Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
BKA Trojaner (und vielleicht andere?)

BKA Trojaner (und vielleicht andere?)


Log-Analyse und Auswertung: BKA Trojaner (und vielleicht andere?)

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 21.11.2013, 18:52   #1
aharonov
/// TB-Ausbilder
 
BKA Trojaner (und vielleicht andere?) - Standard

BKA Trojaner (und vielleicht andere?)


Sind diese Policies bewusst gesetzt worden?
Zitat:
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot%
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot%*.exe
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot%System32\*.exe
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir%

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
cheers,
Leo

Alt 21.11.2013, 19:28   #2
Teclis16
 
BKA Trojaner (und vielleicht andere?) - Standard

BKA Trojaner (und vielleicht andere?)


Zitat:
Zitat von aharonov Beitrag anzeigen
Sind diese Policies bewusst gesetzt worden?
Nee die sagen mir nichts.

Hier ist die Log von TDSSKiller

Code:
ATTFilter
19:21:23.0046 0x0910  TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
19:21:27.0875 0x0910  ============================================================
19:21:27.0875 0x0910  Current date / time: 2013/11/21 19:21:27.0875
19:21:27.0875 0x0910  SystemInfo:
19:21:27.0875 0x0910  
19:21:27.0875 0x0910  OS Version: 5.1.2600 ServicePack: 3.0
19:21:27.0875 0x0910  Product type: Workstation
19:21:27.0875 0x0910  ComputerName: *****
19:21:27.0875 0x0910  UserName: *****
19:21:27.0875 0x0910  Windows directory: C:\WINDOWS
19:21:27.0875 0x0910  System windows directory: C:\WINDOWS
19:21:27.0875 0x0910  Processor architecture: Intel x86
19:21:27.0875 0x0910  Number of processors: 2
19:21:27.0875 0x0910  Page size: 0x1000
19:21:27.0875 0x0910  Boot type: Normal boot
19:21:27.0875 0x0910  ============================================================
19:21:32.0515 0x0910  KLMD registered as C:\WINDOWS\system32\drivers\19666241.sys
19:21:33.0781 0x0910  System UUID: {CCBA1C57-C6B9-4CC2-B39B-6BBD7D24ED8B}
19:21:37.0859 0x0910  Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
19:21:37.0953 0x0910  ============================================================
19:21:37.0953 0x0910  \Device\Harddisk0\DR0:
19:21:37.0953 0x0910  MBR partitions:
19:21:37.0953 0x0910  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A14BC1
19:21:37.0953 0x0910  ============================================================
19:21:38.0109 0x0910  C: <-> \Device\Harddisk0\DR0\Partition1
19:21:38.0109 0x0910  ============================================================
19:21:38.0109 0x0910  Initialize success
19:21:38.0109 0x0910  ============================================================
19:22:06.0250 0x01a8  ============================================================
19:22:06.0250 0x01a8  Scan started
19:22:06.0250 0x01a8  Mode: Manual; SigCheck; TDLFS; 
19:22:06.0250 0x01a8  ============================================================
19:22:06.0250 0x01a8  KSN ping started
19:22:08.0687 0x01a8  KSN ping finished: true
19:22:10.0187 0x01a8  ================ Scan system memory ========================
19:22:10.0187 0x01a8  System memory - ok
19:22:10.0203 0x01a8  ================ Scan services =============================
19:22:11.0921 0x01a8  Abiosdsk - ok
19:22:11.0937 0x01a8  abp480n5 - ok
19:22:12.0093 0x01a8  [ AC407F1A62C3A300B4F2B5A9F1D55B2C, 31F5FC61B37E22100B3A52A590295A7E827FFC581FA9960C64B9032452AAECED ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:22:23.0671 0x01a8  ACPI - ok
19:22:24.0031 0x01a8  [ 9E1CA3160DAFB159CA14F83B1E317F75, 13B3E897B0E819BF734449416D9EC6EBCAC89538EC69BF48C068593B82D57004 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
19:22:24.0328 0x01a8  ACPIEC - ok
19:22:24.0531 0x01a8  [ 438F31336B3DC248ABC632F1C8F34A24, 94C1218E7EC2EC6D4870A6FDC118097D7D3A359DA073DCD3A9770F399F830991 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:22:24.0609 0x01a8  AdobeFlashPlayerUpdateSvc - ok
19:22:24.0609 0x01a8  adpu160m - ok
19:22:24.0750 0x01a8  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys
19:22:25.0000 0x01a8  aec - ok
19:22:25.0125 0x01a8  [ F6B7B1ECD7B41736BDB6FF4B092BCB79, B892C7303E08238C025409D602CB2F58D273B19B81CF04E26EA52A27EE7706DB ] AFD             C:\WINDOWS\System32\drivers\afd.sys
19:22:25.0187 0x01a8  AFD - ok
19:22:25.0218 0x01a8  Aha154x - ok
19:22:25.0265 0x01a8  aic78u2 - ok
19:22:25.0265 0x01a8  aic78xx - ok
19:22:25.0343 0x01a8  [ 738D80CC01D7BC7584BE917B7F544394, DCC17AAEF5CDDF52FAAC3CC6904EF421CD595F66318A2370BEE261D5C3A8E340 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
19:22:25.0609 0x01a8  Alerter - ok
19:22:25.0703 0x01a8  [ 190CD73D4984F94D823F9444980513E5, 93A32C2495CCA094F768BA707C74DA5C00B8A88A9236DD1A297439A7C2E6C6FA ] ALG             C:\WINDOWS\System32\alg.exe
19:22:25.0812 0x01a8  ALG - ok
19:22:25.0828 0x01a8  AliIde - ok
19:22:27.0031 0x01a8  [ 267FC636801EDC5AB28E14036349E3BE, CFEF5DF5F9BE820283376BB86DB3CF6609C02D316A742E17459A2BFA42E724E0 ] Ambfilt         C:\WINDOWS\system32\drivers\Ambfilt.sys
19:22:28.0140 0x01a8  Ambfilt - ok
19:22:28.0156 0x01a8  amsint - ok
19:22:29.0125 0x01a8  [ 0D1E15010057B8426583A99CB179A6C4, 645C7D27E27AAC4124F7F907374B6A50D07D349B95AA869D7091372BD3AF653B ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe
19:22:29.0515 0x01a8  AntiVirSchedulerService - ok
19:22:29.0890 0x01a8  [ FDE9C7030FB1E9E2715E113EE6A10F90, 541F278D743C34C6D9940FC1250B90674EB88EC429D481012F27817DAB1B557A ] AntiVirService  C:\Programme\Avira\AntiVir Desktop\avguard.exe
19:22:30.0078 0x01a8  AntiVirService - ok
19:22:30.0296 0x01a8  [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:22:30.0343 0x01a8  Apple Mobile Device - ok
19:22:30.0484 0x01a8  [ D45960BE52C3C610D361977057F98C54, 9186589B502F46B47672CFB8EBD558D51B0F3CBFE4E0DDBA625A4265236518CE ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
19:22:30.0625 0x01a8  AppMgmt - ok
19:22:30.0656 0x01a8  asc - ok
19:22:30.0687 0x01a8  asc3350p - ok
19:22:30.0734 0x01a8  asc3550 - ok
19:22:30.0796 0x01a8  [ 9D8CB58B9A9E177DDD599791A58A654D, B3E645E8817696FA5D5E2255F9328F3B6A2E5FCE91737F4D654FF155DC9851E5 ] AsIO            C:\WINDOWS\system32\drivers\AsIO.sys
19:22:30.0828 0x01a8  AsIO - ok
19:22:31.0156 0x01a8  [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
19:22:31.0218 0x01a8  aspnet_state - ok
