50€-Trojaner "Suspicious.Cloud.7.EP"

toni_ks · 01.04.2012, 13:09

Schönen guten Tag,
ich habe mir am 29.03 leider den o.g. Trojaner/Virus eingefangen und versuche diesen nun wieder von meinem System zu bekommen.
WIN XP Professional Service Pack 3
Norton Internet Security 2012

50€-Seite erschien plötzlich während des surfens im Internet. Da keine Befehlseingabe möglich war, habe ich den Rechner "abgewürgt". Der sofortige Scan mit dem aktuellen Norton Internet Security 2012 brachte keine Ergebinsse. Auch der Norton Power Eraser fand keine Auffälligkeiten.

CC-Cleaner gestartet und anschließend Neustart des Rechners.
Norton Auto Protect fand im Anschluss nach jedem Neustart den "Suspicious.Cloud.7.EP und hat diesen laut dem Sicherheitsverlauf unter "behobene Sicherheitsrisiken" behoben. Seit dem erscheint die 50€Seite nicht mehr,a ber ich befürchte, dass dieser Trojaner noch auf meinem Rechner ist.

Viele Internetseiten lassen sich problemlos aufrufen, andere fast überhaupt nicht. z.B. Bild.de, google und auch das Trojaner-Board.de laden sich nicht, oder erst nach 5 - 6 Min.
Daher poste ich mein Problem über einen anderen Rechner (Laptop)

Für Unterstützung bedanke ich mich bereits im Voraus
toni_ks

dds.txt:

.DDS Logfile:

Code:

ATTFilter

DDS (Ver_2011-08-26.01) - NTFSx86 
Internet Explorer: 8.0.6001.18702
Run by Dirk at 11:18:09 on 2012-04-01
Microsoft Windows XP Professional  5.1.2600.3.1252.49.1031.18.1023.443 [GMT 2:00]
.
.
============== Running Processes ===============
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\Ati2evxx.exe
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Programme\Microsoft IntelliType Pro\itype.exe
C:\Programme\Microsoft IntelliPoint\ipoint.exe
D:\Programme\HP\HP Software Update\HPWuSchd2.exe
D:\Programme\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programme\Microsoft IntelliType Pro\dpupdchk.exe
C:\Programme\T-Home\Eumex 800 V1.30\ControlCenter.exe
C:\Programme\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
svchost.exe
C:\Programme\Memeo\AutoBackup\MemeoService.exe
C:\WINDOWS\system32\svchost.exe -k bthsvcs
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\WINDOWS\system32\svchost.exe -k HPService
D:\Programme\bin\jqs.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe -k HPZ12
D:\Programme\Norton Internet Security\Engine\19.6.2.10\ccSvcHst.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\rvs_cent.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\SearchIndexer.exe
D:\Programme\Norton Internet Security\Engine\19.6.2.10\ccSvcHst.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\CTIL2C32.EXE
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.t-online.de/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - d:\programme\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\programme\gemeinsame dateien\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Norton Identity Protection: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - d:\programme\norton internet security\engine\19.6.2.10\coIEPlg.dll
BHO: Norton Vulnerability Protection: {6d53ec84-6aae-4787-aeee-f4628f01010c} - d:\programme\norton internet security\engine\19.6.2.10\ips\IPSBHO.DLL
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - d:\programme\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - d:\programme\bin\ssv.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\programme\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\programme\google\googletoolbarnotifier\5.7.7227.1100\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - d:\programme\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - d:\programme\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - d:\programme\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - d:\programme\norton internet security\engine\19.6.2.10\coIEPlg.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\programme\google\google toolbar\GoogleToolbar_32.dll
TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - d:\programme\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [swg] "c:\programme\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRunOnce: [Shockwave Updater] c:\windows\system32\adobe\shockw~1\SWHELP~1.EXE -Update -1100458 -Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; GTB0.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 3.0.04506.648; InfoPath.2; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)
mRun: [Verknüpfung mit der High Definition Audio-Eigenschaftenseite] HDAudPropShortcut.exe
mRun: [StartCCC] "c:\programme\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [osCheck] "c:\programme\neuer ordner\osCheck.exe"
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [itype] "c:\programme\microsoft intellitype pro\itype.exe"
mRun: [IntelliPoint] "c:\programme\microsoft intellipoint\ipoint.exe"
mRun: [HP Software Update] d:\programme\hp\hp software update\HPWuSchd2.exe
mRun: [GrooveMonitor] "d:\programme\microsoft office\office12\GrooveMonitor.exe"
mRun: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
mRun: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
mRun: [ATIPTA] "c:\programme\ati technologies\ati control panel\atiptaxx.exe"
mRun: [Adobe Reader Speed Launcher] "d:\programme\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\programme\gemeinsame dateien\adobe\arm\1.0\AdobeARM.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\dokume~1\alluse~1\startm~1\progra~1\autost~1\contro~1.lnk - c:\programme\t-home\eumex 800 v1.30\ControlCenter.exe
IE: Nach Microsoft &Excel exportieren - d:\progra~1\micros~1\office11\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - d:\progra~1\micros~1\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\programme\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - d:\progra~1\micros~1\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - d:\progra~1\micros~1\office12\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - d:\programme\hp\digital imaging\smart web printing\hpswp_BHO.dll
DPF: {15B782AF-55D8-11D1-B477-006097098764} - hxxp://download.macromedia.com/pub/shockwave/cabs/authorware/awswaxf.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} - hxxp://office.microsoft.com/officeupdate/content/opuc4.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{0DB98F81-A686-462A-A8B9-6E61A029814D} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{47268916-77B3-43BD-837D-902335DAE126} : DhcpNameServer = 192.168.1.250
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - d:\programme\microsoft office\office12\GrooveSystemServices.dll
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - d:\programme\microsoft office\office12\GrooveShellExtensions.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\programme\windows desktop search\MSNLNamespaceMgr.dll
.
============= SERVICES / DRIVERS ===============
.
R0 hotcore3;hc3ServiceName;c:\windows\system32\drivers\hotcore3.sys [2010-12-16 40560]
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nis\1306020.00a\symds.sys [2012-3-24 340088]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1306020.00a\symefa.sys [2012-3-24 905336]
R1 BHDrvx86;BHDrvx86;c:\dokumente und einstellungen\all users\anwendungsdaten\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.1.0.28\definitions\bashdefs\20120317.002\BHDrvx86.sys [2012-3-20 820856]
R1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\nis\1306020.00a\ccsetx86.sys [2012-3-24 132744]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nis\1306020.00a\ironx86.sys [2012-3-24 149624]
R2 elcapi20;elcapi20;c:\windows\system32\drivers\ELCAPI20.SYS [2009-10-29 156112]
R2 elcapibs;elcapibs;c:\windows\system32\drivers\elcapibs.sys [2009-10-29 118381]
R2 elcapitd;elcapitd;c:\windows\system32\drivers\elcapitd.sys [2009-10-29 42344]
R2 NIS;Norton Internet Security;d:\programme\norton internet security\engine\19.6.2.10\ccsvchst.exe [2012-3-24 138232]
R2 RVS_CE;RVS CAPI;c:\windows\system32\RVS_CENT.EXE [2009-10-29 1175608]
R3 cmudax;C-Media High Definition Audio Interface;c:\windows\system32\drivers\cmudax.sys [2005-7-20 1287296]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\programme\gemeinsame dateien\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-3-8 106104]
R3 fwrnusb;fwrnusb;c:\windows\system32\drivers\fwrnusb.sys [2006-1-30 23552]
R3 IDSxpx86;IDSxpx86;c:\dokumente und einstellungen\all users\anwendungsdaten\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.1.0.28\definitions\ipsdefs\20120330.002\IDSXpx86.sys [2012-3-31 356280]
R3 NAVENG;NAVENG;c:\dokumente und einstellungen\all users\anwendungsdaten\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.1.0.28\definitions\virusdefs\20120331.009\NAVENG.SYS [2012-4-1 86136]
R3 NAVEX15;NAVEX15;c:\dokumente und einstellungen\all users\anwendungsdaten\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.1.0.28\definitions\virusdefs\20120331.009\NAVEX15.SYS [2012-4-1 1576312]
R3 TSMPacket;DSL-Manager Service;c:\windows\system32\drivers\tsmpkt.sys [2009-10-29 13824]
S2 Automatisches LiveUpdate - Scheduler;Automatisches LiveUpdate - Scheduler;"c:\programme\symantec\liveupdate\aluschedulersvc.exe" --> c:\programme\symantec\liveupdate\ALUSchedulerSvc.exe [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\programme\google\update\GoogleUpdate.exe [2010-1-30 135664]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-3-31 253600]
S3 cpuz132;cpuz132;\??\d:\intern~1\temp\cpuz132\cpuz132_x32.sys --> d:\intern~1\temp\cpuz132\cpuz132_x32.sys [?]
S3 dsltestSp5;dsltestSp5 NDIS Protocol Driver;c:\windows\system32\drivers\DslTestSp5.sys [2009-10-29 26816]
S3 gupdatem;Google Update-Dienst (gupdatem);c:\programme\google\update\GoogleUpdate.exe [2010-1-30 135664]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2010-4-15 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2010-4-15 8320]
S3 TDslMgrService;DSL-Manager;d:\programme\dsl-manager\DslMgrSvc.exe [2009-10-29 307200]
S3 ulisa;Telekom ISDN-Adapter (USB);c:\windows\system32\drivers\ulisa.sys --> c:\windows\system32\drivers\ulisa.sys [?]
S3 W8100XP;Marvell Libertas 802.11b/g SoftAP Driver for Windows XP ;c:\windows\system32\drivers\mrv8ka51.sys [2005-7-20 258560]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2004-8-4 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2012-03-31 17:18:37	73728	----a-w-	c:\windows\system32\javacpl.cpl
2012-03-31 17:03:53	0	----a-w-	c:\windows\system32\REN1F.tmp
2012-03-31 17:03:53	0	----a-w-	c:\windows\system32\REN1E.tmp
2012-03-31 17:03:53	0	----a-w-	c:\windows\system32\REN1D.tmp
2012-03-31 16:47:53	70304	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-03-31 16:47:53	418464	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2012-03-29 21:16:13	--------	d-----w-	c:\dokumente und einstellungen\dirk\lokale einstellungen\anwendungsdaten\NPE
2012-03-24 16:17:06	388216	----a-w-	c:\windows\system32\drivers\nis\1306020.00a\symtdi.sys
2012-03-24 16:17:06	345208	----a-w-	c:\windows\system32\drivers\nis\1306020.00a\symtdiv.sys
2012-03-24 16:17:05	905336	----a-w-	c:\windows\system32\drivers\nis\1306020.00a\symefa.sys
2012-03-24 16:17:05	574584	----a-w-	c:\windows\system32\drivers\nis\1306020.00a\srtsp.sys
2012-03-24 16:17:05	340088	----a-r-	c:\windows\system32\drivers\nis\1306020.00a\symds.sys
2012-03-24 16:17:05	32888	----a-w-	c:\windows\system32\drivers\nis\1306020.00a\srtspx.sys
2012-03-24 16:17:05	318584	----a-w-	c:\windows\system32\drivers\nis\1306020.00a\symnets.sys
2012-03-24 16:17:05	149624	----a-w-	c:\windows\system32\drivers\nis\1306020.00a\ironx86.sys
2012-03-24 16:17:05	132744	----a-w-	c:\windows\system32\drivers\nis\1306020.00a\ccsetx86.sys
2012-03-24 16:16:53	4782	----a-w-	c:\windows\system32\drivers\nis\1306020.00a\symvtcer.dat
2012-03-24 16:16:53	--------	d-----w-	c:\windows\system32\drivers\nis\1306020.00A
2012-03-07 22:21:47	60872	----a-w-	c:\windows\system32\S32EVNT1.DLL
2012-03-07 22:21:47	141944	----a-w-	c:\windows\system32\drivers\SYMEVENT.SYS
2012-03-07 22:21:47	--------	d-----w-	c:\programme\Symantec
2012-03-07 22:20:39	--------	d-----w-	c:\windows\system32\drivers\NIS
.
==================== Find3M  ====================
.
2012-03-31 17:18:28	472808	----a-w-	c:\windows\system32\deployJava1.dll
2012-02-03 09:57:08	1860224	----a-w-	c:\windows\system32\win32k.sys
2012-01-25 10:23:10	299424	----a-w-	c:\windows\system32\drivers\yk51x86.sys
2012-01-11 19:06:33	3072	------w-	c:\windows\system32\iacenc.dll
2012-01-09 16:20:20	139784	----a-w-	c:\windows\system32\drivers\rdpwd.sys
.
============= FINISH: 11:18:54,87 ===============

--- --- ---

markusg · 02.04.2012, 09:14

hi,
1. poste die norton meldungen bitte, mit pfadangaben der funde.
2.
Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Starte bitte die
OTL.exe
.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Kopiere nun den Inhalt in die
Textbox.

Code:

ATTFilter

activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Kopiere
nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread

toni_ks · 02.04.2012, 11:09

Guten Morgen ....

die Norton Meldungen:

Kategorie:Behobene Sicherheitsrisiken
Datum/Uhrzeit,Risiko,Aktivität,Status,Empfohlene Aktion
29.03.2012 23:24:39,Hoch,Suspicious.Cloud.7.EP erkannt von Auto-Protect,Entfernt,Behoben - Keine Aktion erforderlich
29.03.2012 23:14:25,Hoch,Suspicious.Cloud.7.EP erkannt von Auto-Protect,Entfernt,Behoben - Keine Aktion erforderlich
29.03.2012 21:40:48,Hoch,Suspicious.Cloud.7.EP erkannt von Auto-Protect,Entfernt,Behoben - Keine Aktion erforderlich
29.03.2012 20:34:37,Hoch,Suspicious.Cloud.7.EP erkannt von Auto-Protect,Entfernt,Behoben - Keine Aktion erforderlich
08.03.2012 00:12:49,Gering,Tracking Cookies erkannt von Virenscanner,Entfernt,Behoben - Keine Aktion erforderlich

unter Details sind die folgenden Meldungen eingetragen:

Vollständiger Pfad: Nicht verfügbar
____________________________
____________________________
Auf Computern ab Nicht verfügbar
Zuletzt verwendet 29.03.2012 um 20:34:37
Start-Element Nein
Gestarted Nein
____________________________
____________________________
Unbekannt
Anzahl der Benutzer in der Norton Community, die diese Datei verwendet haben: Unbekannt
____________________________
Unbekannt
Diese Dateiversion ist nicht bekannt.
____________________________
Hoch
Das Risiko dieser Datei ist hoch.
____________________________
Bedrohungsdetails
Art der Bedrohung: Heuristikvirus. Bedrohungserkennung auf der Basis von Malwareheuristiken.
____________________________

____________________________
Dateiaktionen
Datei: d:\internet_temp\temp\85e48c58-5762.tmp
Reparatur nicht versucht
____________________________
Dateiabdruck - SHA:
Nicht verfügbar
____________________________
Dateiabdruck - MD5:
Nicht verfügbar
____________________________

____________________________
Auf Computern ab Nicht verfügbar
Zuletzt verwendet 29.03.2012 um 21:40:48
Start-Element Nein
Gestarted Nein
____________________________
Dateiaktionen
Datei: d:\internet_temp\temp\126f1b90-5762.tmp
Reparatur nicht versucht
____________________________

____________________________
Auf Computern ab Nicht verfügbar
Zuletzt verwendet 29.03.2012 um 23:14:25
Start-Element Nein
Gestarted Nein

____________________________
Dateiaktionen
Datei: d:\internet_temp\temp\efacdac8-5762.tmp
Reparatur nicht versucht

____________________________
Auf Computern ab Nicht verfügbar
Zuletzt verwendet 29.03.2012 um 23:24:39
Start-Element Nein
Gestarted Nein
____________________________
Dateiaktionen
Datei: d:\internet_temp\temp\efacdac8-5762.tmp
Reparatur nicht versucht
____________________________

markusg · 02.04.2012, 11:25

Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.

