.03.2013, 11:34   #1
sissi3o2
 
Trojan.Win32.Yakes.cmpu und not-a-virus:RemoteAdmin.Win32.WinVNC.mx durch Kasperky gefunden - Vorgehen? - Standard

Trojan.Win32.Yakes.cmpu und not-a-virus:RemoteAdmin.Win32.WinVNC.mx durch Kasperky gefunden - Vorgehen?



Am 14.3. hat Kasperky durch einen Routine-Check folgende Funde hervorgebracht:

Typ: legales Programm, das von einem Angreifer benutzt werden kann, um den Computer oder die Benutzerdaten zu beschädigen (3)
not-a-virus:RemoteAdmin.Win32.WinVNC.mx Nicht gefunden 14.03.2013 22:25:52 C:\System Volume Information\_restore{C49A12F7-9AA1-4A01-85CA-FF425766B64B}\RP444\A0463611.exe// data0004
not-a-virus:RemoteAdmin.Win32.WinVNC.ad Nicht gefunden 14.03.2013 22:25:51 C:\System Volume Information\_restore{C49A12F7-9AA1-4A01-85CA-FF425766B64B}\RP444\A0463611.exe// data0000
not-a-virus:RemoteAdmin.Win32.WinVNC.ad Nicht gefunden 14.03.2013 22:25:51 C:\System Volume Information\_restore{C49A12F7-9AA1-4A01-85CA-FF425766B64B}\RP444\A0463611.exe// data0001
Typ: trojanisches Programm (1)
Trojan.Win32.Yakes.cmpu Gelöscht 14.03.2013 21:54:37 c:\dokumente und einstellungen\user\desktop\xxx ihre nicht beglichene rechnung vom 27.02.2013.zip//Kopie der Rechnung xxx.zip//Rechnung - Mahnung 27.02.2013.zip// Rechnung - Mahnung 27.02.2013.com
Typ: Unbekannt (1)
xxx ihre nicht beglichene rechnung vom 27.02.2013.zip Gelöscht 14.03.2013 21:54:37 c:\dokumente und einstellungen\user\desktop\ xxx ihre nicht beglichene rechnung vom 27.02.2013.zip

Kaspersky scheint diese gelöscht zu haben.
Dannach (19.3. inzwischen war ich nicht da.) habe ich eine Boot-CD von Kaspersky erstellt, die Boot-Reihenfolge geändert und von CD gebootet sowie einen vollständigen Check durchgeführt. Keine Funde.

Gestern (21.3.) hat der Rechner wieder Probleme gemacht. Das D-Laufwerk hatte sich schon vor einem Monat verabschiedet (Festplattencrash) und musste vor einem Monat mit professioneller Hilfe (KrollOntrack) wiederhergestellt. (Neue Festplatt ist nun verbaut). Nun vermute ich, dass sich entweder das C-Laufwerk mit einem Crash ankündigt oder der Virus doch noch aktiv ist.

Folgende Symptome:
1) Das System hatte scheinbar beim Hochfahren einen Fehler und es erschien die Auswahl:
Windows im abgesichtern Modus starten
.
.
Windows mit der letzten funktionierenden Konfiguration starten
Window normal starten
-> Ich hatte dann die letzte funktionierende Konfiguration ausgewählt.
2) Der Task-Manager lässt sich teilweise nicht mehr öffnen (direkt nach dem Neustart, geht's allerdings).
3) Auch wenn ich kaum Programme geöffnet habe, kommt dann folgende Fehlermeldung: Windows - Fehler in der Anwendung " Die Anwendung konnte nicht richtig initialisiert werden (0xc0000017). Klicken Sie auf "ok" um die Anwendung zu beenden." Es gibt nur den OK Button.
4) Die Maus friert ein.

Eine Datensicherung besteht von KrollOntrack Wiederherstellung, Memeo Backup und von Acronis. Acronis ist bestellt und es soll dann nochmals ein Image und eine Datensicherung gezogen werden. Wichtig sind mir nur meine Daten. Der Rechner ist alt und soll innerhalb des kommenden Monats komplett ersetzt werden. Bis dahin brauche ich allerdings den Rechner und muss arbeitsfähig bleiben können. Zur Info: Ich bin Privatanwender, hatte für KrollOntrack aus privaten Gründen das Geld hingeblättert. Anstonsten habe ich nur wenig Ahnung von IT und habe manchmal Hilfe durch einen erfahrenen Experten mittels Teamviewer.

Meine Fragen:
a) Habe ich einen Verschlüsselungstrojaner noch drauf?
b) Kann ich weiterarbeiten?
c) Hält mein System noch einen Monat durch bis der neue Rechner da ist?


Habe nun die Log Dateien erstellt.
Highjackthis:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:33:20, on 21.03.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe
C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe
C:\Programme\SearchProtect\bin\CltMngSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Java\jre7\bin\jqs.exe
C:\Programme\Google\Update\GoogleUpdate.exe
C:\Programme\Memeo\AutoBackup\MemeoBackgroundService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Seagate\Seagate Dashboard\SeagateDashboardService.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Gemeinsame Dateien\Acronis\SyncAgent\syncagentsrv.exe
C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe
C:\Programme\TeamViewer\Version6\TeamViewer.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Analog Devices\Core\smax4pnp.exe
C:\Programme\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programme\HP\HP Software Update\HPWuSchd2.exe
C:\Programme\CyberLink\PowerDVD\PDVDServ.exe
C:\Programme\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Programme\QuickTime\QTTask.exe
C:\Dokumente und Einstellungen\USER\Anwendungsdaten\SearchProtect\bin\cltmng.exe
C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Programme\Gemeinsame Dateien\Acronis\TibMounter\TibMounterMonitor.exe
C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe
C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Programme\Skype\Phone\Skype.exe
C:\Programme\Seagate\Seagate Dashboard\MemeoDashboard.exe
C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe
C:\Dokumente und Einstellungen\USER\Lokale Einstellungen\Apps\2.0\BJX8QJBP.M97\9LMJQ2V9.NT4\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe
C:\Programme\Memeo\AutoBackup\InstantBackup.exe
C:\Programme\Memeo\AutoBackup\MemeoUpdater.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Dokumente und Einstellungen\USER\Desktop\HiJackThis204.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.telekom.at/suche
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: (no name) - AutorunsDisabled - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: ContentBlockerBrowserHelperObject - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll
O2 - BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programme\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Programme\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [hpqSRMon] C:\Programme\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Programme\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [RemoteControl] C:\Programme\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Programme\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Programme\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [SearchProtectAll] C:\Programme\SearchProtect\bin\cltmng.exe
O4 - HKLM\..\Run: [AVP] "C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [TrueImageMonitor.exe] "C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [AcronisTibMounterMonitor] C:\Programme\Gemeinsame Dateien\Acronis\TibMounter\TibMounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [Memeo Instant Backup] C:\Programme\Memeo\AutoBackup\MemeoLauncher2.exe --silent --no_ui
O4 - HKLM\..\Run: [Seagate Dashboard] C:\Programme\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AVMUSBFernanschluss] "C:\Dokumente und Einstellungen\USER\Lokale Einstellungen\Apps\2.0\BJX8QJBP.M97\9LMJQ2V9.NT4\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\AVMAutoStart.exe"
O4 - HKCU\..\Run: [Skype] "C:\Programme\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [SearchProtect] C:\Dokumente und Einstellungen\USER\Anwendungsdaten\SearchProtect\bin\cltmng.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: AutorunsDisabled
O4 - Global Startup: AutorunsDisabled
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: In Adobe PDF konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: In vorhandene PDF-Datei konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: (no name) - AutorunsDisabled - (no file)
O9 - Extra button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Mobilen Favoriten erstellen... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {59136DB4-6CA3-4B40-8F2F-BBF84B6F1E91} (Attachment Upload Control) - https://stream.web.de/mail/activex/mail_upload_11213.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1156415092656
O16 - DPF: {6D868B99-8B01-4B25-9BD1-ED37AFDF5E29} (Ontrack Data Recovery Verifile Data Reports) - hxxp://www.krollontrack.co.uk/support/ontrack-verifile-report/npvfasp.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1361252403953
O16 - DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} (CeWe Color AG & Co. OHG Control) - https://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab
O18 - Protocol: AutorunsDisabled - (no CLSID) - (no file)
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Acronis Nonstop Backup Service (afcdpsrv) - Acronis - C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
O23 - Service: Search Protect by Conduit Updater (CltMngSvc) - Conduit - C:\Programme\SearchProtect\bin\CltMngSvc.exe
O23 - Service: Google Update Service (gupdate1c9ef90cb9d602c) (gupdate1c9ef90cb9d602c) - Google Inc. - C:\Programme\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-Dienst (gupdatem) (gupdatem) - Google Inc. - C:\Programme\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Programme\Java\jre7\bin\jqs.exe
O23 - Service: MemeoBackgroundService - Memeo - C:\Programme\Memeo\AutoBackup\MemeoBackgroundService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Programme\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: Seagate Dashboard Service (SeagateDashboardService) - Memeo - C:\Programme\Seagate\Seagate Dashboard\SeagateDashboardService.exe
O23 - Service: ServiceLayer - Nokia - C:\Programme\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Programme\Skype\Updater\Updater.exe
O23 - Service: Acronis Sync Agent Service (syncagentsrv) - Acronis - C:\Programme\Gemeinsame Dateien\Acronis\SyncAgent\syncagentsrv.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe

--
End of file - 14121 bytes

Defogger:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 21:53 on 21/03/2013 (USER)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-


OTL.txt, Extras.txt und GMER Logfile:

im Anhang als Zip


Info: Gmer hat fast 12h zum Durchlaufen gebraucht und danach ist die Maus wieder eingefroren und Task-Manager konnte nicht geöffnet werden, Windows Fehlermeldung tauchte wieder auf und Rechner musste mittels Not-Aus runtergefahren werden. Alles andere hat nicht funktioniert.

Vielen Dank für die Hilfe und die Beantwortung der Fragen vorab.

Alt 24.03.2013, 14:31   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojan.Win32.Yakes.cmpu und not-a-virus:RemoteAdmin.Win32.WinVNC.mx durch Kasperky gefunden - Vorgehen? - Standard

Trojan.Win32.Yakes.cmpu und not-a-virus:RemoteAdmin.Win32.WinVNC.mx durch Kasperky gefunden - Vorgehen?



Hallo,

Zitat:
not-a-virus:RemoteAdmin.Win32.WinVNC.mx Nicht gefunden 14.03.2013 22:25:52 C:\System Volume Information\_restore{C49A12F7-9AA1-4A01-85CA-FF425766B64B}\RP444\A0463611.exe// data0004
Hast du diese Meldung mal genauer gelesen? Denn es heißt ja auch Typ: legales Programm, das von einem Angreifer benutzt werden kann, um den Computer oder die Benutzerdaten zu beschädigen (3)

Hattest du mal VNC installiert? Das ist sowas wie Teamviewer

Zitat:
14.03.2013 21:54:37 c:\dokumente und einstellungen\user\desktop\romy voss ihre nicht beglichene rechnung vom 27.02.2013.zip//Kopie der Rechnung Romy Voss.zip//Rechnung - Mahnung 27.02.2013.zip// Rechnung - Mahnung 27.02.2013.com
Hast du diese Datei ausgeführt oder nur die ZIP geöffnet? Oder vllt nur die ZIP auf den Desktop gelegt und sonst nix weiter?
__________________

__________________

Alt 24.03.2013, 18:27   #3
sissi3o2
 
Trojan.Win32.Yakes.cmpu und not-a-virus:RemoteAdmin.Win32.WinVNC.mx durch Kasperky gefunden - Vorgehen? - Standard

Trojan.Win32.Yakes.cmpu und not-a-virus:RemoteAdmin.Win32.WinVNC.mx durch Kasperky gefunden - Vorgehen?



Zitat:
Zitat von cosinus Beitrag anzeigen
Hallo,



Hast du diese Meldung mal genauer gelesen? Denn es heißt ja auch Typ: legales Programm, das von einem Angreifer benutzt werden kann, um den Computer oder die Benutzerdaten zu beschädigen (3)

Hattest du mal VNC installiert? Das ist sowas wie Teamviewer.


Nein, ich habe den Teamviewer, aber nicht VNC installiert. und Ja ich habe obiges sehr genau gelesen. Aber die Installation des Programms und der Fund fand am gleichen Tag statt wie der Fund des Trojaners. Das macht mich halt unsicher.



Zitat:
Zitat von cosinus Beitrag anzeigen
Hast du diese Datei ausgeführt oder nur die ZIP geöffnet? Oder vllt nur die ZIP auf den Desktop gelegt und sonst nix weiter?

Zip auf dem Desktop gelegt und 2 x geöffnet.
Also bei ersten Mal war wieder eine Zip Datein drin, dann habe ich dummerweise nochmals draufgedrückt und diese Zip-Datei öffnen wollen und es war noch ein Zip da drin. Das habe ich aber nicht mehr geöffnet, da es mir zu suspekt erschien. Dann eben den Viruscheck durchlaufen lassen und obiges gefunden.

Hilft das weiter? Vielen Dank schon mal im voraus.
__________________

Alt 25.03.2013, 15:14   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojan.Win32.Yakes.cmpu und not-a-virus:RemoteAdmin.Win32.WinVNC.mx durch Kasperky gefunden - Vorgehen? - Standard

Trojan.Win32.Yakes.cmpu und not-a-virus:RemoteAdmin.Win32.WinVNC.mx durch Kasperky gefunden - Vorgehen?



Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
  • Lies dir meine Anleitungen, die ich im Laufe dieses Strangs hier posten werde, aufmerksam durch. Frag umgehend nach, wenn dir irgendetwas unklar sein sollte, bevor du anfängst meine Anleitungen umzusetzen.

  • Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden.

  • Bitte nur Scans durchführen zu denen du von einem Helfer aufgefordert wurdest! Installiere / Deinstalliere keine Software ohne Aufforderung!

  • Poste die Logfiles direkt in deinen Thread (bitte in CODE-Tags) und nicht als Anhang, ausser du wurdest dazu aufgefordert. Logs in Anhängen erschweren mir das Auswerten!

  • Die Logs der aufgegebenen Tools wie zB Malwarebytes sind immer zu posten - egal ob ein Fund dabei war oder nicht!

  • Beachte bitte auch => Löschen von Logfiles und andere Anfragen

Note:
Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread.
Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards.


Bitte die drei Tools MBAR / aswMBR / TDSSkiller nun ausführen und die Logs in CODE-Tags posten


MBAR (Malwarebytes Anti-Rootkit)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers


aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).



TDSS-Killer

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 26.03.2013, 22:58   #5
sissi3o2
 
Trojan.Win32.Yakes.cmpu und not-a-virus:RemoteAdmin.Win32.WinVNC.mx durch Kasperky gefunden - Vorgehen? - Standard

Trojan.Win32.Yakes.cmpu und not-a-virus:RemoteAdmin.Win32.WinVNC.mx durch Kasperky gefunden - Vorgehen?



Fehlermeldung mbar.exe bevor die Software eigentlich gestartet war, aber nach
Doppelklick auf die Anwendung:
Registry Value " AppInit_Dlls" has been found, wich may be caused by a rootkit activity.
Note: press "No" button if your are not sure. If the tool crashes or terminates unexpectedly during a system scan , restart the tool and press "yes" should this message appear again.

Do you want to remove this value and restart the tool?
"yes" " no"

Ich habe no gedrückt, weil ich aus dem Program raus wollte und unsicher war.


Alt 27.03.2013, 00:03   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojan.Win32.Yakes.cmpu und not-a-virus:RemoteAdmin.Win32.WinVNC.mx durch Kasperky gefunden - Vorgehen? - Standard

Trojan.Win32.Yakes.cmpu und not-a-virus:RemoteAdmin.Win32.WinVNC.mx durch Kasperky gefunden - Vorgehen?



bitte auf nein klicken und normal weitermachen
__________________
--> Trojan.Win32.Yakes.cmpu und not-a-virus:RemoteAdmin.Win32.WinVNC.mx durch Kasperky gefunden - Vorgehen?

Alt 27.03.2013, 14:04   #7
sissi3o2
 
Trojan.Win32.Yakes.cmpu und not-a-virus:RemoteAdmin.Win32.WinVNC.mx durch Kasperky gefunden - Vorgehen? - Standard

Trojan.Win32.Yakes.cmpu und not-a-virus:RemoteAdmin.Win32.WinVNC.mx durch Kasperky gefunden - Vorgehen?



Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.01.0.1021
www.malwarebytes.org

Database version: v2013.03.26.14

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
USER :: SCHOKOHASE [administrator]

27.03.2013 00:43:44
mbar-log-2013-03-27 (00-43-44).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled: 
Objects scanned: 29191
Time elapsed: 1 hour(s), 43 minute(s), 2 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 6
HKLM\SOFTWARE\CLASSES\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9} (PUP.Software.Updater) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\TYPELIB\{A0EE0278-2986-4E5A-884E-A3BF0357E476} (PUP.Software.Updater) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\INTERFACE\{9EDC0C90-2B5B-4512-953E-35767BAD5C67} (PUP.Software.Updater) -> Delete on reboot.
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} (PUP.Software.Updater) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\Updater.AmiUpd.1 (PUP.Software.Updater) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\Updater.AmiUpd (PUP.Software.Updater) -> Delete on reboot.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 1
c:\Dokumente und Einstellungen\USER\Anwendungsdaten\SwvUpdater (PUP.Software.Updater) -> Delete on reboot.

Files Detected: 4
c:\Dokumente und Einstellungen\USER\Anwendungsdaten\SwvUpdater\Updater.exe (PUP.Software.Updater) -> Delete on reboot.
c:\Dokumente und Einstellungen\USER\Anwendungsdaten\SwvUpdater\Updater.xml (PUP.Software.Updater) -> Delete on reboot.
c:\Dokumente und Einstellungen\USER\Anwendungsdaten\SwvUpdater\status.cfg (PUP.Software.Updater) -> Delete on reboot.
c:\WINDOWS\Tasks\AmiUpdXp.job (PUP.Software.Updater) -> Delete on reboot.

(end)
         
1. Durchlauf

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.01.0.1021
www.malwarebytes.org

Database version: v2013.03.26.14

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
USER :: SCHOKOHASE [administrator]

27.03.2013 03:22:32
mbar-log-2013-03-27 (03-22-32).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled: 
Objects scanned: 29160
Time elapsed: 2 hour(s), 5 minute(s), 28 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
         
2. Durchlauf

Alt 27.03.2013, 16:29   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojan.Win32.Yakes.cmpu und not-a-virus:RemoteAdmin.Win32.WinVNC.mx durch Kasperky gefunden - Vorgehen? - Standard

Trojan.Win32.Yakes.cmpu und not-a-virus:RemoteAdmin.Win32.WinVNC.mx durch Kasperky gefunden - Vorgehen?



Ok, was st mit den anderen Logs?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 27.03.2013, 18:25   #9
sissi3o2
 
Trojan.Win32.Yakes.cmpu und not-a-virus:RemoteAdmin.Win32.WinVNC.mx durch Kasperky gefunden - Vorgehen? - Standard

Trojan.Win32.Yakes.cmpu und not-a-virus:RemoteAdmin.Win32.WinVNC.mx durch Kasperky gefunden - Vorgehen?



Bevor ich antworten konnte " Der Scan ist noch am laufen" hat es Fehlermeldungen gegeben und der Rechner war nicht mehr zu bedienen und musste runtergefahren werden. Näheres kommt gleich.

Ausserdem habe ich meine eigene Arbeit und 2 kranke Kinder. Da bin ich derzeit nicht die schnellste, sorry. Mache schon Nachtschichten bis 2 Uhr und muss morgends um 6 wieder raus. Da bin ich momentan etwas langsamer. Es ist gerade überall der Virus drin, glaub ich.

Also der Scan war zuletzt noch am Laufen. Dann musste ich kurz weg. Als ich wieder kam, war Firefox weg, Word, weg und Skype da und 3 Fehlermeldungen. Ausserdem konnte ich kein Programm mehr öffnen und die Programmliste war nahezu leer.

Fehlermeldung 1) Microsoft Visual C++ Debug Library
Debug Error!
Programm: ...d60_0002.00003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe
This application has requested the Runtime to terminate it in an unusual way.
Please contact the application's support team for more information.
(Please retry to debug this application)
Abbrechen Wiederholen Ignorieren

Fehlermeldung 2):Application Error
Exception EOSError in module Skype.exe at 001F60D
System Error. code 8.
ok

Fehlermeldung 3): Application Error
Exception EoutofRessources in module Skype.exe at 005F0C0
Out of system Ressources.
ok

Ich wollte dann mit dem Screenshot das ganze festhalten, aber da war kein Programm mehr und eine Neue Fehlermeldung kam:

Fehlermeldung 4): Windows Fehler in der Anwendung
Die Anwendung konnte nicht richtig initialisiert werden (0xc0000017) Klicken Sie auf O k um die Anwendung zu beeenden.
ok

Lasse nun den aswMBR nochmals durchlaufen. Kann aber dauern.

Ach ja, im Task Manager konnte ich sehen, dass cltmng.exe die ganzen ressourcen gezogen hat.

Geändert von sissi3o2 (27.03.2013 um 18:40 Uhr)

Alt 28.03.2013, 12:02   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojan.Win32.Yakes.cmpu und not-a-virus:RemoteAdmin.Win32.WinVNC.mx durch Kasperky gefunden - Vorgehen? - Standard

Trojan.Win32.Yakes.cmpu und not-a-virus:RemoteAdmin.Win32.WinVNC.mx durch Kasperky gefunden - Vorgehen?



Wie weit bist du nun mit den Logs?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 28.03.2013, 13:48   #11
sissi3o2
 
Trojan.Win32.Yakes.cmpu und not-a-virus:RemoteAdmin.Win32.WinVNC.mx durch Kasperky gefunden - Vorgehen? - Standard

Trojan.Win32.Yakes.cmpu und not-a-virus:RemoteAdmin.Win32.WinVNC.mx durch Kasperky gefunden - Vorgehen?



Bevor der aswMBR durch ist scheint der Rechner immer neu zu starten und ich kann keinen log sichern. Ich werde nun nochmals einen Versuch wagen und die Internetverbindung dabei kappen und hoffe dass ich damit Erfolg habe. Könnte ggf. auch im abgesicherten Modus den Scan versuchen.
Der cltmng.exe zieht immer viel Ressourcen ab. Keine Ahnung was für ein Programm das ist und was der macht oder ob es damit zusammenhängt.

Bis später.

Alt 28.03.2013, 14:09   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojan.Win32.Yakes.cmpu und not-a-virus:RemoteAdmin.Win32.WinVNC.mx durch Kasperky gefunden - Vorgehen? - Standard

Trojan.Win32.Yakes.cmpu und not-a-virus:RemoteAdmin.Win32.WinVNC.mx durch Kasperky gefunden - Vorgehen?



Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 28.03.2013, 22:20   #13
sissi3o2
 
Trojan.Win32.Yakes.cmpu und not-a-virus:RemoteAdmin.Win32.WinVNC.mx durch Kasperky gefunden - Vorgehen? - Standard

Trojan.Win32.Yakes.cmpu und not-a-virus:RemoteAdmin.Win32.WinVNC.mx durch Kasperky gefunden - Vorgehen?