19:22:31.0281 0x01a8  [ E67493490466B5F04B58C22D2590E8CA, 5E6B448A26FD735A962703FFB3C61D5A14A0B71CEFA999BA7879F5B05FD5FC73 ] AsUpIO          C:\WINDOWS\system32\drivers\AsUpIO.sys
19:22:31.0328 0x01a8  AsUpIO - ok
19:22:31.0390 0x01a8  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:22:31.0656 0x01a8  AsyncMac - ok
19:22:31.0734 0x01a8  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
19:22:31.0984 0x01a8  atapi - ok
19:22:32.0000 0x01a8  Atdisk - ok
19:22:32.0062 0x01a8  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:22:32.0296 0x01a8  Atmarpc - ok
19:22:32.0375 0x01a8  [ 58ED0D5452DF7BE732193E7999C6B9A4, 254E2ECF592DDA2E3E6CA9F6F3E77926E2265586A7937BA95199ED47BCDE69A3 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
19:22:32.0609 0x01a8  AudioSrv - ok
19:22:32.0687 0x01a8  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
19:22:32.0906 0x01a8  audstub - ok
19:22:33.0000 0x01a8  [ FE5C0B6E90EA6E0ECA1259571A13239F, 16FE8D7E8F750045DAD0D243FB69ABE9E5640388C907FA651FB0F38B4E9759BC ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys
19:22:33.0031 0x01a8  avgntflt - ok
19:22:33.0171 0x01a8  [ C0F13672DEA7BDB40A89414AB0411705, 5B0C2391340BEE31CB6D8D7433786EDD48BBCD5D5737A539D4A0A54F37636720 ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys
19:22:33.0218 0x01a8  avipbb - ok
19:22:33.0281 0x01a8  [ D8C712305F73CD34D1B344810E522728, 49A474FF6CA44E8427D7A8290B47395125B0148AF384CF2B3B1FA495A4718CBA ] avkmgr          C:\WINDOWS\system32\DRIVERS\avkmgr.sys
19:22:33.0312 0x01a8  avkmgr - ok
19:22:33.0390 0x01a8  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
19:22:33.0625 0x01a8  Beep - ok
19:22:33.0937 0x01a8  [ D6F603772A789BB3228F310D650B8BD1, A539025C70FD998A9B8703DE05CAE5E99BC721D8852EA561EBC2DD20CB371D2E ] BITS            C:\WINDOWS\system32\qmgr.dll
19:22:34.0468 0x01a8  BITS - ok
19:22:34.0843 0x01a8  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Programme\Bonjour\mDNSResponder.exe
19:22:35.0234 0x01a8  Bonjour Service - ok
19:22:35.0312 0x01a8  [ B2CC8D85D27BF10C5FAF5B98C335978E, 96A88DFBC7D3C2215933B5C06E6B0BCB674A81AA6399030FEC602193171C7E38 ] Browser         C:\WINDOWS\System32\browser.dll
19:22:35.0390 0x01a8  Browser - ok
19:22:35.0437 0x01a8  [ 92A964547B96D697E5E9ED43B4297F5A, 01A84802B68253FF093EAFED5B85DE716BB85EBD080D92D4814B6FB39286CD24 ] BrScnUsb        C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys
19:22:35.0484 0x01a8  BrScnUsb - ok
19:22:35.0531 0x01a8  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
19:22:35.0765 0x01a8  cbidf2k - ok
19:22:35.0765 0x01a8  cd20xrnt - ok
19:22:35.0796 0x01a8  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
19:22:36.0062 0x01a8  Cdaudio - ok
19:22:36.0140 0x01a8  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
19:22:36.0406 0x01a8  Cdfs - ok
19:22:36.0515 0x01a8  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:22:36.0765 0x01a8  Cdrom - ok
19:22:36.0781 0x01a8  Changer - ok
19:22:36.0796 0x01a8  [ 28E3040D1F1CA2008CD6B29DFEBC9A5E, ACB458E8A11AA2143734A5A0281973D95158E6402A6453F98F9832D1E19B01F9 ] CiSvc           C:\WINDOWS\system32\cisvc.exe
19:22:37.0062 0x01a8  CiSvc - ok
19:22:37.0093 0x01a8  [ 778A30ED3C134EB7E406AFC407E9997D, 3E6AD115AB2596EB001BC21AEADDBC75F27C42DB90C986B7AD17743CE631234E ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
19:22:37.0343 0x01a8  ClipSrv - ok
19:22:37.0453 0x01a8  [ 7FA87325900183197BC9710D1CE4C9FA, EFFCB4FDB69A01B019785F203F9779832AF7DE77FCE47B9421BEDC34816C1D82 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:22:37.0531 0x01a8  clr_optimization_v2.0.50727_32 - ok
19:22:37.0562 0x01a8  CmdIde - ok
19:22:37.0578 0x01a8  COMSysApp - ok
19:22:37.0625 0x01a8  Cpqarray - ok
19:22:37.0718 0x01a8  [ 611F824E5C703A5A899F84C5F1699E4D, 9EFA5612FE58E9974E4CC13D39D91D7B5DEA3ED66BEFBED3AAE6D2800FD8162A ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
19:22:38.0000 0x01a8  CryptSvc - ok
19:22:38.0015 0x01a8  dac2w2k - ok
19:22:38.0015 0x01a8  dac960nt - ok
19:22:38.0296 0x01a8  [ D3D765E8455A961AE567B408F767D4F9, 897180595F716C9D1F86E08D976C843D2108B751210C035A09411C52B7E6EEFA ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
19:22:38.0531 0x01a8  DcomLaunch - ok
19:22:38.0656 0x01a8  [ C29A1C9B75BA38FA37F8C44405DEC360, 7476D8BC4380CDE56764B2034AF3741DA4ED00F315E41C9A02B5EAD04374F241 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
19:22:38.0890 0x01a8  Dhcp - ok
19:22:38.0937 0x01a8  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
19:22:39.0187 0x01a8  Disk - ok
19:22:39.0203 0x01a8  dmadmin - ok
19:22:39.0734 0x01a8  [ 0DCFC8395A99FECBB1EF771CEC7FE4EA, 89B0AEE5BE01B9FE4FF2989FF16DB6121721ACDFCE6D9655C0ACD321D8C308BE ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
19:22:40.0671 0x01a8  dmboot - ok
19:22:40.0796 0x01a8  [ 53720AB12B48719D00E327DA470A619A, 800264866A6267C9000A85D00095D57908D059D737E5F28C9C4049B884C46228 ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
19:22:41.0062 0x01a8  dmio - ok
19:22:41.0093 0x01a8  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
19:22:41.0328 0x01a8  dmload - ok
19:22:41.0359 0x01a8  [ 25C83FFBBA13B554EB6D59A9B2E2EE78, 9FBD655ED3E9163AE11EC207F283E387EFBA5A23108EC790BAE4846B35E66F16 ] dmserver        C:\WINDOWS\System32\dmserver.dll
19:22:41.0656 0x01a8  dmserver - ok
19:22:41.0703 0x01a8  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
19:22:41.0968 0x01a8  DMusic - ok
19:22:42.0046 0x01a8  [ 4548494812BA3B416D489E0C6AF8D643, 29FDA5352C731F65816250BC0A4A0B67516F1BCCBD56B527EC54210CFA48A647 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
19:22:42.0093 0x01a8  Dnscache - ok
19:22:42.0203 0x01a8  [ 676E36C4FF5BCEA1900F44182B9723E6, 740CF18BD40E00FEA26CF0E6340C5D18F7D0B4390055FAEEC258B3AA790C4AE9 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
19:22:42.0500 0x01a8  Dot3svc - ok
19:22:42.0515 0x01a8  dpti2o - ok
19:22:42.0562 0x01a8  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
19:22:42.0796 0x01a8  drmkaud - ok
19:22:42.0875 0x01a8  [ 4E4F2FDDAB0A0736D7671134DCCE91FB, 8E2C57D1A006856C47CBDD5765A9DD317DB205B26DA8BFC70555A506257A1CD9 ] EapHost         C:\WINDOWS\System32\eapsvc.dll
19:22:43.0109 0x01a8  EapHost - ok
19:22:43.0140 0x01a8  [ 877C18558D70587AA7823A1A308AC96B, 6B336A62112988D855513F45153F73F8470C41A448E9B7438B4A8EC1813AABF1 ] ERSvc           C:\WINDOWS\System32\ersvc.dll
19:22:43.0390 0x01a8  ERSvc - ok
