| |
| |||||||
Log-Analyse und Auswertung: Trojan.Win32.Yakes.cmpu und not-a-virus:RemoteAdmin.Win32.WinVNC.mx durch Kasperky gefunden - Vorgehen?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
22.03.2013, 11:34
| #1 |
 |  Trojan.Win32.Yakes.cmpu und not-a-virus:RemoteAdmin.Win32.WinVNC.mx durch Kasperky gefunden - Vorgehen? Am 14.3. hat Kasperky durch einen Routine-Check folgende Funde hervorgebracht:Typ: legales Programm, das von einem Angreifer benutzt werden kann, um den Computer oder die Benutzerdaten zu beschädigen (3) not-a-virus:RemoteAdmin.Win32.WinVNC.mx Nicht gefunden 14.03.2013 22:25:52 C:\System Volume Information\_restore{C49A12F7-9AA1-4A01-85CA-FF425766B64B}\RP444\A0463611.exe// data0004 not-a-virus:RemoteAdmin.Win32.WinVNC.ad Nicht gefunden 14.03.2013 22:25:51 C:\System Volume Information\_restore{C49A12F7-9AA1-4A01-85CA-FF425766B64B}\RP444\A0463611.exe// data0000 not-a-virus:RemoteAdmin.Win32.WinVNC.ad Nicht gefunden 14.03.2013 22:25:51 C:\System Volume Information\_restore{C49A12F7-9AA1-4A01-85CA-FF425766B64B}\RP444\A0463611.exe// data0001 Typ: trojanisches Programm (1) Trojan.Win32.Yakes.cmpu Gelöscht 14.03.2013 21:54:37 c:\dokumente und einstellungen\user\desktop\xxx ihre nicht beglichene rechnung vom 27.02.2013.zip//Kopie der Rechnung xxx.zip//Rechnung - Mahnung 27.02.2013.zip// Rechnung - Mahnung 27.02.2013.com Typ: Unbekannt (1) xxx ihre nicht beglichene rechnung vom 27.02.2013.zip Gelöscht 14.03.2013 21:54:37 c:\dokumente und einstellungen\user\desktop\ xxx ihre nicht beglichene rechnung vom 27.02.2013.zip Kaspersky scheint diese gelöscht zu haben. Dannach (19.3. inzwischen war ich nicht da.) habe ich eine Boot-CD von Kaspersky erstellt, die Boot-Reihenfolge geändert und von CD gebootet sowie einen vollständigen Check durchgeführt. Keine Funde. Gestern (21.3.) hat der Rechner wieder Probleme gemacht. Das D-Laufwerk hatte sich schon vor einem Monat verabschiedet (Festplattencrash) und musste vor einem Monat mit professioneller Hilfe (KrollOntrack) wiederhergestellt. (Neue Festplatt ist nun verbaut). Nun vermute ich, dass sich entweder das C-Laufwerk mit einem Crash ankündigt oder der Virus doch noch aktiv ist. Folgende Symptome: 1) Das System hatte scheinbar beim Hochfahren einen Fehler und es erschien die Auswahl: Windows im abgesichtern Modus starten . . Windows mit der letzten funktionierenden Konfiguration starten Window normal starten -> Ich hatte dann die letzte funktionierende Konfiguration ausgewählt. 2) Der Task-Manager lässt sich teilweise nicht mehr öffnen (direkt nach dem Neustart, geht's allerdings). 3) Auch wenn ich kaum Programme geöffnet habe, kommt dann folgende Fehlermeldung: Windows - Fehler in der Anwendung " Die Anwendung konnte nicht richtig initialisiert werden (0xc0000017). Klicken Sie auf "ok" um die Anwendung zu beenden." Es gibt nur den OK Button. 4) Die Maus friert ein. Eine Datensicherung besteht von KrollOntrack Wiederherstellung, Memeo Backup und von Acronis. Acronis ist bestellt und es soll dann nochmals ein Image und eine Datensicherung gezogen werden. Wichtig sind mir nur meine Daten. Der Rechner ist alt und soll innerhalb des kommenden Monats komplett ersetzt werden. Bis dahin brauche ich allerdings den Rechner und muss arbeitsfähig bleiben können. Zur Info: Ich bin Privatanwender, hatte für KrollOntrack aus privaten Gründen das Geld hingeblättert. Anstonsten habe ich nur wenig Ahnung von IT und habe manchmal Hilfe durch einen erfahrenen Experten mittels Teamviewer. Meine Fragen: a) Habe ich einen Verschlüsselungstrojaner noch drauf? b) Kann ich weiterarbeiten? c) Hält mein System noch einen Monat durch bis der neue Rechner da ist? Habe nun die Log Dateien erstellt. Highjackthis: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22:33:20, on 21.03.2013 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe C:\Programme\SearchProtect\bin\CltMngSvc.exe C:\WINDOWS\system32\svchost.exe C:\Programme\Java\jre7\bin\jqs.exe C:\Programme\Google\Update\GoogleUpdate.exe C:\Programme\Memeo\AutoBackup\MemeoBackgroundService.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programme\Seagate\Seagate Dashboard\SeagateDashboardService.exe C:\WINDOWS\system32\svchost.exe C:\Programme\Gemeinsame Dateien\Acronis\SyncAgent\syncagentsrv.exe C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe C:\Programme\TeamViewer\Version6\TeamViewer.exe C:\WINDOWS\Explorer.EXE C:\Programme\Analog Devices\Core\smax4pnp.exe C:\Programme\Analog Devices\SoundMAX\Smax4.exe C:\WINDOWS\system32\rundll32.exe C:\Programme\HP\HP Software Update\HPWuSchd2.exe C:\Programme\CyberLink\PowerDVD\PDVDServ.exe C:\Programme\Adobe\Acrobat 7.0\Distillr\Acrotray.exe C:\Programme\QuickTime\QTTask.exe C:\Dokumente und Einstellungen\USER\Anwendungsdaten\SearchProtect\bin\cltmng.exe C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Programme\Gemeinsame Dateien\Acronis\TibMounter\TibMounterMonitor.exe C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\wbem\unsecapp.exe C:\Programme\Skype\Phone\Skype.exe C:\Programme\Seagate\Seagate Dashboard\MemeoDashboard.exe C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe C:\Dokumente und Einstellungen\USER\Lokale Einstellungen\Apps\2.0\BJX8QJBP.M97\9LMJQ2V9.NT4\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe C:\Programme\Memeo\AutoBackup\InstantBackup.exe C:\Programme\Memeo\AutoBackup\MemeoUpdater.exe C:\WINDOWS\System32\svchost.exe C:\Programme\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe C:\WINDOWS\system32\wscntfy.exe C:\Dokumente und Einstellungen\USER\Desktop\HiJackThis204.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.telekom.at/suche R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: (no name) - AutorunsDisabled - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: ContentBlockerBrowserHelperObject - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll O2 - BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programme\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [SoundMAX] "C:\Programme\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [hpqSRMon] C:\Programme\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [HP Software Update] C:\Programme\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [RemoteControl] C:\Programme\CyberLink\PowerDVD\PDVDServ.exe O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Programme\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Programme\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" O4 - HKLM\..\Run: [SearchProtectAll] C:\Programme\SearchProtect\bin\cltmng.exe O4 - HKLM\..\Run: [AVP] "C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [TrueImageMonitor.exe] "C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe" O4 - HKLM\..\Run: [AcronisTibMounterMonitor] C:\Programme\Gemeinsame Dateien\Acronis\TibMounter\TibMounterMonitor.exe O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [Memeo Instant Backup] C:\Programme\Memeo\AutoBackup\MemeoLauncher2.exe --silent --no_ui O4 - HKLM\..\Run: [Seagate Dashboard] C:\Programme\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [AVMUSBFernanschluss] "C:\Dokumente und Einstellungen\USER\Lokale Einstellungen\Apps\2.0\BJX8QJBP.M97\9LMJQ2V9.NT4\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\AVMAutoStart.exe" O4 - HKCU\..\Run: [Skype] "C:\Programme\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [SearchProtect] C:\Dokumente und Einstellungen\USER\Anwendungsdaten\SearchProtect\bin\cltmng.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: AutorunsDisabled O4 - Global Startup: AutorunsDisabled O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: In Adobe PDF konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: In vorhandene PDF-Datei konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O9 - Extra button: (no name) - AutorunsDisabled - (no file) O9 - Extra button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Mobilen Favoriten erstellen... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O16 - DPF: {59136DB4-6CA3-4B40-8F2F-BBF84B6F1E91} (Attachment Upload Control) - https://stream.web.de/mail/activex/mail_upload_11213.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1156415092656 O16 - DPF: {6D868B99-8B01-4B25-9BD1-ED37AFDF5E29} (Ontrack Data Recovery Verifile Data Reports) - hxxp://www.krollontrack.co.uk/support/ontrack-verifile-report/npvfasp.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1361252403953 O16 - DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} (CeWe Color AG & Co. OHG Control) - https://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab O18 - Protocol: AutorunsDisabled - (no CLSID) - (no file) O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Acronis Nonstop Backup Service (afcdpsrv) - Acronis - C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe O23 - Service: Search Protect by Conduit Updater (CltMngSvc) - Conduit - C:\Programme\SearchProtect\bin\CltMngSvc.exe O23 - Service: Google Update Service (gupdate1c9ef90cb9d602c) (gupdate1c9ef90cb9d602c) - Google Inc. - C:\Programme\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-Dienst (gupdatem) (gupdatem) - Google Inc. - C:\Programme\Google\Update\GoogleUpdate.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Programme\Java\jre7\bin\jqs.exe O23 - Service: MemeoBackgroundService - Memeo - C:\Programme\Memeo\AutoBackup\MemeoBackgroundService.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Programme\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: Seagate Dashboard Service (SeagateDashboardService) - Memeo - C:\Programme\Seagate\Seagate Dashboard\SeagateDashboardService.exe O23 - Service: ServiceLayer - Nokia - C:\Programme\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Programme\Skype\Updater\Updater.exe O23 - Service: Acronis Sync Agent Service (syncagentsrv) - Acronis - C:\Programme\Gemeinsame Dateien\Acronis\SyncAgent\syncagentsrv.exe O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe -- End of file - 14121 bytes Defogger: defogger_disable by jpshortstuff (23.02.10.1) Log created at 21:53 on 21/03/2013 (USER) Checking for autostart values... HKCU\~\Run values retrieved. HKLM\~\Run values retrieved. Checking for services/drivers... -=E.O.F=- OTL.txt, Extras.txt und GMER Logfile: im Anhang als Zip Info: Gmer hat fast 12h zum Durchlaufen gebraucht und danach ist die Maus wieder eingefroren und Task-Manager konnte nicht geöffnet werden, Windows Fehlermeldung tauchte wieder auf und Rechner musste mittels Not-Aus runtergefahren werden. Alles andere hat nicht funktioniert. Vielen Dank für die Hilfe und die Beantwortung der Fragen vorab. |
|
24.03.2013, 14:31
| #2 | ||
| /// Winkelfunktion /// TB-Süch-Tiger™   | Trojan.Win32.Yakes.cmpu und not-a-virus:RemoteAdmin.Win32.WinVNC.mx durch Kasperky gefunden - Vorgehen? Hallo,
__________________Zitat:
Hattest du mal VNC installiert? Das ist sowas wie Teamviewer Zitat:
__________________ |
|
24.03.2013, 18:27
| #3 | ||
| | Trojan.Win32.Yakes.cmpu und not-a-virus:RemoteAdmin.Win32.WinVNC.mx durch Kasperky gefunden - Vorgehen?Zitat:
Nein, ich habe den Teamviewer, aber nicht VNC installiert. und Ja ich habe obiges sehr genau gelesen. Aber die Installation des Programms und der Fund fand am gleichen Tag statt wie der Fund des Trojaners. Das macht mich halt unsicher. Zitat:
Zip auf dem Desktop gelegt und 2 x geöffnet. Also bei ersten Mal war wieder eine Zip Datein drin, dann habe ich dummerweise nochmals draufgedrückt und diese Zip-Datei öffnen wollen und es war noch ein Zip da drin. Das habe ich aber nicht mehr geöffnet, da es mir zu suspekt erschien. Dann eben den Viruscheck durchlaufen lassen und obiges gefunden. Hilft das weiter? Vielen Dank schon mal im voraus. |
|
25.03.2013, 15:14
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojan.Win32.Yakes.cmpu und not-a-virus:RemoteAdmin.Win32.WinVNC.mx durch Kasperky gefunden - Vorgehen? Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Note: Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread. Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards. Bitte die drei Tools MBAR / aswMBR / TDSSkiller nun ausführen und die Logs in CODE-Tags posten MBAR (Malwarebytes Anti-Rootkit) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers aswMBR Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
26.03.2013, 22:58
| #5 |
| | Trojan.Win32.Yakes.cmpu und not-a-virus:RemoteAdmin.Win32.WinVNC.mx durch Kasperky gefunden - Vorgehen? Fehlermeldung mbar.exe bevor die Software eigentlich gestartet war, aber nach Doppelklick auf die Anwendung: Registry Value " AppInit_Dlls" has been found, wich may be caused by a rootkit activity. Note: press "No" button if your are not sure. If the tool crashes or terminates unexpectedly during a system scan , restart the tool and press "yes" should this message appear again. Do you want to remove this value and restart the tool? "yes" " no" Ich habe no gedrückt, weil ich aus dem Program raus wollte und unsicher war. |
|
27.03.2013, 00:03
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojan.Win32.Yakes.cmpu und not-a-virus:RemoteAdmin.Win32.WinVNC.mx durch Kasperky gefunden - Vorgehen? bitte auf nein klicken und normal weitermachen
__________________ --> Trojan.Win32.Yakes.cmpu und not-a-virus:RemoteAdmin.Win32.WinVNC.mx durch Kasperky gefunden - Vorgehen? |
|
27.03.2013, 14:04
| #7 |
| | Trojan.Win32.Yakes.cmpu und not-a-virus:RemoteAdmin.Win32.WinVNC.mx durch Kasperky gefunden - Vorgehen?Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.01.0.1021
www.malwarebytes.org
Database version: v2013.03.26.14
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
USER :: SCHOKOHASE [administrator]
27.03.2013 00:43:44
mbar-log-2013-03-27 (00-43-44).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 29191
Time elapsed: 1 hour(s), 43 minute(s), 2 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 6
HKLM\SOFTWARE\CLASSES\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9} (PUP.Software.Updater) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\TYPELIB\{A0EE0278-2986-4E5A-884E-A3BF0357E476} (PUP.Software.Updater) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\INTERFACE\{9EDC0C90-2B5B-4512-953E-35767BAD5C67} (PUP.Software.Updater) -> Delete on reboot.
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} (PUP.Software.Updater) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\Updater.AmiUpd.1 (PUP.Software.Updater) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\Updater.AmiUpd (PUP.Software.Updater) -> Delete on reboot.
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 1
c:\Dokumente und Einstellungen\USER\Anwendungsdaten\SwvUpdater (PUP.Software.Updater) -> Delete on reboot.
Files Detected: 4
c:\Dokumente und Einstellungen\USER\Anwendungsdaten\SwvUpdater\Updater.exe (PUP.Software.Updater) -> Delete on reboot.
c:\Dokumente und Einstellungen\USER\Anwendungsdaten\SwvUpdater\Updater.xml (PUP.Software.Updater) -> Delete on reboot.
c:\Dokumente und Einstellungen\USER\Anwendungsdaten\SwvUpdater\status.cfg (PUP.Software.Updater) -> Delete on reboot.
c:\WINDOWS\Tasks\AmiUpdXp.job (PUP.Software.Updater) -> Delete on reboot.