Code:
ATTFilter
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-03-28 17:17:18
-----------------------------
17:17:18.500    OS Version: Windows 5.1.2600 Service Pack 3
17:17:18.500    Number of processors: 2 586 0x409
17:17:18.500    ComputerName: SCHOKOHASE  UserName: USER
17:17:39.984    Initialize success
17:18:37.531    AVAST engine defs: 13032800
17:18:43.015    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-17
17:18:43.015    Disk 0 Vendor: Hitachi_HDS721010CLA332 JP4OA3MA Size: 953869MB BusType: 3
17:18:43.015    Disk 1  \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T0L0-22
17:18:43.015    Disk 1 Vendor: ST1000NM0011 SN03 Size: 953869MB BusType: 3
17:18:43.484    Disk 0 MBR read successfully
17:18:43.484    Disk 0 MBR scan
17:18:43.593    Disk 0 Windows XP default MBR code
17:18:43.593    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS       953867 MB offset 63
17:18:43.640    Disk 0 scanning sectors +1953520065
17:18:44.390    Disk 0 scanning C:\WINDOWS\system32\drivers
17:20:03.375    Service scanning
17:20:27.921    Service kl1 C:\WINDOWS\system32\DRIVERS\kl1.sys **LOCKED** 5
17:20:28.031    Service klbg C:\WINDOWS\system32\drivers\klbg.sys **LOCKED** 5
17:20:29.078    Service klim5 C:\WINDOWS\system32\DRIVERS\klim5.sys **LOCKED** 5
17:20:29.140    Service klkbdflt C:\WINDOWS\system32\DRIVERS\klkbdflt.sys **LOCKED** 5
17:20:29.187    Service klmouflt C:\WINDOWS\system32\DRIVERS\klmouflt.sys **LOCKED** 5
17:20:29.234    Service kltdi C:\WINDOWS\system32\DRIVERS\kltdi.sys **LOCKED** 5
17:20:29.625    Service kneps C:\WINDOWS\system32\DRIVERS\kneps.sys **LOCKED** 5
17:21:21.171    Service TSP C:\WINDOWS\system32\drivers\klif.sys **LOCKED** 5
17:21:31.750    Modules scanning
17:22:47.546    Disk 0 trace - called modules:
17:22:47.593    ntoskrnl.exe fltsrv.sys hal.dll tdrpman.sys CLASSPNP.SYS disk.sys vidsflt.sys atapi.sys pciide.sys 
17:22:47.593    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8aae1ab8]
17:22:47.609    3 CLASSPNP.SYS[f7647fd7] -> nt!IofCallDriver -> [0x8ab129c8]
17:22:47.609    5 vidsflt.sys[f74edd9b] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-17[0x8ab13d98]
17:22:47.609    Scan finished successfully
19:36:50.015    Disk 0 MBR has been saved successfully to "C:\Dokumente und Einstellungen\USER\Desktop\MBR.dat"
19:36:50.031    The log file has been saved successfully to "C:\Dokumente und Einstellungen\USER\Desktop\aswMBR2.txt"
         