Downloade dir bitte Combofix von einem dieser Downloadspiegel

Link 1
Link 2

WICHTIG - Speichere Combofix auf deinem Desktop

Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

starte den Rechner einfach neu. Dies sollte das Problem beheben.

toni_ks · 02.04.2012, 13:03

So, es hat etwas gedauert, weil mein Rechner beim ersten Durchlauf abgestürzt ist. ComboFix hatte bei dem ersten Durchlauf vergeblich versucht hat die Wiederherstellungssoftware von MS downzuloaden, daher habe ich den Durchlauf ein zweites mal gestartet; daher zwei Log-Dateien im Anhang:

Log 1:
Combofix Logfile:

Code:

ATTFilter

ComboFix 12-04-01.01 - Dirk 02.04.2012  13:22:24.1.2 - x86
Microsoft Windows XP Professional  5.1.2600.3.1252.49.1031.18.1023.463 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\Dirk\Desktop\ComboFix.exe
AV: Norton Internet Security *Disabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *Disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
.
Achtung - Auf diesem PC ist keine Wiederherstellungskonsole installiert !!
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\data
c:\dokumente und einstellungen\Dirk\WINDOWS
c:\windows\IsUn0407.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-03-02 bis 2012-04-02  ))))))))))))))))))))))))))))))
.
.
2012-03-31 17:18 . 2012-03-31 17:18	73728	----a-w-	c:\windows\system32\javacpl.cpl
2012-03-31 17:03 . 2012-03-31 17:03	0	----a-w-	c:\windows\system32\REN1F.tmp
2012-03-31 17:03 . 2012-03-31 17:03	0	----a-w-	c:\windows\system32\REN1E.tmp
2012-03-31 17:03 . 2012-03-31 17:03	0	----a-w-	c:\windows\system32\REN1D.tmp
2012-03-31 16:47 . 2012-03-31 16:47	70304	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-03-31 16:47 . 2012-03-31 16:47	418464	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2012-03-29 21:16 . 2012-03-30 06:34	--------	d-----w-	c:\dokumente und einstellungen\Dirk\Lokale Einstellungen\Anwendungsdaten\NPE
2012-03-07 22:21 . 2012-03-27 05:43	--------	d-----w-	c:\programme\Symantec
2012-03-07 22:21 . 2012-03-27 05:43	60872	----a-w-	c:\windows\system32\S32EVNT1.DLL
2012-03-07 22:21 . 2012-03-27 05:43	141944	----a-w-	c:\windows\system32\drivers\SYMEVENT.SYS
2012-03-07 22:20 . 2012-03-27 12:57	--------	d-----w-	c:\windows\system32\drivers\NIS
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-31 17:18 . 2010-04-26 10:07	472808	----a-w-	c:\windows\system32\deployJava1.dll
2012-02-03 09:57 . 2004-08-04 12:00	1860224	----a-w-	c:\windows\system32\win32k.sys
2012-01-25 10:23 . 2005-07-20 14:41	299424	----a-w-	c:\windows\system32\drivers\yk51x86.sys
2012-01-11 19:06 . 2012-02-16 06:55	3072	------w-	c:\windows\system32\iacenc.dll
2012-01-09 16:20 . 2005-07-20 12:31	139784	----a-w-	c:\windows\system32\drivers\rdpwd.sys
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-05-21 68856]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Verknüpfung mit der High Definition Audio-Eigenschaftenseite"="HDAudPropShortcut.exe" [2004-03-17 61952]
"StartCCC"="c:\programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-10 61440]
"osCheck"="c:\programme\Neuer Ordner\osCheck.exe" [2007-08-25 714608]
"itype"="c:\programme\Microsoft IntelliType Pro\itype.exe" [2009-01-07 1496968]
"IntelliPoint"="c:\programme\Microsoft IntelliPoint\ipoint.exe" [2009-11-11 1468256]
"HP Software Update"="d:\programme\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"GrooveMonitor"="d:\programme\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"ATIPTA"="c:\programme\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-05-12 344064]
"Adobe Reader Speed Launcher"="d:\programme\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-03 37296]
"Adobe ARM"="c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\dokumente und einstellungen\Default User\Startmenü\Programme\Autostart\
DSL-Manager.lnk - d:\programme\DSL-Manager\DslMgr.exe [2009-10-29 1085440]
.
c:\dokumente und einstellungen\Gast\Startmenü\Programme\Autostart\
DSL-Manager.lnk - d:\programme\DSL-Manager\DslMgr.exe [2009-10-29 1085440]
.
c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\
ControlCenter.lnk - c:\programme\T-Home\Eumex 800 V1.30\ControlCenter.exe [2007-2-9 221184]
.
c:\dokumente und einstellungen\Default User\Startmenü\Programme\Autostart\
DSL-Manager.lnk - d:\programme\DSL-Manager\DslMgr.exe [2009-10-29 1085440]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\programme\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\Programme\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"d:\\Programme\\Microsoft Office\\Office12\\GROOVE.EXE"=
"d:\\Programme\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"d:\\Programme\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"d:\\Programme\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"d:\\Programme\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"d:\\Programme\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"d:\\Programme\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"d:\\Programme\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"d:\\Programme\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"=
"d:\\Programme\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"d:\\Programme\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"d:\\Programme\\HP\\Digital Imaging\\bin\\hpofxs08.exe"=
"d:\\Programme\\HP\\Digital Imaging\\bin\\hpqfxt08.exe"=
"d:\\Programme\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"d:\\Programme\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"d:\\Programme\\HP\\HP Software Update\\HPWUCli.exe"=
"d:\\Programme\\HP\\Digital Imaging\\Smart Web Printing\\SmartWebPrintExe.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Windows-Remoteverwaltung 
.
R0 hotcore3;hc3ServiceName;c:\windows\system32\drivers\hotcore3.sys [16.12.2010 12:18 40560]
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1306020.00A\symds.sys [24.03.2012 18:17 340088]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1306020.00A\symefa.sys [24.03.2012 18:17 905336]
R1 BHDrvx86;BHDrvx86;c:\dokumente und einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120317.002\BHDrvx86.sys [20.03.2012 09:25 820856]
R1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NIS\1306020.00A\ccsetx86.sys [24.03.2012 18:17 132744]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1306020.00A\ironx86.sys [24.03.2012 18:17 149624]
R2 elcapi20;elcapi20;c:\windows\system32\drivers\ELCAPI20.SYS [29.10.2009 20:01 156112]
R2 elcapibs;elcapibs;c:\windows\system32\drivers\elcapibs.sys [29.10.2009 20:01 118381]
R2 elcapitd;elcapitd;c:\windows\system32\drivers\elcapitd.sys [29.10.2009 20:01 42344]
R2 NIS;Norton Internet Security;d:\programme\Norton Internet Security\Engine\19.6.2.10\ccsvchst.exe [24.03.2012 18:17 138232]
R2 RVS_CE;RVS CAPI;c:\windows\system32\RVS_CENT.EXE [29.10.2009 20:01 1175608]
R3 cmudax;C-Media High Definition Audio Interface;c:\windows\system32\drivers\cmudax.sys [20.07.2005 16:57 1287296]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\programme\Gemeinsame Dateien\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [08.03.2012 00:34 106104]
R3 fwrnusb;fwrnusb;c:\windows\system32\drivers\fwrnusb.sys [30.01.2006 12:18 23552]
R3 IDSxpx86;IDSxpx86;c:\dokumente und einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120330.002\IDSXpx86.sys [31.03.2012 15:00 356280]
R3 TSMPacket;DSL-Manager Service;c:\windows\system32\drivers\tsmpkt.sys [29.10.2009 19:43 13824]
S2 Automatisches LiveUpdate - Scheduler;Automatisches LiveUpdate - Scheduler;"c:\programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe" --> c:\programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.03.2010 13:16 130384]
S2 gupdate;Google Update Service (gupdate);c:\programme\Google\Update\GoogleUpdate.exe [30.01.2010 14:38 135664]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [31.03.2012 18:47 253600]
S3 dsltestSp5;dsltestSp5 NDIS Protocol Driver;c:\windows\system32\drivers\DslTestSp5.sys [29.10.2009 19:43 26816]
S3 gupdatem;Google Update-Dienst (gupdatem);c:\programme\Google\Update\GoogleUpdate.exe [30.01.2010 14:38 135664]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [15.04.2010 16:42 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [15.04.2010 16:42 8320]
S3 TDslMgrService;DSL-Manager;d:\programme\DSL-Manager\DslMgrSvc.exe [29.10.2009 19:43 307200]
S3 ulisa;Telekom ISDN-Adapter (USB);c:\windows\system32\Drivers\ulisa.sys --> c:\windows\system32\Drivers\ulisa.sys [?]
S3 W8100XP;Marvell Libertas 802.11b/g SoftAP Driver for Windows XP ;c:\windows\system32\drivers\mrv8ka51.sys [20.07.2005 16:40 258560]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [04.08.2004 14:00 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.03.2010 13:16 753504]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [16.12.2010 13:52 691696]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
HPService	REG_MULTI_SZ   	HPSLPSVC
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
WINRM	REG_MULTI_SZ   	WINRM
.
Inhalt des "geplante Tasks" Ordners
.
2012-04-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-31 16:47]
.
2012-04-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programme\Google\Update\GoogleUpdate.exe [2010-01-30 12:37]
.
2012-04-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programme\Google\Update\GoogleUpdate.exe [2010-01-30 12:37]
.
2010-03-31 c:\windows\Tasks\Microsoft_Hardware_Launch_IPoint_exe.job
- c:\programme\Microsoft IntelliPoint\ipoint.exe [2009-11-11 15:20]
.
2010-03-31 c:\windows\Tasks\Microsoft_Hardware_Launch_IType_exe.job
- c:\programme\Microsoft IntelliType Pro\itype.exe [2009-01-07 16:42]
.
2012-04-01 c:\windows\Tasks\User_Feed_Synchronization-{DF5BB459-C2CF-4585-A735-09C2BF9BE1E8}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 02:31]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.t-online.de/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Nach Microsoft &Excel exportieren - d:\progra~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - d:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-Cmaudio - cmicnfg.cpl
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2012-04-02 13:29
Windows 5.1.2600 Service Pack 3 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NIS]
"ImagePath"="\"d:\programme\Norton Internet Security\Engine\19.6.2.10\ccSvcHst.exe\" /s \"NIS\" /m \"d:\programme\Norton Internet Security\Engine\19.6.2.10\diMaster.dll\" /prefetch:1"
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'winlogon.exe'(1544)
c:\windows\system32\Ati2evxx.dll
.
Zeit der Fertigstellung: 2012-04-02  13:32:39
ComboFix-quarantined-files.txt  2012-04-02 11:32
.
Vor Suchlauf: 8 Verzeichnis(se), 20.425.924.608 Bytes frei
Nach Suchlauf: 10 Verzeichnis(se), 20.525.641.728 Bytes frei
.
- - End Of File - - 9E61C10C5CE1A62124EBF5E4DC56835D

--- --- ---

Log 2:
Combofix Logfile:

Code:

ATTFilter

ComboFix 12-04-01.01 - Dirk 02.04.2012  13:36:55.2.2 - x86
Microsoft Windows XP Professional  5.1.2600.3.1252.49.1031.18.1023.352 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\Dirk\Desktop\ComboFix.exe
AV: Norton Internet Security *Disabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *Disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-03-02 bis 2012-04-02  ))))))))))))))))))))))))))))))
.
.
2012-03-31 17:18 . 2012-03-31 17:18	73728	----a-w-	c:\windows\system32\javacpl.cpl
2012-03-31 17:03 . 2012-03-31 17:03	0	----a-w-	c:\windows\system32\REN1F.tmp
2012-03-31 17:03 . 2012-03-31 17:03	0	----a-w-	c:\windows\system32\REN1E.tmp
2012-03-31 17:03 . 2012-03-31 17:03	0	----a-w-	c:\windows\system32\REN1D.tmp
2012-03-31 16:47 . 2012-03-31 16:47	70304	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-03-31 16:47 . 2012-03-31 16:47	418464	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2012-03-29 21:16 . 2012-03-30 06:34	--------	d-----w-	c:\dokumente und einstellungen\Dirk\Lokale Einstellungen\Anwendungsdaten\NPE
2012-03-07 22:21 . 2012-03-27 05:43	--------	d-----w-	c:\programme\Symantec
2012-03-07 22:21 . 2012-03-27 05:43	60872	----a-w-	c:\windows\system32\S32EVNT1.DLL
2012-03-07 22:21 . 2012-03-27 05:43	141944	----a-w-	c:\windows\system32\drivers\SYMEVENT.SYS
2012-03-07 22:20 . 2012-03-27 12:57	--------	d-----w-	c:\windows\system32\drivers\NIS
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-31 17:18 . 2010-04-26 10:07	472808	----a-w-	c:\windows\system32\deployJava1.dll
2012-02-03 09:57 . 2004-08-04 12:00	1860224	----a-w-	c:\windows\system32\win32k.sys
2012-01-25 10:23 . 2005-07-20 14:41	299424	----a-w-	c:\windows\system32\drivers\yk51x86.sys
2012-01-11 19:06 . 2012-02-16 06:55	3072	------w-	c:\windows\system32\iacenc.dll
2012-01-09 16:20 . 2005-07-20 12:31	139784	----a-w-	c:\windows\system32\drivers\rdpwd.sys
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-05-21 68856]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Verknüpfung mit der High Definition Audio-Eigenschaftenseite"="HDAudPropShortcut.exe" [2004-03-17 61952]
"StartCCC"="c:\programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-10 61440]
"osCheck"="c:\programme\Neuer Ordner\osCheck.exe" [2007-08-25 714608]
"itype"="c:\programme\Microsoft IntelliType Pro\itype.exe" [2009-01-07 1496968]
"IntelliPoint"="c:\programme\Microsoft IntelliPoint\ipoint.exe" [2009-11-11 1468256]
"HP Software Update"="d:\programme\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"GrooveMonitor"="d:\programme\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"ATIPTA"="c:\programme\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-05-12 344064]
"Adobe Reader Speed Launcher"="d:\programme\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-03 37296]
"Adobe ARM"="c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\dokumente und einstellungen\Default User\Startmenü\Programme\Autostart\
DSL-Manager.lnk - d:\programme\DSL-Manager\DslMgr.exe [2009-10-29 1085440]
.
c:\dokumente und einstellungen\Gast\Startmenü\Programme\Autostart\
DSL-Manager.lnk - d:\programme\DSL-Manager\DslMgr.exe [2009-10-29 1085440]
.
c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\
ControlCenter.lnk - c:\programme\T-Home\Eumex 800 V1.30\ControlCenter.exe [2007-2-9 221184]
.
c:\dokumente und einstellungen\Default User\Startmenü\Programme\Autostart\
DSL-Manager.lnk - d:\programme\DSL-Manager\DslMgr.exe [2009-10-29 1085440]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\programme\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\Programme\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"d:\\Programme\\Microsoft Office\\Office12\\GROOVE.EXE"=
"d:\\Programme\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"d:\\Programme\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"d:\\Programme\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"d:\\Programme\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"d:\\Programme\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"d:\\Programme\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"d:\\Programme\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"d:\\Programme\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"=
"d:\\Programme\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"d:\\Programme\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"d:\\Programme\\HP\\Digital Imaging\\bin\\hpofxs08.exe"=
"d:\\Programme\\HP\\Digital Imaging\\bin\\hpqfxt08.exe"=
"d:\\Programme\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"d:\\Programme\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"d:\\Programme\\HP\\HP Software Update\\HPWUCli.exe"=
"d:\\Programme\\HP\\Digital Imaging\\Smart Web Printing\\SmartWebPrintExe.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Windows-Remoteverwaltung 
.
R0 hotcore3;hc3ServiceName;c:\windows\system32\drivers\hotcore3.sys [16.12.2010 12:18 40560]
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1306020.00A\symds.sys [24.03.2012 18:17 340088]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1306020.00A\symefa.sys [24.03.2012 18:17 905336]
R1 BHDrvx86;BHDrvx86;c:\dokumente und einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120317.002\BHDrvx86.sys [20.03.2012 09:25 820856]
R1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NIS\1306020.00A\ccsetx86.sys [24.03.2012 18:17 132744]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1306020.00A\ironx86.sys [24.03.2012 18:17 149624]
R2 elcapi20;elcapi20;c:\windows\system32\drivers\ELCAPI20.SYS [29.10.2009 20:01 156112]
R2 elcapibs;elcapibs;c:\windows\system32\drivers\elcapibs.sys [29.10.2009 20:01 118381]
R2 elcapitd;elcapitd;c:\windows\system32\drivers\elcapitd.sys [29.10.2009 20:01 42344]
R2 NIS;Norton Internet Security;d:\programme\Norton Internet Security\Engine\19.6.2.10\ccsvchst.exe [24.03.2012 18:17 138232]
R2 RVS_CE;RVS CAPI;c:\windows\system32\RVS_CENT.EXE [29.10.2009 20:01 1175608]
R3 cmudax;C-Media High Definition Audio Interface;c:\windows\system32\drivers\cmudax.sys [20.07.2005 16:57 1287296]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\programme\Gemeinsame Dateien\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [08.03.2012 00:34 106104]
R3 fwrnusb;fwrnusb;c:\windows\system32\drivers\fwrnusb.sys [30.01.2006 12:18 23552]
R3 IDSxpx86;IDSxpx86;c:\dokumente und einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120330.002\IDSXpx86.sys [31.03.2012 15:00 356280]
R3 TSMPacket;DSL-Manager Service;c:\windows\system32\drivers\tsmpkt.sys [29.10.2009 19:43 13824]
S2 Automatisches LiveUpdate - Scheduler;Automatisches LiveUpdate - Scheduler;"c:\programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe" --> c:\programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.03.2010 13:16 130384]
S2 gupdate;Google Update Service (gupdate);c:\programme\Google\Update\GoogleUpdate.exe [30.01.2010 14:38 135664]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [31.03.2012 18:47 253600]
S3 dsltestSp5;dsltestSp5 NDIS Protocol Driver;c:\windows\system32\drivers\DslTestSp5.sys [29.10.2009 19:43 26816]
S3 gupdatem;Google Update-Dienst (gupdatem);c:\programme\Google\Update\GoogleUpdate.exe [30.01.2010 14:38 135664]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [15.04.2010 16:42 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [15.04.2010 16:42 8320]
S3 TDslMgrService;DSL-Manager;d:\programme\DSL-Manager\DslMgrSvc.exe [29.10.2009 19:43 307200]
S3 ulisa;Telekom ISDN-Adapter (USB);c:\windows\system32\Drivers\ulisa.sys --> c:\windows\system32\Drivers\ulisa.sys [?]
S3 W8100XP;Marvell Libertas 802.11b/g SoftAP Driver for Windows XP ;c:\windows\system32\drivers\mrv8ka51.sys [20.07.2005 16:40 258560]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [04.08.2004 14:00 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.03.2010 13:16 753504]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [16.12.2010 13:52 691696]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
HPService	REG_MULTI_SZ   	HPSLPSVC
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
WINRM	REG_MULTI_SZ   	WINRM
.
Inhalt des "geplante Tasks" Ordners
.
2012-04-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-31 16:47]
.
2012-04-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programme\Google\Update\GoogleUpdate.exe [2010-01-30 12:37]
.
2012-04-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programme\Google\Update\GoogleUpdate.exe [2010-01-30 12:37]
.
2010-03-31 c:\windows\Tasks\Microsoft_Hardware_Launch_IPoint_exe.job
- c:\programme\Microsoft IntelliPoint\ipoint.exe [2009-11-11 15:20]
.
2010-03-31 c:\windows\Tasks\Microsoft_Hardware_Launch_IType_exe.job
- c:\programme\Microsoft IntelliType Pro\itype.exe [2009-01-07 16:42]
.
2012-04-01 c:\windows\Tasks\User_Feed_Synchronization-{DF5BB459-C2CF-4585-A735-09C2BF9BE1E8}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 02:31]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.t-online.de/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Nach Microsoft &Excel exportieren - d:\progra~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - d:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2012-04-02 13:41
Windows 5.1.2600 Service Pack 3 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NIS]
"ImagePath"="\"d:\programme\Norton Internet Security\Engine\19.6.2.10\ccSvcHst.exe\" /s \"NIS\" /m \"d:\programme\Norton Internet Security\Engine\19.6.2.10\diMaster.dll\" /prefetch:1"
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'winlogon.exe'(1544)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(1028)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Zeit der Fertigstellung: 2012-04-02  13:43:38
ComboFix-quarantined-files.txt  2012-04-02 11:43
ComboFix2.txt  2012-04-02 11:32
.
Vor Suchlauf: 9 Verzeichnis(se), 20.502.614.016 Bytes frei
Nach Suchlauf: 10 Verzeichnis(se), 20.502.786.048 Bytes frei
.
WindowsXP-KB310994-SP2-Pro-BootDisk-DEU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - BD1A92A83ECC2667A14A9DA6D3214E19

--- --- ---

markusg · 02.04.2012, 16:32

malwarebytes:
Downloade Dir bitte Malwarebytes

Installiere
das Programm in den vorgegebenen Pfad.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Starte Malwarebytes, klicke auf Aktualisierung --> Suche
nach Aktualisierung
Wenn das Update beendet wurde, aktiviere vollständiger Scan durchführen und drücke auf Scannen.
Wenn der Scan beendet
ist, klicke auf Ergebnisse anzeigen.
Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
Poste
das Logfile, welches sich in Notepad öffnet, hier in den Thread.
Nachträglich kannst du den Bericht unter "Log Dateien" finden.

toni_ks · 02.04.2012, 19:30

Ergebnis:
2 mir unbekannte Schädlinge auf Laufwerk C gefunden. Die anderen waren sog. Spaßdateien, die ich aber nun auch gelöscht habe.

ABER (nun wieder) folgendes Problem mit dem Öffnen von bestimmten Webseiten; d.h. mit dem befallenenen Rechner kann ich nun wieder die Seiten von trojaner-board.de, bild.de, google.de etc nicht öffnen!?
Nach der Aktion mit dem OTL und ComboFix lief alles wieder problemlos. Kann das mit dem Norton zusammenhängen?
Daher der Verlauf von Norton anbei.

Malwarebytes Anti-Malware 1.60.1.1000
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Datenbank Version: v2012.04.02.06

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Dirk :: HANS_MUSTERMANN [Administrator]

02.04.2012 18:36:13
mbam-log-2012-04-02 (18-36-13).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 345380
Laufzeit: 49 Minute(n), 1 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 7
C:\Dokumente und Einstellungen\Dirk\Lokale Einstellungen\Anwendungsdaten\Skype\SkypePM.exe (Trojan.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt.
E:\Spass\itler..exe (Joke.Badgame) -> Erfolgreich gelöscht und in Quarantäne gestellt.
E:\Spass\langeweile.exe (PUP.Joke.Langeweile) -> Erfolgreich gelöscht und in Quarantäne gestellt.
E:\Spass\Stressabau.exe (Joke.Stressreducer) -> Erfolgreich gelöscht und in Quarantäne gestellt.
E:\Spass\tout fou le camps.exe (Joke.Melter) -> Erfolgreich gelöscht und in Quarantäne gestellt.
E:\Spass\Spass von Ramona\stressreducers.exe (Joke.Stressreducer) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\DelUS.bat (Malware.Trace) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

markusg · 02.04.2012, 19:35

bitte mal den tdss killer laufen lassen, log posten.
http://www.trojaner-board.de/82358-t...entfernen.html

toni_ks · 02.04.2012, 20:15

Der ste Durchlauf ergab einen "Treffer",
nach dem Neustart und einem erneuten Scan siehts gut aus.

Die Internetseiten lassen sich auch wieder alle öffnen.

Wie siehts jetzt aus ..., ist mein Rechner jetzt sauber? *Hoffnung :-)