(end)
Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.01.0.1021
www.malwarebytes.org
Database version: v2013.03.26.14
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
USER :: SCHOKOHASE [administrator]
27.03.2013 03:22:32
mbar-log-2013-03-27 (03-22-32).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 29160
Time elapsed: 2 hour(s), 5 minute(s), 28 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
|
|
27.03.2013, 16:29
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojan.Win32.Yakes.cmpu und not-a-virus:RemoteAdmin.Win32.WinVNC.mx durch Kasperky gefunden - Vorgehen? Ok, was st mit den anderen Logs?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
27.03.2013, 18:25
| #9 |
| | Trojan.Win32.Yakes.cmpu und not-a-virus:RemoteAdmin.Win32.WinVNC.mx durch Kasperky gefunden - Vorgehen? Bevor ich antworten konnte " Der Scan ist noch am laufen" hat es Fehlermeldungen gegeben und der Rechner war nicht mehr zu bedienen und musste runtergefahren werden. Näheres kommt gleich. Ausserdem habe ich meine eigene Arbeit und 2 kranke Kinder. Da bin ich derzeit nicht die schnellste, sorry. Mache schon Nachtschichten bis 2 Uhr und muss morgends um 6 wieder raus. Da bin ich momentan etwas langsamer. Es ist gerade überall der Virus drin, glaub ich. Also der Scan war zuletzt noch am Laufen. Dann musste ich kurz weg. Als ich wieder kam, war Firefox weg, Word, weg und Skype da und 3 Fehlermeldungen. Ausserdem konnte ich kein Programm mehr öffnen und die Programmliste war nahezu leer. Fehlermeldung 1) Microsoft Visual C++ Debug Library Debug Error! Programm: ...d60_0002.00003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe This application has requested the Runtime to terminate it in an unusual way. Please contact the application's support team for more information. (Please retry to debug this application) Abbrechen Wiederholen Ignorieren Fehlermeldung 2):Application Error Exception EOSError in module Skype.exe at 001F60D System Error. code 8. ok Fehlermeldung 3): Application Error Exception EoutofRessources in module Skype.exe at 005F0C0 Out of system Ressources. ok Ich wollte dann mit dem Screenshot das ganze festhalten, aber da war kein Programm mehr und eine Neue Fehlermeldung kam: Fehlermeldung 4): Windows Fehler in der Anwendung Die Anwendung konnte nicht richtig initialisiert werden (0xc0000017) Klicken Sie auf O k um die Anwendung zu beeenden. ok Lasse nun den aswMBR nochmals durchlaufen. Kann aber dauern. Ach ja, im Task Manager konnte ich sehen, dass cltmng.exe die ganzen ressourcen gezogen hat. Geändert von sissi3o2 (27.03.2013 um 18:40 Uhr) |
|
28.03.2013, 12:02
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojan.Win32.Yakes.cmpu und not-a-virus:RemoteAdmin.Win32.WinVNC.mx durch Kasperky gefunden - Vorgehen? Wie weit bist du nun mit den Logs?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
28.03.2013, 13:48
| #11 |
| | Trojan.Win32.Yakes.cmpu und not-a-virus:RemoteAdmin.Win32.WinVNC.mx durch Kasperky gefunden - Vorgehen? Bevor der aswMBR durch ist scheint der Rechner immer neu zu starten und ich kann keinen log sichern. Ich werde nun nochmals einen Versuch wagen und die Internetverbindung dabei kappen und hoffe dass ich damit Erfolg habe. Könnte ggf. auch im abgesicherten Modus den Scan versuchen. Der cltmng.exe zieht immer viel Ressourcen ab. Keine Ahnung was für ein Programm das ist und was der macht oder ob es damit zusammenhängt. Bis später. |
|
28.03.2013, 14:09
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojan.Win32.Yakes.cmpu und not-a-virus:RemoteAdmin.Win32.WinVNC.mx durch Kasperky gefunden - Vorgehen? Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
28.03.2013, 22:20
| #13 |
| | Trojan.Win32.Yakes.cmpu und not-a-virus:RemoteAdmin.Win32.WinVNC.mx durch Kasperky gefunden - Vorgehen?Code:
ATTFilter aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-03-28 17:17:18
-----------------------------
17:17:18.500 OS Version: Windows 5.1.2600 Service Pack 3
17:17:18.500 Number of processors: 2 586 0x409
17:17:18.500 ComputerName: SCHOKOHASE UserName: USER
17:17:39.984 Initialize success
17:18:37.531 AVAST engine defs: 13032800
17:18:43.015 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-17
17:18:43.015 Disk 0 Vendor: Hitachi_HDS721010CLA332 JP4OA3MA Size: 953869MB BusType: 3
17:18:43.015 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T0L0-22
17:18:43.015 Disk 1 Vendor: ST1000NM0011 SN03 Size: 953869MB BusType: 3
17:18:43.484 Disk 0 MBR read successfully
17:18:43.484 Disk 0 MBR scan
17:18:43.593 Disk 0 Windows XP default MBR code
17:18:43.593 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 953867 MB offset 63
17:18:43.640 Disk 0 scanning sectors +1953520065
17:18:44.390 Disk 0 scanning C:\WINDOWS\system32\drivers
17:20:03.375 Service scanning
17:20:27.921 Service kl1 C:\WINDOWS\system32\DRIVERS\kl1.sys **LOCKED** 5
17:20:28.031 Service klbg C:\WINDOWS\system32\drivers\klbg.sys **LOCKED** 5
17:20:29.078 Service klim5 C:\WINDOWS\system32\DRIVERS\klim5.sys **LOCKED** 5
17:20:29.140 Service klkbdflt C:\WINDOWS\system32\DRIVERS\klkbdflt.sys **LOCKED** 5
17:20:29.187 Service klmouflt C:\WINDOWS\system32\DRIVERS\klmouflt.sys **LOCKED** 5
17:20:29.234 Service kltdi C:\WINDOWS\system32\DRIVERS\kltdi.sys **LOCKED** 5
17:20:29.625 Service kneps C:\WINDOWS\system32\DRIVERS\kneps.sys **LOCKED** 5
17:21:21.171 Service TSP C:\WINDOWS\system32\drivers\klif.sys **LOCKED** 5
17:21:31.750 Modules scanning
17:22:47.546 Disk 0 trace - called modules:
17:22:47.593 ntoskrnl.exe fltsrv.sys hal.dll tdrpman.sys CLASSPNP.SYS disk.sys vidsflt.sys atapi.sys pciide.sys
17:22:47.593 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8aae1ab8]
17:22:47.609 3 CLASSPNP.SYS[f7647fd7] -> nt!IofCallDriver -> [0x8ab129c8]
17:22:47.609 5 vidsflt.sys[f74edd9b] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-17[0x8ab13d98]
17:22:47.609 Scan finished successfully
19:36:50.015 Disk 0 MBR has been saved successfully to "C:\Dokumente und Einstellungen\USER\Desktop\MBR.dat"
19:36:50.031 The log file has been saved successfully to "C:\Dokumente und Einstellungen\USER\Desktop\aswMBR2.txt"
Code:
ATTFilter 19:38:09.0906 4204 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
19:38:10.0031 4204 ============================================================
19:38:10.0031 4204 Current date / time: 2013/03/28 19:38:10.0031
19:38:10.0031 4204 SystemInfo:
19:38:10.0031 4204
19:38:10.0031 4204 OS Version: 5.1.2600 ServicePack: 3.0
19:38:10.0031 4204 Product type: Workstation
19:38:10.0031 4204 ComputerName: SCHOKOHASE
19:38:10.0031 4204 UserName: USER
19:38:10.0031 4204 Windows directory: C:\WINDOWS
19:38:10.0031 4204 System windows directory: C:\WINDOWS
19:38:10.0031 4204 Processor architecture: Intel x86
19:38:10.0031 4204 Number of processors: 2
19:38:10.0031 4204 Page size: 0x1000
19:38:10.0031 4204 Boot type: Normal boot
19:38:10.0031 4204 ============================================================
19:38:11.0593 4204 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
19:38:11.0593 4204 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
19:38:11.0609 4204 ============================================================
19:38:11.0609 4204 \Device\Harddisk0\DR0:
19:38:11.0609 4204 MBR partitions:
19:38:11.0609 4204 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
19:38:11.0609 4204 \Device\Harddisk1\DR1:
19:38:11.0609 4204 MBR partitions:
19:38:11.0609 4204 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
19:38:11.0609 4204 ============================================================
19:38:11.0640 4204 C: <-> \Device\Harddisk0\DR0\Partition1
19:38:11.0640 4204 D: <-> \Device\Harddisk1\DR1\Partition1
19:38:11.0640 4204 ============================================================
19:38:11.0640 4204 Initialize success
19:38:11.0640 4204 ============================================================
19:38:15.0000 3144 ============================================================
19:38:15.0000 3144 Scan started
19:38:15.0000 3144 Mode: Manual;
19:38:15.0000 3144 ============================================================
19:38:16.0734 3144 ================ Scan system memory ========================
19:38:16.0734 3144 System memory - ok
19:38:16.0734 3144 ================ Scan services =============================
19:38:17.0156 3144 Abiosdsk - ok
19:38:17.0156 3144 abp480n5 - ok
19:38:17.0218 3144 [ 44010948BDE6ADE50DD1386657C73E83 ] ACEDRV06 C:\WINDOWS\system32\drivers\ACEDRV06.sys
19:38:17.0218 3144 ACEDRV06 - ok
19:38:17.0312 3144 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:38:17.0343 3144 ACPI - ok
19:38:17.0375 3144 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
19:38:17.0375 3144 ACPIEC - ok
19:38:17.0703 3144 [ 35BCB0F33FABA91F93C062FBE7EA1EAC ] AcrSch2Svc C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe
19:38:17.0953 3144 AcrSch2Svc - ok
19:38:18.0031 3144 [ 708BAECC952E81A70EF36F5F0B1B981C ] ADIHdAudAddService C:\WINDOWS\system32\drivers\ADIHdAud.sys
19:38:18.0062 3144 ADIHdAudAddService - ok
19:38:18.0171 3144 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:38:18.0250 3144 AdobeFlashPlayerUpdateSvc - ok
19:38:18.0265 3144 adpu160m - ok
19:38:18.0312 3144 [ 9F59AE2DE835641FBB0C6AFD80D8FA9B ] AEAudioService C:\WINDOWS\system32\drivers\AEAudio.sys
19:38:18.0328 3144 AEAudioService - ok
19:38:18.0406 3144 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
19:38:18.0421 3144 aec - ok
19:38:18.0531 3144 [ DF139E5866C19E0B3217EF210198D875 ] afcdp C:\WINDOWS\system32\DRIVERS\afcdp.sys
19:38:18.0578 3144 afcdp - ok
19:38:18.0609 3144 [ 087715734AC33B265E4861939CC582AD ] afcdpsrv C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe
19:38:19.0718 3144 Suspicious file (Forged): C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe. Real md5: 087715734AC33B265E4861939CC582AD, Fake md5: 1AEA25F70F12ABB494A4E35E1D717414
19:38:19.0734 3144 afcdpsrv ( ForgedFile.Multi.Generic ) - warning
19:38:19.0734 3144 afcdpsrv - detected ForgedFile.Multi.Generic (1)
19:38:19.0828 3144 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
19:38:19.0859 3144 AFD - ok
19:38:19.0875 3144 Aha154x - ok
19:38:19.0890 3144 aic78u2 - ok
19:38:19.0890 3144 aic78xx - ok
19:38:19.0937 3144 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll
19:38:19.0937 3144 Alerter - ok
19:38:19.0968 3144 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe
19:38:19.0984 3144 ALG - ok
19:38:20.0000 3144 AliIde - ok
19:38:20.0000 3144 amsint - ok
19:38:20.0015 3144 AppMgmt - ok
19:38:20.0031 3144 asc - ok
19:38:20.0031 3144 asc3350p - ok
19:38:20.0046 3144 asc3550 - ok
19:38:20.0375 3144 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
19:38:20.0421 3144 aspnet_state - ok
19:38:20.0437 3144 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:38:20.0437 3144 AsyncMac - ok
19:38:20.0484 3144 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
19:38:20.0484 3144 atapi - ok
19:38:20.0500 3144 Atdisk - ok
19:38:20.0531 3144 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:38:20.0531 3144 Atmarpc - ok
19:38:20.0562 3144 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
19:38:20.0578 3144 AudioSrv - ok
19:38:20.0593 3144 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
19:38:20.0593 3144 audstub - ok
19:38:20.0656 3144 [ 728C4A6C722535C16D1025F51AA31E22 ] avmaudio C:\WINDOWS\system32\DRIVERS\avmaudio.sys
19:38:20.0671 3144 avmaudio - ok
19:38:21.0015 3144 [ 587EFD6A3A30A35A27904D21AE1FB882 ] AVP C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
19:38:21.0140 3144 AVP - ok
19:38:21.0171 3144 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
19:38:21.0171 3144 Beep - ok
19:38:21.0328 3144 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll
19:38:21.0484 3144 BITS - ok
19:38:21.0546 3144 [ B71549F23736ADF83A571061C47777FD ] Browser C:\WINDOWS\System32\browser.dll
19:38:21.0562 3144 Browser - ok
19:38:21.0593 3144 [ B279426E3C0C344893ED78A613A73BDE ] BthEnum C:\WINDOWS\system32\DRIVERS\BthEnum.sys
19:38:21.0593 3144 BthEnum - ok
19:38:21.0640 3144 [ 80602B8746D3738F5886CE3D67EF06B6 ] BthPan C:\WINDOWS\system32\DRIVERS\bthpan.sys
19:38:21.0640 3144 BthPan - ok
19:38:21.0750 3144 [ 592E1CEDBE314D0EF184DC6F46141E76 ] BTHPORT C:\WINDOWS\system32\Drivers\BTHport.sys
19:38:21.0812 3144 BTHPORT - ok
19:38:21.0843 3144 [ 26C601EF7525E31379744ABFC6F35A1B ] BthServ C:\WINDOWS\System32\bthserv.dll
19:38:21.0843 3144 BthServ - ok
19:38:21.0875 3144 [ 61364CD71EF63B0F038B7E9DF00F1EFA ] BTHUSB C:\WINDOWS\system32\Drivers\BTHUSB.sys
19:38:21.0875 3144 BTHUSB - ok
19:38:21.0890 3144 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
19:38:21.0890 3144 cbidf2k - ok
19:38:21.0968 3144 [ 359E5A91D26D0439933BEF1C29CEDEF7 ] CCALib8 C:\Programme\Canon\CAL\CALMAIN.exe
19:38:21.0984 3144 CCALib8 - ok
19:38:22.0031 3144 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
19:38:22.0031 3144 CCDECODE - ok
19:38:22.0031 3144 cd20xrnt - ok
19:38:22.0046 3144 [ 82C4C6A2343B592C4FD590F625A724A9 ] CdaC15BA C:\WINDOWS\system32\drivers\CDAC15BA.SYS
19:38:22.0062 3144 CdaC15BA - ok
19:38:22.0078 3144 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
19:38:22.0078 3144 Cdaudio - ok
19:38:22.0156 3144 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
19:38:22.0281 3144 Cdfs - ok
19:38:22.0312 3144 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:38:22.0312 3144 Cdrom - ok
19:38:22.0328 3144 Changer - ok
19:38:22.0359 3144 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe
19:38:22.0375 3144 CiSvc - ok
19:38:22.0390 3144 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
19:38:22.0406 3144 ClipSrv - ok
19:38:22.0609 3144 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:38:22.0734 3144 clr_optimization_v2.0.50727_32 - ok
19:38:22.0796 3144 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:38:22.0953 3144 clr_optimization_v4.0.30319_32 - ok
19:38:23.0046 3144 [ 15AE8F975B3B8EE5EFFAFA4D0C94C1D7 ] CltMngSvc C:\Programme\SearchProtect\bin\CltMngSvc.exe
19:38:23.0062 3144 CltMngSvc - ok
19:38:23.0078 3144 CmdIde - ok
19:38:23.0078 3144 COMSysApp - ok
19:38:23.0093 3144 Cpqarray - ok
19:38:23.0140 3144 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
19:38:23.0171 3144 CryptSvc - ok
19:38:23.0187 3144 [ B5ECADF7708960F1818C7FA015F4C239 ] CVirtA C:\WINDOWS\system32\DRIVERS\CVirtA.sys
19:38:23.0203 3144 CVirtA - ok
19:38:23.0203 3144 dac2w2k - ok
19:38:23.0203 3144 dac960nt - ok
19:38:23.0359 3144 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
19:38:23.0484 3144 DcomLaunch - ok
19:38:23.0515 3144 [ 6CC6C4B9D7B906A151AA094CA087B9F0 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
19:38:23.0531 3144 dg_ssudbus - ok
19:38:23.0578 3144 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
19:38:23.0625 3144 Dhcp - ok
19:38:23.0640 3144 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
19:38:23.0640 3144 Disk - ok
19:38:23.0656 3144 dmadmin - ok
19:38:23.0906 3144 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
19:38:24.0125 3144 dmboot - ok
19:38:24.0187 3144 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys
19:38:24.0218 3144 dmio - ok
19:38:24.0250 3144 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
19:38:24.0250 3144 dmload - ok
19:38:24.0281 3144 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll
19:38:24.0281 3144 dmserver - ok
19:38:24.0312 3144 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
19:38:24.0312 3144 DMusic - ok
19:38:24.0359 3144 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
19:38:24.0375 3144 Dnscache - ok
19:38:24.0437 3144 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
19:38:24.0484 3144 Dot3svc - ok
19:38:24.0500 3144 dpti2o - ok
19:38:24.0531 3144 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
19:38:24.0531 3144 drmkaud - ok
19:38:24.0562 3144 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll
19:38:24.0578 3144 EapHost - ok
19:38:24.0609 3144 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll
19:38:24.0609 3144 ERSvc - ok
19:38:24.0671 3144 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe
19:38:24.0703 3144 Eventlog - ok
19:38:24.0796 3144 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\system32\es.dll
19:38:24.0875 3144 EventSystem - ok
19:38:24.0953 3144 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
19:38:24.0984 3144 Fastfat - ok
19:38:25.0046 3144 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
19:38:25.0093 3144 FastUserSwitchingCompatibility - ok
19:38:25.0203 3144 [ 08B8B302AF0D1B3B8543429BBAC8F21F ] Fax C:\WINDOWS\system32\fxssvc.exe
19:38:25.0281 3144 Fax - ok
19:38:25.0328 3144 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
19:38:25.0328 3144 Fdc - ok
19:38:25.0359 3144 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
19:38:25.0359 3144 Fips - ok
19:38:25.0375 3144 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
19:38:25.0375 3144 Flpydisk - ok
19:38:25.0437 3144 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
19:38:25.0453 3144 FltMgr - ok
19:38:25.0515 3144 [ E20D64EDF74D80874837B16506D58166 ] fltsrv C:\WINDOWS\system32\DRIVERS\fltsrv.sys
19:38:25.0531 3144 fltsrv - ok
19:38:25.0593 3144 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
19:38:25.0609 3144 FontCache3.0.0.0 - ok
19:38:25.0625 3144 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:38:25.0625 3144 Fs_Rec - ok
19:38:25.0671 3144 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:38:25.0687 3144 Ftdisk - ok
19:38:25.0718 3144 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:38:25.0718 3144 Gpc - ok
19:38:25.0812 3144 [ 626A24ED1228580B9518C01930936DF9 ] gupdate1c9ef90cb9d602c C:\Programme\Google\Update\GoogleUpdate.exe
19:38:25.0843 3144 gupdate1c9ef90cb9d602c - ok
19:38:25.0890 3144 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe
19:38:25.0890 3144 gupdatem - ok
19:38:25.0953 3144 [ F58D2900C66A1E773E3375098E0E9337 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
19:38:25.0968 3144 HdAudAddService - ok
19:38:26.0046 3144 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
19:38:26.0062 3144 HDAudBus - ok
19:38:26.0109 3144 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
19:38:26.0125 3144 helpsvc - ok
19:38:26.0140 3144 HidServ - ok
19:38:26.0187 3144 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:38:26.0187 3144 HidUsb - ok
19:38:26.0234 3144 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
19:38:26.0250 3144 hkmsvc - ok
19:38:26.0265 3144 hpn - ok
19:38:26.0515 3144 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08 C:\Programme\HP\Digital Imaging\bin\hpqcxs08.dll
19:38:26.0593 3144 hpqcxs08 - ok
19:38:26.0703 3144 [ 7DA3211AC63EDD90B8ECA1CA1ABFD43B ] hpqddsvc C:\Programme\HP\Digital Imaging\bin\hpqddsvc.dll
19:38:26.0750 3144 hpqddsvc - ok
19:38:26.0812 3144 [ D03D10F7DED688FECF50F8FBF1EA9B8A ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
19:38:26.0812 3144 HPZid412 - ok
19:38:26.0828 3144 [ 89F41658929393487B6B7D13C8528CE3 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
19:38:26.0843 3144 HPZipr12 - ok
19:38:26.0875 3144 [ ABCB05CCDBF03000354B9553820E39F8 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
19:38:26.0875 3144 HPZius12 - ok
19:38:26.0968 3144 [ 6312DC46356DF3974E88AA51B69360DC ] HSFHWBS2 C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
19:38:27.0031 3144 HSFHWBS2 - ok
19:38:27.0375 3144 [ 8ED6714C8E754520DD8A939F91383EA0 ] HSF_DP C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
19:38:27.0656 3144 HSF_DP - ok
19:38:27.0984 3144 [ DAAB917EEC9849840A13353198D48CC5 ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
19:38:28.0265 3144 HSF_DPV - ok
19:38:28.0359 3144 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
19:38:28.0421 3144 HTTP - ok
19:38:28.0453 3144 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
19:38:28.0484 3144 HTTPFilter - ok
19:38:28.0500 3144 i2omgmt - ok
19:38:28.0500 3144 i2omp - ok
19:38:28.0531 3144 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:38:28.0531 3144 i8042prt - ok
19:38:28.0562 3144 ids00026 - ok
19:38:28.0578 3144 ids0014f - ok
19:38:28.0578 3144 ids0015d - ok
19:38:28.0578 3144 ids00180 - ok
19:38:28.0593 3144 ids0018a - ok
19:38:28.0921 3144 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:38:29.0234 3144 idsvc - ok
19:38:29.0265 3144 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
19:38:29.0265 3144 Imapi - ok
19:38:29.0359 3144 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe
19:38:29.0406 3144 ImapiService - ok
19:38:29.0406 3144 ini910u - ok
19:38:29.0421 3144 IntelIde - ok
19:38:29.0453 3144 [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
19:38:29.0453 3144 intelppm - ok
19:38:29.0484 3144 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
19:38:29.0484 3144 Ip6Fw - ok
19:38:29.0515 3144 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:38:29.0515 3144 IpFilterDriver - ok
19:38:29.0546 3144 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:38:29.0546 3144 IpInIp - ok