Code:
ATTFilter
19:38:09.0906 4204  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
19:38:10.0031 4204  ============================================================
19:38:10.0031 4204  Current date / time: 2013/03/28 19:38:10.0031
19:38:10.0031 4204  SystemInfo:
19:38:10.0031 4204  
19:38:10.0031 4204  OS Version: 5.1.2600 ServicePack: 3.0
19:38:10.0031 4204  Product type: Workstation
19:38:10.0031 4204  ComputerName: SCHOKOHASE
19:38:10.0031 4204  UserName: USER
19:38:10.0031 4204  Windows directory: C:\WINDOWS
19:38:10.0031 4204  System windows directory: C:\WINDOWS
19:38:10.0031 4204  Processor architecture: Intel x86
19:38:10.0031 4204  Number of processors: 2
19:38:10.0031 4204  Page size: 0x1000
19:38:10.0031 4204  Boot type: Normal boot
19:38:10.0031 4204  ============================================================
19:38:11.0593 4204  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
19:38:11.0593 4204  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
19:38:11.0609 4204  ============================================================
19:38:11.0609 4204  \Device\Harddisk0\DR0:
19:38:11.0609 4204  MBR partitions:
19:38:11.0609 4204  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
19:38:11.0609 4204  \Device\Harddisk1\DR1:
19:38:11.0609 4204  MBR partitions:
19:38:11.0609 4204  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
19:38:11.0609 4204  ============================================================
19:38:11.0640 4204  C: <-> \Device\Harddisk0\DR0\Partition1
19:38:11.0640 4204  D: <-> \Device\Harddisk1\DR1\Partition1
19:38:11.0640 4204  ============================================================
19:38:11.0640 4204  Initialize success
19:38:11.0640 4204  ============================================================
19:38:15.0000 3144  ============================================================
19:38:15.0000 3144  Scan started
19:38:15.0000 3144  Mode: Manual; 
19:38:15.0000 3144  ============================================================
19:38:16.0734 3144  ================ Scan system memory ========================
19:38:16.0734 3144  System memory - ok
19:38:16.0734 3144  ================ Scan services =============================
19:38:17.0156 3144  Abiosdsk - ok
19:38:17.0156 3144  abp480n5 - ok
19:38:17.0218 3144  [ 44010948BDE6ADE50DD1386657C73E83 ] ACEDRV06        C:\WINDOWS\system32\drivers\ACEDRV06.sys
19:38:17.0218 3144  ACEDRV06 - ok
19:38:17.0312 3144  [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:38:17.0343 3144  ACPI - ok
19:38:17.0375 3144  [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
19:38:17.0375 3144  ACPIEC - ok
19:38:17.0703 3144  [ 35BCB0F33FABA91F93C062FBE7EA1EAC ] AcrSch2Svc      C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe
19:38:17.0953 3144  AcrSch2Svc - ok
19:38:18.0031 3144  [ 708BAECC952E81A70EF36F5F0B1B981C ] ADIHdAudAddService C:\WINDOWS\system32\drivers\ADIHdAud.sys
19:38:18.0062 3144  ADIHdAudAddService - ok
19:38:18.0171 3144  [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:38:18.0250 3144  AdobeFlashPlayerUpdateSvc - ok
19:38:18.0265 3144  adpu160m - ok
19:38:18.0312 3144  [ 9F59AE2DE835641FBB0C6AFD80D8FA9B ] AEAudioService  C:\WINDOWS\system32\drivers\AEAudio.sys
19:38:18.0328 3144  AEAudioService - ok
19:38:18.0406 3144  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
19:38:18.0421 3144  aec - ok
19:38:18.0531 3144  [ DF139E5866C19E0B3217EF210198D875 ] afcdp           C:\WINDOWS\system32\DRIVERS\afcdp.sys
19:38:18.0578 3144  afcdp - ok
19:38:18.0609 3144  [ 087715734AC33B265E4861939CC582AD ] afcdpsrv        C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe
19:38:19.0718 3144  Suspicious file (Forged): C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe. Real md5: 087715734AC33B265E4861939CC582AD, Fake md5: 1AEA25F70F12ABB494A4E35E1D717414
19:38:19.0734 3144  afcdpsrv ( ForgedFile.Multi.Generic ) - warning
19:38:19.0734 3144  afcdpsrv - detected ForgedFile.Multi.Generic (1)
19:38:19.0828 3144  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
19:38:19.0859 3144  AFD - ok
19:38:19.0875 3144  Aha154x - ok
19:38:19.0890 3144  aic78u2 - ok
19:38:19.0890 3144  aic78xx - ok
19:38:19.0937 3144  [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
19:38:19.0937 3144  Alerter - ok
19:38:19.0968 3144  [ 190CD73D4984F94D823F9444980513E5 ] ALG             C:\WINDOWS\System32\alg.exe
19:38:19.0984 3144  ALG - ok
19:38:20.0000 3144  AliIde - ok
19:38:20.0000 3144  amsint - ok
19:38:20.0015 3144  AppMgmt - ok
19:38:20.0031 3144  asc - ok
19:38:20.0031 3144  asc3350p - ok
19:38:20.0046 3144  asc3550 - ok
19:38:20.0375 3144  [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
19:38:20.0421 3144  aspnet_state - ok
19:38:20.0437 3144  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:38:20.0437 3144  AsyncMac - ok
19:38:20.0484 3144  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
19:38:20.0484 3144  atapi - ok
19:38:20.0500 3144  Atdisk - ok
19:38:20.0531 3144  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:38:20.0531 3144  Atmarpc - ok
19:38:20.0562 3144  [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
19:38:20.0578 3144  AudioSrv - ok
19:38:20.0593 3144  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
19:38:20.0593 3144  audstub - ok
19:38:20.0656 3144  [ 728C4A6C722535C16D1025F51AA31E22 ] avmaudio        C:\WINDOWS\system32\DRIVERS\avmaudio.sys
19:38:20.0671 3144  avmaudio - ok
19:38:21.0015 3144  [ 587EFD6A3A30A35A27904D21AE1FB882 ] AVP             C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
19:38:21.0140 3144  AVP - ok
19:38:21.0171 3144  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
19:38:21.0171 3144  Beep - ok
19:38:21.0328 3144  [ D6F603772A789BB3228F310D650B8BD1 ] BITS            C:\WINDOWS\system32\qmgr.dll
19:38:21.0484 3144  BITS - ok
19:38:21.0546 3144  [ B71549F23736ADF83A571061C47777FD ] Browser         C:\WINDOWS\System32\browser.dll
19:38:21.0562 3144  Browser - ok
19:38:21.0593 3144  [ B279426E3C0C344893ED78A613A73BDE ] BthEnum         C:\WINDOWS\system32\DRIVERS\BthEnum.sys
19:38:21.0593 3144  BthEnum - ok
19:38:21.0640 3144  [ 80602B8746D3738F5886CE3D67EF06B6 ] BthPan          C:\WINDOWS\system32\DRIVERS\bthpan.sys
19:38:21.0640 3144  BthPan - ok
19:38:21.0750 3144  [ 592E1CEDBE314D0EF184DC6F46141E76 ] BTHPORT         C:\WINDOWS\system32\Drivers\BTHport.sys
19:38:21.0812 3144  BTHPORT - ok
19:38:21.0843 3144  [ 26C601EF7525E31379744ABFC6F35A1B ] BthServ         C:\WINDOWS\System32\bthserv.dll
19:38:21.0843 3144  BthServ - ok
19:38:21.0875 3144  [ 61364CD71EF63B0F038B7E9DF00F1EFA ] BTHUSB          C:\WINDOWS\system32\Drivers\BTHUSB.sys
19:38:21.0875 3144  BTHUSB - ok
19:38:21.0890 3144  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
19:38:21.0890 3144  cbidf2k - ok
19:38:21.0968 3144  [ 359E5A91D26D0439933BEF1C29CEDEF7 ] CCALib8         C:\Programme\Canon\CAL\CALMAIN.exe
19:38:21.0984 3144  CCALib8 - ok
19:38:22.0031 3144  [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
19:38:22.0031 3144  CCDECODE - ok
19:38:22.0031 3144  cd20xrnt - ok
19:38:22.0046 3144  [ 82C4C6A2343B592C4FD590F625A724A9 ] CdaC15BA        C:\WINDOWS\system32\drivers\CDAC15BA.SYS
19:38:22.0062 3144  CdaC15BA - ok
19:38:22.0078 3144  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
19:38:22.0078 3144  Cdaudio - ok
19:38:22.0156 3144  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
19:38:22.0281 3144  Cdfs - ok
19:38:22.0312 3144  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:38:22.0312 3144  Cdrom - ok
19:38:22.0328 3144  Changer - ok
19:38:22.0359 3144  [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc           C:\WINDOWS\system32\cisvc.exe
19:38:22.0375 3144  CiSvc - ok
19:38:22.0390 3144  [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
19:38:22.0406 3144  ClipSrv - ok
19:38:22.0609 3144  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:38:22.0734 3144  clr_optimization_v2.0.50727_32 - ok
19:38:22.0796 3144  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:38:22.0953 3144  clr_optimization_v4.0.30319_32 - ok
19:38:23.0046 3144  [ 15AE8F975B3B8EE5EFFAFA4D0C94C1D7 ] CltMngSvc       C:\Programme\SearchProtect\bin\CltMngSvc.exe
19:38:23.0062 3144  CltMngSvc - ok
19:38:23.0078 3144  CmdIde - ok
19:38:23.0078 3144  COMSysApp - ok
19:38:23.0093 3144  Cpqarray - ok
19:38:23.0140 3144  [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
19:38:23.0171 3144  CryptSvc - ok
19:38:23.0187 3144  [ B5ECADF7708960F1818C7FA015F4C239 ] CVirtA          C:\WINDOWS\system32\DRIVERS\CVirtA.sys
19:38:23.0203 3144  CVirtA - ok
19:38:23.0203 3144  dac2w2k - ok
19:38:23.0203 3144  dac960nt - ok
19:38:23.0359 3144  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
19:38:23.0484 3144  DcomLaunch - ok
19:38:23.0515 3144  [ 6CC6C4B9D7B906A151AA094CA087B9F0 ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
19:38:23.0531 3144  dg_ssudbus - ok
19:38:23.0578 3144  [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
19:38:23.0625 3144  Dhcp - ok
19:38:23.0640 3144  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
19:38:23.0640 3144  Disk - ok
19:38:23.0656 3144  dmadmin - ok
19:38:23.0906 3144  [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
19:38:24.0125 3144  dmboot - ok
19:38:24.0187 3144  [ 53720AB12B48719D00E327DA470A619A ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
19:38:24.0218 3144  dmio - ok
19:38:24.0250 3144  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
19:38:24.0250 3144  dmload - ok
19:38:24.0281 3144  [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver        C:\WINDOWS\System32\dmserver.dll
19:38:24.0281 3144  dmserver - ok
19:38:24.0312 3144  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
19:38:24.0312 3144  DMusic - ok
19:38:24.0359 3144  [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
19:38:24.0375 3144  Dnscache - ok
19:38:24.0437 3144  [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
19:38:24.0484 3144  Dot3svc - ok
19:38:24.0500 3144  dpti2o - ok
19:38:24.0531 3144  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
19:38:24.0531 3144  drmkaud - ok
19:38:24.0562 3144  [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost         C:\WINDOWS\System32\eapsvc.dll
19:38:24.0578 3144  EapHost - ok
19:38:24.0609 3144  [ 877C18558D70587AA7823A1A308AC96B ] ERSvc           C:\WINDOWS\System32\ersvc.dll
19:38:24.0609 3144  ERSvc - ok
19:38:24.0671 3144  [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog        C:\WINDOWS\system32\services.exe
19:38:24.0703 3144  Eventlog - ok
19:38:24.0796 3144  [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem     C:\WINDOWS\system32\es.dll
19:38:24.0875 3144  EventSystem - ok
19:38:24.0953 3144  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
19:38:24.0984 3144  Fastfat - ok
19:38:25.0046 3144  [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
19:38:25.0093 3144  FastUserSwitchingCompatibility - ok
19:38:25.0203 3144  [ 08B8B302AF0D1B3B8543429BBAC8F21F ] Fax             C:\WINDOWS\system32\fxssvc.exe
19:38:25.0281 3144  Fax - ok
19:38:25.0328 3144  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
19:38:25.0328 3144  Fdc - ok
19:38:25.0359 3144  [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
19:38:25.0359 3144  Fips - ok
19:38:25.0375 3144  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
19:38:25.0375 3144  Flpydisk - ok
19:38:25.0437 3144  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
19:38:25.0453 3144  FltMgr - ok
19:38:25.0515 3144  [ E20D64EDF74D80874837B16506D58166 ] fltsrv          C:\WINDOWS\system32\DRIVERS\fltsrv.sys
19:38:25.0531 3144  fltsrv - ok
19:38:25.0593 3144  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
19:38:25.0609 3144  FontCache3.0.0.0 - ok
19:38:25.0625 3144  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:38:25.0625 3144  Fs_Rec - ok
19:38:25.0671 3144  [ 8F1955CE42E1484714B542F341647778 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:38:25.0687 3144  Ftdisk - ok
19:38:25.0718 3144  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:38:25.0718 3144  Gpc - ok
19:38:25.0812 3144  [ 626A24ED1228580B9518C01930936DF9 ] gupdate1c9ef90cb9d602c C:\Programme\Google\Update\GoogleUpdate.exe
19:38:25.0843 3144  gupdate1c9ef90cb9d602c - ok
19:38:25.0890 3144  [ 626A24ED1228580B9518C01930936DF9 ] gupdatem        C:\Programme\Google\Update\GoogleUpdate.exe
19:38:25.0890 3144  gupdatem - ok
19:38:25.0953 3144  [ F58D2900C66A1E773E3375098E0E9337 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
19:38:25.0968 3144  HdAudAddService - ok
19:38:26.0046 3144  [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
19:38:26.0062 3144  HDAudBus - ok
19:38:26.0109 3144  [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
19:38:26.0125 3144  helpsvc - ok
19:38:26.0140 3144  HidServ - ok
19:38:26.0187 3144  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:38:26.0187 3144  HidUsb - ok
19:38:26.0234 3144  [ ED29F14101523A6E0E808107405D452C ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
19:38:26.0250 3144  hkmsvc - ok
19:38:26.0265 3144  hpn - ok
19:38:26.0515 3144  [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08        C:\Programme\HP\Digital Imaging\bin\hpqcxs08.dll
19:38:26.0593 3144  hpqcxs08 - ok
19:38:26.0703 3144  [ 7DA3211AC63EDD90B8ECA1CA1ABFD43B ] hpqddsvc        C:\Programme\HP\Digital Imaging\bin\hpqddsvc.dll
19:38:26.0750 3144  hpqddsvc - ok
19:38:26.0812 3144  [ D03D10F7DED688FECF50F8FBF1EA9B8A ] HPZid412        C:\WINDOWS\system32\DRIVERS\HPZid412.sys
19:38:26.0812 3144  HPZid412 - ok
19:38:26.0828 3144  [ 89F41658929393487B6B7D13C8528CE3 ] HPZipr12        C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
19:38:26.0843 3144  HPZipr12 - ok
19:38:26.0875 3144  [ ABCB05CCDBF03000354B9553820E39F8 ] HPZius12        C:\WINDOWS\system32\DRIVERS\HPZius12.sys
19:38:26.0875 3144  HPZius12 - ok
19:38:26.0968 3144  [ 6312DC46356DF3974E88AA51B69360DC ] HSFHWBS2        C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
19:38:27.0031 3144  HSFHWBS2 - ok
19:38:27.0375 3144  [ 8ED6714C8E754520DD8A939F91383EA0 ] HSF_DP          C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
19:38:27.0656 3144  HSF_DP - ok
19:38:27.0984 3144  [ DAAB917EEC9849840A13353198D48CC5 ] HSF_DPV         C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
19:38:28.0265 3144  HSF_DPV - ok
19:38:28.0359 3144  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
19:38:28.0421 3144  HTTP - ok
19:38:28.0453 3144  [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
19:38:28.0484 3144  HTTPFilter - ok
19:38:28.0500 3144  i2omgmt - ok
19:38:28.0500 3144  i2omp - ok
19:38:28.0531 3144  [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:38:28.0531 3144  i8042prt - ok
19:38:28.0562 3144  ids00026 - ok
19:38:28.0578 3144  ids0014f - ok
19:38:28.0578 3144  ids0015d - ok
19:38:28.0578 3144  ids00180 - ok
19:38:28.0593 3144  ids0018a - ok
19:38:28.0921 3144  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:38:29.0234 3144  idsvc - ok
19:38:29.0265 3144  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
19:38:29.0265 3144  Imapi - ok
19:38:29.0359 3144  [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService    C:\WINDOWS\system32\imapi.exe
19:38:29.0406 3144  ImapiService - ok
19:38:29.0406 3144  ini910u - ok
19:38:29.0421 3144  IntelIde - ok
19:38:29.0453 3144  [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
19:38:29.0453 3144  intelppm - ok
19:38:29.0484 3144  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
19:38:29.0484 3144  Ip6Fw - ok
19:38:29.0515 3144  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:38:29.0515 3144  IpFilterDriver - ok
19:38:29.0546 3144  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:38:29.0546 3144  IpInIp - ok
19:38:29.0609 3144  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:38:29.0640 3144  IpNat - ok
19:38:29.0671 3144  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:38:29.0671 3144  IPSec - ok
19:38:29.0718 3144  [ ACA5E7B54409F9CB5EED97ED0C81120E ] irda            C:\WINDOWS\system32\DRIVERS\irda.sys
19:38:29.0734 3144  irda - ok
19:38:29.0750 3144  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
19:38:29.0750 3144  IRENUM - ok
19:38:29.0781 3144  [ 2EFE1DB1EC58A26B0C14BFDA122E246F ] Irmon           C:\WINDOWS\System32\irmon.dll
19:38:29.0796 3144  Irmon - ok
19:38:29.0828 3144  [ 6DFB88F64135C525433E87648BDA30DE ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:38:29.0828 3144  isapnp - ok
19:38:30.0062 3144  [ 999DB5F88C8E145CCA9D471E33227143 ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe
19:38:30.0109 3144  JavaQuickStarterService - ok
19:38:30.0140 3144  [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:38:30.0140 3144  Kbdclass - ok
19:38:30.0156 3144  [ B6D6C117D771C98130497265F26D1882 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
19:38:30.0171 3144  kbdhid - ok
19:38:30.0234 3144  [ EA26CB00F83686856F2C79673C00C686 ] kl1             C:\WINDOWS\system32\DRIVERS\kl1.sys
19:38:30.0265 3144  kl1 - ok
19:38:30.0312 3144  [ 53EEDAB3F0511321AC3AE8BC968B158C ] klbg            C:\WINDOWS\system32\drivers\klbg.sys
19:38:30.0312 3144  klbg - ok
19:38:30.0515 3144  [ 3D23639C3FDBC082AF7016A5C8829329 ] KLIF            C:\WINDOWS\system32\DRIVERS\klif.sys
19:38:30.0671 3144  KLIF - ok
19:38:30.0703 3144  [ 05E5504E5E06F75F18BBEA7291601FE2 ] klim5           C:\WINDOWS\system32\DRIVERS\klim5.sys
19:38:30.0703 3144  klim5 - ok
19:38:30.0750 3144  [ 7BE035A9C20F357DC765D6C7FDCDC964 ] klkbdflt        C:\WINDOWS\system32\DRIVERS\klkbdflt.sys
19:38:30.0750 3144  klkbdflt - ok
19:38:30.0765 3144  [ A8234A8F67B0565F74753FE88A7BF03D ] klmouflt        C:\WINDOWS\system32\DRIVERS\klmouflt.sys
19:38:30.0765 3144  klmouflt - ok
19:38:30.0796 3144  [ 53C0DF6C5139CB78A631E7AFCD893730 ] kltdi           C:\WINDOWS\system32\DRIVERS\kltdi.sys
19:38:30.0812 3144  kltdi - ok
19:38:30.0875 3144  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
19:38:30.0875 3144  kmixer - ok
19:38:30.0937 3144  [ 71A38C123600172511C26BFABD0EF579 ] kneps           C:\WINDOWS\system32\DRIVERS\kneps.sys
19:38:30.0953 3144  kneps - ok
19:38:31.0015 3144  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
19:38:31.0031 3144  KSecDD - ok
19:38:31.0078 3144  [ 2BBDCB79900990F0716DFCB714E72DE7 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
19:38:31.0109 3144  lanmanserver - ok
19:38:31.0187 3144  [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
19:38:31.0234 3144  lanmanworkstation - ok
19:38:31.0250 3144  lbrtfdc - ok
19:38:31.0328 3144  [ 575ED0F5DCB34E5C243D2A7EBC860484 ] LightScribeService C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
19:38:31.0343 3144  LightScribeService - ok
19:38:31.0375 3144  [ 636714B7D43C8D0C80449123FD266920 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
19:38:31.0390 3144  LmHosts - ok
19:38:31.0406 3144  [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk         C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
19:38:31.0406 3144  mdmxsdk - ok
19:38:31.0531 3144  [ 780D96F551833E0DCFE0A33B02B774E8 ] MemeoBackgroundService C:\Programme\Memeo\AutoBackup\MemeoBackgroundService.exe
19:38:31.0546 3144  MemeoBackgroundService - ok
19:38:31.0578 3144  [ B7550A7107281D170CE85524B1488C98 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
19:38:31.0593 3144  Messenger - ok
19:38:31.0609 3144  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
19:38:31.0609 3144  mnmdd - ok
19:38:31.0640 3144  [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
19:38:31.0656 3144  mnmsrvc - ok
19:38:31.0687 3144  [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
19:38:31.0687 3144  Modem - ok
19:38:31.0718 3144  [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA        C:\WINDOWS\system32\drivers\MODEMCSA.sys
19:38:31.0718 3144  MODEMCSA - ok
19:38:31.0734 3144  [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:38:31.0734 3144  Mouclass - ok
19:38:31.0750 3144  [ 66A6F73C74E1791464160A7065CE711A ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
19:38:31.0750 3144  mouhid - ok
19:38:31.0781 3144  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
19:38:31.0781 3144  MountMgr - ok
19:38:31.0843 3144  [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
19:38:31.0890 3144  MozillaMaintenance - ok
19:38:31.0906 3144  [ C0F8E0C2C3C0437CF37C6781896DC3EC ] MPE             C:\WINDOWS\system32\DRIVERS\MPE.sys
19:38:31.0906 3144  MPE - ok
19:38:31.0921 3144  mraid35x - ok
19:38:31.0984 3144  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:38:32.0015 3144  MRxDAV - ok
19:38:32.0187 3144  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:38:32.0328 3144  MRxSmb - ok
19:38:32.0437 3144  [ 641199534871783DD74138FE0BCFDAE7 ] MSCamSvc        C:\Programme\Microsoft LifeCam\MSCamS32.exe
19:38:32.0515 3144  MSCamSvc - ok
19:38:32.0531 3144  [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
19:38:32.0546 3144  MSDTC - ok
19:38:32.0562 3144  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
19:38:32.0562 3144  Msfs - ok
19:38:32.0593 3144  [ 95C6432151CCFF8617352F8E616A1AA4 ] MSIRCOMM        C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys
19:38:32.0593 3144  MSIRCOMM - ok
19:38:32.0593 3144  MSIServer - ok
19:38:32.0625 3144  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:38:32.0640 3144  MSKSSRV - ok
19:38:32.0640 3144  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:38:32.0640 3144  MSPCLOCK - ok
19:38:32.0671 3144  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
19:38:32.0671 3144  MSPQM - ok
19:38:32.0687 3144  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:38:32.0687 3144  mssmbios - ok
19:38:32.0781 3144  [ 07FD9E1D5F80756EDEC3C2FFCF2534C2 ] MSSQL$PINNACLESYS C:\Programme\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
19:38:35.0593 3144  Suspicious file (Forged): C:\Programme\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe. Real md5: 07FD9E1D5F80756EDEC3C2FFCF2534C2, Fake md5: 1B959A0614D575D0AB3B09095F0A8B83
19:38:35.0640 3144  MSSQL$PINNACLESYS ( ForgedFile.Multi.Generic ) - warning
19:38:35.0640 3144  MSSQL$PINNACLESYS - detected ForgedFile.Multi.Generic (1)
19:38:35.0687 3144  [ 1D1B22613EAB9287AF902398867BC93C ] MSSQLServerADHelper C:\Programme\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe
19:38:35.0718 3144  MSSQLServerADHelper - ok
19:38:35.0750 3144  [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
19:38:35.0750 3144  MSTEE - ok
19:38:35.0781 3144  [ D48659BB24C48345D926ECB45C1EBDF5 ] MTsensor        C:\WINDOWS\system32\DRIVERS\ASACPI.sys
19:38:35.0781 3144  MTsensor - ok
19:38:35.0859 3144  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
19:38:35.0875 3144  Mup - ok
19:38:35.0937 3144  [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
19:38:35.0937 3144  NABTSFEC - ok
19:38:36.0046 3144  [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent        C:\WINDOWS\System32\qagentrt.dll
19:38:36.0140 3144  napagent - ok
19:38:36.0203 3144  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
19:38:36.0250 3144  NDIS - ok
19:38:36.0265 3144  [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
19:38:36.0265 3144  NdisIP - ok
19:38:36.0296 3144  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:38:36.0296 3144  NdisTapi - ok
19:38:36.0328 3144  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:38:36.0328 3144  Ndisuio - ok
19:38:36.0359 3144  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:38:36.0375 3144  NdisWan - ok
19:38:36.0406 3144  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
19:38:36.0421 3144  NDProxy - ok
19:38:36.0468 3144  [ 69C503C004F49AEE8B8E3067CC047BA7 ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
19:38:36.0484 3144  Net Driver HPZ12 - ok
19:38:36.0515 3144  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
19:38:36.0515 3144  NetBIOS - ok
19:38:36.0578 3144  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
19:38:36.0609 3144  NetBT - ok
19:38:36.0671 3144  [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE          C:\WINDOWS\system32\netdde.exe
19:38:36.0703 3144  NetDDE - ok
19:38:36.0750 3144  [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
19:38:36.0750 3144  NetDDEdsdm - ok
19:38:36.0765 3144  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon        C:\WINDOWS\system32\lsass.exe
19:38:36.0781 3144  Netlogon - ok
19:38:36.0859 3144  [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman          C:\WINDOWS\System32\netman.dll
19:38:36.0906 3144  Netman - ok
19:38:36.0968 3144  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:38:37.0093 3144  NetTcpPortSharing - ok
19:38:37.0171 3144  [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla             C:\WINDOWS\System32\mswsock.dll
19:38:37.0265 3144  Nla - ok
19:38:37.0312 3144  [ 48FB907B069524F2DC7BA62A0762850C ] nmwcd           C:\WINDOWS\system32\drivers\ccdcmb.sys
19:38:37.0312 3144  nmwcd - ok
19:38:37.0343 3144  [ 2914CEB789964141AC6E22C6BC980C42 ] nmwcdc          C:\WINDOWS\system32\drivers\ccdcmbo.sys
19:38:37.0343 3144  nmwcdc - ok
19:38:37.0406 3144  [ 28D40797BCB050321FA6674B08A620C0 ] nmwcdnsu        C:\WINDOWS\system32\drivers\nmwcdnsu.sys
19:38:37.0437 3144  nmwcdnsu - ok
19:38:37.0468 3144  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
19:38:37.0468 3144  Npfs - ok
19:38:37.0671 3144  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
19:38:37.0828 3144  Ntfs - ok
19:38:37.0859 3144  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
19:38:37.0859 3144  NtLmSsp - ok
19:38:38.0015 3144  [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
19:38:38.0156 3144  NtmsSvc - ok
19:38:38.0203 3144  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
19:38:38.0312 3144  Null - ok
19:38:38.0703 3144  [ 6528EB6B7844E3A0FD8F3EFED9D7CFFB ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
19:38:42.0812 3144  Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\nv4_mini.sys. Real md5: 6528EB6B7844E3A0FD8F3EFED9D7CFFB, Fake md5: 0DC79B60CEDC3A8854C27B3C6E4B3414
19:38:42.0875 3144  nv ( ForgedFile.Multi.Generic ) - warning
19:38:42.0875 3144  nv - detected ForgedFile.Multi.Generic (1)
19:38:42.0953 3144  [ 32F7DEC3729B3BAE66EEBCAB7B03B18F ] NVSvc           C:\WINDOWS\system32\nvsvc32.exe
19:38:43.0000 3144  NVSvc - ok
19:38:43.0046 3144  [ AB0342CD154E89C18329E5CC5848CE0A ] nvUpdatusService C:\Programme\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
19:38:43.0718 3144  Suspicious file (Forged): C:\Programme\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe. Real md5: AB0342CD154E89C18329E5CC5848CE0A, Fake md5: 2CC4E45B0EB4C48392CEC9C83B5B8E3B
19:38:43.0734 3144  nvUpdatusService ( ForgedFile.Multi.Generic ) - warning
19:38:43.0734 3144  nvUpdatusService - detected ForgedFile.Multi.Generic (1)
19:38:43.0765 3144  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:38:43.0765 3144  NwlnkFlt - ok
19:38:43.0781 3144  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:38:43.0781 3144  NwlnkFwd - ok
19:38:43.0843 3144  [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose             C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
19:38:43.0875 3144  ose - ok
19:38:43.0921 3144  [ F84785660305B9B903FB3BCA8BA29837 ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
19:38:43.0937 3144  Parport - ok
19:38:43.0953 3144  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
19:38:43.0953 3144  PartMgr - ok
19:38:43.0968 3144  [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
19:38:43.0968 3144  ParVdm - ok
19:38:44.0000 3144  [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd        C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
19:38:44.0000 3144  pccsmcfd - ok
19:38:44.0031 3144  [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
19:38:44.0031 3144  PCI - ok
19:38:44.0031 3144  PCIDump - ok
19:38:44.0062 3144  [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
19:38:44.0062 3144  PCIIde - ok
19:38:44.0078 3144  [ 1BEBE7DE8508A02650CDCE45C664C2A2 ] PCLEPCI         C:\WINDOWS\system32\drivers\pclepci.sys
19:38:44.0078 3144  PCLEPCI - ok
19:38:44.0140 3144  [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
19:38:44.0156 3144  Pcmcia - ok
19:38:44.0156 3144  PDCOMP - ok
19:38:44.0171 3144  PDFRAME - ok
19:38:44.0171 3144  PDRELI - ok
19:38:44.0171 3144  PDRFRAME - ok
19:38:44.0187 3144  perc2 - ok
19:38:44.0187 3144  perc2hib - ok
19:38:44.0265 3144  [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay        C:\WINDOWS\system32\services.exe
19:38:44.0265 3144  PlugPlay - ok
19:38:44.0312 3144  [ 12B4549D515CB26BB8D375038017CA65 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
19:38:44.0328 3144  Pml Driver HPZ12 - ok
19:38:44.0359 3144  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
19:38:44.0359 3144  PolicyAgent - ok
19:38:44.0390 3144  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:38:44.0390 3144  PptpMiniport - ok
19:38:44.0406 3144  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
19:38:44.0406 3144  ProtectedStorage - ok
19:38:44.0437 3144  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
19:38:44.0437 3144  PSched - ok
19:38:44.0453 3144  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:38:44.0468 3144  Ptilink - ok
19:38:44.0500 3144  [ D86B4A68565E444D76457F14172C875A ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
19:38:44.0500 3144  PxHelp20 - ok
19:38:44.0515 3144  ql1080 - ok
19:38:44.0515 3144  Ql10wnt - ok
19:38:44.0531 3144  ql12160 - ok
19:38:44.0531 3144  ql1240 - ok
19:38:44.0546 3144  ql1280 - ok
19:38:44.0562 3144  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:38:44.0562 3144  RasAcd - ok
19:38:44.0609 3144  [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
19:38:44.0640 3144  RasAuto - ok
19:38:44.0671 3144  [ 0207D26DDF796A193CCD9F83047BB5FC ] Rasirda         C:\WINDOWS\system32\DRIVERS\rasirda.sys
19:38:44.0671 3144  Rasirda - ok
19:38:44.0703 3144  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:38:44.0703 3144  Rasl2tp - ok
19:38:44.0781 3144  [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan          C:\WINDOWS\System32\rasmans.dll
19:38:44.0843 3144  RasMan - ok
19:38:44.0875 3144  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:38:44.0875 3144  RasPppoe - ok
19:38:44.0890 3144  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
19:38:44.0890 3144  Raspti - ok
19:38:44.0968 3144  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:38:45.0000 3144  Rdbss - ok
19:38:45.0015 3144  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:38:45.0031 3144  RDPCDD - ok
19:38:45.0093 3144  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
19:38:45.0156 3144  RDPWD - ok
19:38:45.0234 3144  [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
19:38:45.0281 3144  RDSessMgr - ok
19:38:45.0312 3144  [ ED761D453856F795A7FE056E42C36365 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
19:38:45.0312 3144  redbook - ok
19:38:45.0343 3144  [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
19:38:45.0359 3144  RemoteAccess - ok
19:38:45.0406 3144  [ 851C30DF2807FCFA21E4C681A7D6440E ] RFCOMM          C:\WINDOWS\system32\DRIVERS\rfcomm.sys
19:38:45.0406 3144  RFCOMM - ok
19:38:45.0421 3144  [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM       C:\WINDOWS\system32\Drivers\RootMdm.sys
19:38:45.0437 3144  ROOTMODEM - ok
19:38:45.0468 3144  [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator      C:\WINDOWS\system32\locator.exe
19:38:45.0500 3144  RpcLocator - ok
19:38:45.0625 3144  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs           C:\WINDOWS\system32\rpcss.dll
19:38:45.0640 3144  RpcSs - ok
19:38:45.0687 3144  [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP            C:\WINDOWS\system32\rsvp.exe
19:38:45.0718 3144  RSVP - ok
19:38:45.0734 3144  RT2500USB - ok
19:38:45.0828 3144  [ C6D34A1874CD2B212DC3E788091C64B4 ] RTLE8023xp      C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
19:38:45.0875 3144  RTLE8023xp - ok
19:38:45.0890 3144  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs           C:\WINDOWS\system32\lsass.exe
19:38:45.0890 3144  SamSs - ok
19:38:45.0953 3144  [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
19:38:45.0984 3144  SCardSvr - ok
19:38:46.0062 3144  [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule        C:\WINDOWS\system32\schedsvc.dll
19:38:46.0125 3144  Schedule - ok
19:38:46.0312 3144  [ 738187CE167D51240EC945F42743D0E5 ] SCPDFReadSpool  C:\WINDOWS\Installer\MSIE4.tmp
19:38:46.0390 3144  SCPDFReadSpool - ok
19:38:46.0453 3144  [ 16B44D246835EAC156F8DAF0AA4F530C ] SeagateDashboardService C:\Programme\Seagate\Seagate Dashboard\SeagateDashboardService.exe
19:38:46.0468 3144  SeagateDashboardService - ok
19:38:46.0500 3144  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:38:46.0500 3144  Secdrv - ok
19:38:46.0531 3144  [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon        C:\WINDOWS\System32\seclogon.dll
19:38:46.0546 3144  seclogon - ok
19:38:46.0687 3144  [ 23228966244CDD9627BDE4141B3BE1F0 ] SenFiltService  C:\WINDOWS\system32\drivers\Senfilt.sys
19:38:46.0781 3144  SenFiltService - ok
19:38:46.0812 3144  [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS            C:\WINDOWS\system32\sens.dll
19:38:46.0828 3144  SENS - ok
19:38:46.0859 3144  [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
19:38:46.0859 3144  serenum - ok
19:38:46.0921 3144  [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
19:38:46.0921 3144  Serial - ok
19:38:47.0265 3144  [ 7D3903AF48E6C1DC2704EAFCB608D031 ] ServiceLayer    C:\Programme\PC Connectivity Solution\ServiceLayer.exe
19:38:47.0546 3144  ServiceLayer - ok
19:38:47.0593 3144  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\DRIVERS\sfloppy.sys
19:38:47.0593 3144  Sfloppy - ok
19:38:47.0718 3144  [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
19:38:47.0812 3144  SharedAccess - ok
19:38:47.0859 3144  [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:38:47.0875 3144  ShellHWDetection - ok
19:38:47.0875 3144  Simbad - ok
19:38:47.0937 3144  [ 8CB6887AC284F980C374EA29D79BA3E5 ] Skype C2C Service C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe
19:38:48.0875 3144  Suspicious file (Forged): C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe. Real md5: 8CB6887AC284F980C374EA29D79BA3E5, Fake md5: 388AE59FE75F1B959DFA0900923C61BB
19:38:48.0890 3144  Skype C2C Service ( ForgedFile.Multi.Generic ) - warning
19:38:48.0890 3144  Skype C2C Service - detected ForgedFile.Multi.Generic (1)
19:38:48.0984 3144  [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate     C:\Programme\Skype\Updater\Updater.exe
19:38:49.0031 3144  SkypeUpdate - ok
19:38:49.0062 3144  [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
19:38:49.0062 3144  SLIP - ok
19:38:49.0171 3144  [ 851310C1B742D2DF2D334603836FFDF5 ] snapman         C:\WINDOWS\system32\DRIVERS\snapman.sys
19:38:49.0203 3144  snapman - ok
19:38:49.0203 3144  Sparrow - ok
19:38:49.0218 3144  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
19:38:49.0218 3144  splitter - ok
19:38:49.0281 3144  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
19:38:49.0296 3144  Spooler - ok
19:38:49.0437 3144  [ 352E375AB298C23B0F9BC307652C7F50 ] SQLAgent$PINNACLESYS C:\Programme\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE
19:38:49.0531 3144  SQLAgent$PINNACLESYS - ok
19:38:49.0593 3144  [ 50FA898F8C032796D3B1B9951BB5A90F ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
19:38:49.0593 3144  sr - ok
19:38:49.0687 3144  [ FE77A85495065F3AD59C5C65B6C54182 ] srservice       C:\WINDOWS\system32\srsvc.dll
19:38:49.0734 3144  srservice - ok
19:38:49.0859 3144  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
19:38:49.0953 3144  Srv - ok
19:38:49.0984 3144  [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
19:38:50.0015 3144  SSDPSRV - ok
19:38:50.0093 3144  [ 359FEE084F1173FFFFD7F9CCBD43D47F ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
19:38:50.0140 3144  ssudmdm - ok
19:38:50.0187 3144  [ E57B778208C783D8DEBAB320C16A1B82 ] StarOpen        C:\WINDOWS\system32\drivers\StarOpen.sys
19:38:50.0187 3144  StarOpen - ok
19:38:50.0218 3144  [ A1A16662C6B1A665D965D61B9EECC5A7 ] STIrUsb         C:\WINDOWS\system32\DRIVERS\irstusb.sys
19:38:50.0218 3144  STIrUsb - ok
19:38:50.0359 3144  [ BC2C5985611C5356B24AEB370953DED9 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
19:38:50.0468 3144  stisvc - ok
19:38:50.0500 3144  [ 77813007BA6265C4B6098187E6ED79D2 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
19:38:50.0500 3144  streamip - ok
19:38:50.0515 3144  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
19:38:50.0515 3144  swenum - ok
19:38:50.0562 3144  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
19:38:50.0562 3144  swmidi - ok
19:38:50.0578 3144  SwPrv - ok
19:38:50.0578 3144  symc810 - ok
19:38:50.0593 3144  symc8xx - ok
19:38:50.0593 3144  sym_hi - ok
19:38:50.0609 3144  sym_u3 - ok
19:38:50.0687 3144  [ B716A836A645BC7C8E5C367B68A8A7A4 ] syncagentsrv    C:\Programme\Gemeinsame Dateien\Acronis\SyncAgent\syncagentsrv.exe
19:38:52.0765 3144  Suspicious file (Forged): C:\Programme\Gemeinsame Dateien\Acronis\SyncAgent\syncagentsrv.exe. Real md5: B716A836A645BC7C8E5C367B68A8A7A4, Fake md5: A214C8AA6A6C06C9DBAB1310E38DAB4A
19:38:52.0796 3144  syncagentsrv ( ForgedFile.Multi.Generic ) - warning
19:38:52.0796 3144  syncagentsrv - detected ForgedFile.Multi.Generic (1)
19:38:52.0828 3144  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
19:38:52.0843 3144  sysaudio - ok
19:38:52.0890 3144  [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
19:38:52.0921 3144  SysmonLog - ok
19:38:53.0015 3144  [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
19:38:53.0093 3144  TapiSrv - ok
19:38:53.0218 3144  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:38:53.0328 3144  Tcpip - ok
19:38:53.0359 3144  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
19:38:53.0359 3144  TDPIPE - ok
19:38:53.0656 3144  [ 6345E3829FD130A144454F9F5C2A3B9E ] tdrpman         C:\WINDOWS\system32\DRIVERS\tdrpman.sys
19:38:53.0875 3144  tdrpman - ok
19:38:53.0906 3144  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
19:38:53.0906 3144  TDTCP - ok
19:38:53.0953 3144  [ 94F26C68ACD7C984BE64A5040DFFBDB2 ] TeamViewer6     C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe
19:38:54.0703 3144  Suspicious file (Forged): C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe. Real md5: 94F26C68ACD7C984BE64A5040DFFBDB2, Fake md5: A3393F0DC64C29F47DC4126E6FA57558
19:38:54.0718 3144  TeamViewer6 ( ForgedFile.Multi.Generic ) - warning
19:38:54.0718 3144  TeamViewer6 - detected ForgedFile.Multi.Generic (1)
19:38:54.0734 3144  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
19:38:54.0750 3144  TermDD - ok
19:38:54.0859 3144  [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService     C:\WINDOWS\System32\termsrv.dll
19:38:54.0953 3144  TermService - ok
19:38:55.0000 3144  [ 2DB7D303C36DDD055215052F118E8E75 ] Themes          C:\WINDOWS\System32\shsvcs.dll
19:38:55.0000 3144  Themes - ok
19:38:55.0250 3144  [ A8C31102F448231596168FFC9F568B9A ] tib_mounter     C:\WINDOWS\system32\DRIVERS\tib_mounter.sys
19:38:55.0437 3144  tib_mounter - ok
19:38:55.0500 3144  [ 76148C3159718B701252F87B067904A6 ] TOSHIBA Bluetooth Service C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
19:38:55.0531 3144  TOSHIBA Bluetooth Service - ok
19:38:55.0531 3144  TosIde - ok
19:38:55.0562 3144  [ 8D624D3BD1F2D78BD1C01A2D4E954B4E ] tosporte        C:\WINDOWS\system32\DRIVERS\tosporte.sys
19:38:55.0578 3144  tosporte - ok
19:38:55.0625 3144  [ A594DBD80CA5426E2E558BF79195A110 ] Tosrfbd         C:\WINDOWS\system32\DRIVERS\tosrfbd.sys
19:38:55.0640 3144  Tosrfbd - ok
19:38:55.0671 3144  [ 90C8525BC578AAFFE87C2D0ED4379E9E ] tosrfbnp        C:\WINDOWS\system32\Drivers\tosrfbnp.sys
19:38:55.0671 3144  tosrfbnp - ok
19:38:55.0703 3144  [ 5BA1CA3B3CDDB1DDC67DF473F05D1EC2 ] Tosrfcom        C:\WINDOWS\system32\Drivers\tosrfcom.sys
19:38:55.0703 3144  Tosrfcom - ok
19:38:55.0750 3144  [ 28099A4E52148319AFA685D93A2244D0 ] Tosrfhid        C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys
19:38:55.0750 3144  Tosrfhid - ok
19:38:55.0765 3144  [ C52FD27B9ADF3A1F22CB90E6BCF9B0CB ] tosrfnds        C:\WINDOWS\system32\DRIVERS\tosrfnds.sys
19:38:55.0765 3144  tosrfnds - ok
19:38:55.0796 3144  [ 1FF09B64D1E0C82EE81026718D8D47C2 ] TosRfSnd        C:\WINDOWS\system32\drivers\tosrfsnd.sys
19:38:55.0812 3144  TosRfSnd - ok
19:38:55.0843 3144  [ 20CC46C5D3326122E1A0A8C9DAD00E0D ] tosrfusb        C:\WINDOWS\system32\DRIVERS\tosrfusb.sys
19:38:55.0843 3144  tosrfusb - ok
19:38:55.0906 3144  [ 626504572B175867F30F3215C04B3E2F ] TrkWks          C:\WINDOWS\system32\trkwks.dll
19:38:55.0937 3144  TrkWks - ok
19:38:56.0125 3144  [ 3D23639C3FDBC082AF7016A5C8829329 ] TSP             C:\WINDOWS\system32\drivers\klif.sys
19:38:56.0140 3144  TSP - ok
19:38:56.0171 3144  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
19:38:56.0171 3144  Udfs - ok
19:38:56.0171 3144  ultra - ok
19:38:56.0343 3144  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
19:38:56.0437 3144  Update - ok
19:38:56.0515 3144  [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost        C:\WINDOWS\System32\upnphost.dll
19:38:56.0578 3144  upnphost - ok
19:38:56.0609 3144  [ E526A166E6ACAFD0A9B3841D3941669E ] upperdev        C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
19:38:56.0609 3144  upperdev - ok
19:38:56.0625 3144  [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS             C:\WINDOWS\System32\ups.exe
19:38:56.0625 3144  UPS - ok
19:38:56.0671 3144  [ E919708DB44ED8543A7C017953148330 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
19:38:56.0671 3144  usbaudio - ok
19:38:56.0703 3144  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:38:56.0718 3144  usbccgp - ok
19:38:56.0734 3144  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:38:56.0734 3144  usbehci - ok
19:38:56.0781 3144  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:38:56.0781 3144  usbhub - ok
19:38:56.0796 3144  [ A717C8721046828520C9EDF31288FC00 ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
19:38:56.0796 3144  usbprint - ok
19:38:56.0828 3144  [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
19:38:56.0828 3144  usbscan - ok
19:38:56.0859 3144  [ 1C888B000C2F9492F4B15B5B6B84873E ] usbser          C:\WINDOWS\system32\drivers\usbser.sys
19:38:56.0859 3144  usbser - ok
19:38:56.0875 3144  [ 6F3E3C6811B930D2414552A2E4A40F36 ] UsbserFilt      C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
19:38:56.0875 3144  UsbserFilt - ok
19:38:56.0906 3144  [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:38:56.0906 3144  USBSTOR - ok
19:38:56.0937 3144  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
19:38:56.0937 3144  usbuhci - ok
19:38:56.0953 3144  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
19:38:56.0953 3144  VgaSave - ok
19:38:56.0968 3144  ViaIde - ok
19:38:57.0031 3144  [ 26B75DCB58B006867EFD659E845CD65E ] vididr          C:\WINDOWS\system32\DRIVERS\vididr.sys
19:38:57.0046 3144  vididr - ok
19:38:57.0093 3144  [ 40AFA68F81F90636D1300099E9CFC8CE ] vidsflt         C:\WINDOWS\system32\DRIVERS\vidsflt.sys
19:38:57.0109 3144  vidsflt - ok
19:38:57.0140 3144  [ A5A712F4E880874A477AF790B5186E1D ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
19:38:57.0140 3144  VolSnap - ok
19:38:57.0156 3144  vsdatant - ok
19:38:57.0281 3144  [ 68F106273BE29E7B7EF8266977268E78 ] VSS             C:\WINDOWS\System32\vssvc.exe
19:38:57.0375 3144  VSS - ok
19:38:57.0406 3144  [ C1DB192C23376E51EEDC463539766DA9 ] VX3000          C:\WINDOWS\system32\DRIVERS\VX3000.sys
19:38:57.0984 3144  Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\VX3000.sys. Real md5: C1DB192C23376E51EEDC463539766DA9, Fake md5: 13ACFED0E6ADCA97440169DFD127EBCF
19:38:57.0984 3144  VX3000 ( ForgedFile.Multi.Generic ) - warning
19:38:57.0984 3144  VX3000 - detected ForgedFile.Multi.Generic (1)
19:38:58.0062 3144  [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time         C:\WINDOWS\system32\w32time.dll
19:38:58.0125 3144  W32Time - ok
19:38:58.0171 3144  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:38:58.0171 3144  Wanarp - ok
19:38:58.0203 3144  [ 46A247F6617526AFE38B6F12F5512120 ] wceusbsh        C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
19:38:58.0203 3144  wceusbsh - ok
19:38:58.0390 3144  [ D918617B46457B9AC28027722E30F647 ] Wdf01000        C:\WINDOWS\system32\Drivers\wdf01000.sys
19:38:58.0500 3144  Wdf01000 - ok
19:38:58.0500 3144  WDICA - ok
19:38:58.0546 3144  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
19:38:58.0562 3144  wdmaud - ok
19:38:58.0609 3144  [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient       C:\WINDOWS\System32\webclnt.dll
19:38:58.0625 3144  WebClient - ok
19:38:58.0875 3144  [ BE3A842C2F2E87E7C840D36BCF13E8E0 ] winachsf        C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
19:38:59.0078 3144  winachsf - ok
19:38:59.0171 3144  [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
19:38:59.0218 3144  winmgmt - ok
19:38:59.0609 3144  [ F10075C2EC96D2EB118012E78ECE2FC2 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
19:38:59.0937 3144  WinRM - ok
19:38:59.0984 3144  [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
19:39:00.0000 3144  WmdmPmSN - ok
19:39:00.0046 3144  [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
19:39:00.0093 3144  WmiApSrv - ok
19:39:00.0437 3144  [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc   C:\Programme\Windows Media Player\WMPNetwk.exe
19:39:00.0703 3144  WMPNetworkSvc - ok
19:39:00.0734 3144  [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb          C:\WINDOWS\system32\DRIVERS\wpdusb.sys
19:39:00.0734 3144  WpdUsb - ok
19:39:01.0031 3144  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:39:01.0281 3144  WPFFontCache_v0400 - ok
19:39:01.0328 3144  [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
19:39:01.0359 3144  wscsvc - ok
19:39:01.0375 3144  [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
19:39:01.0390 3144  WSTCODEC - ok
19:39:01.0406 3144  [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
19:39:01.0453 3144  wuauserv - ok
19:39:01.0515 3144  [ EAA6324F51214D2F6718977EC9CE0DEF ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
19:39:01.0515 3144  WudfPf - ok
19:39:01.0578 3144  [ F91FF1E51FCA30B3C3981DB7D5924252 ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
19:39:01.0593 3144  WudfRd - ok
19:39:01.0640 3144  [ DDEE3682FE97037C45F4D7AB467CB8B6 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
19:39:01.0656 3144  WudfSvc - ok
19:39:01.0828 3144  [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
19:39:01.0968 3144  WZCSVC - ok
19:39:02.0031 3144  [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
19:39:02.0078 3144  xmlprov - ok
19:39:02.0093 3144  ================ Scan global ===============================
19:39:02.0109 3144  [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
19:39:02.0234 3144  [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
19:39:02.0437 3144  [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
19:39:02.0484 3144  [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe
19:39:02.0484 3144  [Global] - ok
19:39:02.0484 3144  ================ Scan MBR ==================================
19:39:02.0515 3144  [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
19:39:02.0812 3144  \Device\Harddisk0\DR0 - ok
19:39:02.0812 3144  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
19:39:02.0843 3144  \Device\Harddisk1\DR1 - ok
19:39:02.0843 3144  ================ Scan VBR ==================================
19:39:02.0843 3144  [ 91D7C03417315C80A612E562D6DB2485 ] \Device\Harddisk0\DR0\Partition1
19:39:02.0843 3144  \Device\Harddisk0\DR0\Partition1 - ok
19:39:02.0843 3144  [ 39D493D08F7E5F0220B1C28DCD640DD5 ] \Device\Harddisk1\DR1\Partition1
19:39:02.0859 3144  \Device\Harddisk1\DR1\Partition1 - ok
19:39:02.0859 3144  ============================================================
19:39:02.0859 3144  Scan finished
19:39:02.0859 3144  ============================================================
19:39:02.0859 5568  Detected object count: 8
19:39:02.0859 5568  Actual detected object count: 8
19:39:36.0453 5568  afcdpsrv ( ForgedFile.Multi.Generic ) - skipped by user
19:39:36.0453 5568  afcdpsrv ( ForgedFile.Multi.Generic ) - User select action: Skip 
19:39:36.0468 5568  MSSQL$PINNACLESYS ( ForgedFile.Multi.Generic ) - skipped by user
19:39:36.0468 5568  MSSQL$PINNACLESYS ( ForgedFile.Multi.Generic ) - User select action: Skip 
19:39:36.0468 5568  nv ( ForgedFile.Multi.Generic ) - skipped by user
19:39:36.0468 5568  nv ( ForgedFile.Multi.Generic ) - User select action: Skip 
19:39:36.0468 5568  nvUpdatusService ( ForgedFile.Multi.Generic ) - skipped by user
19:39:36.0468 5568  nvUpdatusService ( ForgedFile.Multi.Generic ) - User select action: Skip 
19:39:36.0468 5568  Skype C2C Service ( ForgedFile.Multi.Generic ) - skipped by user
19:39:36.0468 5568  Skype C2C Service ( ForgedFile.Multi.Generic ) - User select action: Skip 
19:39:36.0484 5568  syncagentsrv ( ForgedFile.Multi.Generic ) - skipped by user
19:39:36.0484 5568  syncagentsrv ( ForgedFile.Multi.Generic ) - User select action: Skip 
19:39:36.0484 5568  TeamViewer6 ( ForgedFile.Multi.Generic ) - skipped by user
19:39:36.0484 5568  TeamViewer6 ( ForgedFile.Multi.Generic ) - User select action: Skip 
19:39:36.0484 5568  VX3000 ( ForgedFile.Multi.Generic ) - skipped by user
19:39:36.0484 5568  VX3000 ( ForgedFile.Multi.Generic ) - User select action: Skip 
19:41:36.0453 5596  Deinitialize success
         