19:22:43.0578 0x01a8  [ F0A7D59AF279326528715B206669B86C, 2ABEFAA5C2C4A9487F7DBB1A92E65A72073DF9073F4F02083422A60AF49D42A3 ] Eventlog        C:\WINDOWS\system32\services.exe
19:22:43.0640 0x01a8  Eventlog - ok
19:22:43.0812 0x01a8  [ ADA7241C16F3F42C7F210539FAD5F3AA, 70CF3FD831AD049D7C11AF0636E12FFC76A198BA05FC745CEB9A48516B9FA99E ] EventSystem     C:\WINDOWS\system32\es.dll
19:22:43.0921 0x01a8  EventSystem - ok
19:22:44.0062 0x01a8  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
19:22:44.0296 0x01a8  Fastfat - ok
19:22:44.0484 0x01a8  [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
19:22:44.0609 0x01a8  FastUserSwitchingCompatibility - ok
19:22:44.0796 0x01a8  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys
19:22:45.0046 0x01a8  Fdc - ok
19:22:45.0171 0x01a8  [ B0678A548587C5F1967B0D70BACAD6C1, 7E49910212ED87313F926E4800EA8D34809C287A686CA69B82B79C1A6451F88C ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
19:22:45.0437 0x01a8  Fips - ok
19:22:45.0531 0x01a8  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
19:22:45.0843 0x01a8  Flpydisk - ok
19:22:46.0062 0x01a8  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\DRIVERS\fltMgr.sys
19:22:46.0406 0x01a8  FltMgr - ok
19:22:46.0875 0x01a8  [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
19:22:46.0953 0x01a8  FontCache3.0.0.0 - ok
19:22:47.0046 0x01a8  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:22:47.0437 0x01a8  Fs_Rec - ok
19:22:47.0593 0x01a8  [ 8F1955CE42E1484714B542F341647778, 8EB3F99625F409D3032561E8AB44BEFBFBFBA4EC873C2151C92A5CAAF7F2AA55 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:22:47.0875 0x01a8  Ftdisk - ok
19:22:48.0125 0x01a8  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
19:22:48.0171 0x01a8  GEARAspiWDM - ok
19:22:48.0562 0x01a8  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:22:48.0843 0x01a8  Gpc - ok
19:22:49.0437 0x01a8  [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
19:22:49.0703 0x01a8  HDAudBus - ok
19:22:50.0328 0x01a8  [ CB66BF85BF599BEFD6C6A57C2E20357F, 55D3A0F9279FF316766F42548FCB61C452942B08A37590C4892DF110BE4E53C6 ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
19:22:50.0718 0x01a8  helpsvc - ok
19:22:50.0796 0x01a8  [ B35DA85E60C0103F2E4104532DA2F12B, E13C9F73DF7713554CB614B36123D75014F5121AA1FC9069733E61758751CBE4 ] HidServ         C:\WINDOWS\System32\hidserv.dll
19:22:51.0234 0x01a8  HidServ - ok
19:22:51.0437 0x01a8  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] hidusb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:22:52.0046 0x01a8  hidusb - ok
19:22:52.0234 0x01a8  [ ED29F14101523A6E0E808107405D452C, B8FA987637787BEECC2EB06D36293DAC355523392B49A8C5A9491EEE961917E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
19:22:52.0468 0x01a8  hkmsvc - ok
19:22:52.0500 0x01a8  hpn - ok
19:22:52.0734 0x01a8  [ 937031C085718C1C04A9C0864625EC6B, B812A70063750090202D646F466BD7F0377413F74AD109F8097CB2A1FB42466B ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
19:22:53.0109 0x01a8  HTTP - ok
19:22:53.0312 0x01a8  [ 9E4ADB854CEBCFB81A4B36718FEECD16, 677AB64460775686F8366D6BF35D420A2486C3F07338A00A7C2788A5142B9F08 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
19:22:53.0718 0x01a8  HTTPFilter - ok
19:22:53.0765 0x01a8  i2omgmt - ok
19:22:53.0781 0x01a8  i2omp - ok
19:22:54.0031 0x01a8  [ E283B97CFBEB86C1D86BAED5F7846A92, 7664F791D08C80DF1E52B34BE69F073AA645610C4BD975F498254807602374AB ] i8042prt        C:\WINDOWS\system32\drivers\i8042prt.sys
19:22:54.0468 0x01a8  i8042prt - ok
19:22:58.0640 0x01a8  [ C4018896856A1A1F1F3A0A6EE7206551, DD7F27655E56296E6A5EBFB3B91047201C0D76E6271E1ACE1037DCCC2BFCB6BC ] ialm            C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
19:23:05.0546 0x01a8  ialm - ok
19:23:06.0234 0x01a8  [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:23:07.0015 0x01a8  idsvc - ok
19:23:07.0109 0x01a8  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
19:23:07.0343 0x01a8  Imapi - ok
19:23:07.0453 0x01a8  [ D4B413AA210C21E46AEDD2BA5B68D38E, 2309622867AA8FC832A729FA78F48742D4BD6CA0DAFBFB9DDB0772D671E1ED75 ] ImapiService    C:\WINDOWS\system32\imapi.exe
19:23:07.0718 0x01a8  ImapiService - ok
19:23:07.0734 0x01a8  ini910u - ok
19:23:11.0500 0x01a8  [ D934B46D095285D8E3EE21F739BB4AD0, 0DA382ECB22DE2BBEAA3BE58A673CD7CED0339926C6B85ABE8CA5EFC0FE1AA79 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
19:23:19.0046 0x01a8  IntcAzAudAddService - ok
19:23:19.0078 0x01a8  IntelIde - ok
19:23:19.0171 0x01a8  [ 4C7D2750158ED6E7AD642D97BFFAE351, C05E4799752F090DCB632F07F62ADE38D31534621064D269AD535CA0BDFED448 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
19:23:19.0390 0x01a8  intelppm - ok
19:23:19.0437 0x01a8  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw           C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
19:23:19.0687 0x01a8  Ip6Fw - ok
19:23:19.0750 0x01a8  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:23:19.0968 0x01a8  IpFilterDriver - ok
19:23:20.0000 0x01a8  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:23:20.0218 0x01a8  IpInIp - ok
19:23:20.0328 0x01a8  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:23:20.0562 0x01a8  IpNat - ok
19:23:21.0046 0x01a8  [ C00149A7027081539A66DC5A46695EAD, 51F01CD6B37BA52B3D4DC9CAE3A9FBDDB2FA6FB6A9E779C9157BB056CEC3BEC9 ] iPod Service    C:\Programme\iPod\bin\iPodService.exe
19:23:21.0500 0x01a8  iPod Service - ok
19:23:21.0625 0x01a8  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:23:21.0859 0x01a8  IPSec - ok
19:23:21.0906 0x01a8  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
19:23:22.0031 0x01a8  IRENUM - ok
19:23:22.0093 0x01a8  [ 6DFB88F64135C525433E87648BDA30DE, 8233EEFBEF36AAA152F2C55D23D7118F0DE40C9C22EB5D9793405A4770889540 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:23:22.0343 0x01a8  isapnp - ok
19:23:22.0593 0x01a8  [ 80A79264302910C7C24BA7E44267EFEF, 6080C233478350C8E07515D20D2D60C3758C4A65432B04E8C8B816248621A3EF ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe
19:23:22.0703 0x01a8  JavaQuickStarterService - ok
19:23:22.0750 0x01a8  [ 1704D8C4C8807B889E43C649B478A452, E854C90CD301F42BE2520CEDAD35E49DF2D43606CF4EEED861B74882118D04D1 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:23:22.0984 0x01a8  Kbdclass - ok
19:23:23.0015 0x01a8  [ B6D6C117D771C98130497265F26D1882, E79CC4EA5C088F988BA61F80764F9CAD9B78BC56A7E17DD54622C75483BC5DF4 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
19:23:23.0250 0x01a8  kbdhid - ok