19:38:29.0609 3144 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:38:29.0640 3144 IpNat - ok
19:38:29.0671 3144 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:38:29.0671 3144 IPSec - ok
19:38:29.0718 3144 [ ACA5E7B54409F9CB5EED97ED0C81120E ] irda C:\WINDOWS\system32\DRIVERS\irda.sys
19:38:29.0734 3144 irda - ok
19:38:29.0750 3144 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
19:38:29.0750 3144 IRENUM - ok
19:38:29.0781 3144 [ 2EFE1DB1EC58A26B0C14BFDA122E246F ] Irmon C:\WINDOWS\System32\irmon.dll
19:38:29.0796 3144 Irmon - ok
19:38:29.0828 3144 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:38:29.0828 3144 isapnp - ok
19:38:30.0062 3144 [ 999DB5F88C8E145CCA9D471E33227143 ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe
19:38:30.0109 3144 JavaQuickStarterService - ok
19:38:30.0140 3144 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:38:30.0140 3144 Kbdclass - ok
19:38:30.0156 3144 [ B6D6C117D771C98130497265F26D1882 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
19:38:30.0171 3144 kbdhid - ok
19:38:30.0234 3144 [ EA26CB00F83686856F2C79673C00C686 ] kl1 C:\WINDOWS\system32\DRIVERS\kl1.sys
19:38:30.0265 3144 kl1 - ok
19:38:30.0312 3144 [ 53EEDAB3F0511321AC3AE8BC968B158C ] klbg C:\WINDOWS\system32\drivers\klbg.sys
19:38:30.0312 3144 klbg - ok
19:38:30.0515 3144 [ 3D23639C3FDBC082AF7016A5C8829329 ] KLIF C:\WINDOWS\system32\DRIVERS\klif.sys
19:38:30.0671 3144 KLIF - ok
19:38:30.0703 3144 [ 05E5504E5E06F75F18BBEA7291601FE2 ] klim5 C:\WINDOWS\system32\DRIVERS\klim5.sys
19:38:30.0703 3144 klim5 - ok
19:38:30.0750 3144 [ 7BE035A9C20F357DC765D6C7FDCDC964 ] klkbdflt C:\WINDOWS\system32\DRIVERS\klkbdflt.sys
19:38:30.0750 3144 klkbdflt - ok
19:38:30.0765 3144 [ A8234A8F67B0565F74753FE88A7BF03D ] klmouflt C:\WINDOWS\system32\DRIVERS\klmouflt.sys
19:38:30.0765 3144 klmouflt - ok
19:38:30.0796 3144 [ 53C0DF6C5139CB78A631E7AFCD893730 ] kltdi C:\WINDOWS\system32\DRIVERS\kltdi.sys
19:38:30.0812 3144 kltdi - ok
19:38:30.0875 3144 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
19:38:30.0875 3144 kmixer - ok
19:38:30.0937 3144 [ 71A38C123600172511C26BFABD0EF579 ] kneps C:\WINDOWS\system32\DRIVERS\kneps.sys
19:38:30.0953 3144 kneps - ok
19:38:31.0015 3144 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
19:38:31.0031 3144 KSecDD - ok
19:38:31.0078 3144 [ 2BBDCB79900990F0716DFCB714E72DE7 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
19:38:31.0109 3144 lanmanserver - ok
19:38:31.0187 3144 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
19:38:31.0234 3144 lanmanworkstation - ok
19:38:31.0250 3144 lbrtfdc - ok
19:38:31.0328 3144 [ 575ED0F5DCB34E5C243D2A7EBC860484 ] LightScribeService C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
19:38:31.0343 3144 LightScribeService - ok
19:38:31.0375 3144 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
19:38:31.0390 3144 LmHosts - ok
19:38:31.0406 3144 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
19:38:31.0406 3144 mdmxsdk - ok
19:38:31.0531 3144 [ 780D96F551833E0DCFE0A33B02B774E8 ] MemeoBackgroundService C:\Programme\Memeo\AutoBackup\MemeoBackgroundService.exe
19:38:31.0546 3144 MemeoBackgroundService - ok
19:38:31.0578 3144 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll
19:38:31.0593 3144 Messenger - ok
19:38:31.0609 3144 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
19:38:31.0609 3144 mnmdd - ok
19:38:31.0640 3144 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
19:38:31.0656 3144 mnmsrvc - ok
19:38:31.0687 3144 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
19:38:31.0687 3144 Modem - ok
19:38:31.0718 3144 [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys
19:38:31.0718 3144 MODEMCSA - ok
19:38:31.0734 3144 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:38:31.0734 3144 Mouclass - ok
19:38:31.0750 3144 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
19:38:31.0750 3144 mouhid - ok
19:38:31.0781 3144 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
19:38:31.0781 3144 MountMgr - ok
19:38:31.0843 3144 [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
19:38:31.0890 3144 MozillaMaintenance - ok
19:38:31.0906 3144 [ C0F8E0C2C3C0437CF37C6781896DC3EC ] MPE C:\WINDOWS\system32\DRIVERS\MPE.sys
19:38:31.0906 3144 MPE - ok
19:38:31.0921 3144 mraid35x - ok
19:38:31.0984 3144 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:38:32.0015 3144 MRxDAV - ok
19:38:32.0187 3144 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:38:32.0328 3144 MRxSmb - ok
19:38:32.0437 3144 [ 641199534871783DD74138FE0BCFDAE7 ] MSCamSvc C:\Programme\Microsoft LifeCam\MSCamS32.exe
19:38:32.0515 3144 MSCamSvc - ok
19:38:32.0531 3144 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\system32\msdtc.exe
19:38:32.0546 3144 MSDTC - ok
19:38:32.0562 3144 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
19:38:32.0562 3144 Msfs - ok
19:38:32.0593 3144 [ 95C6432151CCFF8617352F8E616A1AA4 ] MSIRCOMM C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys
19:38:32.0593 3144 MSIRCOMM - ok
19:38:32.0593 3144 MSIServer - ok
19:38:32.0625 3144 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:38:32.0640 3144 MSKSSRV - ok
19:38:32.0640 3144 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:38:32.0640 3144 MSPCLOCK - ok
19:38:32.0671 3144 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
19:38:32.0671 3144 MSPQM - ok
19:38:32.0687 3144 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:38:32.0687 3144 mssmbios - ok
19:38:32.0781 3144 [ 07FD9E1D5F80756EDEC3C2FFCF2534C2 ] MSSQL$PINNACLESYS C:\Programme\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
19:38:35.0593 3144 Suspicious file (Forged): C:\Programme\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe. Real md5: 07FD9E1D5F80756EDEC3C2FFCF2534C2, Fake md5: 1B959A0614D575D0AB3B09095F0A8B83
19:38:35.0640 3144 MSSQL$PINNACLESYS ( ForgedFile.Multi.Generic ) - warning
19:38:35.0640 3144 MSSQL$PINNACLESYS - detected ForgedFile.Multi.Generic (1)
19:38:35.0687 3144 [ 1D1B22613EAB9287AF902398867BC93C ] MSSQLServerADHelper C:\Programme\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe
19:38:35.0718 3144 MSSQLServerADHelper - ok
19:38:35.0750 3144 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
19:38:35.0750 3144 MSTEE - ok
19:38:35.0781 3144 [ D48659BB24C48345D926ECB45C1EBDF5 ] MTsensor C:\WINDOWS\system32\DRIVERS\ASACPI.sys
19:38:35.0781 3144 MTsensor - ok
19:38:35.0859 3144 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
19:38:35.0875 3144 Mup - ok
19:38:35.0937 3144 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
19:38:35.0937 3144 NABTSFEC - ok
19:38:36.0046 3144 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll
19:38:36.0140 3144 napagent - ok
19:38:36.0203 3144 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
19:38:36.0250 3144 NDIS - ok
19:38:36.0265 3144 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
19:38:36.0265 3144 NdisIP - ok
19:38:36.0296 3144 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:38:36.0296 3144 NdisTapi - ok
19:38:36.0328 3144 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:38:36.0328 3144 Ndisuio - ok
19:38:36.0359 3144 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:38:36.0375 3144 NdisWan - ok
19:38:36.0406 3144 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
19:38:36.0421 3144 NDProxy - ok
19:38:36.0468 3144 [ 69C503C004F49AEE8B8E3067CC047BA7 ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
19:38:36.0484 3144 Net Driver HPZ12 - ok
19:38:36.0515 3144 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
19:38:36.0515 3144 NetBIOS - ok
19:38:36.0578 3144 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
19:38:36.0609 3144 NetBT - ok
19:38:36.0671 3144 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe
19:38:36.0703 3144 NetDDE - ok
19:38:36.0750 3144 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
19:38:36.0750 3144 NetDDEdsdm - ok
19:38:36.0765 3144 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe
19:38:36.0781 3144 Netlogon - ok
19:38:36.0859 3144 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll
19:38:36.0906 3144 Netman - ok
19:38:36.0968 3144 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:38:37.0093 3144 NetTcpPortSharing - ok
19:38:37.0171 3144 [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla C:\WINDOWS\System32\mswsock.dll
19:38:37.0265 3144 Nla - ok
19:38:37.0312 3144 [ 48FB907B069524F2DC7BA62A0762850C ] nmwcd C:\WINDOWS\system32\drivers\ccdcmb.sys
19:38:37.0312 3144 nmwcd - ok
19:38:37.0343 3144 [ 2914CEB789964141AC6E22C6BC980C42 ] nmwcdc C:\WINDOWS\system32\drivers\ccdcmbo.sys
19:38:37.0343 3144 nmwcdc - ok
19:38:37.0406 3144 [ 28D40797BCB050321FA6674B08A620C0 ] nmwcdnsu C:\WINDOWS\system32\drivers\nmwcdnsu.sys
19:38:37.0437 3144 nmwcdnsu - ok
19:38:37.0468 3144 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
19:38:37.0468 3144 Npfs - ok
19:38:37.0671 3144 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
19:38:37.0828 3144 Ntfs - ok
19:38:37.0859 3144 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
19:38:37.0859 3144 NtLmSsp - ok
19:38:38.0015 3144 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
19:38:38.0156 3144 NtmsSvc - ok
19:38:38.0203 3144 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
19:38:38.0312 3144 Null - ok
19:38:38.0703 3144 [ 6528EB6B7844E3A0FD8F3EFED9D7CFFB ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
19:38:42.0812 3144 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\nv4_mini.sys. Real md5: 6528EB6B7844E3A0FD8F3EFED9D7CFFB, Fake md5: 0DC79B60CEDC3A8854C27B3C6E4B3414
19:38:42.0875 3144 nv ( ForgedFile.Multi.Generic ) - warning
19:38:42.0875 3144 nv - detected ForgedFile.Multi.Generic (1)
19:38:42.0953 3144 [ 32F7DEC3729B3BAE66EEBCAB7B03B18F ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
19:38:43.0000 3144 NVSvc - ok
19:38:43.0046 3144 [ AB0342CD154E89C18329E5CC5848CE0A ] nvUpdatusService C:\Programme\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
19:38:43.0718 3144 Suspicious file (Forged): C:\Programme\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe. Real md5: AB0342CD154E89C18329E5CC5848CE0A, Fake md5: 2CC4E45B0EB4C48392CEC9C83B5B8E3B
19:38:43.0734 3144 nvUpdatusService ( ForgedFile.Multi.Generic ) - warning
19:38:43.0734 3144 nvUpdatusService - detected ForgedFile.Multi.Generic (1)
19:38:43.0765 3144 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:38:43.0765 3144 NwlnkFlt - ok
19:38:43.0781 3144 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:38:43.0781 3144 NwlnkFwd - ok
19:38:43.0843 3144 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
19:38:43.0875 3144 ose - ok
19:38:43.0921 3144 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
19:38:43.0937 3144 Parport - ok
19:38:43.0953 3144 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
19:38:43.0953 3144 PartMgr - ok
19:38:43.0968 3144 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
19:38:43.0968 3144 ParVdm - ok
19:38:44.0000 3144 [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
19:38:44.0000 3144 pccsmcfd - ok
19:38:44.0031 3144 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
19:38:44.0031 3144 PCI - ok
19:38:44.0031 3144 PCIDump - ok
19:38:44.0062 3144 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
19:38:44.0062 3144 PCIIde - ok
19:38:44.0078 3144 [ 1BEBE7DE8508A02650CDCE45C664C2A2 ] PCLEPCI C:\WINDOWS\system32\drivers\pclepci.sys
19:38:44.0078 3144 PCLEPCI - ok
19:38:44.0140 3144 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
19:38:44.0156 3144 Pcmcia - ok
19:38:44.0156 3144 PDCOMP - ok
19:38:44.0171 3144 PDFRAME - ok
19:38:44.0171 3144 PDRELI - ok
19:38:44.0171 3144 PDRFRAME - ok
19:38:44.0187 3144 perc2 - ok
19:38:44.0187 3144 perc2hib - ok
19:38:44.0265 3144 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe
19:38:44.0265 3144 PlugPlay - ok
19:38:44.0312 3144 [ 12B4549D515CB26BB8D375038017CA65 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
19:38:44.0328 3144 Pml Driver HPZ12 - ok
19:38:44.0359 3144 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
19:38:44.0359 3144 PolicyAgent - ok
19:38:44.0390 3144 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:38:44.0390 3144 PptpMiniport - ok
19:38:44.0406 3144 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
19:38:44.0406 3144 ProtectedStorage - ok
19:38:44.0437 3144 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
19:38:44.0437 3144 PSched - ok
19:38:44.0453 3144 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:38:44.0468 3144 Ptilink - ok
19:38:44.0500 3144 [ D86B4A68565E444D76457F14172C875A ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
19:38:44.0500 3144 PxHelp20 - ok
19:38:44.0515 3144 ql1080 - ok
19:38:44.0515 3144 Ql10wnt - ok
19:38:44.0531 3144 ql12160 - ok
19:38:44.0531 3144 ql1240 - ok
19:38:44.0546 3144 ql1280 - ok
19:38:44.0562 3144 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:38:44.0562 3144 RasAcd - ok
19:38:44.0609 3144 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll
19:38:44.0640 3144 RasAuto - ok
19:38:44.0671 3144 [ 0207D26DDF796A193CCD9F83047BB5FC ] Rasirda C:\WINDOWS\system32\DRIVERS\rasirda.sys
19:38:44.0671 3144 Rasirda - ok
19:38:44.0703 3144 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:38:44.0703 3144 Rasl2tp - ok
19:38:44.0781 3144 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll
19:38:44.0843 3144 RasMan - ok
19:38:44.0875 3144 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:38:44.0875 3144 RasPppoe - ok
19:38:44.0890 3144 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
19:38:44.0890 3144 Raspti - ok
19:38:44.0968 3144 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:38:45.0000 3144 Rdbss - ok
19:38:45.0015 3144 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:38:45.0031 3144 RDPCDD - ok
19:38:45.0093 3144 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
19:38:45.0156 3144 RDPWD - ok
19:38:45.0234 3144 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
19:38:45.0281 3144 RDSessMgr - ok
19:38:45.0312 3144 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
19:38:45.0312 3144 redbook - ok
19:38:45.0343 3144 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
19:38:45.0359 3144 RemoteAccess - ok
19:38:45.0406 3144 [ 851C30DF2807FCFA21E4C681A7D6440E ] RFCOMM C:\WINDOWS\system32\DRIVERS\rfcomm.sys
19:38:45.0406 3144 RFCOMM - ok
19:38:45.0421 3144 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys
19:38:45.0437 3144 ROOTMODEM - ok
19:38:45.0468 3144 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\system32\locator.exe
19:38:45.0500 3144 RpcLocator - ok
19:38:45.0625 3144 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs C:\WINDOWS\system32\rpcss.dll
19:38:45.0640 3144 RpcSs - ok
19:38:45.0687 3144 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\system32\rsvp.exe
19:38:45.0718 3144 RSVP - ok
19:38:45.0734 3144 RT2500USB - ok
19:38:45.0828 3144 [ C6D34A1874CD2B212DC3E788091C64B4 ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
19:38:45.0875 3144 RTLE8023xp - ok
19:38:45.0890 3144 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe
19:38:45.0890 3144 SamSs - ok
19:38:45.0953 3144 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
19:38:45.0984 3144 SCardSvr - ok
19:38:46.0062 3144 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll
19:38:46.0125 3144 Schedule - ok
19:38:46.0312 3144 [ 738187CE167D51240EC945F42743D0E5 ] SCPDFReadSpool C:\WINDOWS\Installer\MSIE4.tmp
19:38:46.0390 3144 SCPDFReadSpool - ok
19:38:46.0453 3144 [ 16B44D246835EAC156F8DAF0AA4F530C ] SeagateDashboardService C:\Programme\Seagate\Seagate Dashboard\SeagateDashboardService.exe
19:38:46.0468 3144 SeagateDashboardService - ok
19:38:46.0500 3144 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:38:46.0500 3144 Secdrv - ok
19:38:46.0531 3144 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll
19:38:46.0546 3144 seclogon - ok
19:38:46.0687 3144 [ 23228966244CDD9627BDE4141B3BE1F0 ] SenFiltService C:\WINDOWS\system32\drivers\Senfilt.sys
19:38:46.0781 3144 SenFiltService - ok
19:38:46.0812 3144 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll
19:38:46.0828 3144 SENS - ok
19:38:46.0859 3144 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
19:38:46.0859 3144 serenum - ok
19:38:46.0921 3144 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
19:38:46.0921 3144 Serial - ok
19:38:47.0265 3144 [ 7D3903AF48E6C1DC2704EAFCB608D031 ] ServiceLayer C:\Programme\PC Connectivity Solution\ServiceLayer.exe
19:38:47.0546 3144 ServiceLayer - ok
19:38:47.0593 3144 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\DRIVERS\sfloppy.sys
19:38:47.0593 3144 Sfloppy - ok
19:38:47.0718 3144 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
19:38:47.0812 3144 SharedAccess - ok
19:38:47.0859 3144 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:38:47.0875 3144 ShellHWDetection - ok
19:38:47.0875 3144 Simbad - ok
19:38:47.0937 3144 [ 8CB6887AC284F980C374EA29D79BA3E5 ] Skype C2C Service C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe
19:38:48.0875 3144 Suspicious file (Forged): C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe. Real md5: 8CB6887AC284F980C374EA29D79BA3E5, Fake md5: 388AE59FE75F1B959DFA0900923C61BB
19:38:48.0890 3144 Skype C2C Service ( ForgedFile.Multi.Generic ) - warning
19:38:48.0890 3144 Skype C2C Service - detected ForgedFile.Multi.Generic (1)
19:38:48.0984 3144 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Programme\Skype\Updater\Updater.exe
19:38:49.0031 3144 SkypeUpdate - ok
19:38:49.0062 3144 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
19:38:49.0062 3144 SLIP - ok
19:38:49.0171 3144 [ 851310C1B742D2DF2D334603836FFDF5 ] snapman C:\WINDOWS\system32\DRIVERS\snapman.sys
19:38:49.0203 3144 snapman - ok
19:38:49.0203 3144 Sparrow - ok
19:38:49.0218 3144 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
19:38:49.0218 3144 splitter - ok
19:38:49.0281 3144 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
19:38:49.0296 3144 Spooler - ok
19:38:49.0437 3144 [ 352E375AB298C23B0F9BC307652C7F50 ] SQLAgent$PINNACLESYS C:\Programme\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE
19:38:49.0531 3144 SQLAgent$PINNACLESYS - ok
19:38:49.0593 3144 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
19:38:49.0593 3144 sr - ok
19:38:49.0687 3144 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll
19:38:49.0734 3144 srservice - ok
19:38:49.0859 3144 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
19:38:49.0953 3144 Srv - ok
19:38:49.0984 3144 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
19:38:50.0015 3144 SSDPSRV - ok
19:38:50.0093 3144 [ 359FEE084F1173FFFFD7F9CCBD43D47F ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
19:38:50.0140 3144 ssudmdm - ok
19:38:50.0187 3144 [ E57B778208C783D8DEBAB320C16A1B82 ] StarOpen C:\WINDOWS\system32\drivers\StarOpen.sys
19:38:50.0187 3144 StarOpen - ok
19:38:50.0218 3144 [ A1A16662C6B1A665D965D61B9EECC5A7 ] STIrUsb C:\WINDOWS\system32\DRIVERS\irstusb.sys
19:38:50.0218 3144 STIrUsb - ok
19:38:50.0359 3144 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll
19:38:50.0468 3144 stisvc - ok
19:38:50.0500 3144 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
19:38:50.0500 3144 streamip - ok
19:38:50.0515 3144 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
19:38:50.0515 3144 swenum - ok
19:38:50.0562 3144 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
19:38:50.0562 3144 swmidi - ok
19:38:50.0578 3144 SwPrv - ok
19:38:50.0578 3144 symc810 - ok
19:38:50.0593 3144 symc8xx - ok
19:38:50.0593 3144 sym_hi - ok
19:38:50.0609 3144 sym_u3 - ok
19:38:50.0687 3144 [ B716A836A645BC7C8E5C367B68A8A7A4 ] syncagentsrv C:\Programme\Gemeinsame Dateien\Acronis\SyncAgent\syncagentsrv.exe
19:38:52.0765 3144 Suspicious file (Forged): C:\Programme\Gemeinsame Dateien\Acronis\SyncAgent\syncagentsrv.exe. Real md5: B716A836A645BC7C8E5C367B68A8A7A4, Fake md5: A214C8AA6A6C06C9DBAB1310E38DAB4A
19:38:52.0796 3144 syncagentsrv ( ForgedFile.Multi.Generic ) - warning
19:38:52.0796 3144 syncagentsrv - detected ForgedFile.Multi.Generic (1)
19:38:52.0828 3144 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
19:38:52.0843 3144 sysaudio - ok
19:38:52.0890 3144 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
19:38:52.0921 3144 SysmonLog - ok
19:38:53.0015 3144 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
19:38:53.0093 3144 TapiSrv - ok
19:38:53.0218 3144 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:38:53.0328 3144 Tcpip - ok
19:38:53.0359 3144 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
19:38:53.0359 3144 TDPIPE - ok
19:38:53.0656 3144 [ 6345E3829FD130A144454F9F5C2A3B9E ] tdrpman C:\WINDOWS\system32\DRIVERS\tdrpman.sys
19:38:53.0875 3144 tdrpman - ok
19:38:53.0906 3144 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
19:38:53.0906 3144 TDTCP - ok
19:38:53.0953 3144 [ 94F26C68ACD7C984BE64A5040DFFBDB2 ] TeamViewer6 C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe
19:38:54.0703 3144 Suspicious file (Forged): C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe. Real md5: 94F26C68ACD7C984BE64A5040DFFBDB2, Fake md5: A3393F0DC64C29F47DC4126E6FA57558