Alt 29.03.2013, 02:10   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojan.Win32.Yakes.cmpu und not-a-virus:RemoteAdmin.Win32.WinVNC.mx durch Kasperky gefunden - Vorgehen? - Standard

Trojan.Win32.Yakes.cmpu und not-a-virus:RemoteAdmin.Win32.WinVNC.mx durch Kasperky gefunden - Vorgehen?



Zitat:
19:38:15.0000 3144 Scan started
19:38:15.0000 3144 Mode: Manual;
Bitte die Anleitungen sorgfältiger lesen und umsetzen; du hast den tdsskiller falsch eingestellt, bitte nochmal richtig machen
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 29.03.2013, 10:45   #15
sissi3o2
 
Trojan.Win32.Yakes.cmpu und not-a-virus:RemoteAdmin.Win32.WinVNC.mx durch Kasperky gefunden - Vorgehen? - Standard

Trojan.Win32.Yakes.cmpu und not-a-virus:RemoteAdmin.Win32.WinVNC.mx durch Kasperky gefunden - Vorgehen?



Lieber Cosinus,

ich bin absolut überzeugt davon, dass ihr hier tolle und fantastische Hilfe leistet. Und dafüpr bin nicht nur ich, sondern auch viele andere sicher sehr dankbar.
Aber ich denke, auch ich darf einen respektvollen Umgang erwarten. "Bitte die Anleitungen sorgfältiger lesen und umsetzen;" Mir hier nicht sorgfältige Arbeit zu unterstellen, finde ich ganz ehrlich gesagt abwertend. Ich arbeite hier so gut ich kann und versuche alles umzusetzen. Da ich sehr weit weg von einem IT Experten bin und für fast jeden Schritt weitere Hilfe brauche um es korrekt umzusetzen, ist das nicht ganz einfach. Da kann es jedem passieren, das mal etwas übersehen wird. Ich habe die letzen 3 Nächte pro Nacht nicht mehr als 4h geschlafen und ich bin auch nur ein Mensch und keine Maschine.

Die Logs vom TDSKiller werden leider nicht erstellt, ich muss alles manuel machen.