21:01:29.0531 2276 TDSS rootkit removing tool 2.7.24.0 Apr 2 2012 10:31:48
21:01:30.0718 2276 ============================================================
21:01:30.0718 2276 Current date / time: 2012/04/02 21:01:30.0718
21:01:30.0718 2276 SystemInfo:
21:01:30.0718 2276
21:01:30.0718 2276 OS Version: 5.1.2600 ServicePack: 3.0
21:01:30.0718 2276 Product type: Workstation
21:01:30.0718 2276 ComputerName: HANS_MUSTERMANN
21:01:30.0718 2276 UserName: Dirk
21:01:30.0718 2276 Windows directory: C:\WINDOWS
21:01:30.0718 2276 System windows directory: C:\WINDOWS
21:01:30.0718 2276 Processor architecture: Intel x86
21:01:30.0718 2276 Number of processors: 2
21:01:30.0718 2276 Page size: 0x1000
21:01:30.0718 2276 Boot type: Normal boot
21:01:30.0718 2276 ============================================================
21:01:32.0531 2276 Drive \Device\Harddisk0\DR0 - Size: 0x114FF30000 (69.25 Gb), SectorSize: 0x200, Cylinders: 0x234F, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
21:01:32.0562 2276 Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
21:01:32.0593 2276 \Device\Harddisk0\DR0:
21:01:32.0625 2276 MBR used
21:01:32.0625 2276 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x40415A3
21:01:32.0625 2276 \Device\Harddisk1\DR1:
21:01:32.0625 2276 MBR used
21:01:32.0625 2276 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C4542
21:01:32.0656 2276 Initialize success
21:01:32.0656 2276 ============================================================
21:02:08.0812 2224 ============================================================
21:02:08.0812 2224 Scan started
21:02:08.0812 2224 Mode: Manual;
21:02:08.0812 2224 ============================================================
21:02:09.0000 2224 Abiosdsk - ok
21:02:09.0000 2224 abp480n5 - ok
21:02:09.0046 2224 ACPI (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
21:02:09.0046 2224 ACPI - ok
21:02:09.0062 2224 ACPIEC (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
21:02:09.0078 2224 ACPIEC - ok
21:02:09.0125 2224 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
21:02:09.0140 2224 AdobeFlashPlayerUpdateSvc - ok
21:02:09.0171 2224 adpu160m - ok
21:02:09.0187 2224 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
21:02:09.0203 2224 aec - ok
21:02:09.0218 2224 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
21:02:09.0234 2224 AFD - ok
21:02:09.0234 2224 Aha154x - ok
21:02:09.0250 2224 aic78u2 - ok
21:02:09.0265 2224 aic78xx - ok
21:02:09.0281 2224 Alerter (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll
21:02:09.0281 2224 Alerter - ok
21:02:09.0296 2224 ALG (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe
21:02:09.0296 2224 ALG - ok
21:02:09.0312 2224 AliIde - ok
21:02:09.0328 2224 amsint - ok
21:02:09.0343 2224 AppMgmt (d45960be52c3c610d361977057f98c54) C:\WINDOWS\System32\appmgmts.dll
21:02:09.0359 2224 AppMgmt - ok
21:02:09.0390 2224 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
21:02:09.0406 2224 Arp1394 - ok
21:02:09.0421 2224 asc - ok
21:02:09.0421 2224 asc3350p - ok
21:02:09.0437 2224 asc3550 - ok
21:02:09.0515 2224 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
21:02:09.0546 2224 aspnet_state - ok
21:02:09.0578 2224 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:02:09.0578 2224 AsyncMac - ok
21:02:09.0593 2224 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
21:02:09.0593 2224 atapi - ok
21:02:09.0609 2224 Atdisk - ok
21:02:09.0640 2224 Ati HotKey Poller (2911a46a482f1bbe39f47bac4cf6f609) C:\WINDOWS\system32\Ati2evxx.exe
21:02:09.0656 2224 Ati HotKey Poller - ok
21:02:09.0687 2224 ATI Smart (2b2cc2c47f5de490f27d4292f0edc034) C:\WINDOWS\system32\ati2sgag.exe
21:02:09.0703 2224 ATI Smart - ok
21:02:09.0796 2224 ati2mtag (e9375396f55b58c2042c7c9844d297e3) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
21:02:09.0828 2224 ati2mtag - ok
21:02:09.0859 2224 atinrvxx (74e104ada8a304774713e9a9a9cb3556) C:\WINDOWS\system32\DRIVERS\atinrvxx.sys
21:02:09.0875 2224 atinrvxx - ok
21:02:09.0906 2224 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:02:09.0906 2224 Atmarpc - ok
21:02:09.0937 2224 AudioSrv (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll
21:02:09.0937 2224 AudioSrv - ok
21:02:09.0968 2224 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
21:02:09.0968 2224 audstub - ok
21:02:10.0000 2224 Automatisches LiveUpdate - Scheduler - ok
21:02:10.0031 2224 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
21:02:10.0031 2224 Beep - ok
21:02:10.0140 2224 BHDrvx86 (eb7f1f1dfa95c25d762c22d3cf13d4e0) C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120317.002\BHDrvx86.sys
21:02:10.0140 2224 BHDrvx86 - ok
21:02:10.0187 2224 BITS (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll
21:02:10.0203 2224 BITS - ok
21:02:10.0250 2224 BMUService (e2c5b1c8a046b7e5827a98747c61553f) C:\Programme\Memeo\AutoBackup\MemeoService.exe
21:02:10.0250 2224 BMUService - ok
21:02:10.0281 2224 Browser (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll
21:02:10.0281 2224 Browser - ok
21:02:10.0312 2224 BthEnum (b279426e3c0c344893ed78a613a73bde) C:\WINDOWS\system32\DRIVERS\BthEnum.sys
21:02:10.0312 2224 BthEnum - ok
21:02:10.0328 2224 BTHMODEM (fca6f069597b62d42495191ace3fc6c1) C:\WINDOWS\system32\DRIVERS\bthmodem.sys
21:02:10.0343 2224 BTHMODEM - ok
21:02:10.0375 2224 BthPan (80602b8746d3738f5886ce3d67ef06b6) C:\WINDOWS\system32\DRIVERS\bthpan.sys
21:02:10.0375 2224 BthPan - ok
21:02:10.0406 2224 BTHPORT (592e1cedbe314d0ef184dc6f46141e76) C:\WINDOWS\system32\Drivers\BTHport.sys
21:02:10.0421 2224 BTHPORT - ok
21:02:10.0453 2224 BthServ (26c601ef7525e31379744abfc6f35a1b) C:\WINDOWS\System32\bthserv.dll
21:02:10.0453 2224 BthServ - ok
21:02:10.0484 2224 BTHUSB (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys
21:02:10.0484 2224 BTHUSB - ok
21:02:10.0484 2224 catchme - ok
21:02:10.0515 2224 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
21:02:10.0515 2224 cbidf2k - ok
21:02:10.0531 2224 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
21:02:10.0531 2224 CCDECODE - ok
21:02:10.0578 2224 ccSet_NIS (599e7f6259a127c174c49938d2aa6a60) C:\WINDOWS\system32\drivers\NIS\1306020.00A\ccSetx86.sys
21:02:10.0578 2224 ccSet_NIS - ok
21:02:10.0593 2224 cd20xrnt - ok
21:02:10.0609 2224 CdaC15BA (82c4c6a2343b592c4fd590f625a724a9) C:\WINDOWS\system32\drivers\CDAC15BA.SYS
21:02:10.0609 2224 CdaC15BA - ok
21:02:10.0640 2224 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
21:02:10.0640 2224 Cdaudio - ok
21:02:10.0656 2224 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
21:02:10.0671 2224 Cdfs - ok
21:02:10.0687 2224 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
21:02:10.0687 2224 Cdrom - ok
21:02:10.0703 2224 Changer - ok
21:02:10.0734 2224 CiSvc (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe
21:02:10.0734 2224 CiSvc - ok
21:02:10.0750 2224 ClipSrv (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe
21:02:10.0765 2224 ClipSrv - ok
21:02:10.0812 2224 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:02:10.0843 2224 clr_optimization_v2.0.50727_32 - ok
21:02:10.0890 2224 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:02:10.0890 2224 clr_optimization_v4.0.30319_32 - ok
21:02:10.0906 2224 CmdIde - ok
21:02:10.0953 2224 cmudax (d7fcada6833a0e243ca89c03bd559bd9) C:\WINDOWS\system32\drivers\cmudax.sys
21:02:10.0984 2224 cmudax - ok
21:02:11.0000 2224 COMSysApp - ok
21:02:11.0015 2224 Cpqarray - ok
21:02:11.0015 2224 cpuz132 - ok
21:02:11.0046 2224 CryptSvc (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll
21:02:11.0046 2224 CryptSvc - ok
21:02:11.0046 2224 dac2w2k - ok
21:02:11.0062 2224 dac960nt - ok
21:02:11.0093 2224 DcomLaunch (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
21:02:11.0109 2224 DcomLaunch - ok
21:02:11.0140 2224 Dhcp (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll
21:02:11.0140 2224 Dhcp - ok
21:02:11.0171 2224 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
21:02:11.0171 2224 Disk - ok
21:02:11.0171 2224 dmadmin - ok
21:02:11.0218 2224 dmboot (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
21:02:11.0250 2224 dmboot - ok
21:02:11.0281 2224 dmio (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
21:02:11.0296 2224 dmio - ok
21:02:11.0328 2224 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
21:02:11.0328 2224 dmload - ok
21:02:11.0343 2224 dmserver (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll
21:02:11.0343 2224 dmserver - ok
21:02:11.0375 2224 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
21:02:11.0375 2224 DMusic - ok
21:02:11.0406 2224 Dnscache (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll
21:02:11.0406 2224 Dnscache - ok
21:02:11.0437 2224 Dot3svc (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll
21:02:11.0453 2224 Dot3svc - ok
21:02:11.0453 2224 dpti2o - ok
21:02:11.0484 2224 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
21:02:11.0484 2224 drmkaud - ok
21:02:11.0515 2224 dsltestSp5 (c6b2e10cfe79169c72f0269087b9a603) C:\WINDOWS\system32\Drivers\dsltestSp5.sys
21:02:11.0515 2224 dsltestSp5 - ok
21:02:11.0531 2224 EapHost (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll
21:02:11.0546 2224 EapHost - ok
21:02:11.0593 2224 eeCtrl (579a6b6135d32b857faf0e3a974535d8) C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\eeCtrl.sys
21:02:11.0609 2224 eeCtrl - ok
21:02:11.0640 2224 elcapi20 (a88fb434def5c8ae8346055c0fbb043b) C:\WINDOWS\system32\Drivers\elcapi20.sys
21:02:11.0640 2224 elcapi20 - ok
21:02:11.0671 2224 elcapibs (28e8839357b160804c6fcbe47e21df3f) C:\WINDOWS\System32\Drivers\elcapibs.sys
21:02:11.0671 2224 elcapibs - ok
21:02:11.0687 2224 elcapitd (d5e90a2e998c5b81ee86f69cdbed97e4) C:\WINDOWS\System32\Drivers\elcapitd.sys
21:02:11.0687 2224 elcapitd - ok
21:02:11.0703 2224 EraserUtilRebootDrv (028d50f059bd0d2ccb209e9011b9a9a4) C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
21:02:11.0703 2224 EraserUtilRebootDrv - ok
21:02:11.0734 2224 ERSvc (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll
21:02:11.0734 2224 ERSvc - ok
21:02:11.0750 2224 Eventlog (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
21:02:11.0765 2224 Eventlog - ok
21:02:11.0781 2224 EventSystem (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\system32\es.dll
21:02:11.0796 2224 EventSystem - ok
21:02:11.0828 2224 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
21:02:11.0828 2224 Fastfat - ok
21:02:11.0843 2224 FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
21:02:11.0859 2224 FastUserSwitchingCompatibility - ok
21:02:11.0859 2224 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
21:02:11.0875 2224 Fdc - ok
21:02:11.0890 2224 Fips (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
21:02:11.0890 2224 Fips - ok
21:02:11.0906 2224 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
21:02:11.0906 2224 Flpydisk - ok
21:02:11.0953 2224 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
21:02:11.0953 2224 FltMgr - ok
21:02:12.0015 2224 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
21:02:12.0031 2224 FontCache3.0.0.0 - ok
21:02:12.0046 2224 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:02:12.0062 2224 Fs_Rec - ok
21:02:12.0062 2224 Ftdisk (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:02:12.0078 2224 Ftdisk - ok
21:02:12.0093 2224 fwrnusb (a9e2cc3c70d3356a534789c2af2d20f2) C:\WINDOWS\system32\DRIVERS\fwrnusb.sys
21:02:12.0093 2224 fwrnusb - ok
21:02:12.0109 2224 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
21:02:12.0109 2224 gameenum - ok
21:02:12.0140 2224 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
21:02:12.0140 2224 Gpc - ok
21:02:12.0203 2224 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Programme\Google\Update\GoogleUpdate.exe
21:02:12.0203 2224 gupdate - ok
21:02:12.0203 2224 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Programme\Google\Update\GoogleUpdate.exe
21:02:12.0203 2224 gupdatem - ok
21:02:12.0234 2224 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
21:02:12.0234 2224 gusvc - ok
21:02:12.0265 2224 HdAudAddService (160b24fd894e79e71c983ea403a6e6e7) C:\WINDOWS\system32\drivers\HdAudio.sys
21:02:12.0281 2224 HdAudAddService - ok
21:02:12.0312 2224 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
21:02:12.0312 2224 HDAudBus - ok
21:02:12.0343 2224 helpsvc (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
21:02:12.0343 2224 helpsvc - ok
21:02:12.0359 2224 HidBth (a5aecf10be62459533a06ed7ebf5770b) C:\WINDOWS\system32\DRIVERS\hidbth.sys
21:02:12.0359 2224 HidBth - ok
21:02:12.0375 2224 HidServ (b35da85e60c0103f2e4104532da2f12b) C:\WINDOWS\System32\hidserv.dll
21:02:12.0375 2224 HidServ - ok
21:02:12.0406 2224 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
21:02:12.0406 2224 HidUsb - ok
21:02:12.0421 2224 hkmsvc (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll
21:02:12.0437 2224 hkmsvc - ok
21:02:12.0468 2224 hotcore3 (48ed16c0c98c950843e673eeee02ac94) C:\WINDOWS\system32\DRIVERS\hotcore3.sys
21:02:12.0468 2224 hotcore3 - ok
21:02:12.0468 2224 hpn - ok
21:02:12.0484 2224 hpqcxs08 - ok