19:38:54.0718 3144 TeamViewer6 ( ForgedFile.Multi.Generic ) - warning
19:38:54.0718 3144 TeamViewer6 - detected ForgedFile.Multi.Generic (1)
19:38:54.0734 3144 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
19:38:54.0750 3144 TermDD - ok
19:38:54.0859 3144 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll
19:38:54.0953 3144 TermService - ok
19:38:55.0000 3144 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll
19:38:55.0000 3144 Themes - ok
19:38:55.0250 3144 [ A8C31102F448231596168FFC9F568B9A ] tib_mounter C:\WINDOWS\system32\DRIVERS\tib_mounter.sys
19:38:55.0437 3144 tib_mounter - ok
19:38:55.0500 3144 [ 76148C3159718B701252F87B067904A6 ] TOSHIBA Bluetooth Service C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
19:38:55.0531 3144 TOSHIBA Bluetooth Service - ok
19:38:55.0531 3144 TosIde - ok
19:38:55.0562 3144 [ 8D624D3BD1F2D78BD1C01A2D4E954B4E ] tosporte C:\WINDOWS\system32\DRIVERS\tosporte.sys
19:38:55.0578 3144 tosporte - ok
19:38:55.0625 3144 [ A594DBD80CA5426E2E558BF79195A110 ] Tosrfbd C:\WINDOWS\system32\DRIVERS\tosrfbd.sys
19:38:55.0640 3144 Tosrfbd - ok
19:38:55.0671 3144 [ 90C8525BC578AAFFE87C2D0ED4379E9E ] tosrfbnp C:\WINDOWS\system32\Drivers\tosrfbnp.sys
19:38:55.0671 3144 tosrfbnp - ok
19:38:55.0703 3144 [ 5BA1CA3B3CDDB1DDC67DF473F05D1EC2 ] Tosrfcom C:\WINDOWS\system32\Drivers\tosrfcom.sys
19:38:55.0703 3144 Tosrfcom - ok
19:38:55.0750 3144 [ 28099A4E52148319AFA685D93A2244D0 ] Tosrfhid C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys
19:38:55.0750 3144 Tosrfhid - ok
19:38:55.0765 3144 [ C52FD27B9ADF3A1F22CB90E6BCF9B0CB ] tosrfnds C:\WINDOWS\system32\DRIVERS\tosrfnds.sys
19:38:55.0765 3144 tosrfnds - ok
19:38:55.0796 3144 [ 1FF09B64D1E0C82EE81026718D8D47C2 ] TosRfSnd C:\WINDOWS\system32\drivers\tosrfsnd.sys
19:38:55.0812 3144 TosRfSnd - ok
19:38:55.0843 3144 [ 20CC46C5D3326122E1A0A8C9DAD00E0D ] tosrfusb C:\WINDOWS\system32\DRIVERS\tosrfusb.sys
19:38:55.0843 3144 tosrfusb - ok
19:38:55.0906 3144 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll
19:38:55.0937 3144 TrkWks - ok
19:38:56.0125 3144 [ 3D23639C3FDBC082AF7016A5C8829329 ] TSP C:\WINDOWS\system32\drivers\klif.sys
19:38:56.0140 3144 TSP - ok
19:38:56.0171 3144 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
19:38:56.0171 3144 Udfs - ok
19:38:56.0171 3144 ultra - ok
19:38:56.0343 3144 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
19:38:56.0437 3144 Update - ok
19:38:56.0515 3144 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll
19:38:56.0578 3144 upnphost - ok
19:38:56.0609 3144 [ E526A166E6ACAFD0A9B3841D3941669E ] upperdev C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
19:38:56.0609 3144 upperdev - ok
19:38:56.0625 3144 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe
19:38:56.0625 3144 UPS - ok
19:38:56.0671 3144 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
19:38:56.0671 3144 usbaudio - ok
19:38:56.0703 3144 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:38:56.0718 3144 usbccgp - ok
19:38:56.0734 3144 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:38:56.0734 3144 usbehci - ok
19:38:56.0781 3144 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:38:56.0781 3144 usbhub - ok
19:38:56.0796 3144 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
19:38:56.0796 3144 usbprint - ok
19:38:56.0828 3144 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
19:38:56.0828 3144 usbscan - ok
19:38:56.0859 3144 [ 1C888B000C2F9492F4B15B5B6B84873E ] usbser C:\WINDOWS\system32\drivers\usbser.sys
19:38:56.0859 3144 usbser - ok
19:38:56.0875 3144 [ 6F3E3C6811B930D2414552A2E4A40F36 ] UsbserFilt C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
19:38:56.0875 3144 UsbserFilt - ok
19:38:56.0906 3144 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:38:56.0906 3144 USBSTOR - ok
19:38:56.0937 3144 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
19:38:56.0937 3144 usbuhci - ok
19:38:56.0953 3144 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
19:38:56.0953 3144 VgaSave - ok
19:38:56.0968 3144 ViaIde - ok
19:38:57.0031 3144 [ 26B75DCB58B006867EFD659E845CD65E ] vididr C:\WINDOWS\system32\DRIVERS\vididr.sys
19:38:57.0046 3144 vididr - ok
19:38:57.0093 3144 [ 40AFA68F81F90636D1300099E9CFC8CE ] vidsflt C:\WINDOWS\system32\DRIVERS\vidsflt.sys
19:38:57.0109 3144 vidsflt - ok
19:38:57.0140 3144 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
19:38:57.0140 3144 VolSnap - ok
19:38:57.0156 3144 vsdatant - ok
19:38:57.0281 3144 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe
19:38:57.0375 3144 VSS - ok
19:38:57.0406 3144 [ C1DB192C23376E51EEDC463539766DA9 ] VX3000 C:\WINDOWS\system32\DRIVERS\VX3000.sys
19:38:57.0984 3144 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\VX3000.sys. Real md5: C1DB192C23376E51EEDC463539766DA9, Fake md5: 13ACFED0E6ADCA97440169DFD127EBCF
19:38:57.0984 3144 VX3000 ( ForgedFile.Multi.Generic ) - warning
19:38:57.0984 3144 VX3000 - detected ForgedFile.Multi.Generic (1)
19:38:58.0062 3144 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll
19:38:58.0125 3144 W32Time - ok
19:38:58.0171 3144 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:38:58.0171 3144 Wanarp - ok
19:38:58.0203 3144 [ 46A247F6617526AFE38B6F12F5512120 ] wceusbsh C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
19:38:58.0203 3144 wceusbsh - ok
19:38:58.0390 3144 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
19:38:58.0500 3144 Wdf01000 - ok
19:38:58.0500 3144 WDICA - ok
19:38:58.0546 3144 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
19:38:58.0562 3144 wdmaud - ok
19:38:58.0609 3144 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll
19:38:58.0625 3144 WebClient - ok
19:38:58.0875 3144 [ BE3A842C2F2E87E7C840D36BCF13E8E0 ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
19:38:59.0078 3144 winachsf - ok
19:38:59.0171 3144 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
19:38:59.0218 3144 winmgmt - ok
19:38:59.0609 3144 [ F10075C2EC96D2EB118012E78ECE2FC2 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
19:38:59.0937 3144 WinRM - ok
19:38:59.0984 3144 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
19:39:00.0000 3144 WmdmPmSN - ok
19:39:00.0046 3144 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
19:39:00.0093 3144 WmiApSrv - ok
19:39:00.0437 3144 [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc C:\Programme\Windows Media Player\WMPNetwk.exe
19:39:00.0703 3144 WMPNetworkSvc - ok
19:39:00.0734 3144 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
19:39:00.0734 3144 WpdUsb - ok
19:39:01.0031 3144 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:39:01.0281 3144 WPFFontCache_v0400 - ok
19:39:01.0328 3144 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINDOWS\system32\wscsvc.dll
19:39:01.0359 3144 wscsvc - ok
19:39:01.0375 3144 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
19:39:01.0390 3144 WSTCODEC - ok
19:39:01.0406 3144 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
19:39:01.0453 3144 wuauserv - ok
19:39:01.0515 3144 [ EAA6324F51214D2F6718977EC9CE0DEF ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
19:39:01.0515 3144 WudfPf - ok
19:39:01.0578 3144 [ F91FF1E51FCA30B3C3981DB7D5924252 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
19:39:01.0593 3144 WudfRd - ok
19:39:01.0640 3144 [ DDEE3682FE97037C45F4D7AB467CB8B6 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
19:39:01.0656 3144 WudfSvc - ok
19:39:01.0828 3144 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
19:39:01.0968 3144 WZCSVC - ok
19:39:02.0031 3144 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
19:39:02.0078 3144 xmlprov - ok
19:39:02.0093 3144 ================ Scan global ===============================
19:39:02.0109 3144 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
19:39:02.0234 3144 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
19:39:02.0437 3144 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
19:39:02.0484 3144 [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe
19:39:02.0484 3144 [Global] - ok
19:39:02.0484 3144 ================ Scan MBR ==================================
19:39:02.0515 3144 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
19:39:02.0812 3144 \Device\Harddisk0\DR0 - ok
19:39:02.0812 3144 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
19:39:02.0843 3144 \Device\Harddisk1\DR1 - ok
19:39:02.0843 3144 ================ Scan VBR ==================================
19:39:02.0843 3144 [ 91D7C03417315C80A612E562D6DB2485 ] \Device\Harddisk0\DR0\Partition1
19:39:02.0843 3144 \Device\Harddisk0\DR0\Partition1 - ok
19:39:02.0843 3144 [ 39D493D08F7E5F0220B1C28DCD640DD5 ] \Device\Harddisk1\DR1\Partition1
19:39:02.0859 3144 \Device\Harddisk1\DR1\Partition1 - ok
19:39:02.0859 3144 ============================================================
19:39:02.0859 3144 Scan finished
19:39:02.0859 3144 ============================================================
19:39:02.0859 5568 Detected object count: 8
19:39:02.0859 5568 Actual detected object count: 8
19:39:36.0453 5568 afcdpsrv ( ForgedFile.Multi.Generic ) - skipped by user
19:39:36.0453 5568 afcdpsrv ( ForgedFile.Multi.Generic ) - User select action: Skip
19:39:36.0468 5568 MSSQL$PINNACLESYS ( ForgedFile.Multi.Generic ) - skipped by user
19:39:36.0468 5568 MSSQL$PINNACLESYS ( ForgedFile.Multi.Generic ) - User select action: Skip
19:39:36.0468 5568 nv ( ForgedFile.Multi.Generic ) - skipped by user
19:39:36.0468 5568 nv ( ForgedFile.Multi.Generic ) - User select action: Skip
19:39:36.0468 5568 nvUpdatusService ( ForgedFile.Multi.Generic ) - skipped by user
19:39:36.0468 5568 nvUpdatusService ( ForgedFile.Multi.Generic ) - User select action: Skip
19:39:36.0468 5568 Skype C2C Service ( ForgedFile.Multi.Generic ) - skipped by user
19:39:36.0468 5568 Skype C2C Service ( ForgedFile.Multi.Generic ) - User select action: Skip
19:39:36.0484 5568 syncagentsrv ( ForgedFile.Multi.Generic ) - skipped by user
19:39:36.0484 5568 syncagentsrv ( ForgedFile.Multi.Generic ) - User select action: Skip
19:39:36.0484 5568 TeamViewer6 ( ForgedFile.Multi.Generic ) - skipped by user
19:39:36.0484 5568 TeamViewer6 ( ForgedFile.Multi.Generic ) - User select action: Skip
19:39:36.0484 5568 VX3000 ( ForgedFile.Multi.Generic ) - skipped by user
19:39:36.0484 5568 VX3000 ( ForgedFile.Multi.Generic ) - User select action: Skip
19:41:36.0453 5596 Deinitialize success
|
|
29.03.2013, 02:10
| #14 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojan.Win32.Yakes.cmpu und not-a-virus:RemoteAdmin.Win32.WinVNC.mx durch Kasperky gefunden - Vorgehen?Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
29.03.2013, 10:45
| #15 | |
| | Trojan.Win32.Yakes.cmpu und not-a-virus:RemoteAdmin.Win32.WinVNC.mx durch Kasperky gefunden - Vorgehen? Lieber Cosinus, ich bin absolut überzeugt davon, dass ihr hier tolle und fantastische Hilfe leistet. Und dafüpr bin nicht nur ich, sondern auch viele andere sicher sehr dankbar. Aber ich denke, auch ich darf einen respektvollen Umgang erwarten. "Bitte die Anleitungen sorgfältiger lesen und umsetzen;" Mir hier nicht sorgfältige Arbeit zu unterstellen, finde ich ganz ehrlich gesagt abwertend. Ich arbeite hier so gut ich kann und versuche alles umzusetzen. Da ich sehr weit weg von einem IT Experten bin und für fast jeden Schritt weitere Hilfe brauche um es korrekt umzusetzen, ist das nicht ganz einfach. Da kann es jedem passieren, das mal etwas übersehen wird. Ich habe die letzen 3 Nächte pro Nacht nicht mehr als 4h geschlafen und ich bin auch nur ein Mensch und keine Maschine. Die Logs vom TDSKiller werden leider nicht erstellt, ich muss alles manuel machen. Code:
ATTFilter
10:33:27.0562 5208 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
10:33:27.0703 5208 ============================================================
10:33:27.0703 5208 Current date / time: 2013/03/29 10:33:27.0703
10:33:27.0703 5208 SystemInfo:
10:33:27.0703 5208
10:33:27.0703 5208 OS Version: 5.1.2600 ServicePack: 3.0
10:33:27.0703 5208 Product type: Workstation
10:33:27.0703 5208 ComputerName: SCHOKOHASE
10:33:27.0703 5208 UserName: USER
10:33:27.0703 5208 Windows directory: C:\WINDOWS
10:33:27.0703 5208 System windows directory: C:\WINDOWS
10:33:27.0703 5208 Processor architecture: Intel x86
10:33:27.0703 5208 Number of processors: 2
10:33:27.0703 5208 Page size: 0x1000
10:33:27.0703 5208 Boot type: Normal boot
10:33:27.0703 5208 ============================================================
10:33:34.0046 5208 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
10:33:34.0046 5208 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
10:33:34.0062 5208 ============================================================
10:33:34.0062 5208 \Device\Harddisk0\DR0:
10:33:34.0062 5208 MBR partitions:
10:33:34.0062 5208 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
10:33:34.0062 5208 \Device\Harddisk1\DR1:
10:33:34.0062 5208 MBR partitions:
10:33:34.0062 5208 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
10:33:34.0062 5208 ============================================================
10:33:34.0125 5208 C: <-> \Device\Harddisk0\DR0\Partition1
10:33:34.0218 5208 D: <-> \Device\Harddisk1\DR1\Partition1
10:33:34.0218 5208 ============================================================
10:33:34.0218 5208 Initialize success
10:33:34.0218 5208 ============================================================
10:34:40.0734 5180 ============================================================
10:34:40.0734 5180 Scan started
10:34:40.0734 5180 Mode: Manual; SigCheck; TDLFS;
10:34:40.0734 5180 ============================================================
10:34:41.0062 5180 ================ Scan system memory ========================
10:34:41.0062 5180 System memory - ok
10:34:41.0062 5180 ================ Scan services =============================
10:34:41.0515 5180 Abiosdsk - ok
10:34:41.0531 5180 abp480n5 - ok
10:34:41.0578 5180 [ 44010948BDE6ADE50DD1386657C73E83 ] ACEDRV06 C:\WINDOWS\system32\drivers\ACEDRV06.sys
10:34:42.0250 5180 ACEDRV06 ( UnsignedFile.Multi.Generic ) - warning
10:34:42.0250 5180 ACEDRV06 - detected UnsignedFile.Multi.Generic (1)
10:34:42.0328 5180 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
10:34:45.0687 5180 ACPI - ok
10:34:45.0734 5180 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
10:34:45.0921 5180 ACPIEC - ok
10:34:46.0265 5180 [ 35BCB0F33FABA91F93C062FBE7EA1EAC ] AcrSch2Svc C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe
10:34:46.0593 5180 AcrSch2Svc - ok
10:34:46.0656 5180 [ 708BAECC952E81A70EF36F5F0B1B981C ] ADIHdAudAddService C:\WINDOWS\system32\drivers\ADIHdAud.sys
10:34:46.0750 5180 ADIHdAudAddService - ok
10:34:46.0875 5180 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:34:46.0921 5180 AdobeFlashPlayerUpdateSvc - ok
10:34:46.0937 5180 adpu160m - ok
10:34:46.0984 5180 [ 9F59AE2DE835641FBB0C6AFD80D8FA9B ] AEAudioService C:\WINDOWS\system32\drivers\AEAudio.sys
10:34:47.0062 5180 AEAudioService - ok
10:34:47.0125 5180 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
10:34:47.0343 5180 aec - ok
10:34:47.0437 5180 [ DF139E5866C19E0B3217EF210198D875 ] afcdp C:\WINDOWS\system32\DRIVERS\afcdp.sys
10:34:47.0656 5180 afcdp - ok
10:34:48.0843 5180 [ 1AEA25F70F12ABB494A4E35E1D717414 ] afcdpsrv C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe
10:34:50.0312 5180 afcdpsrv - ok
10:34:50.0375 5180 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
10:34:50.0500 5180 AFD - ok
10:34:50.0515 5180 Aha154x - ok
10:34:50.0531 5180 aic78u2 - ok
10:34:50.0531 5180 aic78xx - ok
10:34:50.0578 5180 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll
10:34:50.0812 5180 Alerter - ok
10:34:50.0843 5180 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe
10:34:50.0968 5180 ALG - ok
10:34:50.0984 5180 AliIde - ok
10:34:50.0984 5180 amsint - ok
10:34:51.0000 5180 AppMgmt - ok
10:34:51.0000 5180 asc - ok
10:34:51.0015 5180 asc3350p - ok
10:34:51.0015 5180 asc3550 - ok
10:34:51.0343 5180 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
10:34:51.0421 5180 aspnet_state - ok
10:34:51.0453 5180 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
10:34:51.0703 5180 AsyncMac - ok
10:34:51.0750 5180 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
10:34:52.0296 5180 atapi - ok
10:34:52.0312 5180 Atdisk - ok
10:34:52.0375 5180 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
10:34:52.0875 5180 Atmarpc - ok
10:34:52.0937 5180 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
10:34:53.0156 5180 AudioSrv - ok
10:34:53.0171 5180 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
10:34:53.0343 5180 audstub - ok
10:34:53.0390 5180 [ 728C4A6C722535C16D1025F51AA31E22 ] avmaudio C:\WINDOWS\system32\DRIVERS\avmaudio.sys
10:34:53.0421 5180 avmaudio ( UnsignedFile.Multi.Generic ) - warning
10:34:53.0421 5180 avmaudio - detected UnsignedFile.Multi.Generic (1)
10:34:53.0875 5180 [ 587EFD6A3A30A35A27904D21AE1FB882 ] AVP C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
10:34:53.0984 5180 AVP - ok
10:34:54.0031 5180 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
10:34:54.0234 5180 Beep - ok
10:34:54.0390 5180 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll
10:34:54.0812 5180 BITS - ok
10:34:54.0875 5180 [ B71549F23736ADF83A571061C47777FD ] Browser C:\WINDOWS\System32\browser.dll
10:34:55.0046 5180 Browser - ok
10:34:55.0078 5180 [ B279426E3C0C344893ED78A613A73BDE ] BthEnum C:\WINDOWS\system32\DRIVERS\BthEnum.sys
10:34:55.0296 5180 BthEnum - ok
10:34:55.0359 5180 [ 80602B8746D3738F5886CE3D67EF06B6 ] BthPan C:\WINDOWS\system32\DRIVERS\bthpan.sys
10:34:55.0593 5180 BthPan - ok
10:34:55.0703 5180 [ 592E1CEDBE314D0EF184DC6F46141E76 ] BTHPORT C:\WINDOWS\system32\Drivers\BTHport.sys
10:34:56.0046 5180 BTHPORT - ok
10:34:56.0093 5180 [ 26C601EF7525E31379744ABFC6F35A1B ] BthServ C:\WINDOWS\System32\bthserv.dll
10:34:56.0375 5180 BthServ - ok
10:34:56.0390 5180 [ 61364CD71EF63B0F038B7E9DF00F1EFA ] BTHUSB C:\WINDOWS\system32\Drivers\BTHUSB.sys
10:34:56.0656 5180 BTHUSB - ok
10:34:56.0687 5180 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
10:34:57.0062 5180 cbidf2k - ok
10:34:57.0125 5180 [ 359E5A91D26D0439933BEF1C29CEDEF7 ] CCALib8 C:\Programme\Canon\CAL\CALMAIN.exe
10:34:57.0218 5180 CCALib8 ( UnsignedFile.Multi.Generic ) - warning
10:34:57.0218 5180 CCALib8 - detected UnsignedFile.Multi.Generic (1)
10:34:57.0250 5180 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
10:34:57.0531 5180 CCDECODE - ok
10:34:57.0531 5180 cd20xrnt - ok
10:34:57.0546 5180 [ 82C4C6A2343B592C4FD590F625A724A9 ] CdaC15BA C:\WINDOWS\system32\drivers\CDAC15BA.SYS
10:34:57.0578 5180 CdaC15BA ( UnsignedFile.Multi.Generic ) - warning
10:34:57.0578 5180 CdaC15BA - detected UnsignedFile.Multi.Generic (1)
10:34:57.0609 5180 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
10:34:57.0859 5180 Cdaudio - ok
10:34:57.0890 5180 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
10:34:58.0062 5180 Cdfs - ok
10:34:58.0093 5180 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
10:34:58.0343 5180 Cdrom - ok
10:34:58.0359 5180 Changer - ok
10:34:58.0390 5180 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe
10:34:58.0546 5180 CiSvc - ok
10:34:58.0562 5180 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
10:34:58.0812 5180 ClipSrv - ok
10:34:59.0031 5180 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:34:59.0296 5180 clr_optimization_v2.0.50727_32 - ok
10:34:59.0359 5180 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:34:59.0453 5180 clr_optimization_v4.0.30319_32 - ok
10:34:59.0546 5180 [ 15AE8F975B3B8EE5EFFAFA4D0C94C1D7 ] CltMngSvc C:\Programme\SearchProtect\bin\CltMngSvc.exe
10:34:59.0656 5180 CltMngSvc ( UnsignedFile.Multi.Generic ) - warning
10:34:59.0656 5180 CltMngSvc - detected UnsignedFile.Multi.Generic (1)
10:34:59.0656 5180 CmdIde - ok
10:34:59.0671 5180 COMSysApp - ok
10:34:59.0671 5180 Cpqarray - ok
10:34:59.0718 5180 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
10:34:59.0937 5180 CryptSvc - ok
10:34:59.0953 5180 [ B5ECADF7708960F1818C7FA015F4C239 ] CVirtA C:\WINDOWS\system32\DRIVERS\CVirtA.sys
10:35:00.0062 5180 CVirtA - ok
10:35:00.0078 5180 dac2w2k - ok
10:35:00.0078 5180 dac960nt - ok
10:35:00.0218 5180 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
10:35:00.0484 5180 DcomLaunch - ok
10:35:00.0531 5180 [ 6CC6C4B9D7B906A151AA094CA087B9F0 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
10:35:00.0609 5180 dg_ssudbus - ok
10:35:00.0671 5180 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
10:35:00.0921 5180 Dhcp - ok
10:35:00.0984 5180 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
10:35:01.0250 5180 Disk - ok
10:35:01.0265 5180 dmadmin - ok
10:35:01.0906 5180 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
10:35:02.0937 5180 dmboot - ok
10:35:03.0171 5180 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys
10:35:03.0609 5180 dmio - ok