19:23:23.0375 0x01a8  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
19:23:23.0609 0x01a8  kmixer - ok
19:23:23.0703 0x01a8  [ C6EBF1D6AD71DF30DB49B8D3287E1368, 09A8F5BCE774BA8881195AB390692048C3B05EDC8C0BF3ACBC673FD391A29D72 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
19:23:23.0734 0x01a8  KSecDD - ok
19:23:23.0843 0x01a8  [ 41202C42C8D1A4465AB121F806E93F24, 86E2E3CB8591FCDEA91B2FF99FF869C51DDC4D663882CE612B7FB522926DF60E ] LanmanServer    C:\WINDOWS\System32\srvsvc.dll
19:23:23.0906 0x01a8  LanmanServer - ok
19:23:24.0062 0x01a8  [ C9B816901C1ABF28BA6C5B6CB65EB75B, CF155F810851D2478F99363A3B788F243A5D446516B6497EDAAA7CBDB8108224 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
19:23:24.0109 0x01a8  lanmanworkstation - ok
19:23:24.0109 0x01a8  lbrtfdc - ok
19:23:24.0218 0x01a8  [ 636714B7D43C8D0C80449123FD266920, F06F6C7DC49B26EFCAC3570C67BA9BD934F62C6F382DA4DD2AB302C7B970F414 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
19:23:24.0421 0x01a8  LmHosts - ok
19:23:24.0468 0x01a8  [ B7550A7107281D170CE85524B1488C98, A3854B16A65436BEF6BEDE918B43B3BE8F00D303660DB5831DD376271DC43239 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
19:23:24.0703 0x01a8  Messenger - ok
19:23:24.0750 0x01a8  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
19:23:24.0953 0x01a8  mnmdd - ok
19:23:25.0015 0x01a8  [ C2F1D365FD96791B037EE504868065D3, 87BD87E08FD00D115524B049F1A3A719AB86557D68968E7090CD0F271F985CAF ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
19:23:25.0234 0x01a8  mnmsrvc - ok
19:23:25.0312 0x01a8  [ 6FB74EBD4EC57A6F1781DE3852CC3362, 0454509D9A31E0202C08AE17294E2682F227D177A3C73B303E4C8332757AFCA1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
19:23:25.0546 0x01a8  Modem - ok
19:23:27.0562 0x01a8  [ C7D9F9717916B34C1B00DD4834AF485C, A9512A03E8142C83534189963F90ADA6FA425BD606928C40C3D724177105A658 ] Monfilt         C:\WINDOWS\system32\drivers\Monfilt.sys
19:23:31.0703 0x01a8  Monfilt - ok
19:23:32.0062 0x01a8  [ B24CE8005DEAB254C0251E15CB71D802, 6804A8ABDAD5EC846E7F8077D1EE9BA45D6226ACFF42C70BE3DE7C8980EF9EC4 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:23:32.0484 0x01a8  Mouclass - ok
19:23:32.0765 0x01a8  [ 66A6F73C74E1791464160A7065CE711A, 3C570FA1E8EF976B83759220FE95BAC9D7D48D607F91B113EDE4790D34ACBD46 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
19:23:33.0125 0x01a8  mouhid - ok
19:23:33.0343 0x01a8  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
19:23:33.0750 0x01a8  MountMgr - ok
19:23:33.0765 0x01a8  mraid35x - ok
19:23:34.0171 0x01a8  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:23:34.0640 0x01a8  MRxDAV - ok
19:23:35.0406 0x01a8  [ FB2FCCC70F7174C7BF64F48E96D3ADF4, 484B4DF0A500CAE8AFA4F3A6393615A3963D91C95939025DF1A172C9A67D951D ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:23:37.0140 0x01a8  MRxSmb - ok
19:23:37.0609 0x01a8  [ 35A031AF38C55F92D28AA03EE9F12CC9, 97245D204C886EE8DCCC2DEAC80A0E358A7E0C1982F77389DA50DCF091FC9DDC ] MSDTC           C:\WINDOWS\system32\msdtc.exe
19:23:37.0859 0x01a8  MSDTC - ok
19:23:38.0078 0x01a8  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
19:23:38.0531 0x01a8  Msfs - ok
19:23:38.0546 0x01a8  MSIServer - ok
19:23:38.0859 0x01a8  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:23:39.0218 0x01a8  MSKSSRV - ok
19:23:39.0343 0x01a8  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:23:39.0625 0x01a8  MSPCLOCK - ok
19:23:39.0781 0x01a8  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
19:23:40.0062 0x01a8  MSPQM - ok
19:23:40.0125 0x01a8  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:23:40.0328 0x01a8  mssmbios - ok
19:23:40.0437 0x01a8  [ D48659BB24C48345D926ECB45C1EBDF5, EDEDE58316827530C25F8085F62AD48EA6D44B0F8AC1917B940F53B02CF72EA6 ] MTsensor        C:\WINDOWS\system32\DRIVERS\ASACPI.sys
19:23:40.0484 0x01a8  MTsensor - ok
19:23:40.0578 0x01a8  [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
19:23:40.0625 0x01a8  Mup - ok
19:23:40.0828 0x01a8  [ 46BB15AE2AC7D025D6D2567B876817BD, 102A101B96D1078C98FA0F871C801A9A8538E20E5686AB0C7680B2F6C92B3165 ] napagent        C:\WINDOWS\System32\qagentrt.dll
19:23:41.0125 0x01a8  napagent - ok
19:23:41.0281 0x01a8  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
19:23:41.0515 0x01a8  NDIS - ok
19:23:41.0562 0x01a8  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:23:41.0609 0x01a8  NdisTapi - ok
19:23:41.0656 0x01a8  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:23:41.0921 0x01a8  Ndisuio - ok
19:23:42.0000 0x01a8  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:23:42.0250 0x01a8  NdisWan - ok
19:23:42.0296 0x01a8  [ 9282BD12DFB069D3889EB3FCC1000A9B, 09A46F1712BD9165068D8E153585FE3E6E5CBF4F1DDEC142115555D3A91AEC09 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
19:23:42.0359 0x01a8  NDProxy - ok
19:23:42.0421 0x01a8  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
19:23:42.0671 0x01a8  NetBIOS - ok
19:23:42.0796 0x01a8  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
19:23:43.0015 0x01a8  NetBT - ok
19:23:43.0125 0x01a8  [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDE          C:\WINDOWS\system32\netdde.exe
19:23:43.0359 0x01a8  NetDDE - ok
19:23:43.0453 0x01a8  [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
19:23:43.0687 0x01a8  NetDDEdsdm - ok
19:23:43.0750 0x01a8  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] Netlogon        C:\WINDOWS\system32\lsass.exe
19:23:43.0953 0x01a8  Netlogon - ok
19:23:44.0125 0x01a8  [ E6D88F1F6745BF00B57E7855A2AB696C, 12A5EDD853600FF5EBF91E127077745AE1E61E66DBC1D4D4306570F171AF4A39 ] Netman          C:\WINDOWS\System32\netman.dll
19:23:44.0375 0x01a8  Netman - ok
19:23:44.0515 0x01a8  [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:23:44.0625 0x01a8  NetTcpPortSharing - ok
19:23:44.0812 0x01a8  [ 4AA50627B01C0E9C6B4C6BD3AF648F12, D0CABA3CC35F15352EC4A1C70B14299000A168D548EEC24E3B229B19E349FB81 ] Nla             C:\WINDOWS\System32\mswsock.dll
19:23:44.0906 0x01a8  Nla - ok
19:23:44.0968 0x01a8  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
19:23:45.0203 0x01a8  Npfs - ok
19:23:45.0562 0x01a8  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
19:23:46.0156 0x01a8  Ntfs - ok
19:23:46.0218 0x01a8  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
19:23:46.0437 0x01a8  NtLmSsp - ok
19:23:46.0750 0x01a8  [ 56AF4064996FA5BAC9C449B1514B4770, 154602EFEC22728503D4ABA025DF711B0F2CFC983F5E3BF25F2A4BCD1AE250EC ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