21:02:12.0484 2224 hpqddsvc - ok
21:02:12.0484 2224 HPSLPSVC - ok
21:02:12.0515 2224 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
21:02:12.0515 2224 HPZid412 - ok
21:02:12.0546 2224 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
21:02:12.0546 2224 HPZipr12 - ok
21:02:12.0578 2224 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
21:02:12.0578 2224 HPZius12 - ok
21:02:12.0609 2224 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
21:02:12.0625 2224 HTTP - ok
21:02:12.0656 2224 HTTPFilter (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll
21:02:12.0671 2224 HTTPFilter - ok
21:02:12.0687 2224 i2omgmt - ok
21:02:12.0687 2224 i2omp - ok
21:02:12.0718 2224 i8042prt (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
21:02:12.0718 2224 i8042prt - ok
21:02:12.0765 2224 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
21:02:12.0765 2224 IDriverT - ok
21:02:12.0843 2224 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:02:12.0875 2224 idsvc - ok
21:02:12.0984 2224 IDSxpx86 (cfbc1ce72e5353d428704659199147b1) C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120330.002\IDSxpx86.sys
21:02:12.0984 2224 IDSxpx86 - ok
21:02:13.0031 2224 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
21:02:13.0031 2224 Imapi - ok
21:02:13.0062 2224 ImapiService (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\system32\imapi.exe
21:02:13.0062 2224 ImapiService - ok
21:02:13.0078 2224 ini910u - ok
21:02:13.0093 2224 IntelIde (69c4e3c9e67a1f103b94e14fdd5f3213) C:\WINDOWS\system32\DRIVERS\intelide.sys
21:02:13.0093 2224 IntelIde - ok
21:02:13.0125 2224 intelppm (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys
21:02:13.0140 2224 intelppm - ok
21:02:13.0156 2224 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
21:02:13.0156 2224 Ip6Fw - ok
21:02:13.0187 2224 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:02:13.0187 2224 IpFilterDriver - ok
21:02:13.0218 2224 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
21:02:13.0234 2224 IpInIp - ok
21:02:13.0250 2224 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
21:02:13.0265 2224 IpNat - ok
21:02:13.0296 2224 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
21:02:13.0296 2224 IPSec - ok
21:02:13.0312 2224 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
21:02:13.0312 2224 IRENUM - ok
21:02:13.0328 2224 isapnp (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
21:02:13.0328 2224 isapnp - ok
21:02:13.0343 2224 JavaQuickStarterService - ok
21:02:13.0359 2224 Kbdclass (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:02:13.0359 2224 Kbdclass - ok
21:02:13.0375 2224 kbdhid (b6d6c117d771c98130497265f26d1882) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
21:02:13.0375 2224 kbdhid - ok
21:02:13.0390 2224 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
21:02:13.0406 2224 kmixer - ok
21:02:13.0437 2224 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
21:02:13.0453 2224 KSecDD - ok
21:02:13.0468 2224 lanmanserver (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll
21:02:13.0484 2224 lanmanserver - ok
21:02:13.0500 2224 lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll
21:02:13.0515 2224 lanmanworkstation - ok
21:02:13.0515 2224 lbrtfdc - ok
21:02:13.0546 2224 LmHosts (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll
21:02:13.0546 2224 LmHosts - ok
21:02:13.0625 2224 MDM (11f714f85530a2bd134074dc30e99fca) C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
21:02:13.0625 2224 MDM - ok
21:02:13.0656 2224 Messenger (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll
21:02:13.0656 2224 Messenger - ok
21:02:13.0671 2224 Microsoft Office Groove Audit Service - ok
21:02:13.0703 2224 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
21:02:13.0703 2224 mnmdd - ok
21:02:13.0734 2224 mnmsrvc (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\system32\mnmsrvc.exe
21:02:13.0750 2224 mnmsrvc - ok
21:02:13.0765 2224 Modem (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
21:02:13.0781 2224 Modem - ok
21:02:13.0812 2224 Mouclass (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:02:13.0828 2224 Mouclass - ok
21:02:13.0843 2224 mouhid (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
21:02:13.0843 2224 mouhid - ok
21:02:13.0859 2224 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
21:02:13.0859 2224 MountMgr - ok
21:02:13.0859 2224 mraid35x - ok
21:02:13.0875 2224 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:02:13.0875 2224 MRxDAV - ok
21:02:13.0921 2224 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:02:13.0937 2224 MRxSmb - ok
21:02:13.0968 2224 MSDTC (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\system32\msdtc.exe
21:02:13.0984 2224 MSDTC - ok
21:02:14.0015 2224 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
21:02:14.0031 2224 Msfs - ok
21:02:14.0031 2224 MSIServer - ok
21:02:14.0062 2224 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:02:14.0078 2224 MSKSSRV - ok
21:02:14.0093 2224 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:02:14.0093 2224 MSPCLOCK - ok
21:02:14.0125 2224 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
21:02:14.0125 2224 MSPQM - ok
21:02:14.0156 2224 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:02:14.0171 2224 mssmbios - ok
21:02:14.0187 2224 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
21:02:14.0187 2224 MSTEE - ok
21:02:14.0218 2224 ms_mpu401 (ca3e22598f411199adc2dfee76cd0ae0) C:\WINDOWS\system32\drivers\msmpu401.sys
21:02:14.0218 2224 ms_mpu401 - ok
21:02:14.0234 2224 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
21:02:14.0250 2224 Mup - ok
21:02:14.0281 2224 MVDCODEC (514829ed3e7f140aac16154106d04981) C:\WINDOWS\system32\DRIVERS\atinmdxx.sys
21:02:14.0296 2224 MVDCODEC - ok
21:02:14.0328 2224 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
21:02:14.0343 2224 NABTSFEC - ok
21:02:14.0375 2224 napagent (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll
21:02:14.0390 2224 napagent - ok
21:02:14.0484 2224 NAVENG (862f55824ac81295837b0ab63f91071f) C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120402.002\NAVENG.SYS
21:02:14.0500 2224 NAVENG - ok
21:02:14.0546 2224 NAVEX15 (529d571b551cb9da44237389b936f1ae) C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120402.002\NAVEX15.SYS
21:02:14.0578 2224 NAVEX15 - ok
21:02:14.0625 2224 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
21:02:14.0640 2224 NDIS - ok
21:02:14.0671 2224 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
21:02:14.0687 2224 NdisIP - ok
21:02:14.0703 2224 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:02:14.0718 2224 NdisTapi - ok
21:02:14.0734 2224 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:02:14.0734 2224 Ndisuio - ok
21:02:14.0750 2224 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:02:14.0750 2224 NdisWan - ok
21:02:14.0796 2224 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
21:02:14.0796 2224 NDProxy - ok
21:02:14.0828 2224 Net Driver HPZ12 (a081cb6fb9a12668f233eb5414be3a0e) C:\WINDOWS\system32\HPZinw12.dll
21:02:14.0828 2224 Net Driver HPZ12 - ok
21:02:14.0859 2224 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
21:02:14.0859 2224 NetBIOS - ok
21:02:14.0890 2224 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
21:02:14.0890 2224 NetBT - ok
21:02:14.0921 2224 NetDDE (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
21:02:14.0937 2224 NetDDE - ok
21:02:14.0953 2224 NetDDEdsdm (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
21:02:14.0953 2224 NetDDEdsdm - ok
21:02:14.0968 2224 Netlogon (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
21:02:14.0968 2224 Netlogon - ok
21:02:15.0000 2224 Netman (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll
21:02:15.0015 2224 Netman - ok
21:02:15.0078 2224 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:02:15.0093 2224 NetTcpPortSharing - ok
21:02:15.0125 2224 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
21:02:15.0140 2224 NIC1394 - ok
21:02:15.0140 2224 NIS - ok
21:02:15.0171 2224 Nla (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll
21:02:15.0171 2224 Nla - ok
21:02:15.0203 2224 nm (1e421a6bcf2203cc61b821ada9de878b) C:\WINDOWS\system32\DRIVERS\NMnt.sys
21:02:15.0218 2224 nm - ok
21:02:15.0250 2224 nmwcd (28e36e677849174c910faaead3e60e9e) C:\WINDOWS\system32\drivers\ccdcmb.sys
21:02:15.0250 2224 nmwcd - ok
21:02:15.0265 2224 nmwcdc (3823deb17f9f6775de0187a98fa0536d) C:\WINDOWS\system32\drivers\ccdcmbo.sys
21:02:15.0281 2224 nmwcdc - ok
21:02:15.0296 2224 nmwcdnsu (496f34fb30dd541350b29558842cd42a) C:\WINDOWS\system32\drivers\nmwcdnsu.sys
21:02:15.0312 2224 nmwcdnsu - ok
21:02:15.0328 2224 nmwcdnsuc (99fbb538789888e6a48b902417f68dd4) C:\WINDOWS\system32\drivers\nmwcdnsuc.sys
21:02:15.0343 2224 nmwcdnsuc - ok
21:02:15.0359 2224 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
21:02:15.0359 2224 Npfs - ok
21:02:15.0390 2224 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
21:02:15.0406 2224 Ntfs - ok
21:02:15.0421 2224 NtLmSsp (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
21:02:15.0437 2224 NtLmSsp - ok
21:02:15.0468 2224 NtmsSvc (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll
21:02:15.0468 2224 NtmsSvc - ok
21:02:15.0500 2224 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
21:02:15.0500 2224 Null - ok
21:02:15.0531 2224 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:02:15.0546 2224 NwlnkFlt - ok
21:02:15.0562 2224 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:02:15.0578 2224 NwlnkFwd - ok
21:02:15.0640 2224 odserv (1f0e05dff4f5a833168e49be1256f002) C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE
21:02:15.0656 2224 odserv - ok
21:02:15.0671 2224 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
21:02:15.0687 2224 ohci1394 - ok
21:02:15.0703 2224 ose (5a432a042dae460abe7199b758e8606c) C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
21:02:15.0718 2224 ose - ok
21:02:15.0750 2224 Parport (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
21:02:15.0750 2224 Parport - ok
21:02:15.0781 2224 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
21:02:15.0781 2224 PartMgr - ok
21:02:15.0812 2224 ParVdm (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
21:02:15.0828 2224 ParVdm - ok
21:02:15.0843 2224 PCANDIS5 - ok
21:02:15.0875 2224 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
21:02:15.0875 2224 pccsmcfd - ok
21:02:15.0890 2224 PCI (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
21:02:15.0906 2224 PCI - ok
21:02:15.0906 2224 PCIDump - ok
21:02:15.0937 2224 PCIIde (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
21:02:15.0937 2224 PCIIde - ok
21:02:15.0968 2224 Pcmcia (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
21:02:15.0968 2224 Pcmcia - ok
21:02:15.0968 2224 PDCOMP - ok
21:02:15.0984 2224 PDFRAME - ok
21:02:16.0000 2224 PDRELI - ok
21:02:16.0000 2224 PDRFRAME - ok
21:02:16.0015 2224 perc2 - ok
21:02:16.0031 2224 perc2hib - ok
21:02:16.0062 2224 PlugPlay (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
21:02:16.0062 2224 PlugPlay - ok
21:02:16.0093 2224 Pml Driver HPZ12 (65bc271f337637731d3c71455ae1f476) C:\WINDOWS\system32\HPZipm12.dll
21:02:16.0093 2224 Pml Driver HPZ12 - ok
21:02:16.0109 2224 Point32 (2e3394c8ebf31a9b4f0a531eb5cc7bc7) C:\WINDOWS\system32\DRIVERS\point32.sys
21:02:16.0125 2224 Point32 - ok
21:02:16.0140 2224 PolicyAgent (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
21:02:16.0140 2224 PolicyAgent - ok
21:02:16.0171 2224 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:02:16.0187 2224 PptpMiniport - ok
21:02:16.0187 2224 ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
21:02:16.0187 2224 ProtectedStorage - ok
21:02:16.0203 2224 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
21:02:16.0203 2224 PSched - ok
21:02:16.0234 2224 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
21:02:16.0234 2224 Ptilink - ok
21:02:16.0234 2224 ql1080 - ok
21:02:16.0250 2224 Ql10wnt - ok
21:02:16.0265 2224 ql12160 - ok
21:02:16.0265 2224 ql1240 - ok
21:02:16.0281 2224 ql1280 - ok
21:02:16.0296 2224 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:02:16.0296 2224 RasAcd - ok
21:02:16.0328 2224 RasAuto (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll
21:02:16.0328 2224 RasAuto - ok
21:02:16.0343 2224 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:02:16.0359 2224 Rasl2tp - ok
21:02:16.0390 2224 RasMan (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll
21:02:16.0390 2224 RasMan - ok
21:02:16.0406 2224 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:02:16.0406 2224 RasPppoe - ok
21:02:16.0421 2224 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
21:02:16.0421 2224 Raspti - ok
21:02:16.0437 2224 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:02:16.0437 2224 Rdbss - ok
21:02:16.0468 2224 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:02:16.0468 2224 RDPCDD - ok
21:02:16.0484 2224 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
21:02:16.0500 2224 rdpdr - ok