10:35:03.0812 5180 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
10:35:04.0203 5180 dmload - ok
10:35:04.0250 5180 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll
10:35:04.0531 5180 dmserver - ok
10:35:04.0625 5180 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
10:35:04.0906 5180 DMusic - ok
10:35:05.0046 5180 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
10:35:05.0281 5180 Dnscache - ok
10:35:05.0546 5180 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
10:35:06.0046 5180 Dot3svc - ok
10:35:06.0046 5180 dpti2o - ok
10:35:06.0234 5180 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
10:35:06.0484 5180 drmkaud - ok
10:35:06.0625 5180 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll
10:35:06.0953 5180 EapHost - ok
10:35:07.0000 5180 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll
10:35:07.0343 5180 ERSvc - ok
10:35:07.0718 5180 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe
10:35:07.0984 5180 Eventlog - ok
10:35:08.0359 5180 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\system32\es.dll
10:35:08.0703 5180 EventSystem - ok
10:35:08.0796 5180 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
10:35:09.0484 5180 Fastfat - ok
10:35:09.0640 5180 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
10:35:09.0984 5180 FastUserSwitchingCompatibility - ok
10:35:10.0187 5180 [ 08B8B302AF0D1B3B8543429BBAC8F21F ] Fax C:\WINDOWS\system32\fxssvc.exe
10:35:10.0468 5180 Fax - ok
10:35:10.0515 5180 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
10:35:10.0828 5180 Fdc - ok
10:35:10.0875 5180 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
10:35:11.0140 5180 Fips - ok
10:35:11.0156 5180 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
10:35:11.0390 5180 Flpydisk - ok
10:35:11.0453 5180 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
10:35:11.0687 5180 FltMgr - ok
10:35:11.0734 5180 [ E20D64EDF74D80874837B16506D58166 ] fltsrv C:\WINDOWS\system32\DRIVERS\fltsrv.sys
10:35:11.0968 5180 fltsrv - ok
10:35:12.0031 5180 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
10:35:12.0078 5180 FontCache3.0.0.0 - ok
10:35:12.0093 5180 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
10:35:12.0265 5180 Fs_Rec - ok
10:35:12.0312 5180 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
10:35:12.0531 5180 Ftdisk - ok
10:35:12.0562 5180 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
10:35:12.0859 5180 Gpc - ok
10:35:12.0984 5180 [ 626A24ED1228580B9518C01930936DF9 ] gupdate1c9ef90cb9d602c C:\Programme\Google\Update\GoogleUpdate.exe
10:35:13.0078 5180 gupdate1c9ef90cb9d602c - ok
10:35:13.0125 5180 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe
10:35:13.0156 5180 gupdatem - ok
10:35:13.0218 5180 [ F58D2900C66A1E773E3375098E0E9337 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
10:35:13.0343 5180 HdAudAddService - ok
10:35:13.0406 5180 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
10:35:13.0640 5180 HDAudBus - ok
10:35:13.0687 5180 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
10:35:13.0906 5180 helpsvc - ok
10:35:13.0906 5180 HidServ - ok
10:35:13.0937 5180 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
10:35:14.0125 5180 HidUsb - ok
10:35:14.0156 5180 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
10:35:14.0343 5180 hkmsvc - ok
10:35:14.0343 5180 hpn - ok
10:35:14.0593 5180 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08 C:\Programme\HP\Digital Imaging\bin\hpqcxs08.dll
10:35:14.0703 5180 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
10:35:14.0703 5180 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
10:35:14.0765 5180 [ 7DA3211AC63EDD90B8ECA1CA1ABFD43B ] hpqddsvc C:\Programme\HP\Digital Imaging\bin\hpqddsvc.dll
10:35:14.0859 5180 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
10:35:14.0859 5180 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
10:35:14.0906 5180 [ D03D10F7DED688FECF50F8FBF1EA9B8A ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
10:35:15.0421 5180 HPZid412 - ok
10:35:15.0468 5180 [ 89F41658929393487B6B7D13C8528CE3 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
10:35:15.0546 5180 HPZipr12 - ok
10:35:15.0578 5180 [ ABCB05CCDBF03000354B9553820E39F8 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
10:35:15.0656 5180 HPZius12 - ok
10:35:15.0750 5180 [ 6312DC46356DF3974E88AA51B69360DC ] HSFHWBS2 C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
10:35:15.0921 5180 HSFHWBS2 - ok
10:35:16.0265 5180 [ 8ED6714C8E754520DD8A939F91383EA0 ] HSF_DP C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
10:35:16.0937 5180 HSF_DP - ok
10:35:17.0265 5180 [ DAAB917EEC9849840A13353198D48CC5 ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
10:35:17.0968 5180 HSF_DPV - ok
10:35:18.0078 5180 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
10:35:18.0234 5180 HTTP - ok
10:35:18.0265 5180 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
10:35:18.0437 5180 HTTPFilter - ok
10:35:18.0437 5180 i2omgmt - ok
10:35:18.0453 5180 i2omp - ok
10:35:18.0484 5180 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
10:35:18.0671 5180 i8042prt - ok
10:35:18.0703 5180 ids00026 - ok
10:35:18.0718 5180 ids0014f - ok
10:35:18.0718 5180 ids0015d - ok
10:35:18.0718 5180 ids00180 - ok
10:35:18.0734 5180 ids0018a - ok
10:35:19.0093 5180 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:35:19.0687 5180 idsvc - ok
10:35:19.0734 5180 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
10:35:19.0968 5180 Imapi - ok
10:35:20.0031 5180 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe
10:35:20.0250 5180 ImapiService - ok
10:35:20.0265 5180 ini910u - ok
10:35:20.0265 5180 IntelIde - ok
10:35:20.0312 5180 [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
10:35:20.0515 5180 intelppm - ok
10:35:20.0546 5180 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
10:35:20.0718 5180 Ip6Fw - ok
10:35:20.0750 5180 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
10:35:20.0921 5180 IpFilterDriver - ok
10:35:20.0984 5180 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
10:35:21.0187 5180 IpInIp - ok
10:35:21.0250 5180 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
10:35:21.0453 5180 IpNat - ok
10:35:21.0500 5180 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
10:35:21.0703 5180 IPSec - ok
10:35:21.0750 5180 [ ACA5E7B54409F9CB5EED97ED0C81120E ] irda C:\WINDOWS\system32\DRIVERS\irda.sys
10:35:21.0984 5180 irda - ok
10:35:22.0000 5180 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
10:35:22.0093 5180 IRENUM - ok
10:35:22.0125 5180 [ 2EFE1DB1EC58A26B0C14BFDA122E246F ] Irmon C:\WINDOWS\System32\irmon.dll
10:35:22.0296 5180 Irmon - ok
10:35:22.0328 5180 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
10:35:22.0750 5180 isapnp - ok
10:35:23.0484 5180 [ 999DB5F88C8E145CCA9D471E33227143 ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe
10:35:23.0625 5180 JavaQuickStarterService - ok
10:35:23.0656 5180 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
10:35:23.0859 5180 Kbdclass - ok
10:35:23.0906 5180 [ B6D6C117D771C98130497265F26D1882 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
10:35:24.0171 5180 kbdhid - ok
10:35:24.0250 5180 [ EA26CB00F83686856F2C79673C00C686 ] kl1 C:\WINDOWS\system32\DRIVERS\kl1.sys
10:35:24.0312 5180 kl1 - ok
10:35:24.0343 5180 [ 53EEDAB3F0511321AC3AE8BC968B158C ] klbg C:\WINDOWS\system32\drivers\klbg.sys
10:35:24.0390 5180 klbg - ok
10:35:24.0593 5180 [ 3D23639C3FDBC082AF7016A5C8829329 ] KLIF C:\WINDOWS\system32\DRIVERS\klif.sys
10:35:24.0765 5180 KLIF - ok
10:35:24.0796 5180 [ 05E5504E5E06F75F18BBEA7291601FE2 ] klim5 C:\WINDOWS\system32\DRIVERS\klim5.sys
10:35:24.0843 5180 klim5 - ok
10:35:24.0890 5180 [ 7BE035A9C20F357DC765D6C7FDCDC964 ] klkbdflt C:\WINDOWS\system32\DRIVERS\klkbdflt.sys
10:35:24.0937 5180 klkbdflt - ok
10:35:24.0968 5180 [ A8234A8F67B0565F74753FE88A7BF03D ] klmouflt C:\WINDOWS\system32\DRIVERS\klmouflt.sys
10:35:25.0031 5180 klmouflt - ok
10:35:25.0062 5180 [ 53C0DF6C5139CB78A631E7AFCD893730 ] kltdi C:\WINDOWS\system32\DRIVERS\kltdi.sys
10:35:25.0109 5180 kltdi - ok
10:35:25.0171 5180 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
10:35:25.0328 5180 kmixer - ok
10:35:25.0406 5180 [ 71A38C123600172511C26BFABD0EF579 ] kneps C:\WINDOWS\system32\DRIVERS\kneps.sys
10:35:25.0468 5180 kneps - ok
10:35:25.0515 5180 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
10:35:25.0640 5180 KSecDD - ok
10:35:25.0703 5180 [ 2BBDCB79900990F0716DFCB714E72DE7 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
10:35:25.0828 5180 lanmanserver - ok
10:35:25.0906 5180 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
10:35:26.0031 5180 lanmanworkstation - ok
10:35:26.0062 5180 lbrtfdc - ok
10:35:26.0156 5180 [ 575ED0F5DCB34E5C243D2A7EBC860484 ] LightScribeService C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
10:35:26.0250 5180 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
10:35:26.0250 5180 LightScribeService - detected UnsignedFile.Multi.Generic (1)
10:35:26.0296 5180 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
10:35:26.0515 5180 LmHosts - ok
10:35:26.0546 5180 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
10:35:26.0609 5180 mdmxsdk - ok
10:35:26.0734 5180 [ 780D96F551833E0DCFE0A33B02B774E8 ] MemeoBackgroundService C:\Programme\Memeo\AutoBackup\MemeoBackgroundService.exe
10:35:26.0781 5180 MemeoBackgroundService - ok
10:35:26.0812 5180 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll
10:35:27.0015 5180 Messenger - ok
10:35:27.0046 5180 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
10:35:27.0203 5180 mnmdd - ok
10:35:27.0234 5180 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
10:35:27.0406 5180 mnmsrvc - ok
10:35:27.0437 5180 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
10:35:27.0625 5180 Modem - ok
10:35:27.0656 5180 [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys
10:35:27.0828 5180 MODEMCSA - ok
10:35:27.0859 5180 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
10:35:28.0031 5180 Mouclass - ok
10:35:28.0078 5180 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
10:35:28.0265 5180 mouhid - ok
10:35:28.0296 5180 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
10:35:28.0578 5180 MountMgr - ok
10:35:28.0656 5180 [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
10:35:28.0796 5180 MozillaMaintenance - ok
10:35:28.0812 5180 [ C0F8E0C2C3C0437CF37C6781896DC3EC ] MPE C:\WINDOWS\system32\DRIVERS\MPE.sys
10:35:29.0000 5180 MPE - ok
10:35:29.0015 5180 mraid35x - ok
10:35:29.0078 5180 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
10:35:29.0265 5180 MRxDAV - ok
10:35:29.0421 5180 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
10:35:29.0687 5180 MRxSmb - ok
10:35:29.0812 5180 [ 641199534871783DD74138FE0BCFDAE7 ] MSCamSvc C:\Programme\Microsoft LifeCam\MSCamS32.exe
10:35:30.0031 5180 MSCamSvc - ok
10:35:30.0046 5180 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\system32\msdtc.exe
10:35:30.0218 5180 MSDTC - ok
10:35:30.0234 5180 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
10:35:30.0406 5180 Msfs - ok
10:35:30.0421 5180 [ 95C6432151CCFF8617352F8E616A1AA4 ] MSIRCOMM C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys
10:35:30.0515 5180 MSIRCOMM - ok
10:35:30.0515 5180 MSIServer - ok
10:35:30.0546 5180 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
10:35:30.0828 5180 MSKSSRV - ok
10:35:30.0843 5180 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
10:35:31.0046 5180 MSPCLOCK - ok
10:35:31.0062 5180 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
10:35:31.0234 5180 MSPQM - ok
10:35:31.0250 5180 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
10:35:31.0437 5180 mssmbios - ok
10:35:34.0390 5180 [ 1B959A0614D575D0AB3B09095F0A8B83 ] MSSQL$PINNACLESYS C:\Programme\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
10:35:41.0687 5180 MSSQL$PINNACLESYS - ok
10:35:42.0062 5180 [ 1D1B22613EAB9287AF902398867BC93C ] MSSQLServerADHelper C:\Programme\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe
10:35:42.0265 5180 MSSQLServerADHelper ( UnsignedFile.Multi.Generic ) - warning
10:35:42.0265 5180 MSSQLServerADHelper - detected UnsignedFile.Multi.Generic (1)
10:35:42.0296 5180 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
10:35:42.0609 5180 MSTEE - ok
10:35:42.0781 5180 [ D48659BB24C48345D926ECB45C1EBDF5 ] MTsensor C:\WINDOWS\system32\DRIVERS\ASACPI.sys
10:35:42.0843 5180 MTsensor ( UnsignedFile.Multi.Generic ) - warning
10:35:42.0843 5180 MTsensor - detected UnsignedFile.Multi.Generic (1)
10:35:42.0937 5180 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
10:35:43.0125 5180 Mup - ok
10:35:43.0328 5180 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
10:35:43.0703 5180 NABTSFEC - ok
10:35:44.0187 5180 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll
10:35:44.0656 5180 napagent - ok
10:35:44.0843 5180 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
10:35:45.0171 5180 NDIS - ok
10:35:45.0234 5180 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
10:35:45.0546 5180 NdisIP - ok
10:35:45.0640 5180 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
10:35:45.0796 5180 NdisTapi - ok
10:35:45.0921 5180 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
10:35:46.0218 5180 Ndisuio - ok
10:35:46.0265 5180 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
10:35:46.0531 5180 NdisWan - ok
10:35:46.0703 5180 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
10:35:46.0984 5180 NDProxy - ok
10:35:47.0031 5180 [ 69C503C004F49AEE8B8E3067CC047BA7 ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
10:35:47.0109 5180 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
10:35:47.0109 5180 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
10:35:47.0171 5180 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
10:35:47.0500 5180 NetBIOS - ok
10:35:47.0656 5180 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
10:35:48.0000 5180 NetBT - ok
10:35:48.0062 5180 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe
10:35:48.0265 5180 NetDDE - ok
10:35:48.0312 5180 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
10:35:48.0484 5180 NetDDEdsdm - ok
10:35:48.0500 5180 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe
10:35:48.0671 5180 Netlogon - ok
10:35:48.0734 5180 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll
10:35:48.0984 5180 Netman - ok
10:35:49.0062 5180 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:35:49.0156 5180 NetTcpPortSharing - ok
10:35:49.0250 5180 [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla C:\WINDOWS\System32\mswsock.dll
10:35:49.0390 5180 Nla - ok
10:35:49.0421 5180 [ 48FB907B069524F2DC7BA62A0762850C ] nmwcd C:\WINDOWS\system32\drivers\ccdcmb.sys
10:35:50.0140 5180 nmwcd - ok
10:35:50.0171 5180 [ 2914CEB789964141AC6E22C6BC980C42 ] nmwcdc C:\WINDOWS\system32\drivers\ccdcmbo.sys
10:35:50.0296 5180 nmwcdc - ok
10:35:50.0359 5180 [ 28D40797BCB050321FA6674B08A620C0 ] nmwcdnsu C:\WINDOWS\system32\drivers\nmwcdnsu.sys
10:35:50.0484 5180 nmwcdnsu - ok
10:35:50.0531 5180 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
10:35:50.0687 5180 Npfs - ok
10:35:50.0875 5180 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
10:35:51.0328 5180 Ntfs - ok
10:35:51.0343 5180 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
10:35:51.0500 5180 NtLmSsp - ok
10:35:51.0671 5180 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
10:35:52.0109 5180 NtmsSvc - ok
10:35:52.0125 5180 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
10:35:52.0296 5180 Null - ok
10:35:57.0375 5180 [ 0DC79B60CEDC3A8854C27B3C6E4B3414 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
10:36:06.0281 5180 nv - ok
10:36:06.0359 5180 [ 32F7DEC3729B3BAE66EEBCAB7B03B18F ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
10:36:06.0390 5180 NVSvc - ok
10:36:07.0125 5180 [ 2CC4E45B0EB4C48392CEC9C83B5B8E3B ] nvUpdatusService C:\Programme\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
10:36:08.0750 5180 nvUpdatusService - ok
10:36:08.0843 5180 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
10:36:09.0250 5180 NwlnkFlt - ok
10:36:09.0328 5180 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
10:36:09.0625 5180 NwlnkFwd - ok
10:36:09.0703 5180 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
10:36:09.0750 5180 ose - ok
10:36:09.0796 5180 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
10:36:10.0000 5180 Parport - ok
10:36:10.0031 5180 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
10:36:10.0281 5180 PartMgr - ok
10:36:10.0312 5180 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
10:36:10.0468 5180 ParVdm - ok
10:36:10.0500 5180 [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
10:36:10.0593 5180 pccsmcfd - ok
10:36:10.0640 5180 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
10:36:10.0812 5180 PCI - ok
10:36:10.0828 5180 PCIDump - ok
10:36:10.0843 5180 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
10:36:11.0000 5180 PCIIde - ok
10:36:11.0031 5180 [ 1BEBE7DE8508A02650CDCE45C664C2A2 ] PCLEPCI C:\WINDOWS\system32\drivers\pclepci.sys
10:36:11.0078 5180 PCLEPCI ( UnsignedFile.Multi.Generic ) - warning
10:36:11.0078 5180 PCLEPCI - detected UnsignedFile.Multi.Generic (1)
10:36:11.0140 5180 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
10:36:11.0328 5180 Pcmcia - ok
10:36:11.0328 5180 PDCOMP - ok
10:36:11.0343 5180 PDFRAME - ok
10:36:11.0343 5180 PDRELI - ok
10:36:11.0359 5180 PDRFRAME - ok
10:36:11.0359 5180 perc2 - ok
10:36:11.0359 5180 perc2hib - ok
10:36:11.0421 5180 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe
10:36:11.0468 5180 PlugPlay - ok
10:36:11.0515 5180 [ 12B4549D515CB26BB8D375038017CA65 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
10:36:11.0562 5180 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
10:36:11.0562 5180 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
10:36:11.0609 5180 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
10:36:11.0812 5180 PolicyAgent - ok
10:36:11.0828 5180 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
10:36:11.0984 5180 PptpMiniport - ok
10:36:12.0000 5180 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
10:36:12.0203 5180 ProtectedStorage - ok
10:36:12.0250 5180 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
10:36:12.0437 5180 PSched - ok
10:36:12.0453 5180 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
10:36:12.0640 5180 Ptilink - ok
10:36:12.0671 5180 [ D86B4A68565E444D76457F14172C875A ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
10:36:12.0718 5180 PxHelp20 - ok
10:36:12.0734 5180 ql1080 - ok
10:36:12.0734 5180 Ql10wnt - ok
10:36:12.0734 5180 ql12160 - ok
10:36:12.0750 5180 ql1240 - ok
10:36:12.0750 5180 ql1280 - ok
10:36:12.0781 5180 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
10:36:12.0937 5180 RasAcd - ok
10:36:12.0984 5180 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll
10:36:13.0187 5180 RasAuto - ok
10:36:13.0218 5180 [ 0207D26DDF796A193CCD9F83047BB5FC ] Rasirda C:\WINDOWS\system32\DRIVERS\rasirda.sys
10:36:13.0343 5180 Rasirda - ok
10:36:13.0359 5180 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
10:36:13.0515 5180 Rasl2tp - ok
10:36:13.0593 5180 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll
10:36:13.0906 5180 RasMan - ok
10:36:13.0937 5180 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
10:36:14.0140 5180 RasPppoe - ok
10:36:14.0171 5180 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
10:36:14.0312 5180 Raspti - ok
10:36:14.0375 5180 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
10:36:14.0640 5180 Rdbss - ok
10:36:14.0656 5180 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
10:36:14.0828 5180 RDPCDD - ok
10:36:14.0890 5180 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
10:36:15.0000 5180 RDPWD - ok
10:36:15.0093 5180 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
10:36:15.0296 5180 RDSessMgr - ok
10:36:15.0328 5180 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
10:36:15.0484 5180 redbook - ok
10:36:15.0515 5180 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
10:36:15.0687 5180 RemoteAccess - ok
10:36:15.0734 5180 [ 851C30DF2807FCFA21E4C681A7D6440E ] RFCOMM C:\WINDOWS\system32\DRIVERS\rfcomm.sys
10:36:15.0937 5180 RFCOMM - ok
10:36:15.0968 5180 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys
10:36:16.0156 5180 ROOTMODEM - ok
10:36:16.0203 5180 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\system32\locator.exe
10:36:16.0375 5180 RpcLocator - ok
10:36:16.0515 5180 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs C:\WINDOWS\system32\rpcss.dll
10:36:16.0656 5180 RpcSs - ok
10:36:16.0718 5180 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\system32\rsvp.exe
10:36:16.0906 5180 RSVP - ok
10:36:16.0921 5180 RT2500USB - ok
10:36:17.0015 5180 [ C6D34A1874CD2B212DC3E788091C64B4 ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
10:36:17.0109 5180 RTLE8023xp - ok
10:36:17.0125 5180 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe
10:36:17.0265 5180 SamSs - ok