19:23:47.0312 0x01a8  NtmsSvc - ok
19:23:47.0343 0x01a8  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys
19:23:47.0562 0x01a8  Null - ok
19:23:47.0609 0x01a8  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:23:47.0843 0x01a8  NwlnkFlt - ok
19:23:47.0906 0x01a8  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:23:48.0125 0x01a8  NwlnkFwd - ok
19:23:48.0531 0x01a8  [ 1F0E05DFF4F5A833168E49BE1256F002, A858267572033C185293B0FD15B2BFDA679D0771A14C0ADF24461B529DBAD8DF ] odserv          C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE
19:23:48.0968 0x01a8  odserv - ok
19:23:49.0093 0x01a8  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
19:23:49.0187 0x01a8  ose - ok
19:23:49.0328 0x01a8  [ F84785660305B9B903FB3BCA8BA29837, BDBDE61076800415D98759077E9E039C80B55DBE68E31F8BF44A909C6C3D3276 ] Parport         C:\WINDOWS\system32\drivers\Parport.sys
19:23:49.0546 0x01a8  Parport - ok
19:23:49.0578 0x01a8  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
19:23:49.0781 0x01a8  PartMgr - ok
19:23:49.0843 0x01a8  [ C2BF987829099A3EAA2CA6A0A90ECB4F, 1DF21EA8E43875CFEECD869407429F82FB449707CFB845718499468E699BAAAA ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
19:23:50.0046 0x01a8  ParVdm - ok
19:23:50.0125 0x01a8  [ 387E8DEDC343AA2D1EFBC30580273ACD, 5F3E642BDB759777E570ED5B22AC7E93CDCD362708F281657AD7BAB44EDEC802 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
19:23:50.0359 0x01a8  PCI - ok
19:23:50.0375 0x01a8  PCIDump - ok
19:23:50.0421 0x01a8  [ 59BA86D9A61CBCF4DF8E598C331F5B82, 822D11C5CE77BFD7B2F25350CCBF92B0B9388EEA6D86ED220B768C720976D839 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
19:23:50.0625 0x01a8  PCIIde - ok
19:23:50.0734 0x01a8  [ A2A966B77D61847D61A3051DF87C8C97, 6CED7CA26DC62B0AAFC83A2E07336DAD25954491201BB8E06103971F3F0B8B51 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
19:23:50.0953 0x01a8  Pcmcia - ok
19:23:50.0984 0x01a8  PDCOMP - ok
19:23:51.0031 0x01a8  PDFRAME - ok
19:23:51.0062 0x01a8  PDRELI - ok
19:23:51.0093 0x01a8  PDRFRAME - ok
19:23:51.0140 0x01a8  perc2 - ok
19:23:51.0171 0x01a8  perc2hib - ok
19:23:51.0640 0x01a8  [ F0A7D59AF279326528715B206669B86C, 2ABEFAA5C2C4A9487F7DBB1A92E65A72073DF9073F4F02083422A60AF49D42A3 ] PlugPlay        C:\WINDOWS\system32\services.exe
19:23:51.0687 0x01a8  PlugPlay - ok
19:23:51.0718 0x01a8  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
19:23:51.0921 0x01a8  PolicyAgent - ok
19:23:52.0000 0x01a8  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:23:52.0218 0x01a8  PptpMiniport - ok
19:23:52.0265 0x01a8  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
19:23:52.0468 0x01a8  ProtectedStorage - ok
19:23:52.0546 0x01a8  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
19:23:52.0828 0x01a8  PSched - ok
19:23:52.0890 0x01a8  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:23:53.0078 0x01a8  Ptilink - ok
19:23:53.0109 0x01a8  ql1080 - ok
19:23:53.0156 0x01a8  Ql10wnt - ok
19:23:53.0171 0x01a8  ql12160 - ok
19:23:53.0203 0x01a8  ql1240 - ok
19:23:53.0234 0x01a8  ql1280 - ok
19:23:53.0265 0x01a8  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:23:53.0765 0x01a8  RasAcd - ok
19:23:53.0859 0x01a8  [ F5BA6CACCDB66C8F048E867563203246, AFEAD8FC02313F7EBC8F9F39E7ED2868852B480BE3902FA7BD0AFD81492AB243 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
19:23:54.0078 0x01a8  RasAuto - ok
19:23:54.0156 0x01a8  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:23:54.0359 0x01a8  Rasl2tp - ok
19:23:54.0500 0x01a8  [ F9A7B66EA345726EDB5862A46B1ECCD5, 5D35429D394D36A1692A7E219BA1A85CD8096FEAE0F90BFE036A63118FEDBF57 ] RasMan          C:\WINDOWS\System32\rasmans.dll
19:23:54.0750 0x01a8  RasMan - ok
19:23:54.0812 0x01a8  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:23:55.0031 0x01a8  RasPppoe - ok
19:23:55.0078 0x01a8  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
19:23:55.0312 0x01a8  Raspti - ok
19:23:55.0437 0x01a8  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:23:55.0656 0x01a8  Rdbss - ok
19:23:55.0687 0x01a8  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:23:55.0953 0x01a8  RDPCDD - ok
19:23:56.0125 0x01a8  [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
19:23:56.0375 0x01a8  rdpdr - ok
19:23:56.0484 0x01a8  [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
19:23:56.0562 0x01a8  RDPWD - ok
19:23:56.0828 0x01a8  [ 263AF18AF0F3DB99F574C95F284CCEC9, 2BFA9952E97EFEB386FC56EC2C125080CD12DAC078DBE43C395CB4D9F22165D3 ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
19:23:57.0093 0x01a8  RDSessMgr - ok
19:23:57.0187 0x01a8  [ ED761D453856F795A7FE056E42C36365, EF026585B33415D8FCE94A9F27D7A4396C7C35C88E06A4CF0FEA702401E8597A ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
19:23:57.0390 0x01a8  redbook - ok
19:23:57.0437 0x01a8  [ 0E97EC96D6942CEEC2D188CC2EB69A01, D4253B4420BEF19451A55AB91E4834482181A31A31134F6E2AFE05C8E20C81A5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
19:23:57.0687 0x01a8  RemoteAccess - ok
19:23:57.0750 0x01a8  [ E4CD1F3D84E1C2CA0B8CF7501E201593, 649CC0B04F94D407EB6B4C7FDE2C6E4D2B1531307BC67C5775E44D66EF2E4F8A ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
19:23:57.0968 0x01a8  RemoteRegistry - ok
19:23:58.0046 0x01a8  [ 2A02E21867497DF20B8FC95631395169, D89E2D17ED4E1C727847C0E92D2DF68AEB70BF0B956BD2FE024ED70A961759D2 ] RpcLocator      C:\WINDOWS\system32\locator.exe
19:23:58.0296 0x01a8  RpcLocator - ok
19:23:58.0562 0x01a8  [ D3D765E8455A961AE567B408F767D4F9, 897180595F716C9D1F86E08D976C843D2108B751210C035A09411C52B7E6EEFA ] RpcSs           C:\WINDOWS\system32\rpcss.dll
19:23:58.0812 0x01a8  RpcSs - ok
19:23:58.0953 0x01a8  [ F9541F3B59DA30423F2F76EF443C07FC, 531FA15BB281D9C93CEEECAF02984EA78669D213E6D43EFF2E11CF522F7A8191 ] RSUSBSTOR       C:\WINDOWS\system32\Drivers\RtsUStor.sys
19:23:59.0015 0x01a8  RSUSBSTOR - ok
19:23:59.0140 0x01a8  [ 4BDD71B4B521521499DFD14735C4F398, 7B1498D3C67E56D05B58B7DA319ECB0117C37963AABB0E59B42831C087469DA1 ] RSVP            C:\WINDOWS\system32\rsvp.exe
19:23:59.0343 0x01a8  RSVP - ok
19:23:59.0453 0x01a8  [ 89619EF503F949FAE09252A8B883EE11, D410C0BE5E930CABE5523FBE071814500AE9C7B29054DFE98B14904A4A221423 ] RTLE8023xp      C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
19:23:59.0515 0x01a8  RTLE8023xp - ok
19:23:59.0546 0x01a8  [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] SamSs           C:\WINDOWS\system32\lsass.exe