21:02:16.0546 2224 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
21:02:16.0546 2224 RDPWD - ok
21:02:16.0578 2224 RDSessMgr (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe
21:02:16.0578 2224 RDSessMgr - ok
21:02:16.0609 2224 redbook (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
21:02:16.0625 2224 redbook - ok
21:02:16.0640 2224 RemoteAccess (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll
21:02:16.0640 2224 RemoteAccess - ok
21:02:16.0671 2224 RemoteRegistry (e4cd1f3d84e1c2ca0b8cf7501e201593) C:\WINDOWS\system32\regsvc.dll
21:02:16.0671 2224 RemoteRegistry - ok
21:02:16.0687 2224 RFCOMM (851c30df2807fcfa21e4c681a7d6440e) C:\WINDOWS\system32\DRIVERS\rfcomm.sys
21:02:16.0703 2224 RFCOMM - ok
21:02:16.0718 2224 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
21:02:16.0734 2224 ROOTMODEM - ok
21:02:16.0750 2224 RpcLocator (2a02e21867497df20b8fc95631395169) C:\WINDOWS\system32\locator.exe
21:02:16.0750 2224 RpcLocator - ok
21:02:16.0781 2224 RpcSs (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\System32\rpcss.dll
21:02:16.0796 2224 RpcSs - ok
21:02:16.0812 2224 RSVP (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\system32\rsvp.exe
21:02:16.0828 2224 RSVP - ok
21:02:16.0890 2224 RVS_CE (777fa0d2ca9728789a7d8e072c4491b2) C:\WINDOWS\system32\rvs_cent.exe
21:02:16.0906 2224 RVS_CE - ok
21:02:16.0953 2224 SamSs (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
21:02:16.0953 2224 SamSs - ok
21:02:16.0968 2224 SCardSvr (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe
21:02:16.0984 2224 SCardSvr - ok
21:02:17.0000 2224 Schedule (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll
21:02:17.0015 2224 Schedule - ok
21:02:17.0046 2224 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
21:02:17.0062 2224 Secdrv - ok
21:02:17.0093 2224 seclogon (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll
21:02:17.0093 2224 seclogon - ok
21:02:17.0109 2224 SENS (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll
21:02:17.0109 2224 SENS - ok
21:02:17.0140 2224 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
21:02:17.0156 2224 serenum - ok
21:02:17.0187 2224 Serial (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
21:02:17.0187 2224 Serial - ok
21:02:17.0250 2224 ServiceLayer (5bf59c6bc737baaf541168e5cb2ec1d9) C:\Programme\PC Connectivity Solution\ServiceLayer.exe
21:02:17.0265 2224 ServiceLayer - ok
21:02:17.0312 2224 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys
21:02:17.0312 2224 Sfloppy - ok
21:02:17.0343 2224 SharedAccess (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll
21:02:17.0359 2224 SharedAccess - ok
21:02:17.0390 2224 ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
21:02:17.0390 2224 ShellHWDetection - ok
21:02:17.0421 2224 Si3114r5 (09889d435edc82435b18c7c311fe5721) C:\WINDOWS\system32\DRIVERS\Si3114r5.sys
21:02:17.0421 2224 Si3114r5 - ok
21:02:17.0453 2224 SiFilter (46b92189fe4db53a09e3a0099aa3084c) C:\WINDOWS\system32\DRIVERS\SiWinAcc.sys
21:02:17.0468 2224 SiFilter - ok
21:02:17.0468 2224 Simbad - ok
21:02:17.0484 2224 SiRemFil (b688378d258d1ecce4768cdb55d48d92) C:\WINDOWS\system32\DRIVERS\SiRemFil.sys
21:02:17.0484 2224 SiRemFil - ok
21:02:17.0515 2224 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
21:02:17.0531 2224 SLIP - ok
21:02:17.0531 2224 Sparrow - ok
21:02:17.0546 2224 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
21:02:17.0562 2224 splitter - ok
21:02:17.0593 2224 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
21:02:17.0593 2224 Spooler - ok
21:02:17.0640 2224 sptd (cdddec541bc3c96f91ecb48759673505) C:\WINDOWS\System32\Drivers\sptd.sys
21:02:17.0656 2224 sptd - ok
21:02:17.0671 2224 sr (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
21:02:17.0687 2224 sr - ok
21:02:17.0718 2224 srservice (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\system32\srsvc.dll
21:02:17.0718 2224 srservice - ok
21:02:17.0765 2224 SRTSP (c16d048faf2978d2121f9f40594a6bdc) C:\WINDOWS\System32\Drivers\NIS\1306020.00A\SRTSP.SYS
21:02:17.0765 2224 SRTSP - ok
21:02:17.0781 2224 SRTSPX (f0d02c2e25970c9c72a5cd278c17cdb6) C:\WINDOWS\system32\drivers\NIS\1306020.00A\SRTSPX.SYS
21:02:17.0796 2224 SRTSPX - ok
21:02:17.0828 2224 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
21:02:17.0828 2224 Srv - ok
21:02:17.0859 2224 SSDPSRV (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll
21:02:17.0875 2224 SSDPSRV - ok
21:02:17.0906 2224 stisvc (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll
21:02:17.0906 2224 stisvc - ok
21:02:17.0937 2224 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
21:02:17.0937 2224 streamip - ok
21:02:17.0953 2224 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
21:02:17.0953 2224 swenum - ok
21:02:17.0984 2224 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
21:02:17.0984 2224 swmidi - ok
21:02:17.0984 2224 SwPrv - ok
21:02:18.0000 2224 symc810 - ok
21:02:18.0015 2224 symc8xx - ok
21:02:18.0046 2224 SymDS (690fa0e61b90084c4d9a721bd4f3d779) C:\WINDOWS\system32\drivers\NIS\1306020.00A\SYMDS.SYS
21:02:18.0062 2224 SymDS - ok
21:02:18.0109 2224 SymEFA (4e55148a2e044d02245cbcdbb266b98c) C:\WINDOWS\system32\drivers\NIS\1306020.00A\SYMEFA.SYS
21:02:18.0140 2224 SymEFA - ok
21:02:18.0171 2224 SymEvent (555fb450fe6908600310e990738b41d6) C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
21:02:18.0171 2224 SymEvent - ok
21:02:18.0203 2224 SymIRON (2c356cca706505cf63cbe39d532b9236) C:\WINDOWS\system32\drivers\NIS\1306020.00A\Ironx86.SYS
21:02:18.0203 2224 SymIRON - ok
21:02:18.0234 2224 SYMTDI (508bd882040f9cb12319e3a4fc78edb9) C:\WINDOWS\System32\Drivers\NIS\1306020.00A\SYMTDI.SYS
21:02:18.0234 2224 SYMTDI - ok
21:02:18.0250 2224 sym_hi - ok
21:02:18.0265 2224 sym_u3 - ok
21:02:18.0265 2224 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
21:02:18.0281 2224 sysaudio - ok
21:02:18.0296 2224 SysmonLog (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe
21:02:18.0296 2224 SysmonLog - ok
21:02:18.0328 2224 TapiSrv (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll
21:02:18.0328 2224 TapiSrv - ok
21:02:18.0375 2224 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:02:18.0375 2224 Tcpip - ok
21:02:18.0406 2224 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
21:02:18.0421 2224 TDPIPE - ok
21:02:18.0421 2224 TDslMgrService - ok
21:02:18.0437 2224 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
21:02:18.0437 2224 TDTCP - ok
21:02:18.0468 2224 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
21:02:18.0468 2224 TermDD - ok
21:02:18.0500 2224 TermService (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll
21:02:18.0500 2224 TermService - ok
21:02:18.0531 2224 Themes (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
21:02:18.0546 2224 Themes - ok
21:02:18.0562 2224 TlntSvr (03681a1ce77f51586903869a5ab1deab) C:\WINDOWS\system32\tlntsvr.exe
21:02:18.0578 2224 TlntSvr - ok
21:02:18.0593 2224 TosIde - ok
21:02:18.0625 2224 TrkWks (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll
21:02:18.0640 2224 TrkWks - ok
21:02:18.0656 2224 TSMPacket (7c1367bff5587cf49c0ed2e664f6eac0) C:\WINDOWS\system32\DRIVERS\tsmpkt.sys
21:02:18.0671 2224 TSMPacket - ok
21:02:18.0703 2224 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
21:02:18.0703 2224 Udfs - ok
21:02:18.0718 2224 ulisa - ok
21:02:18.0734 2224 ultra - ok
21:02:18.0765 2224 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
21:02:18.0796 2224 Update - ok
21:02:18.0828 2224 upnphost (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll
21:02:18.0828 2224 upnphost - ok
21:02:18.0875 2224 upperdev (b1b8bee26227dad9835019201552cb05) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
21:02:18.0890 2224 upperdev - ok
21:02:18.0906 2224 UPS (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe
21:02:18.0906 2224 UPS - ok
21:02:18.0937 2224 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
21:02:18.0937 2224 usbccgp - ok
21:02:18.0953 2224 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
21:02:18.0968 2224 usbehci - ok
21:02:18.0984 2224 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:02:19.0000 2224 usbhub - ok
21:02:19.0031 2224 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
21:02:19.0031 2224 usbprint - ok
21:02:19.0046 2224 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
21:02:19.0062 2224 usbscan - ok
21:02:19.0093 2224 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\drivers\usbser.sys
21:02:19.0093 2224 usbser - ok
21:02:19.0125 2224 UsbserFilt (98e1ff1d732c6c7200b6c59d4ff8c1c3) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
21:02:19.0125 2224 UsbserFilt - ok
21:02:19.0156 2224 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:02:19.0156 2224 usbstor - ok
21:02:19.0171 2224 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
21:02:19.0171 2224 usbuhci - ok
21:02:19.0203 2224 USB_RNDIS (bee793d4a059caea55d6ac20e19b3a8f) C:\WINDOWS\system32\DRIVERS\usb8023.sys
21:02:19.0218 2224 USB_RNDIS - ok
21:02:19.0234 2224 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
21:02:19.0234 2224 VgaSave - ok
21:02:19.0250 2224 ViaIde - ok
21:02:19.0265 2224 VolSnap (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
21:02:19.0265 2224 VolSnap - ok
21:02:19.0281 2224 VSS (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe
21:02:19.0296 2224 VSS - ok
21:02:19.0343 2224 W32Time (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\system32\w32time.dll
21:02:19.0343 2224 W32Time - ok
21:02:19.0390 2224 W8100XP (f47660ee2cc6161540106b6bfa207f35) C:\WINDOWS\system32\DRIVERS\mrv8ka51.sys
21:02:19.0406 2224 W8100XP - ok
21:02:19.0453 2224 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:02:19.0468 2224 Wanarp - ok
21:02:19.0500 2224 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys
21:02:19.0515 2224 Wdf01000 - ok
21:02:19.0546 2224 WDICA - ok
21:02:19.0578 2224 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
21:02:19.0578 2224 wdmaud - ok
21:02:19.0609 2224 WebClient (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll
21:02:19.0625 2224 WebClient - ok
21:02:19.0656 2224 winmgmt (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll
21:02:19.0656 2224 winmgmt - ok
21:02:19.0703 2224 WinRM (f10075c2ec96d2eb118012e78ece2fc2) C:\WINDOWS\system32\WsmSvc.dll
21:02:19.0750 2224 WinRM - ok
21:02:19.0781 2224 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
21:02:19.0796 2224 WmdmPmSN - ok
21:02:19.0828 2224 Wmi (ffa4d901d46d07a5bab2d8307fbb51a6) C:\WINDOWS\System32\advapi32.dll
21:02:19.0859 2224 Wmi - ok
21:02:19.0890 2224 WmiApSrv (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\system32\wbem\wmiapsrv.exe
21:02:19.0890 2224 WmiApSrv - ok
21:02:19.0953 2224 WMPNetworkSvc (bf05650bb7df5e9ebdd25974e22403bb) C:\Programme\Windows Media Player\WMPNetwk.exe
21:02:19.0968 2224 WMPNetworkSvc - ok
21:02:20.0000 2224 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
21:02:20.0000 2224 WpdUsb - ok
21:02:20.0093 2224 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
21:02:20.0109 2224 WPFFontCache_v0400 - ok
21:02:20.0140 2224 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
21:02:20.0140 2224 WS2IFSL - ok
21:02:20.0171 2224 wscsvc (300b3e84faf1a5c1f791c159ba28035d) C:\WINDOWS\system32\wscsvc.dll
21:02:20.0171 2224 wscsvc - ok
21:02:20.0187 2224 WSearch - ok
21:02:20.0218 2224 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
21:02:20.0218 2224 WSTCODEC - ok
21:02:20.0234 2224 wuauserv (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll
21:02:20.0250 2224 wuauserv - ok
21:02:20.0265 2224 WudfPf (6ff66513d372d479ef1810223c8d20ce) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
21:02:20.0265 2224 WudfPf - ok
21:02:20.0281 2224 WudfSvc (575a4190d989f64732119e4114045a4f) C:\WINDOWS\System32\WUDFSvc.dll
21:02:20.0281 2224 WudfSvc - ok
21:02:20.0328 2224 WZCSVC (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll
21:02:20.0328 2224 WZCSVC - ok
21:02:20.0359 2224 xmlprov (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll
21:02:20.0359 2224 xmlprov - ok
21:02:20.0390 2224 yukonwxp (87f126d0f8dc176b282924df0417075e) C:\WINDOWS\system32\DRIVERS\yk51x86.sys
21:02:20.0406 2224 yukonwxp - ok
21:02:20.0421 2224 MBR (0x1B8) (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
21:02:20.0500 2224 \Device\Harddisk0\DR0 - ok
21:02:20.0531 2224 MBR (0x1B8) (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk1\DR1
21:02:20.0765 2224 \Device\Harddisk1\DR1 - ok
21:02:20.0765 2224 Boot (0x1200) (dd50333d7ff6d848fc966771f811000d) \Device\Harddisk0\DR0\Partition0
21:02:20.0765 2224 \Device\Harddisk0\DR0\Partition0 - ok
21:02:20.0765 2224 Boot (0x1200) (570b86e335be17bc4aa8204e28b25aa9) \Device\Harddisk1\DR1\Partition0
21:02:20.0781 2224 \Device\Harddisk1\DR1\Partition0 - ok
21:02:20.0781 2224 ============================================================
21:02:20.0781 2224 Scan finished
21:02:20.0781 2224 ============================================================
21:02:20.0781 2132 Detected object count: 0
21:02:20.0781 2132 Actual detected object count: 0