Code:
ATTFilter
10:33:27.0562 5208  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
10:33:27.0703 5208  ============================================================
10:33:27.0703 5208  Current date / time: 2013/03/29 10:33:27.0703
10:33:27.0703 5208  SystemInfo:
10:33:27.0703 5208  
10:33:27.0703 5208  OS Version: 5.1.2600 ServicePack: 3.0
10:33:27.0703 5208  Product type: Workstation
10:33:27.0703 5208  ComputerName: SCHOKOHASE
10:33:27.0703 5208  UserName: USER
10:33:27.0703 5208  Windows directory: C:\WINDOWS
10:33:27.0703 5208  System windows directory: C:\WINDOWS
10:33:27.0703 5208  Processor architecture: Intel x86
10:33:27.0703 5208  Number of processors: 2
10:33:27.0703 5208  Page size: 0x1000
10:33:27.0703 5208  Boot type: Normal boot
10:33:27.0703 5208  ============================================================
10:33:34.0046 5208  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
10:33:34.0046 5208  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
10:33:34.0062 5208  ============================================================
10:33:34.0062 5208  \Device\Harddisk0\DR0:
10:33:34.0062 5208  MBR partitions:
10:33:34.0062 5208  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
10:33:34.0062 5208  \Device\Harddisk1\DR1:
10:33:34.0062 5208  MBR partitions:
10:33:34.0062 5208  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
10:33:34.0062 5208  ============================================================
10:33:34.0125 5208  C: <-> \Device\Harddisk0\DR0\Partition1
10:33:34.0218 5208  D: <-> \Device\Harddisk1\DR1\Partition1
10:33:34.0218 5208  ============================================================
10:33:34.0218 5208  Initialize success
10:33:34.0218 5208  ============================================================
10:34:40.0734 5180  ============================================================
10:34:40.0734 5180  Scan started
10:34:40.0734 5180  Mode: Manual; SigCheck; TDLFS; 
10:34:40.0734 5180  ============================================================
10:34:41.0062 5180  ================ Scan system memory ========================
10:34:41.0062 5180  System memory - ok
10:34:41.0062 5180  ================ Scan services =============================
10:34:41.0515 5180  Abiosdsk - ok
10:34:41.0531 5180  abp480n5 - ok
10:34:41.0578 5180  [ 44010948BDE6ADE50DD1386657C73E83 ] ACEDRV06        C:\WINDOWS\system32\drivers\ACEDRV06.sys
10:34:42.0250 5180  ACEDRV06 ( UnsignedFile.Multi.Generic ) - warning
10:34:42.0250 5180  ACEDRV06 - detected UnsignedFile.Multi.Generic (1)
10:34:42.0328 5180  [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
10:34:45.0687 5180  ACPI - ok
10:34:45.0734 5180  [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
10:34:45.0921 5180  ACPIEC - ok
10:34:46.0265 5180  [ 35BCB0F33FABA91F93C062FBE7EA1EAC ] AcrSch2Svc      C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe
10:34:46.0593 5180  AcrSch2Svc - ok
10:34:46.0656 5180  [ 708BAECC952E81A70EF36F5F0B1B981C ] ADIHdAudAddService C:\WINDOWS\system32\drivers\ADIHdAud.sys
10:34:46.0750 5180  ADIHdAudAddService - ok
10:34:46.0875 5180  [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:34:46.0921 5180  AdobeFlashPlayerUpdateSvc - ok
10:34:46.0937 5180  adpu160m - ok
10:34:46.0984 5180  [ 9F59AE2DE835641FBB0C6AFD80D8FA9B ] AEAudioService  C:\WINDOWS\system32\drivers\AEAudio.sys
10:34:47.0062 5180  AEAudioService - ok
10:34:47.0125 5180  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
10:34:47.0343 5180  aec - ok
10:34:47.0437 5180  [ DF139E5866C19E0B3217EF210198D875 ] afcdp           C:\WINDOWS\system32\DRIVERS\afcdp.sys
10:34:47.0656 5180  afcdp - ok
10:34:48.0843 5180  [ 1AEA25F70F12ABB494A4E35E1D717414 ] afcdpsrv        C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe
10:34:50.0312 5180  afcdpsrv - ok
10:34:50.0375 5180  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
10:34:50.0500 5180  AFD - ok
10:34:50.0515 5180  Aha154x - ok
10:34:50.0531 5180  aic78u2 - ok
10:34:50.0531 5180  aic78xx - ok
10:34:50.0578 5180  [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
10:34:50.0812 5180  Alerter - ok
10:34:50.0843 5180  [ 190CD73D4984F94D823F9444980513E5 ] ALG             C:\WINDOWS\System32\alg.exe
10:34:50.0968 5180  ALG - ok
10:34:50.0984 5180  AliIde - ok
10:34:50.0984 5180  amsint - ok
10:34:51.0000 5180  AppMgmt - ok
10:34:51.0000 5180  asc - ok
10:34:51.0015 5180  asc3350p - ok
10:34:51.0015 5180  asc3550 - ok
10:34:51.0343 5180  [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
10:34:51.0421 5180  aspnet_state - ok
10:34:51.0453 5180  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
10:34:51.0703 5180  AsyncMac - ok
10:34:51.0750 5180  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
10:34:52.0296 5180  atapi - ok
10:34:52.0312 5180  Atdisk - ok
10:34:52.0375 5180  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
10:34:52.0875 5180  Atmarpc - ok
10:34:52.0937 5180  [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
10:34:53.0156 5180  AudioSrv - ok
10:34:53.0171 5180  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
10:34:53.0343 5180  audstub - ok
10:34:53.0390 5180  [ 728C4A6C722535C16D1025F51AA31E22 ] avmaudio        C:\WINDOWS\system32\DRIVERS\avmaudio.sys
10:34:53.0421 5180  avmaudio ( UnsignedFile.Multi.Generic ) - warning
10:34:53.0421 5180  avmaudio - detected UnsignedFile.Multi.Generic (1)
10:34:53.0875 5180  [ 587EFD6A3A30A35A27904D21AE1FB882 ] AVP             C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
10:34:53.0984 5180  AVP - ok
10:34:54.0031 5180  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
10:34:54.0234 5180  Beep - ok
10:34:54.0390 5180  [ D6F603772A789BB3228F310D650B8BD1 ] BITS            C:\WINDOWS\system32\qmgr.dll
10:34:54.0812 5180  BITS - ok
10:34:54.0875 5180  [ B71549F23736ADF83A571061C47777FD ] Browser         C:\WINDOWS\System32\browser.dll
10:34:55.0046 5180  Browser - ok
10:34:55.0078 5180  [ B279426E3C0C344893ED78A613A73BDE ] BthEnum         C:\WINDOWS\system32\DRIVERS\BthEnum.sys
10:34:55.0296 5180  BthEnum - ok
10:34:55.0359 5180  [ 80602B8746D3738F5886CE3D67EF06B6 ] BthPan          C:\WINDOWS\system32\DRIVERS\bthpan.sys
10:34:55.0593 5180  BthPan - ok
10:34:55.0703 5180  [ 592E1CEDBE314D0EF184DC6F46141E76 ] BTHPORT         C:\WINDOWS\system32\Drivers\BTHport.sys
10:34:56.0046 5180  BTHPORT - ok
10:34:56.0093 5180  [ 26C601EF7525E31379744ABFC6F35A1B ] BthServ         C:\WINDOWS\System32\bthserv.dll
10:34:56.0375 5180  BthServ - ok
10:34:56.0390 5180  [ 61364CD71EF63B0F038B7E9DF00F1EFA ] BTHUSB          C:\WINDOWS\system32\Drivers\BTHUSB.sys
10:34:56.0656 5180  BTHUSB - ok
10:34:56.0687 5180  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
10:34:57.0062 5180  cbidf2k - ok
10:34:57.0125 5180  [ 359E5A91D26D0439933BEF1C29CEDEF7 ] CCALib8         C:\Programme\Canon\CAL\CALMAIN.exe
10:34:57.0218 5180  CCALib8 ( UnsignedFile.Multi.Generic ) - warning
10:34:57.0218 5180  CCALib8 - detected UnsignedFile.Multi.Generic (1)
10:34:57.0250 5180  [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
10:34:57.0531 5180  CCDECODE - ok
10:34:57.0531 5180  cd20xrnt - ok
10:34:57.0546 5180  [ 82C4C6A2343B592C4FD590F625A724A9 ] CdaC15BA        C:\WINDOWS\system32\drivers\CDAC15BA.SYS
10:34:57.0578 5180  CdaC15BA ( UnsignedFile.Multi.Generic ) - warning
10:34:57.0578 5180  CdaC15BA - detected UnsignedFile.Multi.Generic (1)
10:34:57.0609 5180  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
10:34:57.0859 5180  Cdaudio - ok
10:34:57.0890 5180  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
10:34:58.0062 5180  Cdfs - ok
10:34:58.0093 5180  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
10:34:58.0343 5180  Cdrom - ok
10:34:58.0359 5180  Changer - ok
10:34:58.0390 5180  [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc           C:\WINDOWS\system32\cisvc.exe
10:34:58.0546 5180  CiSvc - ok
10:34:58.0562 5180  [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
10:34:58.0812 5180  ClipSrv - ok
10:34:59.0031 5180  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:34:59.0296 5180  clr_optimization_v2.0.50727_32 - ok
10:34:59.0359 5180  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:34:59.0453 5180  clr_optimization_v4.0.30319_32 - ok
10:34:59.0546 5180  [ 15AE8F975B3B8EE5EFFAFA4D0C94C1D7 ] CltMngSvc       C:\Programme\SearchProtect\bin\CltMngSvc.exe
10:34:59.0656 5180  CltMngSvc ( UnsignedFile.Multi.Generic ) - warning
10:34:59.0656 5180  CltMngSvc - detected UnsignedFile.Multi.Generic (1)
10:34:59.0656 5180  CmdIde - ok
10:34:59.0671 5180  COMSysApp - ok
10:34:59.0671 5180  Cpqarray - ok
10:34:59.0718 5180  [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
10:34:59.0937 5180  CryptSvc - ok
10:34:59.0953 5180  [ B5ECADF7708960F1818C7FA015F4C239 ] CVirtA          C:\WINDOWS\system32\DRIVERS\CVirtA.sys
10:35:00.0062 5180  CVirtA - ok
10:35:00.0078 5180  dac2w2k - ok
10:35:00.0078 5180  dac960nt - ok
10:35:00.0218 5180  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
10:35:00.0484 5180  DcomLaunch - ok
10:35:00.0531 5180  [ 6CC6C4B9D7B906A151AA094CA087B9F0 ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
10:35:00.0609 5180  dg_ssudbus - ok
10:35:00.0671 5180  [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
10:35:00.0921 5180  Dhcp - ok
10:35:00.0984 5180  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
10:35:01.0250 5180  Disk - ok
10:35:01.0265 5180  dmadmin - ok
10:35:01.0906 5180  [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
10:35:02.0937 5180  dmboot - ok
10:35:03.0171 5180  [ 53720AB12B48719D00E327DA470A619A ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
10:35:03.0609 5180  dmio - ok
10:35:03.0812 5180  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
10:35:04.0203 5180  dmload - ok
10:35:04.0250 5180  [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver        C:\WINDOWS\System32\dmserver.dll
10:35:04.0531 5180  dmserver - ok
10:35:04.0625 5180  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
10:35:04.0906 5180  DMusic - ok
10:35:05.0046 5180  [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
10:35:05.0281 5180  Dnscache - ok
10:35:05.0546 5180  [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
10:35:06.0046 5180  Dot3svc - ok
10:35:06.0046 5180  dpti2o - ok
10:35:06.0234 5180  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
10:35:06.0484 5180  drmkaud - ok
10:35:06.0625 5180  [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost         C:\WINDOWS\System32\eapsvc.dll
10:35:06.0953 5180  EapHost - ok
10:35:07.0000 5180  [ 877C18558D70587AA7823A1A308AC96B ] ERSvc           C:\WINDOWS\System32\ersvc.dll
10:35:07.0343 5180  ERSvc - ok
10:35:07.0718 5180  [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog        C:\WINDOWS\system32\services.exe
10:35:07.0984 5180  Eventlog - ok
10:35:08.0359 5180  [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem     C:\WINDOWS\system32\es.dll
10:35:08.0703 5180  EventSystem - ok
10:35:08.0796 5180  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
10:35:09.0484 5180  Fastfat - ok
10:35:09.0640 5180  [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
10:35:09.0984 5180  FastUserSwitchingCompatibility - ok
10:35:10.0187 5180  [ 08B8B302AF0D1B3B8543429BBAC8F21F ] Fax             C:\WINDOWS\system32\fxssvc.exe
10:35:10.0468 5180  Fax - ok
10:35:10.0515 5180  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
10:35:10.0828 5180  Fdc - ok
10:35:10.0875 5180  [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
10:35:11.0140 5180  Fips - ok
10:35:11.0156 5180  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
10:35:11.0390 5180  Flpydisk - ok
10:35:11.0453 5180  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
10:35:11.0687 5180  FltMgr - ok
10:35:11.0734 5180  [ E20D64EDF74D80874837B16506D58166 ] fltsrv          C:\WINDOWS\system32\DRIVERS\fltsrv.sys
10:35:11.0968 5180  fltsrv - ok
10:35:12.0031 5180  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
10:35:12.0078 5180  FontCache3.0.0.0 - ok
10:35:12.0093 5180  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
10:35:12.0265 5180  Fs_Rec - ok
10:35:12.0312 5180  [ 8F1955CE42E1484714B542F341647778 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
10:35:12.0531 5180  Ftdisk - ok
10:35:12.0562 5180  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
10:35:12.0859 5180  Gpc - ok
10:35:12.0984 5180  [ 626A24ED1228580B9518C01930936DF9 ] gupdate1c9ef90cb9d602c C:\Programme\Google\Update\GoogleUpdate.exe
10:35:13.0078 5180  gupdate1c9ef90cb9d602c - ok
10:35:13.0125 5180  [ 626A24ED1228580B9518C01930936DF9 ] gupdatem        C:\Programme\Google\Update\GoogleUpdate.exe
10:35:13.0156 5180  gupdatem - ok
10:35:13.0218 5180  [ F58D2900C66A1E773E3375098E0E9337 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
10:35:13.0343 5180  HdAudAddService - ok
10:35:13.0406 5180  [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
10:35:13.0640 5180  HDAudBus - ok
10:35:13.0687 5180  [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
10:35:13.0906 5180  helpsvc - ok
10:35:13.0906 5180  HidServ - ok
10:35:13.0937 5180  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
10:35:14.0125 5180  HidUsb - ok
10:35:14.0156 5180  [ ED29F14101523A6E0E808107405D452C ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
10:35:14.0343 5180  hkmsvc - ok
10:35:14.0343 5180  hpn - ok
10:35:14.0593 5180  [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08        C:\Programme\HP\Digital Imaging\bin\hpqcxs08.dll
10:35:14.0703 5180  hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
10:35:14.0703 5180  hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
10:35:14.0765 5180  [ 7DA3211AC63EDD90B8ECA1CA1ABFD43B ] hpqddsvc        C:\Programme\HP\Digital Imaging\bin\hpqddsvc.dll
10:35:14.0859 5180  hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
10:35:14.0859 5180  hpqddsvc - detected UnsignedFile.Multi.Generic (1)
10:35:14.0906 5180  [ D03D10F7DED688FECF50F8FBF1EA9B8A ] HPZid412        C:\WINDOWS\system32\DRIVERS\HPZid412.sys
10:35:15.0421 5180  HPZid412 - ok
10:35:15.0468 5180  [ 89F41658929393487B6B7D13C8528CE3 ] HPZipr12        C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
10:35:15.0546 5180  HPZipr12 - ok
10:35:15.0578 5180  [ ABCB05CCDBF03000354B9553820E39F8 ] HPZius12        C:\WINDOWS\system32\DRIVERS\HPZius12.sys
10:35:15.0656 5180  HPZius12 - ok
10:35:15.0750 5180  [ 6312DC46356DF3974E88AA51B69360DC ] HSFHWBS2        C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
10:35:15.0921 5180  HSFHWBS2 - ok
10:35:16.0265 5180  [ 8ED6714C8E754520DD8A939F91383EA0 ] HSF_DP          C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
10:35:16.0937 5180  HSF_DP - ok
10:35:17.0265 5180  [ DAAB917EEC9849840A13353198D48CC5 ] HSF_DPV         C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
10:35:17.0968 5180  HSF_DPV - ok
10:35:18.0078 5180  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
10:35:18.0234 5180  HTTP - ok
10:35:18.0265 5180  [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
10:35:18.0437 5180  HTTPFilter - ok
10:35:18.0437 5180  i2omgmt - ok
10:35:18.0453 5180  i2omp - ok
10:35:18.0484 5180  [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
10:35:18.0671 5180  i8042prt - ok
10:35:18.0703 5180  ids00026 - ok
10:35:18.0718 5180  ids0014f - ok
10:35:18.0718 5180  ids0015d - ok
10:35:18.0718 5180  ids00180 - ok
10:35:18.0734 5180  ids0018a - ok
10:35:19.0093 5180  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:35:19.0687 5180  idsvc - ok
10:35:19.0734 5180  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
10:35:19.0968 5180  Imapi - ok
10:35:20.0031 5180  [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService    C:\WINDOWS\system32\imapi.exe
10:35:20.0250 5180  ImapiService - ok
10:35:20.0265 5180  ini910u - ok
10:35:20.0265 5180  IntelIde - ok
10:35:20.0312 5180  [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
10:35:20.0515 5180  intelppm - ok
10:35:20.0546 5180  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
10:35:20.0718 5180  Ip6Fw - ok
10:35:20.0750 5180  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
10:35:20.0921 5180  IpFilterDriver - ok
10:35:20.0984 5180  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
10:35:21.0187 5180  IpInIp - ok
10:35:21.0250 5180  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
10:35:21.0453 5180  IpNat - ok
10:35:21.0500 5180  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
10:35:21.0703 5180  IPSec - ok
10:35:21.0750 5180  [ ACA5E7B54409F9CB5EED97ED0C81120E ] irda            C:\WINDOWS\system32\DRIVERS\irda.sys
10:35:21.0984 5180  irda - ok
10:35:22.0000 5180  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
10:35:22.0093 5180  IRENUM - ok
10:35:22.0125 5180  [ 2EFE1DB1EC58A26B0C14BFDA122E246F ] Irmon           C:\WINDOWS\System32\irmon.dll
10:35:22.0296 5180  Irmon - ok
10:35:22.0328 5180  [ 6DFB88F64135C525433E87648BDA30DE ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
10:35:22.0750 5180  isapnp - ok
10:35:23.0484 5180  [ 999DB5F88C8E145CCA9D471E33227143 ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe
10:35:23.0625 5180  JavaQuickStarterService - ok
10:35:23.0656 5180  [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
10:35:23.0859 5180  Kbdclass - ok
10:35:23.0906 5180  [ B6D6C117D771C98130497265F26D1882 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
10:35:24.0171 5180  kbdhid - ok
10:35:24.0250 5180  [ EA26CB00F83686856F2C79673C00C686 ] kl1             C:\WINDOWS\system32\DRIVERS\kl1.sys
10:35:24.0312 5180  kl1 - ok
10:35:24.0343 5180  [ 53EEDAB3F0511321AC3AE8BC968B158C ] klbg            C:\WINDOWS\system32\drivers\klbg.sys
10:35:24.0390 5180  klbg - ok
10:35:24.0593 5180  [ 3D23639C3FDBC082AF7016A5C8829329 ] KLIF            C:\WINDOWS\system32\DRIVERS\klif.sys
10:35:24.0765 5180  KLIF - ok
10:35:24.0796 5180  [ 05E5504E5E06F75F18BBEA7291601FE2 ] klim5           C:\WINDOWS\system32\DRIVERS\klim5.sys
10:35:24.0843 5180  klim5 - ok
10:35:24.0890 5180  [ 7BE035A9C20F357DC765D6C7FDCDC964 ] klkbdflt        C:\WINDOWS\system32\DRIVERS\klkbdflt.sys
10:35:24.0937 5180  klkbdflt - ok
10:35:24.0968 5180  [ A8234A8F67B0565F74753FE88A7BF03D ] klmouflt        C:\WINDOWS\system32\DRIVERS\klmouflt.sys
10:35:25.0031 5180  klmouflt - ok
10:35:25.0062 5180  [ 53C0DF6C5139CB78A631E7AFCD893730 ] kltdi           C:\WINDOWS\system32\DRIVERS\kltdi.sys
10:35:25.0109 5180  kltdi - ok
10:35:25.0171 5180  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
10:35:25.0328 5180  kmixer - ok
10:35:25.0406 5180  [ 71A38C123600172511C26BFABD0EF579 ] kneps           C:\WINDOWS\system32\DRIVERS\kneps.sys
10:35:25.0468 5180  kneps - ok
10:35:25.0515 5180  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
10:35:25.0640 5180  KSecDD - ok
10:35:25.0703 5180  [ 2BBDCB79900990F0716DFCB714E72DE7 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
10:35:25.0828 5180  lanmanserver - ok
10:35:25.0906 5180  [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
10:35:26.0031 5180  lanmanworkstation - ok
10:35:26.0062 5180  lbrtfdc - ok
10:35:26.0156 5180  [ 575ED0F5DCB34E5C243D2A7EBC860484 ] LightScribeService C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
10:35:26.0250 5180  LightScribeService ( UnsignedFile.Multi.Generic ) - warning
10:35:26.0250 5180  LightScribeService - detected UnsignedFile.Multi.Generic (1)
10:35:26.0296 5180  [ 636714B7D43C8D0C80449123FD266920 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
10:35:26.0515 5180  LmHosts - ok
10:35:26.0546 5180  [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk         C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
10:35:26.0609 5180  mdmxsdk - ok
10:35:26.0734 5180  [ 780D96F551833E0DCFE0A33B02B774E8 ] MemeoBackgroundService C:\Programme\Memeo\AutoBackup\MemeoBackgroundService.exe
10:35:26.0781 5180  MemeoBackgroundService - ok
10:35:26.0812 5180  [ B7550A7107281D170CE85524B1488C98 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
10:35:27.0015 5180  Messenger - ok
10:35:27.0046 5180  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
10:35:27.0203 5180  mnmdd - ok
10:35:27.0234 5180  [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
10:35:27.0406 5180  mnmsrvc - ok
10:35:27.0437 5180  [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
10:35:27.0625 5180  Modem - ok
10:35:27.0656 5180  [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA        C:\WINDOWS\system32\drivers\MODEMCSA.sys
10:35:27.0828 5180  MODEMCSA - ok
10:35:27.0859 5180  [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
10:35:28.0031 5180  Mouclass - ok
10:35:28.0078 5180  [ 66A6F73C74E1791464160A7065CE711A ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
10:35:28.0265 5180  mouhid - ok
10:35:28.0296 5180  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
10:35:28.0578 5180  MountMgr - ok
10:35:28.0656 5180  [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
10:35:28.0796 5180  MozillaMaintenance - ok
10:35:28.0812 5180  [ C0F8E0C2C3C0437CF37C6781896DC3EC ] MPE             C:\WINDOWS\system32\DRIVERS\MPE.sys
10:35:29.0000 5180  MPE - ok
10:35:29.0015 5180  mraid35x - ok
10:35:29.0078 5180  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
10:35:29.0265 5180  MRxDAV - ok
10:35:29.0421 5180  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
10:35:29.0687 5180  MRxSmb - ok
10:35:29.0812 5180  [ 641199534871783DD74138FE0BCFDAE7 ] MSCamSvc        C:\Programme\Microsoft LifeCam\MSCamS32.exe
10:35:30.0031 5180  MSCamSvc - ok
10:35:30.0046 5180  [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
10:35:30.0218 5180  MSDTC - ok
10:35:30.0234 5180  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
10:35:30.0406 5180  Msfs - ok
10:35:30.0421 5180  [ 95C6432151CCFF8617352F8E616A1AA4 ] MSIRCOMM        C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys
10:35:30.0515 5180  MSIRCOMM - ok
10:35:30.0515 5180  MSIServer - ok
10:35:30.0546 5180  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
10:35:30.0828 5180  MSKSSRV - ok
10:35:30.0843 5180  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
10:35:31.0046 5180  MSPCLOCK - ok
10:35:31.0062 5180  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
10:35:31.0234 5180  MSPQM - ok
10:35:31.0250 5180  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
10:35:31.0437 5180  mssmbios - ok
10:35:34.0390 5180  [ 1B959A0614D575D0AB3B09095F0A8B83 ] MSSQL$PINNACLESYS C:\Programme\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
10:35:41.0687 5180  MSSQL$PINNACLESYS - ok
10:35:42.0062 5180  [ 1D1B22613EAB9287AF902398867BC93C ] MSSQLServerADHelper C:\Programme\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe
10:35:42.0265 5180  MSSQLServerADHelper ( UnsignedFile.Multi.Generic ) - warning
10:35:42.0265 5180  MSSQLServerADHelper - detected UnsignedFile.Multi.Generic (1)
10:35:42.0296 5180  [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
10:35:42.0609 5180  MSTEE - ok
10:35:42.0781 5180  [ D48659BB24C48345D926ECB45C1EBDF5 ] MTsensor        C:\WINDOWS\system32\DRIVERS\ASACPI.sys
10:35:42.0843 5180  MTsensor ( UnsignedFile.Multi.Generic ) - warning
10:35:42.0843 5180  MTsensor - detected UnsignedFile.Multi.Generic (1)
10:35:42.0937 5180  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
10:35:43.0125 5180  Mup - ok
10:35:43.0328 5180  [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
10:35:43.0703 5180  NABTSFEC - ok
10:35:44.0187 5180  [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent        C:\WINDOWS\System32\qagentrt.dll
10:35:44.0656 5180  napagent - ok
10:35:44.0843 5180  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
10:35:45.0171 5180  NDIS - ok
10:35:45.0234 5180  [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
10:35:45.0546 5180  NdisIP - ok
10:35:45.0640 5180  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
10:35:45.0796 5180  NdisTapi - ok
10:35:45.0921 5180  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
10:35:46.0218 5180  Ndisuio - ok
10:35:46.0265 5180  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
10:35:46.0531 5180  NdisWan - ok
10:35:46.0703 5180  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
10:35:46.0984 5180  NDProxy - ok
10:35:47.0031 5180  [ 69C503C004F49AEE8B8E3067CC047BA7 ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
10:35:47.0109 5180  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
10:35:47.0109 5180  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
10:35:47.0171 5180  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
10:35:47.0500 5180  NetBIOS - ok
10:35:47.0656 5180  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
10:35:48.0000 5180  NetBT - ok
10:35:48.0062 5180  [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE          C:\WINDOWS\system32\netdde.exe
10:35:48.0265 5180  NetDDE - ok
10:35:48.0312 5180  [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
10:35:48.0484 5180  NetDDEdsdm - ok
10:35:48.0500 5180  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon        C:\WINDOWS\system32\lsass.exe
10:35:48.0671 5180  Netlogon - ok
10:35:48.0734 5180  [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman          C:\WINDOWS\System32\netman.dll
10:35:48.0984 5180  Netman - ok
10:35:49.0062 5180  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:35:49.0156 5180  NetTcpPortSharing - ok
10:35:49.0250 5180  [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla             C:\WINDOWS\System32\mswsock.dll
10:35:49.0390 5180  Nla - ok
10:35:49.0421 5180  [ 48FB907B069524F2DC7BA62A0762850C ] nmwcd           C:\WINDOWS\system32\drivers\ccdcmb.sys
10:35:50.0140 5180  nmwcd - ok
10:35:50.0171 5180  [ 2914CEB789964141AC6E22C6BC980C42 ] nmwcdc          C:\WINDOWS\system32\drivers\ccdcmbo.sys
10:35:50.0296 5180  nmwcdc - ok
10:35:50.0359 5180  [ 28D40797BCB050321FA6674B08A620C0 ] nmwcdnsu        C:\WINDOWS\system32\drivers\nmwcdnsu.sys
10:35:50.0484 5180  nmwcdnsu - ok
10:35:50.0531 5180  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
10:35:50.0687 5180  Npfs - ok
10:35:50.0875 5180  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
10:35:51.0328 5180  Ntfs - ok
10:35:51.0343 5180  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
10:35:51.0500 5180  NtLmSsp - ok
10:35:51.0671 5180  [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
10:35:52.0109 5180  NtmsSvc - ok
10:35:52.0125 5180  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
10:35:52.0296 5180  Null - ok
10:35:57.0375 5180  [ 0DC79B60CEDC3A8854C27B3C6E4B3414 ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
10:36:06.0281 5180  nv - ok
10:36:06.0359 5180  [ 32F7DEC3729B3BAE66EEBCAB7B03B18F ] NVSvc           C:\WINDOWS\system32\nvsvc32.exe
10:36:06.0390 5180  NVSvc - ok
10:36:07.0125 5180  [ 2CC4E45B0EB4C48392CEC9C83B5B8E3B ] nvUpdatusService C:\Programme\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
10:36:08.0750 5180  nvUpdatusService - ok
10:36:08.0843 5180  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
10:36:09.0250 5180  NwlnkFlt - ok
10:36:09.0328 5180  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
10:36:09.0625 5180  NwlnkFwd - ok
10:36:09.0703 5180  [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose             C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
10:36:09.0750 5180  ose - ok
10:36:09.0796 5180  [ F84785660305B9B903FB3BCA8BA29837 ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
10:36:10.0000 5180  Parport - ok
10:36:10.0031 5180  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
10:36:10.0281 5180  PartMgr - ok
10:36:10.0312 5180  [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
10:36:10.0468 5180  ParVdm - ok
10:36:10.0500 5180  [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd        C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
10:36:10.0593 5180  pccsmcfd - ok
10:36:10.0640 5180  [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
10:36:10.0812 5180  PCI - ok
10:36:10.0828 5180  PCIDump - ok
10:36:10.0843 5180  [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
10:36:11.0000 5180  PCIIde - ok
10:36:11.0031 5180  [ 1BEBE7DE8508A02650CDCE45C664C2A2 ] PCLEPCI         C:\WINDOWS\system32\drivers\pclepci.sys
10:36:11.0078 5180  PCLEPCI ( UnsignedFile.Multi.Generic ) - warning
10:36:11.0078 5180  PCLEPCI - detected UnsignedFile.Multi.Generic (1)
10:36:11.0140 5180  [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
10:36:11.0328 5180  Pcmcia - ok
10:36:11.0328 5180  PDCOMP - ok
10:36:11.0343 5180  PDFRAME - ok
10:36:11.0343 5180  PDRELI - ok
10:36:11.0359 5180  PDRFRAME - ok
10:36:11.0359 5180  perc2 - ok
10:36:11.0359 5180  perc2hib - ok
10:36:11.0421 5180  [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay        C:\WINDOWS\system32\services.exe
10:36:11.0468 5180  PlugPlay - ok
10:36:11.0515 5180  [ 12B4549D515CB26BB8D375038017CA65 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
10:36:11.0562 5180  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
10:36:11.0562 5180  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
10:36:11.0609 5180  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
10:36:11.0812 5180  PolicyAgent - ok
10:36:11.0828 5180  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
10:36:11.0984 5180  PptpMiniport - ok
10:36:12.0000 5180  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
10:36:12.0203 5180  ProtectedStorage - ok
10:36:12.0250 5180  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
10:36:12.0437 5180  PSched - ok
10:36:12.0453 5180  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
10:36:12.0640 5180  Ptilink - ok
10:36:12.0671 5180  [ D86B4A68565E444D76457F14172C875A ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
10:36:12.0718 5180  PxHelp20 - ok
10:36:12.0734 5180  ql1080 - ok
10:36:12.0734 5180  Ql10wnt - ok
10:36:12.0734 5180  ql12160 - ok
10:36:12.0750 5180  ql1240 - ok
10:36:12.0750 5180  ql1280 - ok
10:36:12.0781 5180  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
10:36:12.0937 5180  RasAcd - ok
10:36:12.0984 5180  [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
10:36:13.0187 5180  RasAuto - ok
10:36:13.0218 5180  [ 0207D26DDF796A193CCD9F83047BB5FC ] Rasirda         C:\WINDOWS\system32\DRIVERS\rasirda.sys
10:36:13.0343 5180  Rasirda - ok
10:36:13.0359 5180  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
10:36:13.0515 5180  Rasl2tp - ok
10:36:13.0593 5180  [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan          C:\WINDOWS\System32\rasmans.dll
10:36:13.0906 5180  RasMan - ok
10:36:13.0937 5180  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
10:36:14.0140 5180  RasPppoe - ok
10:36:14.0171 5180  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
10:36:14.0312 5180  Raspti - ok
10:36:14.0375 5180  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
10:36:14.0640 5180  Rdbss - ok
10:36:14.0656 5180  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
10:36:14.0828 5180  RDPCDD - ok
10:36:14.0890 5180  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
10:36:15.0000 5180  RDPWD - ok
10:36:15.0093 5180  [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
10:36:15.0296 5180  RDSessMgr - ok
10:36:15.0328 5180  [ ED761D453856F795A7FE056E42C36365 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
10:36:15.0484 5180  redbook - ok
10:36:15.0515 5180  [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
10:36:15.0687 5180  RemoteAccess - ok
10:36:15.0734 5180  [ 851C30DF2807FCFA21E4C681A7D6440E ] RFCOMM          C:\WINDOWS\system32\DRIVERS\rfcomm.sys
10:36:15.0937 5180  RFCOMM - ok
10:36:15.0968 5180  [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM       C:\WINDOWS\system32\Drivers\RootMdm.sys
10:36:16.0156 5180  ROOTMODEM - ok
10:36:16.0203 5180  [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator      C:\WINDOWS\system32\locator.exe
10:36:16.0375 5180  RpcLocator - ok
10:36:16.0515 5180  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs           C:\WINDOWS\system32\rpcss.dll
10:36:16.0656 5180  RpcSs - ok
10:36:16.0718 5180  [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP            C:\WINDOWS\system32\rsvp.exe
10:36:16.0906 5180  RSVP - ok
10:36:16.0921 5180  RT2500USB - ok
10:36:17.0015 5180  [ C6D34A1874CD2B212DC3E788091C64B4 ] RTLE8023xp      C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
10:36:17.0109 5180  RTLE8023xp - ok
10:36:17.0125 5180  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs           C:\WINDOWS\system32\lsass.exe
10:36:17.0265 5180  SamSs - ok
10:36:17.0312 5180  [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
10:36:17.0500 5180  SCardSvr - ok
10:36:17.0593 5180  [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule        C:\WINDOWS\system32\schedsvc.dll
10:36:17.0796 5180  Schedule - ok
10:36:17.0968 5180  [ 738187CE167D51240EC945F42743D0E5 ] SCPDFReadSpool  C:\WINDOWS\Installer\MSIE4.tmp
10:36:18.0125 5180  SCPDFReadSpool - ok
10:36:18.0328 5180  [ 16B44D246835EAC156F8DAF0AA4F530C ] SeagateDashboardService C:\Programme\Seagate\Seagate Dashboard\SeagateDashboardService.exe
10:36:18.0375 5180  SeagateDashboardService - ok
10:36:18.0437 5180  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