19:23:59.0765 0x01a8  SamSs - ok
19:23:59.0859 0x01a8  [ DCEC079FAD95D36C8DD5CB6D779DFE32, F8546552D939A225853A0CE4913701A93738DF02C999D16E141E9A828814BBC6 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
19:24:00.0062 0x01a8  SCardSvr - ok
19:24:00.0250 0x01a8  [ A050194A44D7FA8D7186ED2F4E8367AE, BCDF56D5A2F9E202DC67E7FE4BCC617BCC0BDFF2D221A621020068B17B2855BB ] Schedule        C:\WINDOWS\system32\schedsvc.dll
19:24:00.0500 0x01a8  Schedule - ok
19:24:00.0531 0x01a8  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:24:00.0640 0x01a8  Secdrv - ok
19:24:00.0656 0x01a8  [ BEE4CFD1D48C23B44CF4B974B0B79B2B, DF3B02D713F8A4602BE75F004074D5DF79AFF2D58FF37110B2A6AC29F680758B ] seclogon        C:\WINDOWS\System32\seclogon.dll
19:24:00.0890 0x01a8  seclogon - ok
19:24:00.0953 0x01a8  [ 2AAC9B6ED9EDDFFB721D6452E34D67E3, 95D83F054A6610328D56E56CD948A6618C590231853E56FC20E7557DB61384A4 ] SENS            C:\WINDOWS\system32\sens.dll
19:24:01.0187 0x01a8  SENS - ok
19:24:01.0250 0x01a8  [ CF24EB4F0412C82BCD1F4F35A025E31D, B74CB094126F5C23F601C34D53B2DF5BE3E5918230AC9DCFCFFA8E66B3A0FA25 ] Serial          C:\WINDOWS\system32\drivers\Serial.sys
19:24:01.0468 0x01a8  Serial - ok
19:24:01.0546 0x01a8  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
19:24:01.0765 0x01a8  Sfloppy - ok
19:24:02.0000 0x01a8  [ CAD058D5F8B889A87CA3EB3CF624DCEF, A7CDCF44261D1F4D820927253EA8EBB63714B7BAFF8B08DE073507D9A7EEA5BB ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
19:24:02.0437 0x01a8  SharedAccess - ok
19:24:02.0546 0x01a8  [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:24:02.0625 0x01a8  ShellHWDetection - ok
19:24:02.0640 0x01a8  Simbad - ok
19:24:02.0656 0x01a8  Sparrow - ok
19:24:02.0765 0x01a8  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
19:24:02.0984 0x01a8  splitter - ok
19:24:03.0062 0x01a8  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
19:24:03.0109 0x01a8  Spooler - ok
19:24:03.0187 0x01a8  [ 50FA898F8C032796D3B1B9951BB5A90F, 1C86273EC19EB96D6DB9CE6670C00683B77C99C42CC2F7E75BC50872B93446B1 ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
19:24:03.0312 0x01a8  sr - ok
19:24:03.0437 0x01a8  [ FE77A85495065F3AD59C5C65B6C54182, EB4BAF992F961B2FD5D24BFCB6BCB2142BC32933139A818835FEAB190E4283BB ] srservice       C:\WINDOWS\system32\srsvc.dll
19:24:03.0562 0x01a8  srservice - ok
19:24:03.0828 0x01a8  [ 9B390283569EA58D43D2586032B892F5, FADC0AD9D8F715290F02A6A59B284A6AD53C5BD13933B1D3ECC03C558C9D5885 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
19:24:04.0140 0x01a8  Srv - ok
19:24:04.0406 0x01a8  [ 6A09C136CF33547820CB963E4D5AAF9E, 9D2EACD8B3CEAFEF237D9DB9155DD9C86EC20C51CF2F8EB0DA81767C05CE6A7D ] SSCBFS3         C:\WINDOWS\system32\DRIVERS\sscbfs3.sys
19:24:04.0500 0x01a8  SSCBFS3 - ok
19:24:04.0593 0x01a8  [ 4DF5B05DFAEC29E13E1ED6F6EE12C500, 2971D7D45D6942D310D47DBD19B9680D2D29527E79B86133C72217FD29259465 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
19:24:04.0718 0x01a8  SSDPSRV - ok
19:24:04.0828 0x01a8  [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv          C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
19:24:04.0859 0x01a8  ssmdrv - ok
19:24:05.0140 0x01a8  [ BC2C5985611C5356B24AEB370953DED9, 15CBAB8166827DC098E2B16AB6F49A1441A4CB52AF3588F0AD964CAB596DFE10 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
19:24:05.0609 0x01a8  stisvc - ok
19:24:05.0671 0x01a8  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
19:24:05.0890 0x01a8  swenum - ok
19:24:05.0968 0x01a8  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
19:24:06.0171 0x01a8  swmidi - ok
19:24:06.0187 0x01a8  SwPrv - ok
19:24:06.0203 0x01a8  symc810 - ok
19:24:06.0218 0x01a8  symc8xx - ok
19:24:06.0250 0x01a8  sym_hi - ok
19:24:06.0281 0x01a8  sym_u3 - ok
19:24:06.0343 0x01a8  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
19:24:06.0593 0x01a8  sysaudio - ok
19:24:06.0687 0x01a8  [ 2903FFFA2523926D6219428040DCE6B9, 4F13181931B0499F6C3F08138054DBCD1F84CB9806999A9172B80DE79D446F62 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
19:24:06.0953 0x01a8  SysmonLog - ok
19:24:07.0140 0x01a8  [ 05903CAC4B98908D55EA5774775B382E, AC3666CBD894D737874A5998DC7F46A0A51A7B23B1835FC735B9AD503A2191CC ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
19:24:07.0406 0x01a8  TapiSrv - ok
19:24:07.0656 0x01a8  [ AD978A1B783B5719720CFF204B666C8E, FA50A3664522C58E1637C06731B9CB9D56FF14F0A5F8AB496A1945585E8A2C16 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:24:07.0953 0x01a8  Tcpip - ok
19:24:08.0000 0x01a8  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
19:24:08.0203 0x01a8  TDPIPE - ok
19:24:08.0234 0x01a8  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
19:24:08.0453 0x01a8  TDTCP - ok
19:24:12.0984 0x01a8  [ 56BD31FA4B12F838871F5A00EADB8959, 5DA7B0CEA629F0524B757CA7DEEA198571461EC6385D486E566D7E8237705432 ] TeamViewer8     C:\Programme\TeamViewer\Version8\TeamViewer_Service.exe
19:24:27.0093 0x01a8  TeamViewer8 - ok
19:24:27.0171 0x01a8  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
19:24:27.0390 0x01a8  TermDD - ok
19:24:27.0609 0x01a8  [ B7DE02C863D8F5A005A7BF375375A6A4, 6DE05A7B28CA5A78D58536347FC47F15883EEDBEF487CEA0117CC280FC582DCC ] TermService     C:\WINDOWS\System32\termsrv.dll
19:24:27.0937 0x01a8  TermService - ok
19:24:28.0125 0x01a8  [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] Themes          C:\WINDOWS\System32\shsvcs.dll
19:24:28.0171 0x01a8  Themes - ok
19:24:28.0250 0x01a8  [ 03681A1CE77F51586903869A5AB1DEAB, E2EC0A481412166B654682C2F3D953E96E757466135CBD2D813B967EDB13C721 ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
19:24:28.0390 0x01a8  TlntSvr - ok
19:24:28.0390 0x01a8  TosIde - ok
19:24:28.0468 0x01a8  [ 626504572B175867F30F3215C04B3E2F, 47E87CE9BC666D5CB5953C5D497DC00A7CC28F8EC0A064B3E47700279C5C4B91 ] TrkWks          C:\WINDOWS\system32\trkwks.dll
19:24:28.0718 0x01a8  TrkWks - ok
19:24:28.0812 0x01a8  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
19:24:29.0031 0x01a8  Udfs - ok
19:24:29.0062 0x01a8  ultra - ok
19:24:29.0343 0x01a8  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
19:24:29.0859 0x01a8  Update - ok
19:24:30.0000 0x01a8  [ 1DFD8975D8C89214B98D9387C1125B49, 0B6B268487C8E45E9B86BF4A0A9DB669E0E45D600DE3C82B63F9986CA9E01082 ] upnphost        C:\WINDOWS\System32\upnphost.dll
19:24:30.0156 0x01a8  upnphost - ok