markusg · 03.04.2012, 12:43

was soll ich mit dem log ohne funde anfangen
wo ist das erste log mit den funden.

toni_ks · 03.04.2012, 14:01

Ich hätte den ersten Log auch gerne gepostet, aber kurz nach dem Durchlauf ist mein Rechner abgestürzt und somit war der Report nicht mehr aufzurufen. Daher der erneute Durchlauf mit dem zweiten Report.
Gibt es eine Möglichkeit den ersten Report irgendwie nachträglich aufzurufen?

Der aktuelle Report sieht wie folgt aus:

14:54:23.0609 5892 TDSS rootkit removing tool 2.7.24.0 Apr 2 2012 10:31:48
14:54:24.0765 5892 ============================================================
14:54:24.0765 5892 Current date / time: 2012/04/03 14:54:24.0765
14:54:24.0765 5892 SystemInfo:
14:54:24.0765 5892
14:54:24.0765 5892 OS Version: 5.1.2600 ServicePack: 3.0
14:54:24.0765 5892 Product type: Workstation
14:54:24.0765 5892 ComputerName: HANS_MUSTERMANN14:54:24.0781 5892 UserName: Dirk
14:54:24.0781 5892 Windows directory: C:\WINDOWS
14:54:24.0781 5892 System windows directory: C:\WINDOWS
14:54:24.0781 5892 Processor architecture: Intel x86
14:54:24.0781 5892 Number of processors: 2
14:54:24.0781 5892 Page size: 0x1000
14:54:24.0781 5892 Boot type: Normal boot
14:54:24.0781 5892 ============================================================
14:54:26.0343 5892 Drive \Device\Harddisk0\DR0 - Size: 0x114FF30000 (69.25 Gb), SectorSize: 0x200, Cylinders: 0x234F, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
14:54:26.0531 5892 Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
14:54:26.0546 5892 Drive \Device\Harddisk3\DR7 - Size: 0xF8400000 (3.88 Gb), SectorSize: 0x200, Cylinders: 0x1FA, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
14:54:26.0546 5892 \Device\Harddisk0\DR0:
14:54:26.0546 5892 MBR used
14:54:26.0546 5892 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x40415A3
14:54:26.0546 5892 \Device\Harddisk1\DR1:
14:54:26.0546 5892 MBR used
14:54:26.0546 5892 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C4542
14:54:26.0546 5892 \Device\Harddisk3\DR7:
14:54:26.0546 5892 MBR used
14:54:26.0546 5892 \Device\Harddisk3\DR7\Partition0: MBR, Type 0x6, StartLBA 0x1E0, BlocksNum 0x7C1E20
14:54:26.0593 5892 Initialize success
14:54:26.0593 5892 ============================================================
14:54:58.0921 4596 ============================================================
14:54:58.0921 4596 Scan started
14:54:58.0921 4596 Mode: Manual;
14:54:58.0921 4596 ============================================================
14:54:59.0109 4596 Abiosdsk - ok
14:54:59.0109 4596 abp480n5 - ok
14:54:59.0156 4596 ACPI (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
14:54:59.0156 4596 ACPI - ok
14:54:59.0187 4596 ACPIEC (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
14:54:59.0187 4596 ACPIEC - ok
14:54:59.0234 4596 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
14:54:59.0234 4596 AdobeFlashPlayerUpdateSvc - ok
14:54:59.0265 4596 adpu160m - ok
14:54:59.0281 4596 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
14:54:59.0281 4596 aec - ok
14:54:59.0312 4596 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
14:54:59.0312 4596 AFD - ok
14:54:59.0328 4596 Aha154x - ok
14:54:59.0328 4596 aic78u2 - ok
14:54:59.0343 4596 aic78xx - ok
14:54:59.0359 4596 Alerter (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll
14:54:59.0375 4596 Alerter - ok
14:54:59.0390 4596 ALG (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe
14:54:59.0390 4596 ALG - ok
14:54:59.0390 4596 AliIde - ok
14:54:59.0406 4596 amsint - ok
14:54:59.0437 4596 AppMgmt (d45960be52c3c610d361977057f98c54) C:\WINDOWS\System32\appmgmts.dll
14:54:59.0453 4596 AppMgmt - ok
14:54:59.0484 4596 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
14:54:59.0484 4596 Arp1394 - ok
14:54:59.0500 4596 asc - ok
14:54:59.0500 4596 asc3350p - ok
14:54:59.0515 4596 asc3550 - ok
14:54:59.0578 4596 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
14:54:59.0578 4596 aspnet_state - ok
14:54:59.0593 4596 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:54:59.0593 4596 AsyncMac - ok
14:54:59.0609 4596 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
14:54:59.0609 4596 atapi - ok
14:54:59.0625 4596 Atdisk - ok
14:54:59.0656 4596 Ati HotKey Poller (2911a46a482f1bbe39f47bac4cf6f609) C:\WINDOWS\system32\Ati2evxx.exe
14:54:59.0671 4596 Ati HotKey Poller - ok
14:54:59.0703 4596 ATI Smart (2b2cc2c47f5de490f27d4292f0edc034) C:\WINDOWS\system32\ati2sgag.exe
14:54:59.0718 4596 ATI Smart - ok
14:54:59.0828 4596 ati2mtag (e9375396f55b58c2042c7c9844d297e3) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
14:54:59.0890 4596 ati2mtag - ok
14:54:59.0937 4596 atinrvxx (74e104ada8a304774713e9a9a9cb3556) C:\WINDOWS\system32\DRIVERS\atinrvxx.sys
14:54:59.0937 4596 atinrvxx - ok
14:54:59.0953 4596 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
14:54:59.0953 4596 Atmarpc - ok
14:54:59.0984 4596 AudioSrv (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll
14:54:59.0984 4596 AudioSrv - ok
14:55:00.0000 4596 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
14:55:00.0015 4596 audstub - ok
14:55:00.0031 4596 Automatisches LiveUpdate - Scheduler - ok
14:55:00.0062 4596 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
14:55:00.0062 4596 Beep - ok
14:55:00.0156 4596 BHDrvx86 (eb7f1f1dfa95c25d762c22d3cf13d4e0) C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120317.002\BHDrvx86.sys
14:55:00.0171 4596 BHDrvx86 - ok
14:55:00.0203 4596 BITS (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll
14:55:00.0218 4596 BITS - ok
14:55:00.0250 4596 BMUService (e2c5b1c8a046b7e5827a98747c61553f) C:\Programme\Memeo\AutoBackup\MemeoService.exe
14:55:00.0250 4596 BMUService - ok
14:55:00.0265 4596 Browser (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll
14:55:00.0281 4596 Browser - ok
14:55:00.0312 4596 BthEnum (b279426e3c0c344893ed78a613a73bde) C:\WINDOWS\system32\DRIVERS\BthEnum.sys
14:55:00.0312 4596 BthEnum - ok
14:55:00.0312 4596 BTHMODEM (fca6f069597b62d42495191ace3fc6c1) C:\WINDOWS\system32\DRIVERS\bthmodem.sys
14:55:00.0328 4596 BTHMODEM - ok
14:55:00.0343 4596 BthPan (80602b8746d3738f5886ce3d67ef06b6) C:\WINDOWS\system32\DRIVERS\bthpan.sys
14:55:00.0343 4596 BthPan - ok
14:55:00.0375 4596 BTHPORT (592e1cedbe314d0ef184dc6f46141e76) C:\WINDOWS\system32\Drivers\BTHport.sys
14:55:00.0375 4596 BTHPORT - ok
14:55:00.0406 4596 BthServ (26c601ef7525e31379744abfc6f35a1b) C:\WINDOWS\System32\bthserv.dll
14:55:00.0406 4596 BthServ - ok
14:55:00.0437 4596 BTHUSB (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys
14:55:00.0437 4596 BTHUSB - ok
14:55:00.0437 4596 catchme - ok
14:55:00.0468 4596 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
14:55:00.0468 4596 cbidf2k - ok
14:55:00.0484 4596 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
14:55:00.0500 4596 CCDECODE - ok
14:55:00.0531 4596 ccSet_NIS (599e7f6259a127c174c49938d2aa6a60) C:\WINDOWS\system32\drivers\NIS\1306020.00A\ccSetx86.sys
14:55:00.0531 4596 ccSet_NIS - ok
14:55:00.0546 4596 cd20xrnt - ok
14:55:00.0562 4596 CdaC15BA (82c4c6a2343b592c4fd590f625a724a9) C:\WINDOWS\system32\drivers\CDAC15BA.SYS
14:55:00.0562 4596 CdaC15BA - ok
14:55:00.0578 4596 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
14:55:00.0578 4596 Cdaudio - ok
14:55:00.0593 4596 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
14:55:00.0593 4596 Cdfs - ok
14:55:00.0625 4596 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
14:55:00.0625 4596 Cdrom - ok
14:55:00.0625 4596 Changer - ok
14:55:00.0656 4596 CiSvc (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe
14:55:00.0656 4596 CiSvc - ok
14:55:00.0671 4596 ClipSrv (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe
14:55:00.0671 4596 ClipSrv - ok
14:55:00.0718 4596 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:55:00.0718 4596 clr_optimization_v2.0.50727_32 - ok
14:55:00.0750 4596 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:55:00.0750 4596 clr_optimization_v4.0.30319_32 - ok
14:55:00.0750 4596 CmdIde - ok
14:55:00.0812 4596 cmudax (d7fcada6833a0e243ca89c03bd559bd9) C:\WINDOWS\system32\drivers\cmudax.sys
14:55:00.0843 4596 cmudax - ok
14:55:00.0859 4596 COMSysApp - ok
14:55:00.0875 4596 Cpqarray - ok
14:55:00.0875 4596 cpuz132 - ok
14:55:00.0890 4596 CryptSvc (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll
14:55:00.0890 4596 CryptSvc - ok
14:55:00.0890 4596 dac2w2k - ok
14:55:00.0906 4596 dac960nt - ok
14:55:00.0953 4596 DcomLaunch (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
14:55:00.0953 4596 DcomLaunch - ok
14:55:00.0984 4596 Dhcp (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll
14:55:00.0984 4596 Dhcp - ok
14:55:01.0015 4596 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
14:55:01.0015 4596 Disk - ok
14:55:01.0015 4596 dmadmin - ok
14:55:01.0062 4596 dmboot (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
14:55:01.0078 4596 dmboot - ok
14:55:01.0109 4596 dmio (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
14:55:01.0109 4596 dmio - ok
14:55:01.0140 4596 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
14:55:01.0140 4596 dmload - ok
14:55:01.0156 4596 dmserver (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll
14:55:01.0156 4596 dmserver - ok
14:55:01.0187 4596 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
14:55:01.0187 4596 DMusic - ok
14:55:01.0218 4596 Dnscache (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll
14:55:01.0218 4596 Dnscache - ok
14:55:01.0234 4596 Dot3svc (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll
14:55:01.0234 4596 Dot3svc - ok
14:55:01.0250 4596 dpti2o - ok
14:55:01.0281 4596 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
14:55:01.0281 4596 drmkaud - ok
14:55:01.0312 4596 dsltestSp5 (c6b2e10cfe79169c72f0269087b9a603) C:\WINDOWS\system32\Drivers\dsltestSp5.sys
14:55:01.0312 4596 dsltestSp5 - ok
14:55:01.0328 4596 EapHost (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll
14:55:01.0328 4596 EapHost - ok
14:55:01.0375 4596 eeCtrl (579a6b6135d32b857faf0e3a974535d8) C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\eeCtrl.sys
14:55:01.0375 4596 eeCtrl - ok
14:55:01.0406 4596 elcapi20 (a88fb434def5c8ae8346055c0fbb043b) C:\WINDOWS\system32\Drivers\elcapi20.sys
14:55:01.0406 4596 elcapi20 - ok
14:55:01.0453 4596 elcapibs (28e8839357b160804c6fcbe47e21df3f) C:\WINDOWS\System32\Drivers\elcapibs.sys
14:55:01.0453 4596 elcapibs - ok
14:55:01.0453 4596 elcapitd (d5e90a2e998c5b81ee86f69cdbed97e4) C:\WINDOWS\System32\Drivers\elcapitd.sys
14:55:01.0468 4596 elcapitd - ok
14:55:01.0468 4596 EraserUtilRebootDrv (028d50f059bd0d2ccb209e9011b9a9a4) C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
14:55:01.0484 4596 EraserUtilRebootDrv - ok
14:55:01.0500 4596 ERSvc (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll
14:55:01.0500 4596 ERSvc - ok
14:55:01.0515 4596 Eventlog (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
14:55:01.0515 4596 Eventlog - ok
14:55:01.0531 4596 EventSystem (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\system32\es.dll
14:55:01.0546 4596 EventSystem - ok
14:55:01.0578 4596 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
14:55:01.0578 4596 Fastfat - ok
14:55:01.0609 4596 FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
14:55:01.0609 4596 FastUserSwitchingCompatibility - ok
14:55:01.0625 4596 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
14:55:01.0625 4596 Fdc - ok
14:55:01.0640 4596 Fips (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
14:55:01.0656 4596 Fips - ok
14:55:01.0671 4596 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
14:55:01.0671 4596 Flpydisk - ok
14:55:01.0703 4596 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
14:55:01.0703 4596 FltMgr - ok
14:55:01.0781 4596 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
14:55:01.0781 4596 FontCache3.0.0.0 - ok
14:55:01.0796 4596 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:55:01.0796 4596 Fs_Rec - ok
14:55:01.0812 4596 Ftdisk (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
14:55:01.0812 4596 Ftdisk - ok
14:55:01.0843 4596 fwrnusb (a9e2cc3c70d3356a534789c2af2d20f2) C:\WINDOWS\system32\DRIVERS\fwrnusb.sys
14:55:01.0843 4596 fwrnusb - ok
14:55:01.0875 4596 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
14:55:01.0875 4596 gameenum - ok
14:55:01.0890 4596 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
14:55:01.0890 4596 Gpc - ok
14:55:01.0953 4596 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Programme\Google\Update\GoogleUpdate.exe
14:55:01.0953 4596 gupdate - ok
14:55:01.0953 4596 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Programme\Google\Update\GoogleUpdate.exe
14:55:01.0953 4596 gupdatem - ok
14:55:02.0000 4596 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
14:55:02.0000 4596 gusvc - ok
14:55:02.0031 4596 HdAudAddService (160b24fd894e79e71c983ea403a6e6e7) C:\WINDOWS\system32\drivers\HdAudio.sys
14:55:02.0031 4596 HdAudAddService - ok
14:55:02.0062 4596 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
14:55:02.0062 4596 HDAudBus - ok
14:55:02.0093 4596 helpsvc (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
14:55:02.0093 4596 helpsvc - ok
14:55:02.0109 4596 HidBth (a5aecf10be62459533a06ed7ebf5770b) C:\WINDOWS\system32\DRIVERS\hidbth.sys
14:55:02.0109 4596 HidBth - ok
14:55:02.0125 4596 HidServ (b35da85e60c0103f2e4104532da2f12b) C:\WINDOWS\System32\hidserv.dll
14:55:02.0140 4596 HidServ - ok
14:55:02.0156 4596 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
14:55:02.0156 4596 HidUsb - ok
14:55:02.0187 4596 hkmsvc (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll
14:55:02.0187 4596 hkmsvc - ok
14:55:02.0218 4596 hotcore3 (48ed16c0c98c950843e673eeee02ac94) C:\WINDOWS\system32\DRIVERS\hotcore3.sys
14:55:02.0218 4596 hotcore3 - ok
14:55:02.0218 4596 hpn - ok
14:55:02.0234 4596 hpqcxs08 - ok
14:55:02.0234 4596 hpqddsvc - ok
14:55:02.0234 4596 HPSLPSVC - ok
14:55:02.0265 4596 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
14:55:02.0265 4596 HPZid412 - ok
14:55:02.0281 4596 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
14:55:02.0281 4596 HPZipr12 - ok
14:55:02.0312 4596 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
14:55:02.0312 4596 HPZius12 - ok
14:55:02.0343 4596 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
14:55:02.0343 4596 HTTP - ok
14:55:02.0375 4596 HTTPFilter (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll
14:55:02.0375 4596 HTTPFilter - ok
14:55:02.0390 4596 i2omgmt - ok
14:55:02.0406 4596 i2omp - ok
14:55:02.0421 4596 i8042prt (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
14:55:02.0421 4596 i8042prt - ok
14:55:02.0468 4596 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
14:55:02.0484 4596 IDriverT - ok
14:55:02.0546 4596 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:55:02.0578 4596 idsvc - ok
14:55:02.0671 4596 IDSxpx86 (cfbc1ce72e5353d428704659199147b1) C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120401.001\IDSxpx86.sys
14:55:02.0687 4596 IDSxpx86 - ok
14:55:02.0703 4596 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
14:55:02.0718 4596 Imapi - ok
14:55:02.0750 4596 ImapiService (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\system32\imapi.exe
14:55:02.0750 4596 ImapiService - ok
14:55:02.0765 4596 ini910u - ok
14:55:02.0781 4596 IntelIde (69c4e3c9e67a1f103b94e14fdd5f3213) C:\WINDOWS\system32\DRIVERS\intelide.sys
14:55:02.0781 4596 IntelIde - ok
14:55:02.0796 4596 intelppm (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys
14:55:02.0796 4596 intelppm - ok
14:55:02.0828 4596 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
14:55:02.0828 4596 Ip6Fw - ok
14:55:02.0843 4596 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:55:02.0843 4596 IpFilterDriver - ok
14:55:02.0859 4596 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
14:55:02.0859 4596 IpInIp - ok
14:55:02.0890 4596 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
14:55:02.0890 4596 IpNat - ok
14:55:02.0906 4596 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
14:55:02.0906 4596 IPSec - ok
14:55:02.0937 4596 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
14:55:02.0937 4596 IRENUM - ok
14:55:02.0968 4596 isapnp (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