10:36:18.0593 5180  Secdrv - ok
10:36:18.0687 5180  [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon        C:\WINDOWS\System32\seclogon.dll
10:36:18.0968 5180  seclogon - ok
10:36:19.0203 5180  [ 23228966244CDD9627BDE4141B3BE1F0 ] SenFiltService  C:\WINDOWS\system32\drivers\Senfilt.sys
10:36:19.0656 5180  SenFiltService - ok
10:36:19.0765 5180  [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS            C:\WINDOWS\system32\sens.dll
10:36:20.0031 5180  SENS - ok
10:36:20.0203 5180  [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
10:36:20.0484 5180  serenum - ok
10:36:20.0531 5180  [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
10:36:20.0843 5180  Serial - ok
10:36:22.0343 5180  [ 7D3903AF48E6C1DC2704EAFCB608D031 ] ServiceLayer    C:\Programme\PC Connectivity Solution\ServiceLayer.exe
10:36:23.0015 5180  ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
10:36:23.0015 5180  ServiceLayer - detected UnsignedFile.Multi.Generic (1)
10:36:23.0265 5180  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\DRIVERS\sfloppy.sys
10:36:23.0562 5180  Sfloppy - ok
10:36:23.0812 5180  [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
10:36:24.0734 5180  SharedAccess - ok
10:36:25.0046 5180  [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
10:36:25.0156 5180  ShellHWDetection - ok
10:36:25.0171 5180  Simbad - ok
10:36:27.0625 5180  [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe
10:36:29.0593 5180  Skype C2C Service - ok
10:36:29.0687 5180  [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate     C:\Programme\Skype\Updater\Updater.exe
10:36:29.0750 5180  SkypeUpdate - ok
10:36:29.0765 5180  [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
10:36:30.0046 5180  SLIP - ok
10:36:30.0140 5180  [ 851310C1B742D2DF2D334603836FFDF5 ] snapman         C:\WINDOWS\system32\DRIVERS\snapman.sys
10:36:30.0265 5180  snapman - ok
10:36:30.0265 5180  Sparrow - ok
10:36:30.0296 5180  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
10:36:30.0468 5180  splitter - ok
10:36:30.0515 5180  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
10:36:30.0562 5180  Spooler - ok
10:36:30.0687 5180  [ 352E375AB298C23B0F9BC307652C7F50 ] SQLAgent$PINNACLESYS C:\Programme\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE
10:36:30.0828 5180  SQLAgent$PINNACLESYS ( UnsignedFile.Multi.Generic ) - warning
10:36:30.0828 5180  SQLAgent$PINNACLESYS - detected UnsignedFile.Multi.Generic (1)
10:36:30.0859 5180  [ 50FA898F8C032796D3B1B9951BB5A90F ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
10:36:31.0031 5180  sr - ok
10:36:31.0109 5180  [ FE77A85495065F3AD59C5C65B6C54182 ] srservice       C:\WINDOWS\system32\srsvc.dll
10:36:31.0328 5180  srservice - ok
10:36:31.0453 5180  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
10:36:31.0687 5180  Srv - ok
10:36:31.0734 5180  [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
10:36:31.0875 5180  SSDPSRV - ok
10:36:31.0953 5180  [ 359FEE084F1173FFFFD7F9CCBD43D47F ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
10:36:32.0078 5180  ssudmdm - ok
10:36:32.0140 5180  [ E57B778208C783D8DEBAB320C16A1B82 ] StarOpen        C:\WINDOWS\system32\drivers\StarOpen.sys
10:36:32.0187 5180  StarOpen ( UnsignedFile.Multi.Generic ) - warning
10:36:32.0187 5180  StarOpen - detected UnsignedFile.Multi.Generic (1)
10:36:32.0234 5180  [ A1A16662C6B1A665D965D61B9EECC5A7 ] STIrUsb         C:\WINDOWS\system32\DRIVERS\irstusb.sys
10:36:32.0421 5180  STIrUsb - ok
10:36:32.0562 5180  [ BC2C5985611C5356B24AEB370953DED9 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
10:36:32.0906 5180  stisvc - ok
10:36:32.0921 5180  [ 77813007BA6265C4B6098187E6ED79D2 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
10:36:33.0093 5180  streamip - ok
10:36:33.0109 5180  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
10:36:33.0296 5180  swenum - ok
10:36:33.0328 5180  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
10:36:33.0484 5180  swmidi - ok
10:36:33.0500 5180  SwPrv - ok
10:36:33.0500 5180  symc810 - ok
10:36:33.0515 5180  symc8xx - ok
10:36:33.0515 5180  sym_hi - ok
10:36:33.0531 5180  sym_u3 - ok
10:36:36.0187 5180  [ A214C8AA6A6C06C9DBAB1310E38DAB4A ] syncagentsrv    C:\Programme\Gemeinsame Dateien\Acronis\SyncAgent\syncagentsrv.exe
10:36:38.0500 5180  syncagentsrv - ok
10:36:38.0546 5180  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
10:36:38.0718 5180  sysaudio - ok
10:36:38.0765 5180  [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
10:36:39.0062 5180  SysmonLog - ok
10:36:39.0171 5180  [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
10:36:39.0718 5180  TapiSrv - ok
10:36:39.0968 5180  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
10:36:40.0500 5180  Tcpip - ok
10:36:40.0531 5180  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
10:36:40.0703 5180  TDPIPE - ok
10:36:40.0968 5180  [ 6345E3829FD130A144454F9F5C2A3B9E ] tdrpman         C:\WINDOWS\system32\DRIVERS\tdrpman.sys
10:36:42.0000 5180  tdrpman - ok
10:36:42.0031 5180  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
10:36:42.0203 5180  TDTCP - ok
10:36:43.0031 5180  [ A3393F0DC64C29F47DC4126E6FA57558 ] TeamViewer6     C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe
10:36:44.0718 5180  TeamViewer6 - ok
10:36:44.0765 5180  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
10:36:45.0296 5180  TermDD - ok
10:36:45.0421 5180  [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService     C:\WINDOWS\System32\termsrv.dll
10:36:45.0828 5180  TermService - ok
10:36:45.0937 5180  [ 2DB7D303C36DDD055215052F118E8E75 ] Themes          C:\WINDOWS\System32\shsvcs.dll
10:36:46.0000 5180  Themes - ok
10:36:46.0265 5180  [ A8C31102F448231596168FFC9F568B9A ] tib_mounter     C:\WINDOWS\system32\DRIVERS\tib_mounter.sys
10:36:46.0656 5180  tib_mounter - ok
10:36:46.0718 5180  [ 76148C3159718B701252F87B067904A6 ] TOSHIBA Bluetooth Service C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
10:36:46.0781 5180  TOSHIBA Bluetooth Service ( UnsignedFile.Multi.Generic ) - warning
10:36:46.0781 5180  TOSHIBA Bluetooth Service - detected UnsignedFile.Multi.Generic (1)
10:36:46.0781 5180  TosIde - ok
10:36:46.0812 5180  [ 8D624D3BD1F2D78BD1C01A2D4E954B4E ] tosporte        C:\WINDOWS\system32\DRIVERS\tosporte.sys
10:36:47.0093 5180  tosporte - ok
10:36:47.0156 5180  [ A594DBD80CA5426E2E558BF79195A110 ] Tosrfbd         C:\WINDOWS\system32\DRIVERS\tosrfbd.sys
10:36:47.0250 5180  Tosrfbd - ok
10:36:47.0281 5180  [ 90C8525BC578AAFFE87C2D0ED4379E9E ] tosrfbnp        C:\WINDOWS\system32\Drivers\tosrfbnp.sys
10:36:47.0359 5180  tosrfbnp - ok
10:36:47.0406 5180  [ 5BA1CA3B3CDDB1DDC67DF473F05D1EC2 ] Tosrfcom        C:\WINDOWS\system32\Drivers\tosrfcom.sys
10:36:47.0609 5180  Tosrfcom - ok
10:36:47.0671 5180  [ 28099A4E52148319AFA685D93A2244D0 ] Tosrfhid        C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys
10:36:47.0734 5180  Tosrfhid - ok
10:36:47.0750 5180  [ C52FD27B9ADF3A1F22CB90E6BCF9B0CB ] tosrfnds        C:\WINDOWS\system32\DRIVERS\tosrfnds.sys
10:36:47.0796 5180  tosrfnds - ok
10:36:47.0843 5180  [ 1FF09B64D1E0C82EE81026718D8D47C2 ] TosRfSnd        C:\WINDOWS\system32\drivers\tosrfsnd.sys
10:36:47.0890 5180  TosRfSnd - ok
10:36:47.0921 5180  [ 20CC46C5D3326122E1A0A8C9DAD00E0D ] tosrfusb        C:\WINDOWS\system32\DRIVERS\tosrfusb.sys
10:36:48.0015 5180  tosrfusb - ok
10:36:48.0062 5180  [ 626504572B175867F30F3215C04B3E2F ] TrkWks          C:\WINDOWS\system32\trkwks.dll
10:36:48.0343 5180  TrkWks - ok
10:36:48.0625 5180  [ 3D23639C3FDBC082AF7016A5C8829329 ] TSP             C:\WINDOWS\system32\drivers\klif.sys
10:36:48.0750 5180  TSP - ok
10:36:48.0781 5180  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
10:36:48.0984 5180  Udfs - ok
10:36:49.0000 5180  ultra - ok
10:36:49.0140 5180  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
10:36:49.0625 5180  Update - ok
10:36:49.0703 5180  [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost        C:\WINDOWS\System32\upnphost.dll
10:36:49.0890 5180  upnphost - ok
10:36:49.0906 5180  [ E526A166E6ACAFD0A9B3841D3941669E ] upperdev        C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
10:36:50.0031 5180  upperdev - ok
10:36:50.0046 5180  [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS             C:\WINDOWS\System32\ups.exe
10:36:50.0265 5180  UPS - ok
10:36:50.0312 5180  [ E919708DB44ED8543A7C017953148330 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
10:36:50.0546 5180  usbaudio - ok
10:36:50.0593 5180  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
10:36:50.0843 5180  usbccgp - ok
10:36:50.0875 5180  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
10:36:51.0062 5180  usbehci - ok
10:36:51.0109 5180  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
10:36:51.0359 5180  usbhub - ok
10:36:51.0390 5180  [ A717C8721046828520C9EDF31288FC00 ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
10:36:51.0593 5180  usbprint - ok
10:36:51.0609 5180  [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
10:36:51.0890 5180  usbscan - ok
10:36:51.0921 5180  [ 1C888B000C2F9492F4B15B5B6B84873E ] usbser          C:\WINDOWS\system32\drivers\usbser.sys
10:36:52.0156 5180  usbser - ok
10:36:52.0171 5180  [ 6F3E3C6811B930D2414552A2E4A40F36 ] UsbserFilt      C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
10:36:52.0328 5180  UsbserFilt - ok
10:36:52.0359 5180  [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
10:36:52.0578 5180  USBSTOR - ok
10:36:52.0593 5180  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
10:36:52.0828 5180  usbuhci - ok
10:36:52.0859 5180  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
10:36:53.0187 5180  VgaSave - ok
10:36:53.0203 5180  ViaIde - ok
10:36:53.0281 5180  [ 26B75DCB58B006867EFD659E845CD65E ] vididr          C:\WINDOWS\system32\DRIVERS\vididr.sys
10:36:53.0359 5180  vididr - ok
10:36:53.0406 5180  [ 40AFA68F81F90636D1300099E9CFC8CE ] vidsflt         C:\WINDOWS\system32\DRIVERS\vidsflt.sys
10:36:53.0703 5180  vidsflt - ok
10:36:53.0796 5180  [ A5A712F4E880874A477AF790B5186E1D ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
10:36:54.0015 5180  VolSnap - ok
10:36:54.0031 5180  vsdatant - ok
10:36:54.0140 5180  [ 68F106273BE29E7B7EF8266977268E78 ] VSS             C:\WINDOWS\System32\vssvc.exe
10:36:54.0468 5180  VSS - ok
10:36:55.0625 5180  [ 13ACFED0E6ADCA97440169DFD127EBCF ] VX3000          C:\WINDOWS\system32\DRIVERS\VX3000.sys
10:36:57.0093 5180  VX3000 - ok
10:36:57.0171 5180  [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time         C:\WINDOWS\system32\w32time.dll
10:36:57.0421 5180  W32Time - ok
10:36:57.0468 5180  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:36:57.0796 5180  Wanarp - ok
10:36:57.0843 5180  [ 46A247F6617526AFE38B6F12F5512120 ] wceusbsh        C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
10:36:58.0015 5180  wceusbsh - ok
10:36:58.0375 5180  [ D918617B46457B9AC28027722E30F647 ] Wdf01000        C:\WINDOWS\system32\Drivers\wdf01000.sys
10:36:58.0921 5180  Wdf01000 - ok
10:36:58.0937 5180  WDICA - ok
10:36:59.0015 5180  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
10:36:59.0359 5180  wdmaud - ok
10:36:59.0562 5180  [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient       C:\WINDOWS\System32\webclnt.dll
10:37:00.0078 5180  WebClient - ok
10:37:00.0843 5180  [ BE3A842C2F2E87E7C840D36BCF13E8E0 ] winachsf        C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
10:37:01.0781 5180  winachsf - ok
10:37:02.0562 5180  [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
10:37:02.0906 5180  winmgmt - ok
10:37:03.0703 5180  [ F10075C2EC96D2EB118012E78ECE2FC2 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
10:37:05.0234 5180  WinRM - ok
10:37:05.0390 5180  [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
10:37:05.0578 5180  WmdmPmSN - ok
10:37:05.0640 5180  [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
10:37:05.0796 5180  WmiApSrv - ok
10:37:06.0125 5180  [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc   C:\Programme\Windows Media Player\WMPNetwk.exe
10:37:06.0703 5180  WMPNetworkSvc - ok
10:37:06.0750 5180  [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb          C:\WINDOWS\system32\DRIVERS\wpdusb.sys
10:37:06.0781 5180  WpdUsb - ok
10:37:07.0078 5180  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
10:37:07.0343 5180  WPFFontCache_v0400 - ok
10:37:07.0406 5180  [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
10:37:07.0687 5180  wscsvc - ok
10:37:07.0703 5180  [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
10:37:07.0937 5180  WSTCODEC - ok
10:37:07.0953 5180  [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
10:37:08.0109 5180  wuauserv - ok
10:37:08.0171 5180  [ EAA6324F51214D2F6718977EC9CE0DEF ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
10:37:08.0234 5180  WudfPf - ok
10:37:08.0312 5180  [ F91FF1E51FCA30B3C3981DB7D5924252 ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
10:37:08.0421 5180  WudfRd - ok
10:37:08.0453 5180  [ DDEE3682FE97037C45F4D7AB467CB8B6 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
10:37:08.0515 5180  WudfSvc - ok
10:37:08.0687 5180  [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
10:37:09.0265 5180  WZCSVC - ok
10:37:09.0328 5180  [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
10:37:09.0812 5180  xmlprov - ok
10:37:09.0875 5180  ================ Scan global ===============================
10:37:09.0906 5180  [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
10:37:10.0156 5180  [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
10:37:10.0437 5180  [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
10:37:10.0500 5180  [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe
10:37:10.0500 5180  [Global] - ok
10:37:10.0500 5180  ================ Scan MBR ==================================
10:37:10.0515 5180  [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
10:37:11.0265 5180  \Device\Harddisk0\DR0 - ok
10:37:11.0265 5180  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
10:37:11.0343 5180  \Device\Harddisk1\DR1 - ok
10:37:11.0343 5180  ================ Scan VBR ==================================
10:37:11.0343 5180  [ 91D7C03417315C80A612E562D6DB2485 ] \Device\Harddisk0\DR0\Partition1
10:37:11.0343 5180  \Device\Harddisk0\DR0\Partition1 - ok
10:37:11.0359 5180  [ 39D493D08F7E5F0220B1C28DCD640DD5 ] \Device\Harddisk1\DR1\Partition1
10:37:11.0359 5180  \Device\Harddisk1\DR1\Partition1 - ok
10:37:11.0359 5180  ============================================================
10:37:11.0359 5180  Scan finished
10:37:11.0359 5180  ============================================================
10:37:11.0468 1752  Detected object count: 17
10:37:11.0468 1752  Actual detected object count: 17
10:37:24.0390 1752  ACEDRV06 ( UnsignedFile.Multi.Generic ) - skipped by user
10:37:24.0390 1752  ACEDRV06 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:37:24.0390 1752  avmaudio ( UnsignedFile.Multi.Generic ) - skipped by user
10:37:24.0390 1752  avmaudio ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:37:24.0390 1752  CCALib8 ( UnsignedFile.Multi.Generic ) - skipped by user
10:37:24.0390 1752  CCALib8 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:37:24.0390 1752  CdaC15BA ( UnsignedFile.Multi.Generic ) - skipped by user
10:37:24.0390 1752  CdaC15BA ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:37:24.0390 1752  CltMngSvc ( UnsignedFile.Multi.Generic ) - skipped by user
10:37:24.0390 1752  CltMngSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:37:24.0390 1752  hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
10:37:24.0390 1752  hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:37:24.0406 1752  hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
10:37:24.0406 1752  hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:37:24.0406 1752  LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
10:37:24.0406 1752  LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:37:24.0406 1752  MSSQLServerADHelper ( UnsignedFile.Multi.Generic ) - skipped by user
10:37:24.0406 1752  MSSQLServerADHelper ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:37:24.0406 1752  MTsensor ( UnsignedFile.Multi.Generic ) - skipped by user
10:37:24.0406 1752  MTsensor ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:37:24.0406 1752  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
10:37:24.0406 1752  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:37:24.0406 1752  PCLEPCI ( UnsignedFile.Multi.Generic ) - skipped by user
10:37:24.0406 1752  PCLEPCI ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:37:24.0406 1752  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
10:37:24.0406 1752  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:37:24.0421 1752  ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
10:37:24.0421 1752  ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:37:24.0421 1752  SQLAgent$PINNACLESYS ( UnsignedFile.Multi.Generic ) - skipped by user
10:37:24.0421 1752  SQLAgent$PINNACLESYS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:37:24.0421 1752  StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
10:37:24.0421 1752  StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:37:24.0421 1752  TOSHIBA Bluetooth Service ( UnsignedFile.Multi.Generic ) - skipped by user
10:37:24.0421 1752  TOSHIBA Bluetooth Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:43:16.0343 3600  ============================================================
10:43:16.0343 3600  Scan started
10:43:16.0343 3600  Mode: Manual; SigCheck; TDLFS; 
10:43:16.0343 3600  ============================================================
10:43:16.0515 3600  ================ Scan system memory ========================
10:43:16.0515 3600  System memory - ok
10:43:16.0515 3600  ================ Scan services =============================
10:43:17.0031 3600  Abiosdsk - ok
10:43:17.0031 3600  abp480n5 - ok
10:43:17.0093 3600  [ 44010948BDE6ADE50DD1386657C73E83 ] ACEDRV06        C:\WINDOWS\system32\drivers\ACEDRV06.sys
10:43:17.0250 3600  ACEDRV06 ( UnsignedFile.Multi.Generic ) - warning
10:43:17.0250 3600  ACEDRV06 - detected UnsignedFile.Multi.Generic (1)
10:43:17.0328 3600  [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
10:43:17.0562 3600  ACPI - ok
10:43:17.0593 3600  [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
10:43:17.0765 3600  ACPIEC - ok
10:43:18.0093 3600  [ 35BCB0F33FABA91F93C062FBE7EA1EAC ] AcrSch2Svc      C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe
10:43:18.0312 3600  AcrSch2Svc - ok
10:43:18.0390 3600  [ 708BAECC952E81A70EF36F5F0B1B981C ] ADIHdAudAddService C:\WINDOWS\system32\drivers\ADIHdAud.sys
10:43:18.0421 3600  ADIHdAudAddService - ok
10:43:18.0531 3600  [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:43:18.0578 3600  AdobeFlashPlayerUpdateSvc - ok
10:43:18.0578 3600  adpu160m - ok
10:43:18.0625 3600  [ 9F59AE2DE835641FBB0C6AFD80D8FA9B ] AEAudioService  C:\WINDOWS\system32\drivers\AEAudio.sys
10:43:18.0687 3600  AEAudioService - ok
10:43:18.0750 3600  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
10:43:18.0921 3600  aec - ok
10:43:19.0015 3600  [ DF139E5866C19E0B3217EF210198D875 ] afcdp           C:\WINDOWS\system32\DRIVERS\afcdp.sys
10:43:19.0062 3600  afcdp - ok
10:43:20.0203 3600  [ 1AEA25F70F12ABB494A4E35E1D717414 ] afcdpsrv        C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe
10:43:21.0296 3600  afcdpsrv - ok
10:43:21.0375 3600  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
10:43:21.0421 3600  AFD - ok
10:43:21.0421 3600  Aha154x - ok
10:43:21.0421 3600  aic78u2 - ok
10:43:21.0437 3600  aic78xx - ok
10:43:21.0468 3600  [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
10:43:21.0625 3600  Alerter - ok
10:43:21.0656 3600  [ 190CD73D4984F94D823F9444980513E5 ] ALG             C:\WINDOWS\System32\alg.exe
10:43:21.0750 3600  ALG - ok
10:43:21.0750 3600  AliIde - ok
10:43:21.0765 3600  amsint - ok
10:43:21.0765 3600  AppMgmt - ok
10:43:21.0781 3600  asc - ok
10:43:21.0781 3600  asc3350p - ok
10:43:21.0796 3600  asc3550 - ok
10:43:22.0125 3600  [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
10:43:22.0156 3600  aspnet_state - ok
10:43:22.0171 3600  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
10:43:22.0328 3600  AsyncMac - ok
10:43:22.0359 3600  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
10:43:22.0515 3600  atapi - ok
10:43:22.0531 3600  Atdisk - ok
10:43:22.0562 3600  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
10:43:22.0718 3600  Atmarpc - ok
10:43:22.0750 3600  [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
10:43:22.0921 3600  AudioSrv - ok
10:43:22.0953 3600  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
10:43:23.0265 3600  audstub - ok
10:43:23.0406 3600  [ 728C4A6C722535C16D1025F51AA31E22 ] avmaudio        C:\WINDOWS\system32\DRIVERS\avmaudio.sys
10:43:23.0437 3600  avmaudio ( UnsignedFile.Multi.Generic ) - warning
10:43:23.0437 3600  avmaudio - detected UnsignedFile.Multi.Generic (1)
10:43:24.0343 3600  [ 587EFD6A3A30A35A27904D21AE1FB882 ] AVP             C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
10:43:24.0546 3600  AVP - ok
10:43:24.0640 3600  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
10:43:24.0828 3600  Beep - ok
10:43:24.0984 3600  [ D6F603772A789BB3228F310D650B8BD1 ] BITS            C:\WINDOWS\system32\qmgr.dll
10:43:25.0218 3600  BITS - ok
10:43:25.0281 3600  [ B71549F23736ADF83A571061C47777FD ] Browser         C:\WINDOWS\System32\browser.dll
10:43:25.0328 3600  Browser - ok
10:43:25.0359 3600  [ B279426E3C0C344893ED78A613A73BDE ] BthEnum         C:\WINDOWS\system32\DRIVERS\BthEnum.sys
10:43:25.0515 3600  BthEnum - ok
10:43:25.0562 3600  [ 80602B8746D3738F5886CE3D67EF06B6 ] BthPan          C:\WINDOWS\system32\DRIVERS\bthpan.sys
10:43:25.0796 3600  BthPan - ok
10:43:25.0906 3600  [ 592E1CEDBE314D0EF184DC6F46141E76 ] BTHPORT         C:\WINDOWS\system32\Drivers\BTHport.sys
10:43:25.0953 3600  BTHPORT - ok
10:43:25.0984 3600  [ 26C601EF7525E31379744ABFC6F35A1B ] BthServ         C:\WINDOWS\System32\bthserv.dll
10:43:26.0140 3600  BthServ - ok
10:43:26.0156 3600  [ 61364CD71EF63B0F038B7E9DF00F1EFA ] BTHUSB          C:\WINDOWS\system32\Drivers\BTHUSB.sys
10:43:26.0328 3600  BTHUSB - ok
10:43:26.0343 3600  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
10:43:26.0484 3600  cbidf2k - ok
10:43:26.0562 3600  [ 359E5A91D26D0439933BEF1C29CEDEF7 ] CCALib8         C:\Programme\Canon\CAL\CALMAIN.exe
10:43:26.0578 3600  CCALib8 ( UnsignedFile.Multi.Generic ) - warning
10:43:26.0578 3600  CCALib8 - detected UnsignedFile.Multi.Generic (1)
10:43:26.0609 3600  [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
10:43:26.0812 3600  CCDECODE - ok
10:43:26.0828 3600  cd20xrnt - ok
10:43:26.0843 3600  [ 82C4C6A2343B592C4FD590F625A724A9 ] CdaC15BA        C:\WINDOWS\system32\drivers\CDAC15BA.SYS
10:43:26.0859 3600  CdaC15BA ( UnsignedFile.Multi.Generic ) - warning
10:43:26.0859 3600  CdaC15BA - detected UnsignedFile.Multi.Generic (1)
10:43:26.0875 3600  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
10:43:27.0031 3600  Cdaudio - ok
10:43:27.0062 3600  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
10:43:27.0234 3600  Cdfs - ok
10:43:27.0265 3600  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
10:43:27.0406 3600  Cdrom - ok
10:43:27.0421 3600  Changer - ok
10:43:27.0437 3600  [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc           C:\WINDOWS\system32\cisvc.exe
10:43:27.0593 3600  CiSvc - ok
10:43:27.0609 3600  [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
10:43:27.0828 3600  ClipSrv - ok
10:43:28.0031 3600  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:43:28.0062 3600  clr_optimization_v2.0.50727_32 - ok
10:43:28.0125 3600  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:43:28.0171 3600  clr_optimization_v4.0.30319_32 - ok
10:43:28.0234 3600  [ 15AE8F975B3B8EE5EFFAFA4D0C94C1D7 ] CltMngSvc       C:\Programme\SearchProtect\bin\CltMngSvc.exe
10:43:28.0265 3600  CltMngSvc ( UnsignedFile.Multi.Generic ) - warning
10:43:28.0265 3600  CltMngSvc - detected UnsignedFile.Multi.Generic (1)
10:43:28.0265 3600  CmdIde - ok
10:43:28.0265 3600  COMSysApp - ok
10:43:28.0281 3600  Cpqarray - ok
10:43:28.0328 3600  [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
10:43:28.0531 3600  CryptSvc - ok
10:43:28.0546 3600  [ B5ECADF7708960F1818C7FA015F4C239 ] CVirtA          C:\WINDOWS\system32\DRIVERS\CVirtA.sys
10:43:28.0593 3600  CVirtA - ok
10:43:28.0593 3600  dac2w2k - ok
10:43:28.0593 3600  dac960nt - ok
10:43:28.0765 3600  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
10:43:28.0890 3600  DcomLaunch - ok
10:43:28.0937 3600  [ 6CC6C4B9D7B906A151AA094CA087B9F0 ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
10:43:28.0968 3600  dg_ssudbus - ok
10:43:29.0031 3600  [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
10:43:29.0250 3600  Dhcp - ok
10:43:29.0265 3600  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
10:43:29.0468 3600  Disk - ok
10:43:29.0468 3600  dmadmin - ok
10:43:29.0734 3600  [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
10:43:30.0109 3600  dmboot - ok
10:43:30.0171 3600  [ 53720AB12B48719D00E327DA470A619A ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
10:43:30.0343 3600  dmio - ok
10:43:30.0359 3600  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
10:43:30.0500 3600  dmload - ok
10:43:30.0515 3600  [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver        C:\WINDOWS\System32\dmserver.dll
10:43:30.0656 3600  dmserver - ok
10:43:30.0703 3600  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
10:43:30.0968 3600  DMusic - ok
10:43:31.0015 3600  [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
10:43:31.0062 3600  Dnscache - ok
10:43:31.0125 3600  [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
10:43:31.0296 3600  Dot3svc - ok
10:43:31.0312 3600  dpti2o - ok
10:43:31.0328 3600  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
10:43:31.0500 3600  drmkaud - ok
10:43:31.0531 3600  [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost         C:\WINDOWS\System32\eapsvc.dll
10:43:31.0750 3600  EapHost - ok
10:43:31.0781 3600  [ 877C18558D70587AA7823A1A308AC96B ] ERSvc           C:\WINDOWS\System32\ersvc.dll
10:43:31.0937 3600  ERSvc - ok
10:43:32.0000 3600  [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog        C:\WINDOWS\system32\services.exe
10:43:32.0046 3600  Eventlog - ok
10:43:32.0140 3600  [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem     C:\WINDOWS\system32\es.dll
10:43:32.0234 3600  EventSystem - ok
10:43:32.0296 3600  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
10:43:32.0437 3600  Fastfat - ok
10:43:32.0515 3600  [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
10:43:32.0546 3600  FastUserSwitchingCompatibility - ok
10:43:32.0656 3600  [ 08B8B302AF0D1B3B8543429BBAC8F21F ] Fax             C:\WINDOWS\system32\fxssvc.exe
10:43:32.0875 3600  Fax - ok
10:43:32.0906 3600  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
10:43:33.0140 3600  Fdc - ok
10:43:33.0218 3600  [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
10:43:33.0453 3600  Fips - ok
10:43:33.0468 3600  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
10:43:33.0640 3600  Flpydisk - ok
10:43:33.0703 3600  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
10:43:33.0859 3600  FltMgr - ok
10:43:33.0906 3600  [ E20D64EDF74D80874837B16506D58166 ] fltsrv          C:\WINDOWS\system32\DRIVERS\fltsrv.sys
10:43:33.0937 3600  fltsrv - ok
10:43:34.0000 3600  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
10:43:34.0031 3600  FontCache3.0.0.0 - ok
10:43:34.0046 3600  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
10:43:34.0203 3600  Fs_Rec - ok
10:43:34.0265 3600  [ 8F1955CE42E1484714B542F341647778 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
10:43:34.0468 3600  Ftdisk - ok
10:43:34.0484 3600  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
10:43:34.0656 3600  Gpc - ok
10:43:34.0734 3600  [ 626A24ED1228580B9518C01930936DF9 ] gupdate1c9ef90cb9d602c C:\Programme\Google\Update\GoogleUpdate.exe
10:43:34.0781 3600  gupdate1c9ef90cb9d602c - ok
10:43:34.0828 3600  [ 626A24ED1228580B9518C01930936DF9 ] gupdatem        C:\Programme\Google\Update\GoogleUpdate.exe
10:43:34.0890 3600  gupdatem - ok
10:43:34.0937 3600  [ F58D2900C66A1E773E3375098E0E9337 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
10:43:35.0000 3600  HdAudAddService - ok
10:43:35.0062 3600  [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
10:43:35.0234 3600  HDAudBus - ok
10:43:35.0281 3600  [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
10:43:35.0562 3600  helpsvc - ok
10:43:35.0578 3600  HidServ - ok
10:43:35.0593 3600  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
10:43:35.0734 3600  HidUsb - ok
10:43:35.0781 3600  [ ED29F14101523A6E0E808107405D452C ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
10:43:35.0953 3600  hkmsvc - ok
10:43:35.0953 3600  hpn - ok
10:43:36.0203 3600  [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08        C:\Programme\HP\Digital Imaging\bin\hpqcxs08.dll
10:43:36.0218 3600  hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
10:43:36.0218 3600  hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
10:43:36.0296 3600  [ 7DA3211AC63EDD90B8ECA1CA1ABFD43B ] hpqddsvc        C:\Programme\HP\Digital Imaging\bin\hpqddsvc.dll
10:43:36.0312 3600  hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
10:43:36.0312 3600  hpqddsvc - detected UnsignedFile.Multi.Generic (1)
10:43:36.0359 3600  [ D03D10F7DED688FECF50F8FBF1EA9B8A ] HPZid412        C:\WINDOWS\system32\DRIVERS\HPZid412.sys
10:43:36.0453 3600  HPZid412 - ok
10:43:36.0484 3600  [ 89F41658929393487B6B7D13C8528CE3 ] HPZipr12        C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
10:43:36.0671 3600  HPZipr12 - ok
10:43:36.0703 3600  [ ABCB05CCDBF03000354B9553820E39F8 ] HPZius12        C:\WINDOWS\system32\DRIVERS\HPZius12.sys
10:43:36.0765 3600  HPZius12 - ok
10:43:36.0875 3600  [ 6312DC46356DF3974E88AA51B69360DC ] HSFHWBS2        C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
10:43:36.0906 3600  HSFHWBS2 - ok
10:43:37.0234 3600  [ 8ED6714C8E754520DD8A939F91383EA0 ] HSF_DP          C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
10:43:37.0531 3600  HSF_DP - ok
10:43:37.0906 3600  [ DAAB917EEC9849840A13353198D48CC5 ] HSF_DPV         C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
10:43:38.0218 3600  HSF_DPV - ok
10:43:38.0343 3600  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
10:43:38.0421 3600  HTTP - ok
10:43:38.0500 3600  [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
10:43:38.0812 3600  HTTPFilter - ok
10:43:38.0843 3600  i2omgmt - ok
10:43:38.0906 3600  i2omp - ok
10:43:38.0953 3600  [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
10:43:39.0296 3600  i8042prt - ok
10:43:39.0328 3600  ids00026 - ok
10:43:39.0328 3600  ids0014f - ok
10:43:39.0328 3600  ids0015d - ok
10:43:39.0343 3600  ids00180 - ok
10:43:39.0359 3600  ids0018a - ok
10:43:39.0718 3600  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:43:40.0062 3600  idsvc - ok
10:43:40.0078 3600  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
10:43:40.0328 3600  Imapi - ok
10:43:40.0390 3600  [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService    C:\WINDOWS\system32\imapi.exe
10:43:40.0562 3600  ImapiService - ok
10:43:40.0578 3600  ini910u - ok
10:43:40.0578 3600  IntelIde - ok
10:43:40.0625 3600  [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
10:43:40.0875 3600  intelppm - ok
10:43:40.0906 3600  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
10:43:41.0062 3600  Ip6Fw - ok
10:43:41.0093 3600  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
10:43:41.0234 3600  IpFilterDriver - ok
10:43:41.0265 3600  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
10:43:41.0421 3600  IpInIp - ok
10:43:41.0484 3600  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
10:43:41.0640 3600  IpNat - ok
10:43:41.0687 3600  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
10:43:41.0843 3600  IPSec - ok
10:43:41.0890 3600  [ ACA5E7B54409F9CB5EED97ED0C81120E ] irda            C:\WINDOWS\system32\DRIVERS\irda.sys
10:43:42.0000 3600  irda - ok
10:43:42.0015 3600  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
10:43:42.0140 3600  IRENUM - ok
10:43:42.0171 3600  [ 2EFE1DB1EC58A26B0C14BFDA122E246F ] Irmon           C:\WINDOWS\System32\irmon.dll
10:43:42.0296 3600  Irmon - ok
10:43:42.0328 3600  [ 6DFB88F64135C525433E87648BDA30DE ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
10:43:42.0468 3600  isapnp - ok
10:43:42.0656 3600  [ 999DB5F88C8E145CCA9D471E33227143 ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe
10:43:42.0671 3600  JavaQuickStarterService - ok
10:43:42.0703 3600  [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
10:43:42.0921 3600  Kbdclass - ok
10:43:42.0953 3600  [ B6D6C117D771C98130497265F26D1882 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
10:43:43.0109 3600  kbdhid - ok