10:36:17.0312 5180 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
10:36:17.0500 5180 SCardSvr - ok
10:36:17.0593 5180 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll
10:36:17.0796 5180 Schedule - ok
10:36:17.0968 5180 [ 738187CE167D51240EC945F42743D0E5 ] SCPDFReadSpool C:\WINDOWS\Installer\MSIE4.tmp
10:36:18.0125 5180 SCPDFReadSpool - ok
10:36:18.0328 5180 [ 16B44D246835EAC156F8DAF0AA4F530C ] SeagateDashboardService C:\Programme\Seagate\Seagate Dashboard\SeagateDashboardService.exe
10:36:18.0375 5180 SeagateDashboardService - ok
10:36:18.0437 5180 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
10:36:18.0593 5180 Secdrv - ok
10:36:18.0687 5180 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll
10:36:18.0968 5180 seclogon - ok
10:36:19.0203 5180 [ 23228966244CDD9627BDE4141B3BE1F0 ] SenFiltService C:\WINDOWS\system32\drivers\Senfilt.sys
10:36:19.0656 5180 SenFiltService - ok
10:36:19.0765 5180 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll
10:36:20.0031 5180 SENS - ok
10:36:20.0203 5180 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
10:36:20.0484 5180 serenum - ok
10:36:20.0531 5180 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
10:36:20.0843 5180 Serial - ok
10:36:22.0343 5180 [ 7D3903AF48E6C1DC2704EAFCB608D031 ] ServiceLayer C:\Programme\PC Connectivity Solution\ServiceLayer.exe
10:36:23.0015 5180 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
10:36:23.0015 5180 ServiceLayer - detected UnsignedFile.Multi.Generic (1)
10:36:23.0265 5180 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\DRIVERS\sfloppy.sys
10:36:23.0562 5180 Sfloppy - ok
10:36:23.0812 5180 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
10:36:24.0734 5180 SharedAccess - ok
10:36:25.0046 5180 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
10:36:25.0156 5180 ShellHWDetection - ok
10:36:25.0171 5180 Simbad - ok
10:36:27.0625 5180 [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe
10:36:29.0593 5180 Skype C2C Service - ok
10:36:29.0687 5180 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Programme\Skype\Updater\Updater.exe
10:36:29.0750 5180 SkypeUpdate - ok
10:36:29.0765 5180 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
10:36:30.0046 5180 SLIP - ok
10:36:30.0140 5180 [ 851310C1B742D2DF2D334603836FFDF5 ] snapman C:\WINDOWS\system32\DRIVERS\snapman.sys
10:36:30.0265 5180 snapman - ok
10:36:30.0265 5180 Sparrow - ok
10:36:30.0296 5180 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
10:36:30.0468 5180 splitter - ok
10:36:30.0515 5180 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
10:36:30.0562 5180 Spooler - ok
10:36:30.0687 5180 [ 352E375AB298C23B0F9BC307652C7F50 ] SQLAgent$PINNACLESYS C:\Programme\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE
10:36:30.0828 5180 SQLAgent$PINNACLESYS ( UnsignedFile.Multi.Generic ) - warning
10:36:30.0828 5180 SQLAgent$PINNACLESYS - detected UnsignedFile.Multi.Generic (1)
10:36:30.0859 5180 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
10:36:31.0031 5180 sr - ok
10:36:31.0109 5180 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll
10:36:31.0328 5180 srservice - ok
10:36:31.0453 5180 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
10:36:31.0687 5180 Srv - ok
10:36:31.0734 5180 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
10:36:31.0875 5180 SSDPSRV - ok
10:36:31.0953 5180 [ 359FEE084F1173FFFFD7F9CCBD43D47F ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
10:36:32.0078 5180 ssudmdm - ok
10:36:32.0140 5180 [ E57B778208C783D8DEBAB320C16A1B82 ] StarOpen C:\WINDOWS\system32\drivers\StarOpen.sys
10:36:32.0187 5180 StarOpen ( UnsignedFile.Multi.Generic ) - warning
10:36:32.0187 5180 StarOpen - detected UnsignedFile.Multi.Generic (1)
10:36:32.0234 5180 [ A1A16662C6B1A665D965D61B9EECC5A7 ] STIrUsb C:\WINDOWS\system32\DRIVERS\irstusb.sys
10:36:32.0421 5180 STIrUsb - ok
10:36:32.0562 5180 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll
10:36:32.0906 5180 stisvc - ok
10:36:32.0921 5180 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
10:36:33.0093 5180 streamip - ok
10:36:33.0109 5180 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
10:36:33.0296 5180 swenum - ok
10:36:33.0328 5180 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
10:36:33.0484 5180 swmidi - ok
10:36:33.0500 5180 SwPrv - ok
10:36:33.0500 5180 symc810 - ok
10:36:33.0515 5180 symc8xx - ok
10:36:33.0515 5180 sym_hi - ok
10:36:33.0531 5180 sym_u3 - ok
10:36:36.0187 5180 [ A214C8AA6A6C06C9DBAB1310E38DAB4A ] syncagentsrv C:\Programme\Gemeinsame Dateien\Acronis\SyncAgent\syncagentsrv.exe
10:36:38.0500 5180 syncagentsrv - ok
10:36:38.0546 5180 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
10:36:38.0718 5180 sysaudio - ok
10:36:38.0765 5180 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
10:36:39.0062 5180 SysmonLog - ok
10:36:39.0171 5180 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
10:36:39.0718 5180 TapiSrv - ok
10:36:39.0968 5180 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
10:36:40.0500 5180 Tcpip - ok
10:36:40.0531 5180 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
10:36:40.0703 5180 TDPIPE - ok
10:36:40.0968 5180 [ 6345E3829FD130A144454F9F5C2A3B9E ] tdrpman C:\WINDOWS\system32\DRIVERS\tdrpman.sys
10:36:42.0000 5180 tdrpman - ok
10:36:42.0031 5180 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
10:36:42.0203 5180 TDTCP - ok
10:36:43.0031 5180 [ A3393F0DC64C29F47DC4126E6FA57558 ] TeamViewer6 C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe
10:36:44.0718 5180 TeamViewer6 - ok
10:36:44.0765 5180 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
10:36:45.0296 5180 TermDD - ok
10:36:45.0421 5180 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll
10:36:45.0828 5180 TermService - ok
10:36:45.0937 5180 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll
10:36:46.0000 5180 Themes - ok
10:36:46.0265 5180 [ A8C31102F448231596168FFC9F568B9A ] tib_mounter C:\WINDOWS\system32\DRIVERS\tib_mounter.sys
10:36:46.0656 5180 tib_mounter - ok
10:36:46.0718 5180 [ 76148C3159718B701252F87B067904A6 ] TOSHIBA Bluetooth Service C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
10:36:46.0781 5180 TOSHIBA Bluetooth Service ( UnsignedFile.Multi.Generic ) - warning
10:36:46.0781 5180 TOSHIBA Bluetooth Service - detected UnsignedFile.Multi.Generic (1)
10:36:46.0781 5180 TosIde - ok
10:36:46.0812 5180 [ 8D624D3BD1F2D78BD1C01A2D4E954B4E ] tosporte C:\WINDOWS\system32\DRIVERS\tosporte.sys
10:36:47.0093 5180 tosporte - ok
10:36:47.0156 5180 [ A594DBD80CA5426E2E558BF79195A110 ] Tosrfbd C:\WINDOWS\system32\DRIVERS\tosrfbd.sys
10:36:47.0250 5180 Tosrfbd - ok
10:36:47.0281 5180 [ 90C8525BC578AAFFE87C2D0ED4379E9E ] tosrfbnp C:\WINDOWS\system32\Drivers\tosrfbnp.sys
10:36:47.0359 5180 tosrfbnp - ok
10:36:47.0406 5180 [ 5BA1CA3B3CDDB1DDC67DF473F05D1EC2 ] Tosrfcom C:\WINDOWS\system32\Drivers\tosrfcom.sys
10:36:47.0609 5180 Tosrfcom - ok
10:36:47.0671 5180 [ 28099A4E52148319AFA685D93A2244D0 ] Tosrfhid C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys
10:36:47.0734 5180 Tosrfhid - ok
10:36:47.0750 5180 [ C52FD27B9ADF3A1F22CB90E6BCF9B0CB ] tosrfnds C:\WINDOWS\system32\DRIVERS\tosrfnds.sys
10:36:47.0796 5180 tosrfnds - ok
10:36:47.0843 5180 [ 1FF09B64D1E0C82EE81026718D8D47C2 ] TosRfSnd C:\WINDOWS\system32\drivers\tosrfsnd.sys
10:36:47.0890 5180 TosRfSnd - ok
10:36:47.0921 5180 [ 20CC46C5D3326122E1A0A8C9DAD00E0D ] tosrfusb C:\WINDOWS\system32\DRIVERS\tosrfusb.sys
10:36:48.0015 5180 tosrfusb - ok
10:36:48.0062 5180 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll
10:36:48.0343 5180 TrkWks - ok
10:36:48.0625 5180 [ 3D23639C3FDBC082AF7016A5C8829329 ] TSP C:\WINDOWS\system32\drivers\klif.sys
10:36:48.0750 5180 TSP - ok
10:36:48.0781 5180 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
10:36:48.0984 5180 Udfs - ok
10:36:49.0000 5180 ultra - ok
10:36:49.0140 5180 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
10:36:49.0625 5180 Update - ok
10:36:49.0703 5180 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll
10:36:49.0890 5180 upnphost - ok
10:36:49.0906 5180 [ E526A166E6ACAFD0A9B3841D3941669E ] upperdev C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
10:36:50.0031 5180 upperdev - ok
10:36:50.0046 5180 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe
10:36:50.0265 5180 UPS - ok
10:36:50.0312 5180 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
10:36:50.0546 5180 usbaudio - ok
10:36:50.0593 5180 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
10:36:50.0843 5180 usbccgp - ok
10:36:50.0875 5180 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
10:36:51.0062 5180 usbehci - ok
10:36:51.0109 5180 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
10:36:51.0359 5180 usbhub - ok
10:36:51.0390 5180 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
10:36:51.0593 5180 usbprint - ok
10:36:51.0609 5180 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
10:36:51.0890 5180 usbscan - ok
10:36:51.0921 5180 [ 1C888B000C2F9492F4B15B5B6B84873E ] usbser C:\WINDOWS\system32\drivers\usbser.sys
10:36:52.0156 5180 usbser - ok
10:36:52.0171 5180 [ 6F3E3C6811B930D2414552A2E4A40F36 ] UsbserFilt C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
10:36:52.0328 5180 UsbserFilt - ok
10:36:52.0359 5180 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
10:36:52.0578 5180 USBSTOR - ok
10:36:52.0593 5180 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
10:36:52.0828 5180 usbuhci - ok
10:36:52.0859 5180 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
10:36:53.0187 5180 VgaSave - ok
10:36:53.0203 5180 ViaIde - ok
10:36:53.0281 5180 [ 26B75DCB58B006867EFD659E845CD65E ] vididr C:\WINDOWS\system32\DRIVERS\vididr.sys
10:36:53.0359 5180 vididr - ok
10:36:53.0406 5180 [ 40AFA68F81F90636D1300099E9CFC8CE ] vidsflt C:\WINDOWS\system32\DRIVERS\vidsflt.sys
10:36:53.0703 5180 vidsflt - ok
10:36:53.0796 5180 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
10:36:54.0015 5180 VolSnap - ok
10:36:54.0031 5180 vsdatant - ok
10:36:54.0140 5180 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe
10:36:54.0468 5180 VSS - ok
10:36:55.0625 5180 [ 13ACFED0E6ADCA97440169DFD127EBCF ] VX3000 C:\WINDOWS\system32\DRIVERS\VX3000.sys
10:36:57.0093 5180 VX3000 - ok
10:36:57.0171 5180 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll
10:36:57.0421 5180 W32Time - ok
10:36:57.0468 5180 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:36:57.0796 5180 Wanarp - ok
10:36:57.0843 5180 [ 46A247F6617526AFE38B6F12F5512120 ] wceusbsh C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
10:36:58.0015 5180 wceusbsh - ok
10:36:58.0375 5180 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
10:36:58.0921 5180 Wdf01000 - ok
10:36:58.0937 5180 WDICA - ok
10:36:59.0015 5180 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
10:36:59.0359 5180 wdmaud - ok
10:36:59.0562 5180 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll
10:37:00.0078 5180 WebClient - ok
10:37:00.0843 5180 [ BE3A842C2F2E87E7C840D36BCF13E8E0 ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
10:37:01.0781 5180 winachsf - ok
10:37:02.0562 5180 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
10:37:02.0906 5180 winmgmt - ok
10:37:03.0703 5180 [ F10075C2EC96D2EB118012E78ECE2FC2 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
10:37:05.0234 5180 WinRM - ok
10:37:05.0390 5180 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
10:37:05.0578 5180 WmdmPmSN - ok
10:37:05.0640 5180 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
10:37:05.0796 5180 WmiApSrv - ok
10:37:06.0125 5180 [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc C:\Programme\Windows Media Player\WMPNetwk.exe
10:37:06.0703 5180 WMPNetworkSvc - ok
10:37:06.0750 5180 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
10:37:06.0781 5180 WpdUsb - ok
10:37:07.0078 5180 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
10:37:07.0343 5180 WPFFontCache_v0400 - ok
10:37:07.0406 5180 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINDOWS\system32\wscsvc.dll
10:37:07.0687 5180 wscsvc - ok
10:37:07.0703 5180 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
10:37:07.0937 5180 WSTCODEC - ok
10:37:07.0953 5180 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
10:37:08.0109 5180 wuauserv - ok
10:37:08.0171 5180 [ EAA6324F51214D2F6718977EC9CE0DEF ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
10:37:08.0234 5180 WudfPf - ok
10:37:08.0312 5180 [ F91FF1E51FCA30B3C3981DB7D5924252 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
10:37:08.0421 5180 WudfRd - ok
10:37:08.0453 5180 [ DDEE3682FE97037C45F4D7AB467CB8B6 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
10:37:08.0515 5180 WudfSvc - ok
10:37:08.0687 5180 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
10:37:09.0265 5180 WZCSVC - ok
10:37:09.0328 5180 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
10:37:09.0812 5180 xmlprov - ok
10:37:09.0875 5180 ================ Scan global ===============================
10:37:09.0906 5180 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
10:37:10.0156 5180 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
10:37:10.0437 5180 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
10:37:10.0500 5180 [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe
10:37:10.0500 5180 [Global] - ok
10:37:10.0500 5180 ================ Scan MBR ==================================
10:37:10.0515 5180 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
10:37:11.0265 5180 \Device\Harddisk0\DR0 - ok
10:37:11.0265 5180 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
10:37:11.0343 5180 \Device\Harddisk1\DR1 - ok
10:37:11.0343 5180 ================ Scan VBR ==================================
10:37:11.0343 5180 [ 91D7C03417315C80A612E562D6DB2485 ] \Device\Harddisk0\DR0\Partition1
10:37:11.0343 5180 \Device\Harddisk0\DR0\Partition1 - ok
10:37:11.0359 5180 [ 39D493D08F7E5F0220B1C28DCD640DD5 ] \Device\Harddisk1\DR1\Partition1
10:37:11.0359 5180 \Device\Harddisk1\DR1\Partition1 - ok
10:37:11.0359 5180 ============================================================
10:37:11.0359 5180 Scan finished
10:37:11.0359 5180 ============================================================
10:37:11.0468 1752 Detected object count: 17
10:37:11.0468 1752 Actual detected object count: 17
10:37:24.0390 1752 ACEDRV06 ( UnsignedFile.Multi.Generic ) - skipped by user
10:37:24.0390 1752 ACEDRV06 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:37:24.0390 1752 avmaudio ( UnsignedFile.Multi.Generic ) - skipped by user
10:37:24.0390 1752 avmaudio ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:37:24.0390 1752 CCALib8 ( UnsignedFile.Multi.Generic ) - skipped by user
10:37:24.0390 1752 CCALib8 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:37:24.0390 1752 CdaC15BA ( UnsignedFile.Multi.Generic ) - skipped by user
10:37:24.0390 1752 CdaC15BA ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:37:24.0390 1752 CltMngSvc ( UnsignedFile.Multi.Generic ) - skipped by user
10:37:24.0390 1752 CltMngSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:37:24.0390 1752 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
10:37:24.0390 1752 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:37:24.0406 1752 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
10:37:24.0406 1752 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:37:24.0406 1752 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
10:37:24.0406 1752 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:37:24.0406 1752 MSSQLServerADHelper ( UnsignedFile.Multi.Generic ) - skipped by user
10:37:24.0406 1752 MSSQLServerADHelper ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:37:24.0406 1752 MTsensor ( UnsignedFile.Multi.Generic ) - skipped by user
10:37:24.0406 1752 MTsensor ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:37:24.0406 1752 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
10:37:24.0406 1752 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:37:24.0406 1752 PCLEPCI ( UnsignedFile.Multi.Generic ) - skipped by user
10:37:24.0406 1752 PCLEPCI ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:37:24.0406 1752 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
10:37:24.0406 1752 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:37:24.0421 1752 ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
10:37:24.0421 1752 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:37:24.0421 1752 SQLAgent$PINNACLESYS ( UnsignedFile.Multi.Generic ) - skipped by user
10:37:24.0421 1752 SQLAgent$PINNACLESYS ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:37:24.0421 1752 StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
10:37:24.0421 1752 StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:37:24.0421 1752 TOSHIBA Bluetooth Service ( UnsignedFile.Multi.Generic ) - skipped by user
10:37:24.0421 1752 TOSHIBA Bluetooth Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:43:16.0343 3600 ============================================================
10:43:16.0343 3600 Scan started
10:43:16.0343 3600 Mode: Manual; SigCheck; TDLFS;
10:43:16.0343 3600 ============================================================
10:43:16.0515 3600 ================ Scan system memory ========================
10:43:16.0515 3600 System memory - ok
10:43:16.0515 3600 ================ Scan services =============================
10:43:17.0031 3600 Abiosdsk - ok
10:43:17.0031 3600 abp480n5 - ok
10:43:17.0093 3600 [ 44010948BDE6ADE50DD1386657C73E83 ] ACEDRV06 C:\WINDOWS\system32\drivers\ACEDRV06.sys
10:43:17.0250 3600 ACEDRV06 ( UnsignedFile.Multi.Generic ) - warning
10:43:17.0250 3600 ACEDRV06 - detected UnsignedFile.Multi.Generic (1)
10:43:17.0328 3600 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
10:43:17.0562 3600 ACPI - ok
10:43:17.0593 3600 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
10:43:17.0765 3600 ACPIEC - ok
10:43:18.0093 3600 [ 35BCB0F33FABA91F93C062FBE7EA1EAC ] AcrSch2Svc C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe
10:43:18.0312 3600 AcrSch2Svc - ok
10:43:18.0390 3600 [ 708BAECC952E81A70EF36F5F0B1B981C ] ADIHdAudAddService C:\WINDOWS\system32\drivers\ADIHdAud.sys
10:43:18.0421 3600 ADIHdAudAddService - ok
10:43:18.0531 3600 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:43:18.0578 3600 AdobeFlashPlayerUpdateSvc - ok
10:43:18.0578 3600 adpu160m - ok
10:43:18.0625 3600 [ 9F59AE2DE835641FBB0C6AFD80D8FA9B ] AEAudioService C:\WINDOWS\system32\drivers\AEAudio.sys
10:43:18.0687 3600 AEAudioService - ok
10:43:18.0750 3600 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
10:43:18.0921 3600 aec - ok
10:43:19.0015 3600 [ DF139E5866C19E0B3217EF210198D875 ] afcdp C:\WINDOWS\system32\DRIVERS\afcdp.sys
10:43:19.0062 3600 afcdp - ok
10:43:20.0203 3600 [ 1AEA25F70F12ABB494A4E35E1D717414 ] afcdpsrv C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe
10:43:21.0296 3600 afcdpsrv - ok
10:43:21.0375 3600 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
10:43:21.0421 3600 AFD - ok
10:43:21.0421 3600 Aha154x - ok
10:43:21.0421 3600 aic78u2 - ok
10:43:21.0437 3600 aic78xx - ok
10:43:21.0468 3600 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll
10:43:21.0625 3600 Alerter - ok
10:43:21.0656 3600 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe
10:43:21.0750 3600 ALG - ok
10:43:21.0750 3600 AliIde - ok
10:43:21.0765 3600 amsint - ok
10:43:21.0765 3600 AppMgmt - ok
10:43:21.0781 3600 asc - ok
10:43:21.0781 3600 asc3350p - ok
10:43:21.0796 3600 asc3550 - ok
10:43:22.0125 3600 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
10:43:22.0156 3600 aspnet_state - ok
10:43:22.0171 3600 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
10:43:22.0328 3600 AsyncMac - ok
10:43:22.0359 3600 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
10:43:22.0515 3600 atapi - ok
10:43:22.0531 3600 Atdisk - ok
10:43:22.0562 3600 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
10:43:22.0718 3600 Atmarpc - ok
10:43:22.0750 3600 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
10:43:22.0921 3600 AudioSrv - ok
10:43:22.0953 3600 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
10:43:23.0265 3600 audstub - ok
10:43:23.0406 3600 [ 728C4A6C722535C16D1025F51AA31E22 ] avmaudio C:\WINDOWS\system32\DRIVERS\avmaudio.sys
10:43:23.0437 3600 avmaudio ( UnsignedFile.Multi.Generic ) - warning
10:43:23.0437 3600 avmaudio - detected UnsignedFile.Multi.Generic (1)
10:43:24.0343 3600 [ 587EFD6A3A30A35A27904D21AE1FB882 ] AVP C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
10:43:24.0546 3600 AVP - ok
10:43:24.0640 3600 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
10:43:24.0828 3600 Beep - ok
10:43:24.0984 3600 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll
10:43:25.0218 3600 BITS - ok
10:43:25.0281 3600 [ B71549F23736ADF83A571061C47777FD ] Browser C:\WINDOWS\System32\browser.dll
10:43:25.0328 3600 Browser - ok
10:43:25.0359 3600 [ B279426E3C0C344893ED78A613A73BDE ] BthEnum C:\WINDOWS\system32\DRIVERS\BthEnum.sys
10:43:25.0515 3600 BthEnum - ok