19:24:30.0203 0x01a8  [ 9B11E6118958E63E1FEF129466E2BDA7, 97168BCE3F4A9BB9E6500F05E34851FB957B219C598944FADC28AC0011C0503B ] UPS             C:\WINDOWS\System32\ups.exe
19:24:30.0406 0x01a8  UPS - ok
19:24:30.0468 0x01a8  [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:24:30.0531 0x01a8  usbccgp - ok
19:24:30.0562 0x01a8  [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:24:30.0609 0x01a8  usbehci - ok
19:24:30.0703 0x01a8  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:24:30.0921 0x01a8  usbhub - ok
19:24:30.0968 0x01a8  [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
19:24:31.0203 0x01a8  usbprint - ok
19:24:31.0234 0x01a8  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] usbstor         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:24:31.0453 0x01a8  usbstor - ok
19:24:31.0500 0x01a8  [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
19:24:31.0734 0x01a8  usbuhci - ok
19:24:31.0781 0x01a8  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
19:24:32.0000 0x01a8  VgaSave - ok
19:24:32.0015 0x01a8  ViaIde - ok
19:24:32.0078 0x01a8  [ A5A712F4E880874A477AF790B5186E1D, FE885ED04C3EAFC379787F836738A2769E43D07CF52DD917D90C38E001957A5E ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
19:24:32.0296 0x01a8  VolSnap - ok
19:24:32.0500 0x01a8  [ 68F106273BE29E7B7EF8266977268E78, 1488AB7A654EBC94C73E1D494067189ACB95BC233980110CAC4C0297CDC4115A ] VSS             C:\WINDOWS\System32\vssvc.exe
19:24:32.0640 0x01a8  VSS - ok
19:24:32.0765 0x01a8  [ 7B353059E665F8B7AD2BBEAEF597CF45, 84A4311F18A4B8DCB364741DEA7D18E2363F19564B2EF25214965DC729527068 ] W32Time         C:\WINDOWS\system32\w32time.dll
19:24:33.0031 0x01a8  W32Time - ok
19:24:33.0109 0x01a8  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:24:33.0328 0x01a8  Wanarp - ok
19:24:33.0343 0x01a8  WDICA - ok
19:24:33.0406 0x01a8  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
19:24:33.0625 0x01a8  wdmaud - ok
19:24:33.0703 0x01a8  [ 81727C9873E3905A2FFC1EBD07265002, 6AC2383A1DCBB7FA3DB90FBB874C8E1819F5B7492717FF41E303EFC7BF72F93E ] WebClient       C:\WINDOWS\System32\webclnt.dll
19:24:33.0921 0x01a8  WebClient - ok
19:24:34.0203 0x01a8  [ 6F3F3973D97714CC5F906A19FE883729, 7817118BE94D0F6FAE0F9CE48AD70FFE0AEF886CCE09C666768FAB61047F992F ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
19:24:34.0406 0x01a8  winmgmt - ok
19:24:34.0531 0x01a8  [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN        C:\WINDOWS\system32\mspmsnsv.dll
19:24:34.0578 0x01a8  WmdmPmSN - ok
19:24:35.0062 0x01a8  [ 57FA31A965D8FC3172641A93618FBE9E, 99F71CB79290C2B34926C96263672AB8A476A5660C98228770C52E5962DEE74A ] Wmi             C:\WINDOWS\System32\advapi32.dll
19:24:35.0656 0x01a8  Wmi - ok
19:24:35.0828 0x01a8  [ 93908111BA57A6E60EC2FA2DE202105C, F395F25F18D15C6B9FEDB45FD31E10295FFE5517E2BC86ACAC11904EA0664BE2 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
19:24:36.0093 0x01a8  WmiApSrv - ok
19:24:36.0703 0x01a8  [ BF05650BB7DF5E9EBDD25974E22403BB, AF173D89B768CFC7AB03DFADD4F049CAC40AC59A0C9208AF5AB92CB368983077 ] WMPNetworkSvc   C:\Programme\Windows Media Player\WMPNetwk.exe
19:24:37.0781 0x01a8  WMPNetworkSvc - ok
19:24:37.0875 0x01a8  [ 300B3E84FAF1A5C1F791C159BA28035D, 0194856BDF94C1F274AF70AD558290ACDACDDEA331BD66FEB8E167ABD1E36786 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
19:24:38.0109 0x01a8  wscsvc - ok
19:24:38.0156 0x01a8  [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085, A1DB8909FA73337DB613D01824945485186654364A4DF129B8CB913CF87D1D2E ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
19:24:38.0375 0x01a8  wuauserv - ok
19:24:38.0437 0x01a8  [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
19:24:38.0500 0x01a8  WudfPf - ok
19:24:38.0609 0x01a8  [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
19:24:38.0656 0x01a8  WudfRd - ok
19:24:38.0703 0x01a8  [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
19:24:38.0750 0x01a8  WudfSvc - ok
19:24:39.0078 0x01a8  [ C4F109C005F6725162D2D12CA751E4A7, AC996B44338328BDD4442FE48406F286A64526F0EC77BE00A19FA7FDB0407CFE ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
19:24:39.0640 0x01a8  WZCSVC - ok
19:24:39.0734 0x01a8  [ 0ADA34871A2E1CD2CAAFED1237A47750, 45BEF8649078BD74C1A347B5F2D3A1958E5A7DCD6C6BA8A2E0CAD277A929C64E ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
19:24:39.0984 0x01a8  xmlprov - ok
19:24:40.0000 0x01a8  ================ Scan global ===============================
19:24:40.0078 0x01a8  [ 2C60091CA5F67C3032EAB3B30390C27F, 9E205C8E67F4B61FCFA2A82AA1968D522C3B6410D7075BE813F7F1564D61632E ] C:\WINDOWS\system32\basesrv.dll
19:24:40.0312 0x01a8  [ 935B583E1E780BDB75718EAFD9667366, A0D5B616DE7D1F16D203CE96F258B931B493B375305809ECD3B47EE99294E451 ] C:\WINDOWS\system32\winsrv.dll
19:24:40.0578 0x01a8  [ 935B583E1E780BDB75718EAFD9667366, A0D5B616DE7D1F16D203CE96F258B931B493B375305809ECD3B47EE99294E451 ] C:\WINDOWS\system32\winsrv.dll
19:24:40.0703 0x01a8  [ F0A7D59AF279326528715B206669B86C, 2ABEFAA5C2C4A9487F7DBB1A92E65A72073DF9073F4F02083422A60AF49D42A3 ] C:\WINDOWS\system32\services.exe
19:24:40.0718 0x01a8  [ Global ] - ok
19:24:40.0718 0x01a8  ================ Scan MBR ==================================
19:24:40.0750 0x01a8  [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
19:24:41.0296 0x01a8  \Device\Harddisk0\DR0 - detected TDSS File System ( 1 )
19:24:41.0296 0x01a8  \Device\Harddisk0\DR0 ( TDSS File System ) - warning
19:24:43.0734 0x01a8  ================ Scan VBR ==================================
19:24:43.0937 0x01a8  [ 650A24AB0A5EFC0C944CE0F12CC50755 ] \Device\Harddisk0\DR0\Partition1
19:24:43.0937 0x01a8  \Device\Harddisk0\DR0\Partition1 - ok
19:24:43.0937 0x01a8  Waiting for KSN requests completion. In queue: 34
19:24:44.0937 0x01a8  Waiting for KSN requests completion. In queue: 34
19:24:45.0984 0x01a8  AV detected via SS1: Avira Desktop, 13.6.0.778, enabled, outofdate
19:24:46.0343 0x01a8  Win FW state via NFM: enabled
19:24:48.0734 0x01a8  ============================================================
19:24:48.0734 0x01a8  Scan finished
19:24:48.0734 0x01a8  ============================================================
19:24:48.0968 0x0c90  Detected object count: 1
19:24:48.0968 0x0c90  Actual detected object count: 1
19:25:06.0968 0x0c90  \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
19:25:06.0968 0x0c90  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip 
19:26:01.0593 0x0fd0  Deinitialize success
__________________
Antwort