10:43:43.0171 3600  [ EA26CB00F83686856F2C79673C00C686 ] kl1             C:\WINDOWS\system32\DRIVERS\kl1.sys
10:43:43.0203 3600  kl1 - ok
10:43:43.0250 3600  [ 53EEDAB3F0511321AC3AE8BC968B158C ] klbg            C:\WINDOWS\system32\drivers\klbg.sys
10:43:43.0265 3600  klbg - ok
10:43:43.0468 3600  [ 3D23639C3FDBC082AF7016A5C8829329 ] KLIF            C:\WINDOWS\system32\DRIVERS\klif.sys
10:43:43.0609 3600  KLIF - ok
10:43:43.0656 3600  [ 05E5504E5E06F75F18BBEA7291601FE2 ] klim5           C:\WINDOWS\system32\DRIVERS\klim5.sys
10:43:43.0687 3600  klim5 - ok
10:43:43.0718 3600  [ 7BE035A9C20F357DC765D6C7FDCDC964 ] klkbdflt        C:\WINDOWS\system32\DRIVERS\klkbdflt.sys
10:43:43.0750 3600  klkbdflt - ok
10:43:43.0781 3600  [ A8234A8F67B0565F74753FE88A7BF03D ] klmouflt        C:\WINDOWS\system32\DRIVERS\klmouflt.sys
10:43:43.0812 3600  klmouflt - ok
10:43:43.0843 3600  [ 53C0DF6C5139CB78A631E7AFCD893730 ] kltdi           C:\WINDOWS\system32\DRIVERS\kltdi.sys
10:43:43.0875 3600  kltdi - ok
10:43:43.0953 3600  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
10:43:44.0109 3600  kmixer - ok
10:43:44.0171 3600  [ 71A38C123600172511C26BFABD0EF579 ] kneps           C:\WINDOWS\system32\DRIVERS\kneps.sys
10:43:44.0203 3600  kneps - ok
10:43:44.0265 3600  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
10:43:44.0343 3600  KSecDD - ok
10:43:44.0406 3600  [ 2BBDCB79900990F0716DFCB714E72DE7 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
10:43:44.0453 3600  lanmanserver - ok
10:43:44.0515 3600  [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
10:43:44.0562 3600  lanmanworkstation - ok
10:43:44.0562 3600  lbrtfdc - ok
10:43:44.0609 3600  [ 575ED0F5DCB34E5C243D2A7EBC860484 ] LightScribeService C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
10:43:44.0609 3600  LightScribeService ( UnsignedFile.Multi.Generic ) - warning
10:43:44.0609 3600  LightScribeService - detected UnsignedFile.Multi.Generic (1)
10:43:44.0640 3600  [ 636714B7D43C8D0C80449123FD266920 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
10:43:44.0812 3600  LmHosts - ok
10:43:44.0828 3600  [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk         C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
10:43:44.0890 3600  mdmxsdk - ok
10:43:44.0984 3600  [ 780D96F551833E0DCFE0A33B02B774E8 ] MemeoBackgroundService C:\Programme\Memeo\AutoBackup\MemeoBackgroundService.exe
10:43:45.0046 3600  MemeoBackgroundService - ok
10:43:45.0093 3600  [ B7550A7107281D170CE85524B1488C98 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
10:43:45.0234 3600  Messenger - ok
10:43:45.0250 3600  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
10:43:45.0406 3600  mnmdd - ok
10:43:45.0437 3600  [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
10:43:45.0593 3600  mnmsrvc - ok
10:43:45.0625 3600  [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
10:43:45.0812 3600  Modem - ok
10:43:45.0843 3600  [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA        C:\WINDOWS\system32\drivers\MODEMCSA.sys
10:43:45.0984 3600  MODEMCSA - ok
10:43:46.0015 3600  [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
10:43:46.0156 3600  Mouclass - ok
10:43:46.0187 3600  [ 66A6F73C74E1791464160A7065CE711A ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
10:43:46.0328 3600  mouhid - ok
10:43:46.0359 3600  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
10:43:46.0593 3600  MountMgr - ok
10:43:46.0671 3600  [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
10:43:46.0703 3600  MozillaMaintenance - ok
10:43:46.0734 3600  [ C0F8E0C2C3C0437CF37C6781896DC3EC ] MPE             C:\WINDOWS\system32\DRIVERS\MPE.sys
10:43:46.0906 3600  MPE - ok
10:43:46.0906 3600  mraid35x - ok
10:43:46.0984 3600  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
10:43:47.0234 3600  MRxDAV - ok
10:43:47.0390 3600  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
10:43:47.0531 3600  MRxSmb - ok
10:43:47.0640 3600  [ 641199534871783DD74138FE0BCFDAE7 ] MSCamSvc        C:\Programme\Microsoft LifeCam\MSCamS32.exe
10:43:47.0671 3600  MSCamSvc - ok
10:43:47.0687 3600  [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
10:43:47.0890 3600  MSDTC - ok
10:43:47.0921 3600  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
10:43:48.0078 3600  Msfs - ok
10:43:48.0093 3600  [ 95C6432151CCFF8617352F8E616A1AA4 ] MSIRCOMM        C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys
10:43:48.0203 3600  MSIRCOMM - ok
10:43:48.0218 3600  MSIServer - ok
10:43:48.0234 3600  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
10:43:48.0406 3600  MSKSSRV - ok
10:43:48.0421 3600  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
10:43:48.0625 3600  MSPCLOCK - ok
10:43:48.0656 3600  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
10:43:48.0890 3600  MSPQM - ok
10:43:48.0906 3600  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
10:43:49.0078 3600  mssmbios - ok
10:43:51.0906 3600  [ 1B959A0614D575D0AB3B09095F0A8B83 ] MSSQL$PINNACLESYS C:\Programme\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
10:43:55.0359 3600  MSSQL$PINNACLESYS - ok
10:43:55.0421 3600  [ 1D1B22613EAB9287AF902398867BC93C ] MSSQLServerADHelper C:\Programme\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe
10:43:55.0421 3600  MSSQLServerADHelper ( UnsignedFile.Multi.Generic ) - warning
10:43:55.0421 3600  MSSQLServerADHelper - detected UnsignedFile.Multi.Generic (1)
10:43:55.0453 3600  [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
10:43:55.0609 3600  MSTEE - ok
10:43:55.0640 3600  [ D48659BB24C48345D926ECB45C1EBDF5 ] MTsensor        C:\WINDOWS\system32\DRIVERS\ASACPI.sys
10:43:55.0640 3600  MTsensor ( UnsignedFile.Multi.Generic ) - warning
10:43:55.0640 3600  MTsensor - detected UnsignedFile.Multi.Generic (1)
10:43:55.0703 3600  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
10:43:55.0750 3600  Mup - ok
10:43:55.0812 3600  [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
10:43:55.0968 3600  NABTSFEC - ok
10:43:56.0078 3600  [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent        C:\WINDOWS\System32\qagentrt.dll
10:43:56.0265 3600  napagent - ok
10:43:56.0328 3600  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
10:43:56.0468 3600  NDIS - ok
10:43:56.0484 3600  [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
10:43:56.0625 3600  NdisIP - ok
10:43:56.0656 3600  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
10:43:56.0687 3600  NdisTapi - ok
10:43:56.0703 3600  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
10:43:56.0875 3600  Ndisuio - ok
10:43:56.0921 3600  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
10:43:57.0062 3600  NdisWan - ok
10:43:57.0109 3600  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
10:43:57.0140 3600  NDProxy - ok
10:43:57.0171 3600  [ 69C503C004F49AEE8B8E3067CC047BA7 ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
10:43:57.0203 3600  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
10:43:57.0203 3600  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
10:43:57.0234 3600  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
10:43:57.0390 3600  NetBIOS - ok
10:43:57.0453 3600  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
10:43:57.0656 3600  NetBT - ok
10:43:57.0718 3600  [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE          C:\WINDOWS\system32\netdde.exe
10:43:57.0875 3600  NetDDE - ok
10:43:57.0921 3600  [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
10:43:58.0062 3600  NetDDEdsdm - ok
10:43:58.0093 3600  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon        C:\WINDOWS\system32\lsass.exe
10:43:58.0250 3600  Netlogon - ok
10:43:58.0343 3600  [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman          C:\WINDOWS\System32\netman.dll
10:43:58.0500 3600  Netman - ok
10:43:58.0562 3600  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:43:58.0593 3600  NetTcpPortSharing - ok
10:43:58.0687 3600  [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla             C:\WINDOWS\System32\mswsock.dll
10:43:58.0765 3600  Nla - ok
10:43:58.0796 3600  [ 48FB907B069524F2DC7BA62A0762850C ] nmwcd           C:\WINDOWS\system32\drivers\ccdcmb.sys
10:43:58.0906 3600  nmwcd - ok
10:43:58.0937 3600  [ 2914CEB789964141AC6E22C6BC980C42 ] nmwcdc          C:\WINDOWS\system32\drivers\ccdcmbo.sys
10:43:59.0031 3600  nmwcdc - ok
10:43:59.0109 3600  [ 28D40797BCB050321FA6674B08A620C0 ] nmwcdnsu        C:\WINDOWS\system32\drivers\nmwcdnsu.sys
10:43:59.0203 3600  nmwcdnsu - ok
10:43:59.0218 3600  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
10:43:59.0359 3600  Npfs - ok
10:43:59.0546 3600  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
10:43:59.0828 3600  Ntfs - ok
10:43:59.0843 3600  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
10:44:00.0015 3600  NtLmSsp - ok
10:44:00.0156 3600  [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
10:44:00.0375 3600  NtmsSvc - ok
10:44:00.0390 3600  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
10:44:00.0562 3600  Null - ok
10:44:04.0796 3600  [ 0DC79B60CEDC3A8854C27B3C6E4B3414 ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
10:44:08.0953 3600  nv - ok
10:44:09.0046 3600  [ 32F7DEC3729B3BAE66EEBCAB7B03B18F ] NVSvc           C:\WINDOWS\system32\nvsvc32.exe
10:44:09.0093 3600  NVSvc - ok
10:44:09.0828 3600  [ 2CC4E45B0EB4C48392CEC9C83B5B8E3B ] nvUpdatusService C:\Programme\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
10:44:10.0484 3600  nvUpdatusService - ok
10:44:10.0515 3600  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
10:44:10.0671 3600  NwlnkFlt - ok
10:44:10.0687 3600  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
10:44:10.0843 3600  NwlnkFwd - ok
10:44:10.0906 3600  [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose             C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
10:44:10.0937 3600  ose - ok
10:44:10.0984 3600  [ F84785660305B9B903FB3BCA8BA29837 ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
10:44:11.0171 3600  Parport - ok
10:44:11.0203 3600  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
10:44:11.0359 3600  PartMgr - ok
10:44:11.0375 3600  [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
10:44:11.0531 3600  ParVdm - ok
10:44:11.0546 3600  [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd        C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
10:44:11.0593 3600  pccsmcfd - ok
10:44:11.0625 3600  [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
10:44:11.0875 3600  PCI - ok
10:44:11.0890 3600  PCIDump - ok
10:44:11.0906 3600  [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
10:44:12.0046 3600  PCIIde - ok
10:44:12.0078 3600  [ 1BEBE7DE8508A02650CDCE45C664C2A2 ] PCLEPCI         C:\WINDOWS\system32\drivers\pclepci.sys
10:44:12.0078 3600  PCLEPCI ( UnsignedFile.Multi.Generic ) - warning
10:44:12.0078 3600  PCLEPCI - detected UnsignedFile.Multi.Generic (1)
10:44:12.0140 3600  [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
10:44:12.0281 3600  Pcmcia - ok
10:44:12.0296 3600  PDCOMP - ok
10:44:12.0296 3600  PDFRAME - ok
10:44:12.0312 3600  PDRELI - ok
10:44:12.0312 3600  PDRFRAME - ok
10:44:12.0312 3600  perc2 - ok
10:44:12.0328 3600  perc2hib - ok
10:44:12.0390 3600  [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay        C:\WINDOWS\system32\services.exe
10:44:12.0421 3600  PlugPlay - ok
10:44:12.0468 3600  [ 12B4549D515CB26BB8D375038017CA65 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
10:44:12.0484 3600  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
10:44:12.0484 3600  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
10:44:12.0500 3600  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
10:44:12.0640 3600  PolicyAgent - ok
10:44:12.0671 3600  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
10:44:12.0843 3600  PptpMiniport - ok
10:44:12.0843 3600  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
10:44:13.0000 3600  ProtectedStorage - ok
10:44:13.0031 3600  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
10:44:13.0171 3600  PSched - ok
10:44:13.0187 3600  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
10:44:13.0406 3600  Ptilink - ok
10:44:13.0437 3600  [ D86B4A68565E444D76457F14172C875A ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
10:44:13.0468 3600  PxHelp20 - ok
10:44:13.0484 3600  ql1080 - ok
10:44:13.0484 3600  Ql10wnt - ok
10:44:13.0500 3600  ql12160 - ok
10:44:13.0500 3600  ql1240 - ok
10:44:13.0500 3600  ql1280 - ok
10:44:13.0531 3600  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
10:44:13.0687 3600  RasAcd - ok
10:44:13.0734 3600  [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
10:44:14.0000 3600  RasAuto - ok
10:44:14.0046 3600  [ 0207D26DDF796A193CCD9F83047BB5FC ] Rasirda         C:\WINDOWS\system32\DRIVERS\rasirda.sys
10:44:14.0140 3600  Rasirda - ok
10:44:14.0171 3600  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
10:44:14.0312 3600  Rasl2tp - ok
10:44:14.0390 3600  [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan          C:\WINDOWS\System32\rasmans.dll
10:44:14.0546 3600  RasMan - ok
10:44:14.0578 3600  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
10:44:14.0734 3600  RasPppoe - ok
10:44:14.0750 3600  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
10:44:14.0906 3600  Raspti - ok
10:44:14.0968 3600  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
10:44:15.0125 3600  Rdbss - ok
10:44:15.0140 3600  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
10:44:15.0296 3600  RDPCDD - ok
10:44:15.0390 3600  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
10:44:15.0437 3600  RDPWD - ok
10:44:15.0500 3600  [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
10:44:15.0718 3600  RDSessMgr - ok
10:44:15.0750 3600  [ ED761D453856F795A7FE056E42C36365 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
10:44:15.0906 3600  redbook - ok
10:44:15.0953 3600  [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
10:44:16.0140 3600  RemoteAccess - ok
10:44:16.0171 3600  [ 851C30DF2807FCFA21E4C681A7D6440E ] RFCOMM          C:\WINDOWS\system32\DRIVERS\rfcomm.sys
10:44:16.0312 3600  RFCOMM - ok
10:44:16.0343 3600  [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM       C:\WINDOWS\system32\Drivers\RootMdm.sys
10:44:16.0484 3600  ROOTMODEM - ok
10:44:16.0515 3600  [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator      C:\WINDOWS\system32\locator.exe
10:44:16.0671 3600  RpcLocator - ok
10:44:16.0812 3600  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs           C:\WINDOWS\system32\rpcss.dll
10:44:16.0937 3600  RpcSs - ok
10:44:16.0984 3600  [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP            C:\WINDOWS\system32\rsvp.exe
10:44:17.0125 3600  RSVP - ok
10:44:17.0140 3600  RT2500USB - ok
10:44:17.0234 3600  [ C6D34A1874CD2B212DC3E788091C64B4 ] RTLE8023xp      C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
10:44:17.0265 3600  RTLE8023xp - ok
10:44:17.0281 3600  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs           C:\WINDOWS\system32\lsass.exe
10:44:17.0437 3600  SamSs - ok
10:44:17.0468 3600  [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
10:44:17.0640 3600  SCardSvr - ok
10:44:17.0734 3600  [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule        C:\WINDOWS\system32\schedsvc.dll
10:44:17.0953 3600  Schedule - ok
10:44:18.0125 3600  [ 738187CE167D51240EC945F42743D0E5 ] SCPDFReadSpool  C:\WINDOWS\Installer\MSIE4.tmp
10:44:18.0171 3600  SCPDFReadSpool - ok
10:44:18.0234 3600  [ 16B44D246835EAC156F8DAF0AA4F530C ] SeagateDashboardService C:\Programme\Seagate\Seagate Dashboard\SeagateDashboardService.exe
10:44:18.0281 3600  SeagateDashboardService - ok
10:44:18.0312 3600  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
10:44:18.0406 3600  Secdrv - ok
10:44:18.0421 3600  [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon        C:\WINDOWS\System32\seclogon.dll
10:44:18.0609 3600  seclogon - ok
10:44:18.0781 3600  [ 23228966244CDD9627BDE4141B3BE1F0 ] SenFiltService  C:\WINDOWS\system32\drivers\Senfilt.sys
10:44:19.0000 3600  SenFiltService - ok
10:44:19.0218 3600  [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS            C:\WINDOWS\system32\sens.dll
10:44:19.0609 3600  SENS - ok
10:44:19.0640 3600  [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
10:44:19.0796 3600  serenum - ok
10:44:19.0828 3600  [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
10:44:20.0000 3600  Serial - ok
10:44:20.0296 3600  [ 7D3903AF48E6C1DC2704EAFCB608D031 ] ServiceLayer    C:\Programme\PC Connectivity Solution\ServiceLayer.exe
10:44:20.0500 3600  ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
10:44:20.0500 3600  ServiceLayer - detected UnsignedFile.Multi.Generic (1)
10:44:20.0531 3600  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\DRIVERS\sfloppy.sys
10:44:20.0687 3600  Sfloppy - ok
10:44:20.0796 3600  [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
10:44:21.0031 3600  SharedAccess - ok
10:44:21.0093 3600  [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
10:44:21.0140 3600  ShellHWDetection - ok
10:44:21.0140 3600  Simbad - ok
10:44:22.0156 3600  [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe
10:44:23.0109 3600  Skype C2C Service - ok
10:44:23.0218 3600  [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate     C:\Programme\Skype\Updater\Updater.exe
10:44:23.0250 3600  SkypeUpdate - ok
10:44:23.0265 3600  [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
10:44:23.0406 3600  SLIP - ok
10:44:23.0484 3600  [ 851310C1B742D2DF2D334603836FFDF5 ] snapman         C:\WINDOWS\system32\DRIVERS\snapman.sys
10:44:23.0515 3600  snapman - ok
10:44:23.0531 3600  Sparrow - ok
10:44:23.0546 3600  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
10:44:23.0703 3600  splitter - ok
10:44:23.0750 3600  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
10:44:23.0781 3600  Spooler - ok
10:44:23.0906 3600  [ 352E375AB298C23B0F9BC307652C7F50 ] SQLAgent$PINNACLESYS C:\Programme\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE
10:44:23.0921 3600  SQLAgent$PINNACLESYS ( UnsignedFile.Multi.Generic ) - warning
10:44:23.0921 3600  SQLAgent$PINNACLESYS - detected UnsignedFile.Multi.Generic (1)
10:44:23.0968 3600  [ 50FA898F8C032796D3B1B9951BB5A90F ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
10:44:24.0062 3600  sr - ok
10:44:24.0140 3600  [ FE77A85495065F3AD59C5C65B6C54182 ] srservice       C:\WINDOWS\system32\srsvc.dll
10:44:24.0312 3600  srservice - ok
10:44:24.0437 3600  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
10:44:24.0562 3600  Srv - ok
10:44:24.0609 3600  [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
10:44:24.0718 3600  SSDPSRV - ok
10:44:24.0812 3600  [ 359FEE084F1173FFFFD7F9CCBD43D47F ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
10:44:24.0890 3600  ssudmdm - ok
10:44:24.0937 3600  [ E57B778208C783D8DEBAB320C16A1B82 ] StarOpen        C:\WINDOWS\system32\drivers\StarOpen.sys
10:44:24.0953 3600  StarOpen ( UnsignedFile.Multi.Generic ) - warning
10:44:24.0953 3600  StarOpen - detected UnsignedFile.Multi.Generic (1)
10:44:24.0984 3600  [ A1A16662C6B1A665D965D61B9EECC5A7 ] STIrUsb         C:\WINDOWS\system32\DRIVERS\irstusb.sys
10:44:25.0078 3600  STIrUsb - ok
10:44:25.0203 3600  [ BC2C5985611C5356B24AEB370953DED9 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
10:44:25.0437 3600  stisvc - ok
10:44:25.0453 3600  [ 77813007BA6265C4B6098187E6ED79D2 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
10:44:25.0609 3600  streamip - ok
10:44:25.0640 3600  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
10:44:25.0781 3600  swenum - ok
10:44:25.0812 3600  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
10:44:25.0968 3600  swmidi - ok
10:44:25.0984 3600  SwPrv - ok
10:44:25.0984 3600  symc810 - ok
10:44:26.0000 3600  symc8xx - ok
10:44:26.0000 3600  sym_hi - ok
10:44:26.0000 3600  sym_u3 - ok
10:44:28.0234 3600  [ A214C8AA6A6C06C9DBAB1310E38DAB4A ] syncagentsrv    C:\Programme\Gemeinsame Dateien\Acronis\SyncAgent\syncagentsrv.exe
10:44:30.0406 3600  syncagentsrv - ok
10:44:30.0437 3600  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
10:44:30.0593 3600  sysaudio - ok
10:44:30.0656 3600  [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
10:44:30.0812 3600  SysmonLog - ok
10:44:30.0906 3600  [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
10:44:31.0125 3600  TapiSrv - ok
10:44:31.0265 3600  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
10:44:31.0390 3600  Tcpip - ok
10:44:31.0406 3600  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
10:44:31.0562 3600  TDPIPE - ok
10:44:31.0828 3600  [ 6345E3829FD130A144454F9F5C2A3B9E ] tdrpman         C:\WINDOWS\system32\DRIVERS\tdrpman.sys
10:44:32.0031 3600  tdrpman - ok
10:44:32.0062 3600  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
10:44:32.0218 3600  TDTCP - ok
10:44:32.0984 3600  [ A3393F0DC64C29F47DC4126E6FA57558 ] TeamViewer6     C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe
10:44:33.0875 3600  TeamViewer6 - ok
10:44:33.0921 3600  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
10:44:34.0359 3600  TermDD - ok
10:44:34.0562 3600  [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService     C:\WINDOWS\System32\termsrv.dll
10:44:34.0859 3600  TermService - ok
10:44:34.0921 3600  [ 2DB7D303C36DDD055215052F118E8E75 ] Themes          C:\WINDOWS\System32\shsvcs.dll
10:44:34.0968 3600  Themes - ok
10:44:35.0187 3600  [ A8C31102F448231596168FFC9F568B9A ] tib_mounter     C:\WINDOWS\system32\DRIVERS\tib_mounter.sys
10:44:35.0406 3600  tib_mounter - ok
10:44:35.0515 3600  [ 76148C3159718B701252F87B067904A6 ] TOSHIBA Bluetooth Service C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
10:44:35.0531 3600  TOSHIBA Bluetooth Service ( UnsignedFile.Multi.Generic ) - warning
10:44:35.0531 3600  TOSHIBA Bluetooth Service - detected UnsignedFile.Multi.Generic (1)
10:44:35.0546 3600  TosIde - ok
10:44:35.0578 3600  [ 8D624D3BD1F2D78BD1C01A2D4E954B4E ] tosporte        C:\WINDOWS\system32\DRIVERS\tosporte.sys
10:44:35.0625 3600  tosporte - ok
10:44:35.0687 3600  [ A594DBD80CA5426E2E558BF79195A110 ] Tosrfbd         C:\WINDOWS\system32\DRIVERS\tosrfbd.sys
10:44:35.0718 3600  Tosrfbd - ok
10:44:35.0734 3600  [ 90C8525BC578AAFFE87C2D0ED4379E9E ] tosrfbnp        C:\WINDOWS\system32\Drivers\tosrfbnp.sys
10:44:35.0765 3600  tosrfbnp - ok
10:44:35.0812 3600  [ 5BA1CA3B3CDDB1DDC67DF473F05D1EC2 ] Tosrfcom        C:\WINDOWS\system32\Drivers\tosrfcom.sys
10:44:35.0859 3600  Tosrfcom - ok
10:44:35.0906 3600  [ 28099A4E52148319AFA685D93A2244D0 ] Tosrfhid        C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys
10:44:35.0953 3600  Tosrfhid - ok
10:44:35.0968 3600  [ C52FD27B9ADF3A1F22CB90E6BCF9B0CB ] tosrfnds        C:\WINDOWS\system32\DRIVERS\tosrfnds.sys
10:44:36.0000 3600  tosrfnds - ok
10:44:36.0031 3600  [ 1FF09B64D1E0C82EE81026718D8D47C2 ] TosRfSnd        C:\WINDOWS\system32\drivers\tosrfsnd.sys
10:44:36.0078 3600  TosRfSnd - ok
10:44:36.0125 3600  [ 20CC46C5D3326122E1A0A8C9DAD00E0D ] tosrfusb        C:\WINDOWS\system32\DRIVERS\tosrfusb.sys
10:44:36.0187 3600  tosrfusb - ok
10:44:36.0234 3600  [ 626504572B175867F30F3215C04B3E2F ] TrkWks          C:\WINDOWS\system32\trkwks.dll
10:44:36.0406 3600  TrkWks - ok
10:44:36.0593 3600  [ 3D23639C3FDBC082AF7016A5C8829329 ] TSP             C:\WINDOWS\system32\drivers\klif.sys
10:44:36.0718 3600  TSP - ok
10:44:36.0750 3600  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
10:44:36.0890 3600  Udfs - ok
10:44:36.0906 3600  ultra - ok
10:44:37.0062 3600  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
10:44:37.0312 3600  Update - ok
10:44:37.0390 3600  [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost        C:\WINDOWS\System32\upnphost.dll
10:44:37.0484 3600  upnphost - ok
10:44:37.0515 3600  [ E526A166E6ACAFD0A9B3841D3941669E ] upperdev        C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
10:44:37.0656 3600  upperdev - ok
10:44:37.0671 3600  [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS             C:\WINDOWS\System32\ups.exe
10:44:37.0812 3600  UPS - ok
10:44:37.0859 3600  [ E919708DB44ED8543A7C017953148330 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
10:44:38.0031 3600  usbaudio - ok
10:44:38.0062 3600  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
10:44:38.0218 3600  usbccgp - ok
10:44:38.0250 3600  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
10:44:38.0453 3600  usbehci - ok
10:44:38.0515 3600  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
10:44:38.0671 3600  usbhub - ok
10:44:38.0703 3600  [ A717C8721046828520C9EDF31288FC00 ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
10:44:38.0859 3600  usbprint - ok
10:44:38.0875 3600  [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
10:44:39.0046 3600  usbscan - ok
10:44:39.0078 3600  [ 1C888B000C2F9492F4B15B5B6B84873E ] usbser          C:\WINDOWS\system32\drivers\usbser.sys
10:44:39.0234 3600  usbser - ok
10:44:39.0250 3600  [ 6F3E3C6811B930D2414552A2E4A40F36 ] UsbserFilt      C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
10:44:39.0359 3600  UsbserFilt - ok
10:44:39.0421 3600  [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
10:44:39.0578 3600  USBSTOR - ok
10:44:39.0593 3600  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
10:44:39.0796 3600  usbuhci - ok
10:44:39.0828 3600  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
10:44:40.0000 3600  VgaSave - ok
10:44:40.0000 3600  ViaIde - ok
10:44:40.0062 3600  [ 26B75DCB58B006867EFD659E845CD65E ] vididr          C:\WINDOWS\system32\DRIVERS\vididr.sys
10:44:40.0109 3600  vididr - ok
10:44:40.0156 3600  [ 40AFA68F81F90636D1300099E9CFC8CE ] vidsflt         C:\WINDOWS\system32\DRIVERS\vidsflt.sys
10:44:40.0187 3600  vidsflt - ok
10:44:40.0218 3600  [ A5A712F4E880874A477AF790B5186E1D ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
10:44:40.0375 3600  VolSnap - ok
10:44:40.0390 3600  vsdatant - ok
10:44:40.0500 3600  [ 68F106273BE29E7B7EF8266977268E78 ] VSS             C:\WINDOWS\System32\vssvc.exe
10:44:40.0640 3600  VSS - ok
10:44:41.0265 3600  [ 13ACFED0E6ADCA97440169DFD127EBCF ] VX3000          C:\WINDOWS\system32\DRIVERS\VX3000.sys
10:44:41.0906 3600  VX3000 - ok
10:44:42.0000 3600  [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time         C:\WINDOWS\system32\w32time.dll
10:44:42.0156 3600  W32Time - ok
10:44:42.0187 3600  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:44:42.0343 3600  Wanarp - ok
10:44:42.0390 3600  [ 46A247F6617526AFE38B6F12F5512120 ] wceusbsh        C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
10:44:42.0437 3600  wceusbsh - ok
10:44:42.0593 3600  [ D918617B46457B9AC28027722E30F647 ] Wdf01000        C:\WINDOWS\system32\Drivers\wdf01000.sys
10:44:42.0750 3600  Wdf01000 - ok
10:44:42.0765 3600  WDICA - ok
10:44:42.0796 3600  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
10:44:42.0953 3600  wdmaud - ok
10:44:43.0000 3600  [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient       C:\WINDOWS\System32\webclnt.dll
10:44:43.0250 3600  WebClient - ok
10:44:43.0515 3600  [ BE3A842C2F2E87E7C840D36BCF13E8E0 ] winachsf        C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
10:44:43.0718 3600  winachsf - ok
10:44:43.0812 3600  [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
10:44:44.0015 3600  winmgmt - ok
10:44:44.0562 3600  [ F10075C2EC96D2EB118012E78ECE2FC2 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
10:44:44.0890 3600  WinRM - ok
10:44:44.0937 3600  [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
10:44:44.0968 3600  WmdmPmSN - ok
10:44:45.0031 3600  [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
10:44:45.0234 3600  WmiApSrv - ok
10:44:45.0546 3600  [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc   C:\Programme\Windows Media Player\WMPNetwk.exe
10:44:45.0828 3600  WMPNetworkSvc - ok
10:44:45.0859 3600  [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb          C:\WINDOWS\system32\DRIVERS\wpdusb.sys
10:44:45.0890 3600  WpdUsb - ok
10:44:46.0312 3600  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
10:44:46.0515 3600  WPFFontCache_v0400 - ok
10:44:46.0562 3600  [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
10:44:46.0718 3600  wscsvc - ok
10:44:46.0734 3600  [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
10:44:46.0875 3600  WSTCODEC - ok
10:44:46.0890 3600  [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
10:44:47.0140 3600  wuauserv - ok
10:44:47.0234 3600  [ EAA6324F51214D2F6718977EC9CE0DEF ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
10:44:47.0265 3600  WudfPf - ok
10:44:47.0343 3600  [ F91FF1E51FCA30B3C3981DB7D5924252 ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
10:44:47.0375 3600  WudfRd - ok
10:44:47.0406 3600  [ DDEE3682FE97037C45F4D7AB467CB8B6 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
10:44:47.0453 3600  WudfSvc - ok
10:44:47.0625 3600  [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
10:44:47.0843 3600  WZCSVC - ok
10:44:47.0906 3600  [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
10:44:48.0109 3600  xmlprov - ok
10:44:48.0171 3600  ================ Scan global ===============================
10:44:48.0250 3600  [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
10:44:48.0359 3600  [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
10:44:48.0453 3600  [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
10:44:48.0500 3600  [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe
10:44:48.0500 3600  [Global] - ok
10:44:48.0500 3600  ================ Scan MBR ==================================
10:44:48.0531 3600  [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
10:44:49.0046 3600  \Device\Harddisk0\DR0 - ok
10:44:49.0140 3600  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
10:44:49.0890 3600  \Device\Harddisk1\DR1 - ok
10:44:49.0890 3600  ================ Scan VBR ==================================
10:44:49.0906 3600  [ 91D7C03417315C80A612E562D6DB2485 ] \Device\Harddisk0\DR0\Partition1
10:44:49.0906 3600  \Device\Harddisk0\DR0\Partition1 - ok
10:44:49.0906 3600  [ 39D493D08F7E5F0220B1C28DCD640DD5 ] \Device\Harddisk1\DR1\Partition1
10:44:49.0906 3600  \Device\Harddisk1\DR1\Partition1 - ok
10:44:49.0906 3600  ============================================================
10:44:49.0906 3600  Scan finished
10:44:49.0906 3600  ============================================================
10:44:49.0921 1588  Detected object count: 17
10:44:49.0921 1588  Actual detected object count: 17
10:44:58.0343 1588  ACEDRV06 ( UnsignedFile.Multi.Generic ) - skipped by user
10:44:58.0343 1588  ACEDRV06 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:44:58.0343 1588  avmaudio ( UnsignedFile.Multi.Generic ) - skipped by user
10:44:58.0343 1588  avmaudio ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:44:58.0343 1588  CCALib8 ( UnsignedFile.Multi.Generic ) - skipped by user
10:44:58.0343 1588  CCALib8 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:44:58.0343 1588  CdaC15BA ( UnsignedFile.Multi.Generic ) - skipped by user
10:44:58.0343 1588  CdaC15BA ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:44:58.0343 1588  CltMngSvc ( UnsignedFile.Multi.Generic ) - skipped by user
10:44:58.0343 1588  CltMngSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:44:58.0343 1588  hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
10:44:58.0343 1588  hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:44:58.0359 1588  hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
10:44:58.0359 1588  hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:44:58.0359 1588  LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
10:44:58.0359 1588  LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:44:58.0359 1588  MSSQLServerADHelper ( UnsignedFile.Multi.Generic ) - skipped by user
10:44:58.0359 1588  MSSQLServerADHelper ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:44:58.0359 1588  MTsensor ( UnsignedFile.Multi.Generic ) - skipped by user
10:44:58.0359 1588  MTsensor ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:44:58.0359 1588  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
10:44:58.0359 1588  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:44:58.0359 1588  PCLEPCI ( UnsignedFile.Multi.Generic ) - skipped by user
10:44:58.0359 1588  PCLEPCI ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:44:58.0359 1588  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
10:44:58.0359 1588  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:44:58.0375 1588  ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
10:44:58.0375 1588  ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:44:58.0375 1588  SQLAgent$PINNACLESYS ( UnsignedFile.Multi.Generic ) - skipped by user
10:44:58.0375 1588  SQLAgent$PINNACLESYS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:44:58.0375 1588  StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
10:44:58.0375 1588  StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:44:58.0375 1588  TOSHIBA Bluetooth Service ( UnsignedFile.Multi.Generic ) - skipped by user
10:44:58.0375 1588  TOSHIBA Bluetooth Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
         