10:43:25.0562 3600 [ 80602B8746D3738F5886CE3D67EF06B6 ] BthPan C:\WINDOWS\system32\DRIVERS\bthpan.sys
10:43:25.0796 3600 BthPan - ok
10:43:25.0906 3600 [ 592E1CEDBE314D0EF184DC6F46141E76 ] BTHPORT C:\WINDOWS\system32\Drivers\BTHport.sys
10:43:25.0953 3600 BTHPORT - ok
10:43:25.0984 3600 [ 26C601EF7525E31379744ABFC6F35A1B ] BthServ C:\WINDOWS\System32\bthserv.dll
10:43:26.0140 3600 BthServ - ok
10:43:26.0156 3600 [ 61364CD71EF63B0F038B7E9DF00F1EFA ] BTHUSB C:\WINDOWS\system32\Drivers\BTHUSB.sys
10:43:26.0328 3600 BTHUSB - ok
10:43:26.0343 3600 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
10:43:26.0484 3600 cbidf2k - ok
10:43:26.0562 3600 [ 359E5A91D26D0439933BEF1C29CEDEF7 ] CCALib8 C:\Programme\Canon\CAL\CALMAIN.exe
10:43:26.0578 3600 CCALib8 ( UnsignedFile.Multi.Generic ) - warning
10:43:26.0578 3600 CCALib8 - detected UnsignedFile.Multi.Generic (1)
10:43:26.0609 3600 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
10:43:26.0812 3600 CCDECODE - ok
10:43:26.0828 3600 cd20xrnt - ok
10:43:26.0843 3600 [ 82C4C6A2343B592C4FD590F625A724A9 ] CdaC15BA C:\WINDOWS\system32\drivers\CDAC15BA.SYS
10:43:26.0859 3600 CdaC15BA ( UnsignedFile.Multi.Generic ) - warning
10:43:26.0859 3600 CdaC15BA - detected UnsignedFile.Multi.Generic (1)
10:43:26.0875 3600 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
10:43:27.0031 3600 Cdaudio - ok
10:43:27.0062 3600 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
10:43:27.0234 3600 Cdfs - ok
10:43:27.0265 3600 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
10:43:27.0406 3600 Cdrom - ok
10:43:27.0421 3600 Changer - ok
10:43:27.0437 3600 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe
10:43:27.0593 3600 CiSvc - ok
10:43:27.0609 3600 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
10:43:27.0828 3600 ClipSrv - ok
10:43:28.0031 3600 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:43:28.0062 3600 clr_optimization_v2.0.50727_32 - ok
10:43:28.0125 3600 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:43:28.0171 3600 clr_optimization_v4.0.30319_32 - ok
10:43:28.0234 3600 [ 15AE8F975B3B8EE5EFFAFA4D0C94C1D7 ] CltMngSvc C:\Programme\SearchProtect\bin\CltMngSvc.exe
10:43:28.0265 3600 CltMngSvc ( UnsignedFile.Multi.Generic ) - warning
10:43:28.0265 3600 CltMngSvc - detected UnsignedFile.Multi.Generic (1)
10:43:28.0265 3600 CmdIde - ok
10:43:28.0265 3600 COMSysApp - ok
10:43:28.0281 3600 Cpqarray - ok
10:43:28.0328 3600 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
10:43:28.0531 3600 CryptSvc - ok
10:43:28.0546 3600 [ B5ECADF7708960F1818C7FA015F4C239 ] CVirtA C:\WINDOWS\system32\DRIVERS\CVirtA.sys
10:43:28.0593 3600 CVirtA - ok
10:43:28.0593 3600 dac2w2k - ok
10:43:28.0593 3600 dac960nt - ok
10:43:28.0765 3600 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
10:43:28.0890 3600 DcomLaunch - ok
10:43:28.0937 3600 [ 6CC6C4B9D7B906A151AA094CA087B9F0 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
10:43:28.0968 3600 dg_ssudbus - ok
10:43:29.0031 3600 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
10:43:29.0250 3600 Dhcp - ok
10:43:29.0265 3600 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
10:43:29.0468 3600 Disk - ok
10:43:29.0468 3600 dmadmin - ok
10:43:29.0734 3600 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
10:43:30.0109 3600 dmboot - ok
10:43:30.0171 3600 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys
10:43:30.0343 3600 dmio - ok
10:43:30.0359 3600 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
10:43:30.0500 3600 dmload - ok
10:43:30.0515 3600 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll
10:43:30.0656 3600 dmserver - ok
10:43:30.0703 3600 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
10:43:30.0968 3600 DMusic - ok
10:43:31.0015 3600 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
10:43:31.0062 3600 Dnscache - ok
10:43:31.0125 3600 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
10:43:31.0296 3600 Dot3svc - ok
10:43:31.0312 3600 dpti2o - ok
10:43:31.0328 3600 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
10:43:31.0500 3600 drmkaud - ok
10:43:31.0531 3600 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll
10:43:31.0750 3600 EapHost - ok
10:43:31.0781 3600 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll
10:43:31.0937 3600 ERSvc - ok
10:43:32.0000 3600 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe
10:43:32.0046 3600 Eventlog - ok
10:43:32.0140 3600 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\system32\es.dll
10:43:32.0234 3600 EventSystem - ok
10:43:32.0296 3600 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
10:43:32.0437 3600 Fastfat - ok
10:43:32.0515 3600 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
10:43:32.0546 3600 FastUserSwitchingCompatibility - ok
10:43:32.0656 3600 [ 08B8B302AF0D1B3B8543429BBAC8F21F ] Fax C:\WINDOWS\system32\fxssvc.exe
10:43:32.0875 3600 Fax - ok
10:43:32.0906 3600 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
10:43:33.0140 3600 Fdc - ok
10:43:33.0218 3600 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
10:43:33.0453 3600 Fips - ok
10:43:33.0468 3600 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
10:43:33.0640 3600 Flpydisk - ok
10:43:33.0703 3600 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
10:43:33.0859 3600 FltMgr - ok
10:43:33.0906 3600 [ E20D64EDF74D80874837B16506D58166 ] fltsrv C:\WINDOWS\system32\DRIVERS\fltsrv.sys
10:43:33.0937 3600 fltsrv - ok
10:43:34.0000 3600 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
10:43:34.0031 3600 FontCache3.0.0.0 - ok
10:43:34.0046 3600 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
10:43:34.0203 3600 Fs_Rec - ok
10:43:34.0265 3600 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
10:43:34.0468 3600 Ftdisk - ok
10:43:34.0484 3600 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
10:43:34.0656 3600 Gpc - ok
10:43:34.0734 3600 [ 626A24ED1228580B9518C01930936DF9 ] gupdate1c9ef90cb9d602c C:\Programme\Google\Update\GoogleUpdate.exe
10:43:34.0781 3600 gupdate1c9ef90cb9d602c - ok
10:43:34.0828 3600 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe
10:43:34.0890 3600 gupdatem - ok
10:43:34.0937 3600 [ F58D2900C66A1E773E3375098E0E9337 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
10:43:35.0000 3600 HdAudAddService - ok
10:43:35.0062 3600 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
10:43:35.0234 3600 HDAudBus - ok
10:43:35.0281 3600 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
10:43:35.0562 3600 helpsvc - ok
10:43:35.0578 3600 HidServ - ok
10:43:35.0593 3600 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
10:43:35.0734 3600 HidUsb - ok
10:43:35.0781 3600 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
10:43:35.0953 3600 hkmsvc - ok
10:43:35.0953 3600 hpn - ok
10:43:36.0203 3600 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08 C:\Programme\HP\Digital Imaging\bin\hpqcxs08.dll
10:43:36.0218 3600 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
10:43:36.0218 3600 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
10:43:36.0296 3600 [ 7DA3211AC63EDD90B8ECA1CA1ABFD43B ] hpqddsvc C:\Programme\HP\Digital Imaging\bin\hpqddsvc.dll
10:43:36.0312 3600 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
10:43:36.0312 3600 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
10:43:36.0359 3600 [ D03D10F7DED688FECF50F8FBF1EA9B8A ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
10:43:36.0453 3600 HPZid412 - ok
10:43:36.0484 3600 [ 89F41658929393487B6B7D13C8528CE3 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
10:43:36.0671 3600 HPZipr12 - ok
10:43:36.0703 3600 [ ABCB05CCDBF03000354B9553820E39F8 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
10:43:36.0765 3600 HPZius12 - ok
10:43:36.0875 3600 [ 6312DC46356DF3974E88AA51B69360DC ] HSFHWBS2 C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
10:43:36.0906 3600 HSFHWBS2 - ok
10:43:37.0234 3600 [ 8ED6714C8E754520DD8A939F91383EA0 ] HSF_DP C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
10:43:37.0531 3600 HSF_DP - ok
10:43:37.0906 3600 [ DAAB917EEC9849840A13353198D48CC5 ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
10:43:38.0218 3600 HSF_DPV - ok
10:43:38.0343 3600 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
10:43:38.0421 3600 HTTP - ok
10:43:38.0500 3600 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
10:43:38.0812 3600 HTTPFilter - ok
10:43:38.0843 3600 i2omgmt - ok
10:43:38.0906 3600 i2omp - ok
10:43:38.0953 3600 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
10:43:39.0296 3600 i8042prt - ok
10:43:39.0328 3600 ids00026 - ok
10:43:39.0328 3600 ids0014f - ok
10:43:39.0328 3600 ids0015d - ok
10:43:39.0343 3600 ids00180 - ok
10:43:39.0359 3600 ids0018a - ok
10:43:39.0718 3600 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:43:40.0062 3600 idsvc - ok
10:43:40.0078 3600 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
10:43:40.0328 3600 Imapi - ok
10:43:40.0390 3600 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe
10:43:40.0562 3600 ImapiService - ok
10:43:40.0578 3600 ini910u - ok
10:43:40.0578 3600 IntelIde - ok
10:43:40.0625 3600 [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
10:43:40.0875 3600 intelppm - ok
10:43:40.0906 3600 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
10:43:41.0062 3600 Ip6Fw - ok
10:43:41.0093 3600 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
10:43:41.0234 3600 IpFilterDriver - ok
10:43:41.0265 3600 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
10:43:41.0421 3600 IpInIp - ok
10:43:41.0484 3600 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
10:43:41.0640 3600 IpNat - ok
10:43:41.0687 3600 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
10:43:41.0843 3600 IPSec - ok
10:43:41.0890 3600 [ ACA5E7B54409F9CB5EED97ED0C81120E ] irda C:\WINDOWS\system32\DRIVERS\irda.sys
10:43:42.0000 3600 irda - ok
10:43:42.0015 3600 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
10:43:42.0140 3600 IRENUM - ok
10:43:42.0171 3600 [ 2EFE1DB1EC58A26B0C14BFDA122E246F ] Irmon C:\WINDOWS\System32\irmon.dll
10:43:42.0296 3600 Irmon - ok
10:43:42.0328 3600 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
10:43:42.0468 3600 isapnp - ok
10:43:42.0656 3600 [ 999DB5F88C8E145CCA9D471E33227143 ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe
10:43:42.0671 3600 JavaQuickStarterService - ok
10:43:42.0703 3600 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
10:43:42.0921 3600 Kbdclass - ok
10:43:42.0953 3600 [ B6D6C117D771C98130497265F26D1882 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
10:43:43.0109 3600 kbdhid - ok
10:43:43.0171 3600 [ EA26CB00F83686856F2C79673C00C686 ] kl1 C:\WINDOWS\system32\DRIVERS\kl1.sys
10:43:43.0203 3600 kl1 - ok
10:43:43.0250 3600 [ 53EEDAB3F0511321AC3AE8BC968B158C ] klbg C:\WINDOWS\system32\drivers\klbg.sys
10:43:43.0265 3600 klbg - ok
10:43:43.0468 3600 [ 3D23639C3FDBC082AF7016A5C8829329 ] KLIF C:\WINDOWS\system32\DRIVERS\klif.sys
10:43:43.0609 3600 KLIF - ok
10:43:43.0656 3600 [ 05E5504E5E06F75F18BBEA7291601FE2 ] klim5 C:\WINDOWS\system32\DRIVERS\klim5.sys
10:43:43.0687 3600 klim5 - ok
10:43:43.0718 3600 [ 7BE035A9C20F357DC765D6C7FDCDC964 ] klkbdflt C:\WINDOWS\system32\DRIVERS\klkbdflt.sys
10:43:43.0750 3600 klkbdflt - ok
10:43:43.0781 3600 [ A8234A8F67B0565F74753FE88A7BF03D ] klmouflt C:\WINDOWS\system32\DRIVERS\klmouflt.sys
10:43:43.0812 3600 klmouflt - ok
10:43:43.0843 3600 [ 53C0DF6C5139CB78A631E7AFCD893730 ] kltdi C:\WINDOWS\system32\DRIVERS\kltdi.sys
10:43:43.0875 3600 kltdi - ok
10:43:43.0953 3600 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
10:43:44.0109 3600 kmixer - ok
10:43:44.0171 3600 [ 71A38C123600172511C26BFABD0EF579 ] kneps C:\WINDOWS\system32\DRIVERS\kneps.sys
10:43:44.0203 3600 kneps - ok
10:43:44.0265 3600 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
10:43:44.0343 3600 KSecDD - ok
10:43:44.0406 3600 [ 2BBDCB79900990F0716DFCB714E72DE7 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
10:43:44.0453 3600 lanmanserver - ok
10:43:44.0515 3600 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
10:43:44.0562 3600 lanmanworkstation - ok
10:43:44.0562 3600 lbrtfdc - ok
10:43:44.0609 3600 [ 575ED0F5DCB34E5C243D2A7EBC860484 ] LightScribeService C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
10:43:44.0609 3600 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
10:43:44.0609 3600 LightScribeService - detected UnsignedFile.Multi.Generic (1)
10:43:44.0640 3600 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
10:43:44.0812 3600 LmHosts - ok
10:43:44.0828 3600 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
10:43:44.0890 3600 mdmxsdk - ok
10:43:44.0984 3600 [ 780D96F551833E0DCFE0A33B02B774E8 ] MemeoBackgroundService C:\Programme\Memeo\AutoBackup\MemeoBackgroundService.exe
10:43:45.0046 3600 MemeoBackgroundService - ok
10:43:45.0093 3600 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll
10:43:45.0234 3600 Messenger - ok
10:43:45.0250 3600 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
10:43:45.0406 3600 mnmdd - ok
10:43:45.0437 3600 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
10:43:45.0593 3600 mnmsrvc - ok
10:43:45.0625 3600 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
10:43:45.0812 3600 Modem - ok
10:43:45.0843 3600 [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys
10:43:45.0984 3600 MODEMCSA - ok
10:43:46.0015 3600 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
10:43:46.0156 3600 Mouclass - ok
10:43:46.0187 3600 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
10:43:46.0328 3600 mouhid - ok
10:43:46.0359 3600 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
10:43:46.0593 3600 MountMgr - ok
10:43:46.0671 3600 [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
10:43:46.0703 3600 MozillaMaintenance - ok
10:43:46.0734 3600 [ C0F8E0C2C3C0437CF37C6781896DC3EC ] MPE C:\WINDOWS\system32\DRIVERS\MPE.sys
10:43:46.0906 3600 MPE - ok
10:43:46.0906 3600 mraid35x - ok
10:43:46.0984 3600 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
10:43:47.0234 3600 MRxDAV - ok
10:43:47.0390 3600 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
10:43:47.0531 3600 MRxSmb - ok
10:43:47.0640 3600 [ 641199534871783DD74138FE0BCFDAE7 ] MSCamSvc C:\Programme\Microsoft LifeCam\MSCamS32.exe
10:43:47.0671 3600 MSCamSvc - ok
10:43:47.0687 3600 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\system32\msdtc.exe
10:43:47.0890 3600 MSDTC - ok
10:43:47.0921 3600 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
10:43:48.0078 3600 Msfs - ok
10:43:48.0093 3600 [ 95C6432151CCFF8617352F8E616A1AA4 ] MSIRCOMM C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys
10:43:48.0203 3600 MSIRCOMM - ok
10:43:48.0218 3600 MSIServer - ok
10:43:48.0234 3600 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
10:43:48.0406 3600 MSKSSRV - ok
10:43:48.0421 3600 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
10:43:48.0625 3600 MSPCLOCK - ok
10:43:48.0656 3600 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
10:43:48.0890 3600 MSPQM - ok
10:43:48.0906 3600 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
10:43:49.0078 3600 mssmbios - ok
10:43:51.0906 3600 [ 1B959A0614D575D0AB3B09095F0A8B83 ] MSSQL$PINNACLESYS C:\Programme\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
10:43:55.0359 3600 MSSQL$PINNACLESYS - ok
10:43:55.0421 3600 [ 1D1B22613EAB9287AF902398867BC93C ] MSSQLServerADHelper C:\Programme\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe
10:43:55.0421 3600 MSSQLServerADHelper ( UnsignedFile.Multi.Generic ) - warning
10:43:55.0421 3600 MSSQLServerADHelper - detected UnsignedFile.Multi.Generic (1)
10:43:55.0453 3600 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
10:43:55.0609 3600 MSTEE - ok
10:43:55.0640 3600 [ D48659BB24C48345D926ECB45C1EBDF5 ] MTsensor C:\WINDOWS\system32\DRIVERS\ASACPI.sys
10:43:55.0640 3600 MTsensor ( UnsignedFile.Multi.Generic ) - warning
10:43:55.0640 3600 MTsensor - detected UnsignedFile.Multi.Generic (1)
10:43:55.0703 3600 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
10:43:55.0750 3600 Mup - ok
10:43:55.0812 3600 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
10:43:55.0968 3600 NABTSFEC - ok
10:43:56.0078 3600 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll
10:43:56.0265 3600 napagent - ok
10:43:56.0328 3600 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
10:43:56.0468 3600 NDIS - ok
10:43:56.0484 3600 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
10:43:56.0625 3600 NdisIP - ok
10:43:56.0656 3600 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
10:43:56.0687 3600 NdisTapi - ok
10:43:56.0703 3600 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
10:43:56.0875 3600 Ndisuio - ok
10:43:56.0921 3600 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
10:43:57.0062 3600 NdisWan - ok
10:43:57.0109 3600 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
10:43:57.0140 3600 NDProxy - ok
10:43:57.0171 3600 [ 69C503C004F49AEE8B8E3067CC047BA7 ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
10:43:57.0203 3600 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
10:43:57.0203 3600 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
10:43:57.0234 3600 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
10:43:57.0390 3600 NetBIOS - ok
10:43:57.0453 3600 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
10:43:57.0656 3600 NetBT - ok
10:43:57.0718 3600 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe
10:43:57.0875 3600 NetDDE - ok
10:43:57.0921 3600 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
10:43:58.0062 3600 NetDDEdsdm - ok
10:43:58.0093 3600 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe
10:43:58.0250 3600 Netlogon - ok
10:43:58.0343 3600 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll
10:43:58.0500 3600 Netman - ok
10:43:58.0562 3600 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:43:58.0593 3600 NetTcpPortSharing - ok
10:43:58.0687 3600 [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla C:\WINDOWS\System32\mswsock.dll
10:43:58.0765 3600 Nla - ok
10:43:58.0796 3600 [ 48FB907B069524F2DC7BA62A0762850C ] nmwcd C:\WINDOWS\system32\drivers\ccdcmb.sys
10:43:58.0906 3600 nmwcd - ok
10:43:58.0937 3600 [ 2914CEB789964141AC6E22C6BC980C42 ] nmwcdc C:\WINDOWS\system32\drivers\ccdcmbo.sys
10:43:59.0031 3600 nmwcdc - ok
10:43:59.0109 3600 [ 28D40797BCB050321FA6674B08A620C0 ] nmwcdnsu C:\WINDOWS\system32\drivers\nmwcdnsu.sys
10:43:59.0203 3600 nmwcdnsu - ok
10:43:59.0218 3600 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
10:43:59.0359 3600 Npfs - ok
10:43:59.0546 3600 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
10:43:59.0828 3600 Ntfs - ok
10:43:59.0843 3600 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
10:44:00.0015 3600 NtLmSsp - ok
10:44:00.0156 3600 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
10:44:00.0375 3600 NtmsSvc - ok
10:44:00.0390 3600 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
10:44:00.0562 3600 Null - ok
10:44:04.0796 3600 [ 0DC79B60CEDC3A8854C27B3C6E4B3414 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
10:44:08.0953 3600 nv - ok
10:44:09.0046 3600 [ 32F7DEC3729B3BAE66EEBCAB7B03B18F ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
10:44:09.0093 3600 NVSvc - ok
10:44:09.0828 3600 [ 2CC4E45B0EB4C48392CEC9C83B5B8E3B ] nvUpdatusService C:\Programme\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
10:44:10.0484 3600 nvUpdatusService - ok
10:44:10.0515 3600 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
10:44:10.0671 3600 NwlnkFlt - ok
10:44:10.0687 3600 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
10:44:10.0843 3600 NwlnkFwd - ok
10:44:10.0906 3600 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
10:44:10.0937 3600 ose - ok
10:44:10.0984 3600 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
10:44:11.0171 3600 Parport - ok
10:44:11.0203 3600 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
10:44:11.0359 3600 PartMgr - ok
10:44:11.0375 3600 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
10:44:11.0531 3600 ParVdm - ok
10:44:11.0546 3600 [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
10:44:11.0593 3600 pccsmcfd - ok
10:44:11.0625 3600 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
10:44:11.0875 3600 PCI - ok
10:44:11.0890 3600 PCIDump - ok
10:44:11.0906 3600 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
10:44:12.0046 3600 PCIIde - ok
10:44:12.0078 3600 [ 1BEBE7DE8508A02650CDCE45C664C2A2 ] PCLEPCI C:\WINDOWS\system32\drivers\pclepci.sys
10:44:12.0078 3600 PCLEPCI ( UnsignedFile.Multi.Generic ) - warning
10:44:12.0078 3600 PCLEPCI - detected UnsignedFile.Multi.Generic (1)
10:44:12.0140 3600 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
10:44:12.0281 3600 Pcmcia - ok
10:44:12.0296 3600 PDCOMP - ok
10:44:12.0296 3600 PDFRAME - ok
10:44:12.0312 3600 PDRELI - ok
10:44:12.0312 3600 PDRFRAME - ok
10:44:12.0312 3600 perc2 - ok
10:44:12.0328 3600 perc2hib - ok
10:44:12.0390 3600 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe
10:44:12.0421 3600 PlugPlay - ok
10:44:12.0468 3600 [ 12B4549D515CB26BB8D375038017CA65 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
10:44:12.0484 3600 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
10:44:12.0484 3600 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
10:44:12.0500 3600 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
10:44:12.0640 3600 PolicyAgent - ok
10:44:12.0671 3600 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
10:44:12.0843 3600 PptpMiniport - ok
10:44:12.0843 3600 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
10:44:13.0000 3600 ProtectedStorage - ok
10:44:13.0031 3600 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
10:44:13.0171 3600 PSched - ok
10:44:13.0187 3600 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
10:44:13.0406 3600 Ptilink - ok
10:44:13.0437 3600 [ D86B4A68565E444D76457F14172C875A ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
10:44:13.0468 3600 PxHelp20 - ok
10:44:13.0484 3600 ql1080 - ok
10:44:13.0484 3600 Ql10wnt - ok
10:44:13.0500 3600 ql12160 - ok
10:44:13.0500 3600 ql1240 - ok
10:44:13.0500 3600 ql1280 - ok
10:44:13.0531 3600 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
10:44:13.0687 3600 RasAcd - ok
10:44:13.0734 3600 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll
10:44:14.0000 3600 RasAuto - ok
10:44:14.0046 3600 [ 0207D26DDF796A193CCD9F83047BB5FC ] Rasirda C:\WINDOWS\system32\DRIVERS\rasirda.sys
10:44:14.0140 3600 Rasirda - ok
10:44:14.0171 3600 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
10:44:14.0312 3600 Rasl2tp - ok
10:44:14.0390 3600 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll
10:44:14.0546 3600 RasMan - ok
10:44:14.0578 3600 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
10:44:14.0734 3600 RasPppoe - ok
10:44:14.0750 3600 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
10:44:14.0906 3600 Raspti - ok
10:44:14.0968 3600 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
10:44:15.0125 3600 Rdbss - ok
10:44:15.0140 3600 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
10:44:15.0296 3600 RDPCDD - ok
10:44:15.0390 3600 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
10:44:15.0437 3600 RDPWD - ok
10:44:15.0500 3600 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
10:44:15.0718 3600 RDSessMgr - ok
10:44:15.0750 3600 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
10:44:15.0906 3600 redbook - ok
10:44:15.0953 3600 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
10:44:16.0140 3600 RemoteAccess - ok
10:44:16.0171 3600 [ 851C30DF2807FCFA21E4C681A7D6440E ] RFCOMM C:\WINDOWS\system32\DRIVERS\rfcomm.sys
10:44:16.0312 3600 RFCOMM - ok
10:44:16.0343 3600 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys
10:44:16.0484 3600 ROOTMODEM - ok
10:44:16.0515 3600 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\system32\locator.exe
10:44:16.0671 3600 RpcLocator - ok
10:44:16.0812 3600 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs C:\WINDOWS\system32\rpcss.dll
10:44:16.0937 3600 RpcSs - ok
10:44:16.0984 3600 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\system32\rsvp.exe
10:44:17.0125 3600 RSVP - ok
10:44:17.0140 3600 RT2500USB - ok
10:44:17.0234 3600 [ C6D34A1874CD2B212DC3E788091C64B4 ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
10:44:17.0265 3600 RTLE8023xp - ok
10:44:17.0281 3600 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe
10:44:17.0437 3600 SamSs - ok
10:44:17.0468 3600 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
10:44:17.0640 3600 SCardSvr - ok
10:44:17.0734 3600 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll
10:44:17.0953 3600 Schedule - ok
10:44:18.0125 3600 [ 738187CE167D51240EC945F42743D0E5 ] SCPDFReadSpool C:\WINDOWS\Installer\MSIE4.tmp
10:44:18.0171 3600 SCPDFReadSpool - ok
10:44:18.0234 3600 [ 16B44D246835EAC156F8DAF0AA4F530C ] SeagateDashboardService C:\Programme\Seagate\Seagate Dashboard\SeagateDashboardService.exe
10:44:18.0281 3600 SeagateDashboardService - ok
10:44:18.0312 3600 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
10:44:18.0406 3600 Secdrv - ok
10:44:18.0421 3600 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll
10:44:18.0609 3600 seclogon - ok
10:44:18.0781 3600 [ 23228966244CDD9627BDE4141B3BE1F0 ] SenFiltService C:\WINDOWS\system32\drivers\Senfilt.sys
10:44:19.0000 3600 SenFiltService - ok
10:44:19.0218 3600 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll
10:44:19.0609 3600 SENS - ok
10:44:19.0640 3600 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
10:44:19.0796 3600 serenum - ok
10:44:19.0828 3600 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
10:44:20.0000 3600 Serial - ok
10:44:20.0296 3600 [ 7D3903AF48E6C1DC2704EAFCB608D031 ] ServiceLayer C:\Programme\PC Connectivity Solution\ServiceLayer.exe
10:44:20.0500 3600 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
10:44:20.0500 3600 ServiceLayer - detected UnsignedFile.Multi.Generic (1)
10:44:20.0531 3600 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\DRIVERS\sfloppy.sys
10:44:20.0687 3600 Sfloppy - ok
10:44:20.0796 3600 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
10:44:21.0031 3600 SharedAccess - ok
10:44:21.0093 3600 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
10:44:21.0140 3600 ShellHWDetection - ok
10:44:21.0140 3600 Simbad - ok
10:44:22.0156 3600 [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe
10:44:23.0109 3600 Skype C2C Service - ok
10:44:23.0218 3600 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Programme\Skype\Updater\Updater.exe
10:44:23.0250 3600 SkypeUpdate - ok
10:44:23.0265 3600 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
10:44:23.0406 3600 SLIP - ok
10:44:23.0484 3600 [ 851310C1B742D2DF2D334603836FFDF5 ] snapman C:\WINDOWS\system32\DRIVERS\snapman.sys
10:44:23.0515 3600 snapman - ok
10:44:23.0531 3600 Sparrow - ok
10:44:23.0546 3600 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
10:44:23.0703 3600 splitter - ok
10:44:23.0750 3600 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
10:44:23.0781 3600 Spooler - ok
10:44:23.0906 3600 [ 352E375AB298C23B0F9BC307652C7F50 ] SQLAgent$PINNACLESYS C:\Programme\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE
10:44:23.0921 3600 SQLAgent$PINNACLESYS ( UnsignedFile.Multi.Generic ) - warning
10:44:23.0921 3600 SQLAgent$PINNACLESYS - detected UnsignedFile.Multi.Generic (1)
10:44:23.0968 3600 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
10:44:24.0062 3600 sr - ok
10:44:24.0140 3600 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll
10:44:24.0312 3600 srservice - ok
10:44:24.0437 3600 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
10:44:24.0562 3600 Srv - ok
10:44:24.0609 3600 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
10:44:24.0718 3600 SSDPSRV - ok
10:44:24.0812 3600 [ 359FEE084F1173FFFFD7F9CCBD43D47F ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
10:44:24.0890 3600 ssudmdm - ok
10:44:24.0937 3600 [ E57B778208C783D8DEBAB320C16A1B82 ] StarOpen C:\WINDOWS\system32\drivers\StarOpen.sys
10:44:24.0953 3600 StarOpen ( UnsignedFile.Multi.Generic ) - warning
10:44:24.0953 3600 StarOpen - detected UnsignedFile.Multi.Generic (1)
10:44:24.0984 3600 [ A1A16662C6B1A665D965D61B9EECC5A7 ] STIrUsb C:\WINDOWS\system32\DRIVERS\irstusb.sys
10:44:25.0078 3600 STIrUsb - ok
10:44:25.0203 3600 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll
10:44:25.0437 3600 stisvc - ok
10:44:25.0453 3600 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
10:44:25.0609 3600 streamip - ok
10:44:25.0640 3600 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
10:44:25.0781 3600 swenum - ok
10:44:25.0812 3600 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
10:44:25.0968 3600 swmidi - ok
10:44:25.0984 3600 SwPrv - ok
10:44:25.0984 3600 symc810 - ok
10:44:26.0000 3600 symc8xx - ok
10:44:26.0000 3600 sym_hi - ok
10:44:26.0000 3600 sym_u3 - ok
10:44:28.0234 3600 [ A214C8AA6A6C06C9DBAB1310E38DAB4A ] syncagentsrv C:\Programme\Gemeinsame Dateien\Acronis\SyncAgent\syncagentsrv.exe
10:44:30.0406 3600 syncagentsrv - ok
10:44:30.0437 3600 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
10:44:30.0593 3600 sysaudio - ok
10:44:30.0656 3600 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
10:44:30.0812 3600 SysmonLog - ok
10:44:30.0906 3600 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
10:44:31.0125 3600 TapiSrv - ok
10:44:31.0265 3600 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
10:44:31.0390 3600 Tcpip - ok
10:44:31.0406 3600 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
10:44:31.0562 3600 TDPIPE - ok
10:44:31.0828 3600 [ 6345E3829FD130A144454F9F5C2A3B9E ] tdrpman C:\WINDOWS\system32\DRIVERS\tdrpman.sys
10:44:32.0031 3600 tdrpman - ok
10:44:32.0062 3600 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
10:44:32.0218 3600 TDTCP - ok
10:44:32.0984 3600 [ A3393F0DC64C29F47DC4126E6FA57558 ] TeamViewer6 C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe
10:44:33.0875 3600 TeamViewer6 - ok
10:44:33.0921 3600 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
10:44:34.0359 3600 TermDD - ok
10:44:34.0562 3600 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll
10:44:34.0859 3600 TermService - ok
10:44:34.0921 3600 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll
10:44:34.0968 3600 Themes - ok
10:44:35.0187 3600 [ A8C31102F448231596168FFC9F568B9A ] tib_mounter C:\WINDOWS\system32\DRIVERS\tib_mounter.sys
10:44:35.0406 3600 tib_mounter - ok
10:44:35.0515 3600 [ 76148C3159718B701252F87B067904A6 ] TOSHIBA Bluetooth Service C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
10:44:35.0531 3600 TOSHIBA Bluetooth Service ( UnsignedFile.Multi.Generic ) - warning
10:44:35.0531 3600 TOSHIBA Bluetooth Service - detected UnsignedFile.Multi.Generic (1)
10:44:35.0546 3600 TosIde - ok
10:44:35.0578 3600 [ 8D624D3BD1F2D78BD1C01A2D4E954B4E ] tosporte C:\WINDOWS\system32\DRIVERS\tosporte.sys
10:44:35.0625 3600 tosporte - ok
10:44:35.0687 3600 [ A594DBD80CA5426E2E558BF79195A110 ] Tosrfbd C:\WINDOWS\system32\DRIVERS\tosrfbd.sys
10:44:35.0718 3600 Tosrfbd - ok
10:44:35.0734 3600 [ 90C8525BC578AAFFE87C2D0ED4379E9E ] tosrfbnp C:\WINDOWS\system32\Drivers\tosrfbnp.sys
10:44:35.0765 3600 tosrfbnp - ok
10:44:35.0812 3600 [ 5BA1CA3B3CDDB1DDC67DF473F05D1EC2 ] Tosrfcom C:\WINDOWS\system32\Drivers\tosrfcom.sys
10:44:35.0859 3600 Tosrfcom - ok
10:44:35.0906 3600 [ 28099A4E52148319AFA685D93A2244D0 ] Tosrfhid C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys
10:44:35.0953 3600 Tosrfhid - ok
10:44:35.0968 3600 [ C52FD27B9ADF3A1F22CB90E6BCF9B0CB ] tosrfnds C:\WINDOWS\system32\DRIVERS\tosrfnds.sys
10:44:36.0000 3600 tosrfnds - ok
10:44:36.0031 3600 [ 1FF09B64D1E0C82EE81026718D8D47C2 ] TosRfSnd C:\WINDOWS\system32\drivers\tosrfsnd.sys
10:44:36.0078 3600 TosRfSnd - ok
10:44:36.0125 3600 [ 20CC46C5D3326122E1A0A8C9DAD00E0D ] tosrfusb C:\WINDOWS\system32\DRIVERS\tosrfusb.sys
10:44:36.0187 3600 tosrfusb - ok
10:44:36.0234 3600 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll
10:44:36.0406 3600 TrkWks - ok
10:44:36.0593 3600 [ 3D23639C3FDBC082AF7016A5C8829329 ] TSP C:\WINDOWS\system32\drivers\klif.sys
10:44:36.0718 3600 TSP - ok
10:44:36.0750 3600 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
10:44:36.0890 3600 Udfs - ok
10:44:36.0906 3600 ultra - ok
10:44:37.0062 3600 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
10:44:37.0312 3600 Update - ok
10:44:37.0390 3600 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll
10:44:37.0484 3600 upnphost - ok
10:44:37.0515 3600 [ E526A166E6ACAFD0A9B3841D3941669E ] upperdev C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
10:44:37.0656 3600 upperdev - ok
10:44:37.0671 3600 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe
10:44:37.0812 3600 UPS - ok
10:44:37.0859 3600 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
10:44:38.0031 3600 usbaudio - ok
10:44:38.0062 3600 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
10:44:38.0218 3600 usbccgp - ok
10:44:38.0250 3600 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
10:44:38.0453 3600 usbehci - ok
10:44:38.0515 3600 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
10:44:38.0671 3600 usbhub - ok
10:44:38.0703 3600 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
10:44:38.0859 3600 usbprint - ok
10:44:38.0875 3600 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
10:44:39.0046 3600 usbscan - ok
10:44:39.0078 3600 [ 1C888B000C2F9492F4B15B5B6B84873E ] usbser C:\WINDOWS\system32\drivers\usbser.sys
10:44:39.0234 3600 usbser - ok
10:44:39.0250 3600 [ 6F3E3C6811B930D2414552A2E4A40F36 ] UsbserFilt C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
10:44:39.0359 3600 UsbserFilt - ok
10:44:39.0421 3600 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
10:44:39.0578 3600 USBSTOR - ok
10:44:39.0593 3600 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
10:44:39.0796 3600 usbuhci - ok
10:44:39.0828 3600 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
10:44:40.0000 3600 VgaSave - ok
10:44:40.0000 3600 ViaIde - ok
10:44:40.0062 3600 [ 26B75DCB58B006867EFD659E845CD65E ] vididr C:\WINDOWS\system32\DRIVERS\vididr.sys
10:44:40.0109 3600 vididr - ok
10:44:40.0156 3600 [ 40AFA68F81F90636D1300099E9CFC8CE ] vidsflt C:\WINDOWS\system32\DRIVERS\vidsflt.sys
10:44:40.0187 3600 vidsflt - ok
10:44:40.0218 3600 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
10:44:40.0375 3600 VolSnap - ok
10:44:40.0390 3600 vsdatant - ok
10:44:40.0500 3600 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe
10:44:40.0640 3600 VSS - ok
10:44:41.0265 3600 [ 13ACFED0E6ADCA97440169DFD127EBCF ] VX3000 C:\WINDOWS\system32\DRIVERS\VX3000.sys
10:44:41.0906 3600 VX3000 - ok
10:44:42.0000 3600 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll
10:44:42.0156 3600 W32Time - ok
10:44:42.0187 3600 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:44:42.0343 3600 Wanarp - ok
10:44:42.0390 3600 [ 46A247F6617526AFE38B6F12F5512120 ] wceusbsh C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
10:44:42.0437 3600 wceusbsh - ok
10:44:42.0593 3600 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
10:44:42.0750 3600 Wdf01000 - ok
10:44:42.0765 3600 WDICA - ok
10:44:42.0796 3600 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
10:44:42.0953 3600 wdmaud - ok
10:44:43.0000 3600 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll
10:44:43.0250 3600 WebClient - ok
10:44:43.0515 3600 [ BE3A842C2F2E87E7C840D36BCF13E8E0 ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
10:44:43.0718 3600 winachsf - ok
10:44:43.0812 3600 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
10:44:44.0015 3600 winmgmt - ok
10:44:44.0562 3600 [ F10075C2EC96D2EB118012E78ECE2FC2 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
10:44:44.0890 3600 WinRM - ok
10:44:44.0937 3600 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
10:44:44.0968 3600 WmdmPmSN - ok
10:44:45.0031 3600 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
10:44:45.0234 3600 WmiApSrv - ok
10:44:45.0546 3600 [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc C:\Programme\Windows Media Player\WMPNetwk.exe
10:44:45.0828 3600 WMPNetworkSvc - ok
10:44:45.0859 3600 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
10:44:45.0890 3600 WpdUsb - ok
10:44:46.0312 3600 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
10:44:46.0515 3600 WPFFontCache_v0400 - ok
10:44:46.0562 3600 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINDOWS\system32\wscsvc.dll
10:44:46.0718 3600 wscsvc - ok
10:44:46.0734 3600 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
10:44:46.0875 3600 WSTCODEC - ok
10:44:46.0890 3600 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
10:44:47.0140 3600 wuauserv - ok
10:44:47.0234 3600 [ EAA6324F51214D2F6718977EC9CE0DEF ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
10:44:47.0265 3600 WudfPf - ok
10:44:47.0343 3600 [ F91FF1E51FCA30B3C3981DB7D5924252 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
10:44:47.0375 3600 WudfRd - ok
10:44:47.0406 3600 [ DDEE3682FE97037C45F4D7AB467CB8B6 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
10:44:47.0453 3600 WudfSvc - ok
10:44:47.0625 3600 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
10:44:47.0843 3600 WZCSVC - ok
10:44:47.0906 3600 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
10:44:48.0109 3600 xmlprov - ok
10:44:48.0171 3600 ================ Scan global ===============================
10:44:48.0250 3600 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
10:44:48.0359 3600 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
10:44:48.0453 3600 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
10:44:48.0500 3600 [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe
10:44:48.0500 3600 [Global] - ok
10:44:48.0500 3600 ================ Scan MBR ==================================
10:44:48.0531 3600 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
10:44:49.0046 3600 \Device\Harddisk0\DR0 - ok
10:44:49.0140 3600 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
10:44:49.0890 3600 \Device\Harddisk1\DR1 - ok
10:44:49.0890 3600 ================ Scan VBR ==================================
10:44:49.0906 3600 [ 91D7C03417315C80A612E562D6DB2485 ] \Device\Harddisk0\DR0\Partition1
10:44:49.0906 3600 \Device\Harddisk0\DR0\Partition1 - ok
10:44:49.0906 3600 [ 39D493D08F7E5F0220B1C28DCD640DD5 ] \Device\Harddisk1\DR1\Partition1
10:44:49.0906 3600 \Device\Harddisk1\DR1\Partition1 - ok
10:44:49.0906 3600 ============================================================
10:44:49.0906 3600 Scan finished
10:44:49.0906 3600 ============================================================
10:44:49.0921 1588 Detected object count: 17
10:44:49.0921 1588 Actual detected object count: 17
10:44:58.0343 1588 ACEDRV06 ( UnsignedFile.Multi.Generic ) - skipped by user
10:44:58.0343 1588 ACEDRV06 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:44:58.0343 1588 avmaudio ( UnsignedFile.Multi.Generic ) - skipped by user
10:44:58.0343 1588 avmaudio ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:44:58.0343 1588 CCALib8 ( UnsignedFile.Multi.Generic ) - skipped by user
10:44:58.0343 1588 CCALib8 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:44:58.0343 1588 CdaC15BA ( UnsignedFile.Multi.Generic ) - skipped by user
10:44:58.0343 1588 CdaC15BA ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:44:58.0343 1588 CltMngSvc ( UnsignedFile.Multi.Generic ) - skipped by user
10:44:58.0343 1588 CltMngSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:44:58.0343 1588 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
10:44:58.0343 1588 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:44:58.0359 1588 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
10:44:58.0359 1588 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:44:58.0359 1588 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
10:44:58.0359 1588 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:44:58.0359 1588 MSSQLServerADHelper ( UnsignedFile.Multi.Generic ) - skipped by user
10:44:58.0359 1588 MSSQLServerADHelper ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:44:58.0359 1588 MTsensor ( UnsignedFile.Multi.Generic ) - skipped by user
10:44:58.0359 1588 MTsensor ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:44:58.0359 1588 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
10:44:58.0359 1588 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:44:58.0359 1588 PCLEPCI ( UnsignedFile.Multi.Generic ) - skipped by user
10:44:58.0359 1588 PCLEPCI ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:44:58.0359 1588 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
10:44:58.0359 1588 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:44:58.0375 1588 ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
10:44:58.0375 1588 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:44:58.0375 1588 SQLAgent$PINNACLESYS ( UnsignedFile.Multi.Generic ) - skipped by user
10:44:58.0375 1588 SQLAgent$PINNACLESYS ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:44:58.0375 1588 StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
10:44:58.0375 1588 StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:44:58.0375 1588 TOSHIBA Bluetooth Service ( UnsignedFile.Multi.Generic ) - skipped by user
10:44:58.0375 1588 TOSHIBA Bluetooth Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
Zitat:
Danke dir aber für deine Hilfe schon mal vorab. |
|
| Themen zu Trojan.Win32.Yakes.cmpu und not-a-virus:RemoteAdmin.Win32.WinVNC.mx durch Kasperky gefunden - Vorgehen? |
| avp, benutzerdaten, bho, canon, computer, crash, desktop, ebanking, excel, fehler, festplatte, flash player, frage, gebraucht, geld, google, hijack, hijackthis, hkus\s-1-5-18, internet, internet explorer, internet security 2013, kaspersky internet security 2013, legales programm, maus, mozilla, plug-in, programm, search protect, security, software, system, tastatur, trojaner, trojanisches programm, virus, wenig ahnung, windows xp |
Linear-Darstellung