Themen zu BKA Trojaner (und vielleicht andere?)
abgeschaltet, adware/installcore.gen, adware/yontoo.gen2, andere, benutzerkonto, bka trojaner, exp/pidief.aik.1, große, laufe, popup, quarantäne, tr/reveton.a.2326, tr/shakat.o.70, tr/spy.bebloh.u, tr/spy.zbot.ajoumea, trojaner


« BKA-Trojaner Sperrbildschirm Windows Vista (32bit) kein abgesicherter Modus | Windows 8 Unerwünschtes aufpoppen durch rvzr-a.akamaihd.net »


Ähnliche Themen: BKA Trojaner (und vielleicht andere?)


  1. Whilokii Virus+vielleicht auch andere, langsames System,
    Log-Analyse und Auswertung - 24.10.2013 (5)
  2. BKA Trojaner.... Vielleicht ein ganz neuer?
    Plagegeister aller Art und deren Bekämpfung - 05.03.2013 (13)
  3. Vielleicht Probleme mit Trojaner, Malware, etc. (Crossrider, Gameplaylab, installbrain gefunden)
    Plagegeister aller Art und deren Bekämpfung - 30.12.2012 (1)
  4. Google.de nicht erreichbar - andere Seiten sehr langsam - andere normal DNS-Provider Problem oder Trojaner?
    Log-Analyse und Auswertung - 05.09.2012 (2)
  5. Abnow Trojaner (und vielleicht noch anderes) Logs im Anhang
    Plagegeister aller Art und deren Bekämpfung - 17.03.2012 (5)
  6. Vielleicht wieder ein Trojaner?
    Plagegeister aller Art und deren Bekämpfung - 13.01.2011 (2)
  7. Gestern vielleicht Trojaner eingefangen
    Plagegeister aller Art und deren Bekämpfung - 08.01.2010 (1)
  8. Festplatte ist daueraktiv vielleicht Virus oder Trojaner drauf?
    Log-Analyse und Auswertung - 09.09.2009 (3)
  9. Problem, vielleicht Trojaner?
    Plagegeister aller Art und deren Bekämpfung - 22.04.2009 (22)
  10. Spielt vielleicht ein Trojaner mit mir ?
    Log-Analyse und Auswertung - 25.02.2009 (7)
  11. PC langsam, Trojaner etc. vielleicht noch vorhanden?
    Log-Analyse und Auswertung - 02.01.2009 (0)
  12. Vundo (oder vielleicht doch nixcht mehr)? und andere Probleme
    Plagegeister aller Art und deren Bekämpfung - 15.06.2008 (8)
  13. Habe ich vielleicht ein Virus oder ein Trojaner?
    Mülltonne - 20.08.2007 (0)
  14. Hoffe auf Hilfe,Teamspeak 2 Ping zu hoch!Vielleicht ein Trojaner o.Ä.!
    Log-Analyse und Auswertung - 14.03.2007 (1)
  15. ...Habe vielleicht Trojaner auf PC...was tun???!!!...weiss nicht mehr weiter...!!!
    Plagegeister aller Art und deren Bekämpfung - 03.01.2007 (14)
  16. ProRat Trojaner vielleicht?
    Log-Analyse und Auswertung - 20.04.2006 (2)
  17. Habe vielleicht Trojaner auf dem pc
    Log-Analyse und Auswertung - 20.10.2005 (5)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema BKA Trojaner (und vielleicht andere?) - Sind diese Policies bewusst gesetzt worden? Zitat: HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot%*.exe HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows - BKA Trojaner (und vielleicht andere?)...
Archiv
Du betrachtest: BKA Trojaner (und vielleicht andere?) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131