Zitat:
Meine Fragen:
a) Habe ich einen Verschlüsselungstrojaner noch drauf?
b) Kann ich weiterarbeiten?
c) Hält mein System noch einen Monat durch bis der neue Rechner da ist?
Gibt es denn schon mal eine Aussage dazu ob mein Rechner infiziert ist oder nicht.
Danke dir aber für deine Hilfe schon mal vorab.

Antwort

Themen zu Trojan.Win32.Yakes.cmpu und not-a-virus:RemoteAdmin.Win32.WinVNC.mx durch Kasperky gefunden - Vorgehen?
avp, benutzerdaten, bho, computer, crash, desktop, ebanking, excel, fehler, festplatte, flash player, frage, gebraucht, geld, google, hijack, hijackthis, hkus\s-1-5-18, internet, internet explorer, internet security 2013, kaspersky internet security 2013, legales programm, maus, mozilla, programm, search protect, security, software, system, tastatur, trojaner, trojanisches programm, virus, wenig ahnung, windows xp



Ähnliche Themen: Trojan.Win32.Yakes.cmpu und not-a-virus:RemoteAdmin.Win32.WinVNC.mx durch Kasperky gefunden - Vorgehen?


  1. 2 Trojaner eingefangen durch E-Mail-Anhänge // Trojan-Banker.Win32.Agent.ubo und Trojan.Win32.Yakes.ghny
    Log-Analyse und Auswertung - 19.07.2015 (28)
  2. Win32: Malware-gen / Win32: Trojan-gen bei Routinescan mit AVAST gefunden! Fehlalarm?
    Plagegeister aller Art und deren Bekämpfung - 17.02.2015 (5)
  3. Virus: Win32.Trojan.Agent.RLUV02 (Engine B) gefunden
    Log-Analyse und Auswertung - 07.10.2014 (11)
  4. Trojan.Win32.Yakes gefunden
    Plagegeister aller Art und deren Bekämpfung - 03.06.2014 (13)
  5. Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject
    Log-Analyse und Auswertung - 01.02.2014 (17)
  6. Windows 8.1: Trojan:Win32/Meredrop, Trojan:Win32/Malagent, Trojan:Win32/Matsnu.L und Worm:Win32/Ainslot.A
    Log-Analyse und Auswertung - 19.01.2014 (5)
  7. Application.Win32.wsearch (a) von Emisoft Antimalware gefunden. Wie vorgehen?
    Plagegeister aller Art und deren Bekämpfung - 17.01.2014 (7)
  8. infiziert: not-a-virus:RemoteAdmin.Win32.RAdmin.ud
    Plagegeister aller Art und deren Bekämpfung - 14.12.2013 (1)
  9. Desinfizierung durch Kaspersky nicht möglich: Trojan.Win32.Bromngr.k, HEUR:Trojan.Win32.Generic, Trojan-Downloader.Win32.MultiDL.I
    Plagegeister aller Art und deren Bekämpfung - 28.11.2013 (1)
  10. Trojan.Win32.Yakes.coen in Apple MobileSync\Backup\
    Alles rund um Mac OSX & Linux - 13.05.2013 (2)
  11. Trojan.Win32.Yakes.cboa vollständig entfernen.
    Log-Analyse und Auswertung - 13.02.2013 (9)
  12. Verschlüsselungs-Trojaner: Trojan.Win32.Yakes.bshd, Trojan.Win32.Bublik.abyj
    Plagegeister aller Art und deren Bekämpfung - 25.01.2013 (1)
  13. Trojan:Win32/Alureon.FL | PWS:Win32/Fareit.A | Trojan:Win32/Sirefef.P....Auch MBR infiziert?
    Plagegeister aller Art und deren Bekämpfung - 06.01.2012 (7)
  14. not-a-virus:RemoteAdmin.Win32.WinVNC.1102
    Log-Analyse und Auswertung - 31.01.2010 (2)
  15. Trojan-Spy.Win32.Pophot.gzv / Trojan.Win32.Buzus.alwl / Virus.Win32.Virut.ce
    Plagegeister aller Art und deren Bekämpfung - 19.02.2009 (1)
  16. Win32:Trojan-gen, Win32:Rootkit-gen, Win32:Adware-gen gefunden!
    Log-Analyse und Auswertung - 14.07.2008 (1)
  17. brauch hilfe bei: Win32/Oleloa.gen!, Trojan.Win32.Golid.g, Trojan.Win32.Small.ev
    Plagegeister aller Art und deren Bekämpfung - 29.11.2005 (1)

Zum Thema Trojan.Win32.Yakes.cmpu und not-a-virus:RemoteAdmin.Win32.WinVNC.mx durch Kasperky gefunden - Vorgehen? - Am 14.3. hat Kasperky durch einen Routine-Check folgende Funde hervorgebracht: Typ: legales Programm, das von einem Angreifer benutzt werden kann, um den Computer oder die Benutzerdaten zu beschädigen (3) not-a-virus:RemoteAdmin.Win32.WinVNC.mx - Trojan.Win32.Yakes.cmpu und not-a-virus:RemoteAdmin.Win32.WinVNC.mx durch Kasperky gefunden - Vorgehen?...
Archiv
Du betrachtest: Trojan.Win32.Yakes.cmpu und not-a-virus:RemoteAdmin.Win32.WinVNC.mx durch Kasperky gefunden - Vorgehen? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.