14:55:02.0968 4596 isapnp - ok
14:55:02.0968 4596 JavaQuickStarterService - ok
14:55:02.0984 4596 Kbdclass (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
14:55:02.0984 4596 Kbdclass - ok
14:55:03.0000 4596 kbdhid (b6d6c117d771c98130497265f26d1882) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
14:55:03.0000 4596 kbdhid - ok
14:55:03.0015 4596 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
14:55:03.0031 4596 kmixer - ok
14:55:03.0046 4596 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
14:55:03.0046 4596 KSecDD - ok
14:55:03.0078 4596 lanmanserver (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll
14:55:03.0078 4596 lanmanserver - ok
14:55:03.0093 4596 lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll
14:55:03.0093 4596 lanmanworkstation - ok
14:55:03.0109 4596 lbrtfdc - ok
14:55:03.0140 4596 LmHosts (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll
14:55:03.0140 4596 LmHosts - ok
14:55:03.0171 4596 MDM (11f714f85530a2bd134074dc30e99fca) C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
14:55:03.0171 4596 MDM - ok
14:55:03.0218 4596 Messenger (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll
14:55:03.0218 4596 Messenger - ok
14:55:03.0218 4596 Microsoft Office Groove Audit Service - ok
14:55:03.0250 4596 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
14:55:03.0250 4596 mnmdd - ok
14:55:03.0265 4596 mnmsrvc (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\system32\mnmsrvc.exe
14:55:03.0281 4596 mnmsrvc - ok
14:55:03.0296 4596 Modem (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
14:55:03.0296 4596 Modem - ok
14:55:03.0328 4596 Mouclass (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
14:55:03.0328 4596 Mouclass - ok
14:55:03.0328 4596 mouhid (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
14:55:03.0343 4596 mouhid - ok
14:55:03.0343 4596 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
14:55:03.0359 4596 MountMgr - ok
14:55:03.0359 4596 mraid35x - ok
14:55:03.0375 4596 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
14:55:03.0375 4596 MRxDAV - ok
14:55:03.0421 4596 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:55:03.0437 4596 MRxSmb - ok
14:55:03.0453 4596 MSDTC (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\system32\msdtc.exe
14:55:03.0453 4596 MSDTC - ok
14:55:03.0500 4596 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
14:55:03.0500 4596 Msfs - ok
14:55:03.0500 4596 MSIServer - ok
14:55:03.0531 4596 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:55:03.0531 4596 MSKSSRV - ok
14:55:03.0546 4596 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:55:03.0546 4596 MSPCLOCK - ok
14:55:03.0562 4596 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
14:55:03.0578 4596 MSPQM - ok
14:55:03.0593 4596 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
14:55:03.0593 4596 mssmbios - ok
14:55:03.0609 4596 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
14:55:03.0625 4596 MSTEE - ok
14:55:03.0640 4596 ms_mpu401 (ca3e22598f411199adc2dfee76cd0ae0) C:\WINDOWS\system32\drivers\msmpu401.sys
14:55:03.0640 4596 ms_mpu401 - ok
14:55:03.0671 4596 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
14:55:03.0671 4596 Mup - ok
14:55:03.0703 4596 MVDCODEC (514829ed3e7f140aac16154106d04981) C:\WINDOWS\system32\DRIVERS\atinmdxx.sys
14:55:03.0703 4596 MVDCODEC - ok
14:55:03.0718 4596 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
14:55:03.0734 4596 NABTSFEC - ok
14:55:03.0750 4596 napagent (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll
14:55:03.0765 4596 napagent - ok
14:55:03.0828 4596 NAVENG (862f55824ac81295837b0ab63f91071f) C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120402.002\NAVENG.SYS
14:55:03.0843 4596 NAVENG - ok
14:55:03.0875 4596 NAVEX15 (529d571b551cb9da44237389b936f1ae) C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120402.002\NAVEX15.SYS
14:55:03.0921 4596 NAVEX15 - ok
14:55:03.0968 4596 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
14:55:03.0968 4596 NDIS - ok
14:55:04.0000 4596 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
14:55:04.0000 4596 NdisIP - ok
14:55:04.0031 4596 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:55:04.0031 4596 NdisTapi - ok
14:55:04.0062 4596 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:55:04.0062 4596 Ndisuio - ok
14:55:04.0078 4596 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:55:04.0078 4596 NdisWan - ok
14:55:04.0109 4596 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
14:55:04.0109 4596 NDProxy - ok
14:55:04.0125 4596 Net Driver HPZ12 (a081cb6fb9a12668f233eb5414be3a0e) C:\WINDOWS\system32\HPZinw12.dll
14:55:04.0125 4596 Net Driver HPZ12 - ok
14:55:04.0140 4596 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
14:55:04.0156 4596 NetBIOS - ok
14:55:04.0171 4596 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
14:55:04.0171 4596 NetBT - ok
14:55:04.0203 4596 NetDDE (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
14:55:04.0218 4596 NetDDE - ok
14:55:04.0218 4596 NetDDEdsdm (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
14:55:04.0218 4596 NetDDEdsdm - ok
14:55:04.0250 4596 Netlogon (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
14:55:04.0250 4596 Netlogon - ok
14:55:04.0265 4596 Netman (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll
14:55:04.0265 4596 Netman - ok
14:55:04.0328 4596 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:55:04.0328 4596 NetTcpPortSharing - ok
14:55:04.0359 4596 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
14:55:04.0375 4596 NIC1394 - ok
14:55:04.0375 4596 NIS - ok
14:55:04.0390 4596 Nla (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll
14:55:04.0406 4596 Nla - ok
14:55:04.0437 4596 nm (1e421a6bcf2203cc61b821ada9de878b) C:\WINDOWS\system32\DRIVERS\NMnt.sys
14:55:04.0437 4596 nm - ok
14:55:04.0468 4596 nmwcd (28e36e677849174c910faaead3e60e9e) C:\WINDOWS\system32\drivers\ccdcmb.sys
14:55:04.0468 4596 nmwcd - ok
14:55:04.0484 4596 nmwcdc (3823deb17f9f6775de0187a98fa0536d) C:\WINDOWS\system32\drivers\ccdcmbo.sys
14:55:04.0484 4596 nmwcdc - ok
14:55:04.0500 4596 nmwcdnsu (496f34fb30dd541350b29558842cd42a) C:\WINDOWS\system32\drivers\nmwcdnsu.sys
14:55:04.0515 4596 nmwcdnsu - ok
14:55:04.0515 4596 nmwcdnsuc (99fbb538789888e6a48b902417f68dd4) C:\WINDOWS\system32\drivers\nmwcdnsuc.sys
14:55:04.0531 4596 nmwcdnsuc - ok
14:55:04.0546 4596 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
14:55:04.0546 4596 Npfs - ok
14:55:04.0562 4596 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
14:55:04.0578 4596 Ntfs - ok
14:55:04.0609 4596 NtLmSsp (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
14:55:04.0609 4596 NtLmSsp - ok
14:55:04.0640 4596 NtmsSvc (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll
14:55:04.0656 4596 NtmsSvc - ok
14:55:04.0687 4596 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
14:55:04.0687 4596 Null - ok
14:55:04.0703 4596 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
14:55:04.0703 4596 NwlnkFlt - ok
14:55:04.0718 4596 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
14:55:04.0718 4596 NwlnkFwd - ok
14:55:04.0781 4596 odserv (1f0e05dff4f5a833168e49be1256f002) C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE
14:55:04.0781 4596 odserv - ok
14:55:04.0812 4596 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
14:55:04.0812 4596 ohci1394 - ok
14:55:04.0828 4596 ose (5a432a042dae460abe7199b758e8606c) C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
14:55:04.0828 4596 ose - ok
14:55:04.0859 4596 Parport (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
14:55:04.0859 4596 Parport - ok
14:55:04.0890 4596 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
14:55:04.0890 4596 PartMgr - ok
14:55:04.0906 4596 ParVdm (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
14:55:04.0906 4596 ParVdm - ok
14:55:04.0921 4596 PCANDIS5 - ok
14:55:04.0968 4596 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
14:55:04.0968 4596 pccsmcfd - ok
14:55:04.0984 4596 PCI (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
14:55:04.0984 4596 PCI - ok
14:55:05.0000 4596 PCIDump - ok
14:55:05.0000 4596 PCIIde (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
14:55:05.0000 4596 PCIIde - ok
14:55:05.0031 4596 Pcmcia (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
14:55:05.0031 4596 Pcmcia - ok
14:55:05.0046 4596 PDCOMP - ok
14:55:05.0046 4596 PDFRAME - ok
14:55:05.0062 4596 PDRELI - ok
14:55:05.0078 4596 PDRFRAME - ok
14:55:05.0078 4596 perc2 - ok
14:55:05.0093 4596 perc2hib - ok
14:55:05.0125 4596 PlugPlay (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
14:55:05.0125 4596 PlugPlay - ok
14:55:05.0140 4596 Pml Driver HPZ12 (65bc271f337637731d3c71455ae1f476) C:\WINDOWS\system32\HPZipm12.dll
14:55:05.0156 4596 Pml Driver HPZ12 - ok
14:55:05.0171 4596 Point32 (2e3394c8ebf31a9b4f0a531eb5cc7bc7) C:\WINDOWS\system32\DRIVERS\point32.sys
14:55:05.0171 4596 Point32 - ok
14:55:05.0203 4596 PolicyAgent (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
14:55:05.0203 4596 PolicyAgent - ok
14:55:05.0234 4596 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
14:55:05.0234 4596 PptpMiniport - ok
14:55:05.0234 4596 ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
14:55:05.0250 4596 ProtectedStorage - ok
14:55:05.0250 4596 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
14:55:05.0250 4596 PSched - ok
14:55:05.0281 4596 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
14:55:05.0281 4596 Ptilink - ok
14:55:05.0296 4596 ql1080 - ok
14:55:05.0296 4596 Ql10wnt - ok
14:55:05.0312 4596 ql12160 - ok
14:55:05.0328 4596 ql1240 - ok
14:55:05.0328 4596 ql1280 - ok
14:55:05.0343 4596 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:55:05.0359 4596 RasAcd - ok
14:55:05.0375 4596 RasAuto (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll
14:55:05.0375 4596 RasAuto - ok
14:55:05.0406 4596 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
14:55:05.0406 4596 Rasl2tp - ok
14:55:05.0437 4596 RasMan (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll
14:55:05.0437 4596 RasMan - ok
14:55:05.0453 4596 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:55:05.0468 4596 RasPppoe - ok
14:55:05.0468 4596 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
14:55:05.0468 4596 Raspti - ok
14:55:05.0484 4596 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:55:05.0500 4596 Rdbss - ok
14:55:05.0515 4596 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
14:55:05.0515 4596 RDPCDD - ok
14:55:05.0531 4596 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
14:55:05.0546 4596 rdpdr - ok
14:55:05.0578 4596 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
14:55:05.0578 4596 RDPWD - ok
14:55:05.0609 4596 RDSessMgr (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe
14:55:05.0609 4596 RDSessMgr - ok
14:55:05.0640 4596 redbook (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
14:55:05.0640 4596 redbook - ok
14:55:05.0656 4596 RemoteAccess (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll
14:55:05.0656 4596 RemoteAccess - ok
14:55:05.0687 4596 RemoteRegistry (e4cd1f3d84e1c2ca0b8cf7501e201593) C:\WINDOWS\system32\regsvc.dll
14:55:05.0687 4596 RemoteRegistry - ok
14:55:05.0718 4596 RFCOMM (851c30df2807fcfa21e4c681a7d6440e) C:\WINDOWS\system32\DRIVERS\rfcomm.sys
14:55:05.0718 4596 RFCOMM - ok
14:55:05.0734 4596 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
14:55:05.0734 4596 ROOTMODEM - ok
14:55:05.0765 4596 RpcLocator (2a02e21867497df20b8fc95631395169) C:\WINDOWS\system32\locator.exe
14:55:05.0781 4596 RpcLocator - ok
14:55:05.0812 4596 RpcSs (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\System32\rpcss.dll
14:55:05.0812 4596 RpcSs - ok
14:55:05.0828 4596 RSVP (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\system32\rsvp.exe
14:55:05.0828 4596 RSVP - ok
14:55:05.0890 4596 RVS_CE (777fa0d2ca9728789a7d8e072c4491b2) C:\WINDOWS\system32\rvs_cent.exe
14:55:05.0921 4596 RVS_CE - ok
14:55:05.0968 4596 SamSs (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
14:55:05.0968 4596 SamSs - ok
14:55:05.0984 4596 SCardSvr (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe
14:55:05.0984 4596 SCardSvr - ok
14:55:06.0015 4596 Schedule (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll
14:55:06.0015 4596 Schedule - ok
14:55:06.0046 4596 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
14:55:06.0062 4596 Secdrv - ok
14:55:06.0078 4596 seclogon (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll
14:55:06.0078 4596 seclogon - ok
14:55:06.0093 4596 SENS (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll
14:55:06.0093 4596 SENS - ok
14:55:06.0125 4596 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
14:55:06.0125 4596 serenum - ok
14:55:06.0140 4596 Serial (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
14:55:06.0140 4596 Serial - ok
14:55:06.0203 4596 ServiceLayer (5bf59c6bc737baaf541168e5cb2ec1d9) C:\Programme\PC Connectivity Solution\ServiceLayer.exe
14:55:06.0218 4596 ServiceLayer - ok
14:55:06.0265 4596 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys
14:55:06.0265 4596 Sfloppy - ok
14:55:06.0296 4596 SharedAccess (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll
14:55:06.0296 4596 SharedAccess - ok
14:55:06.0328 4596 ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
14:55:06.0343 4596 ShellHWDetection - ok
14:55:06.0359 4596 Si3114r5 (09889d435edc82435b18c7c311fe5721) C:\WINDOWS\system32\DRIVERS\Si3114r5.sys
14:55:06.0375 4596 Si3114r5 - ok
14:55:06.0390 4596 SiFilter (46b92189fe4db53a09e3a0099aa3084c) C:\WINDOWS\system32\DRIVERS\SiWinAcc.sys
14:55:06.0390 4596 SiFilter - ok
14:55:06.0406 4596 Simbad - ok
14:55:06.0421 4596 SiRemFil (b688378d258d1ecce4768cdb55d48d92) C:\WINDOWS\system32\DRIVERS\SiRemFil.sys
14:55:06.0421 4596 SiRemFil - ok
14:55:06.0453 4596 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
14:55:06.0453 4596 SLIP - ok
14:55:06.0468 4596 Sparrow - ok
14:55:06.0484 4596 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
14:55:06.0484 4596 splitter - ok
14:55:06.0515 4596 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
14:55:06.0515 4596 Spooler - ok
14:55:06.0546 4596 sptd (cdddec541bc3c96f91ecb48759673505) C:\WINDOWS\System32\Drivers\sptd.sys
14:55:06.0562 4596 sptd - ok
14:55:06.0578 4596 sr (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
14:55:06.0593 4596 sr - ok
14:55:06.0609 4596 srservice (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\system32\srsvc.dll
14:55:06.0625 4596 srservice - ok
14:55:06.0671 4596 SRTSP (c16d048faf2978d2121f9f40594a6bdc) C:\WINDOWS\System32\Drivers\NIS\1306020.00A\SRTSP.SYS
14:55:06.0671 4596 SRTSP - ok
14:55:06.0703 4596 SRTSPX (f0d02c2e25970c9c72a5cd278c17cdb6) C:\WINDOWS\system32\drivers\NIS\1306020.00A\SRTSPX.SYS
14:55:06.0703 4596 SRTSPX - ok
14:55:06.0750 4596 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
14:55:06.0750 4596 Srv - ok
14:55:06.0781 4596 SSDPSRV (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll
14:55:06.0796 4596 SSDPSRV - ok
14:55:06.0828 4596 stisvc (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll
14:55:06.0828 4596 stisvc - ok
14:55:06.0859 4596 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
14:55:06.0859 4596 streamip - ok
14:55:06.0875 4596 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
14:55:06.0875 4596 swenum - ok
14:55:06.0906 4596 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
14:55:06.0906 4596 swmidi - ok
14:55:06.0921 4596 SwPrv - ok
14:55:06.0953 4596 symc810 - ok
14:55:06.0968 4596 symc8xx - ok
14:55:07.0015 4596 SymDS (690fa0e61b90084c4d9a721bd4f3d779) C:\WINDOWS\system32\drivers\NIS\1306020.00A\SYMDS.SYS
14:55:07.0015 4596 SymDS - ok
14:55:07.0062 4596 SymEFA (4e55148a2e044d02245cbcdbb266b98c) C:\WINDOWS\system32\drivers\NIS\1306020.00A\SYMEFA.SYS
14:55:07.0093 4596 SymEFA - ok
14:55:07.0125 4596 SymEvent (555fb450fe6908600310e990738b41d6) C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
14:55:07.0140 4596 SymEvent - ok
14:55:07.0156 4596 SymIRON (2c356cca706505cf63cbe39d532b9236) C:\WINDOWS\system32\drivers\NIS\1306020.00A\Ironx86.SYS
14:55:07.0156 4596 SymIRON - ok
14:55:07.0171 4596 SYMTDI (508bd882040f9cb12319e3a4fc78edb9) C:\WINDOWS\System32\Drivers\NIS\1306020.00A\SYMTDI.SYS
14:55:07.0187 4596 SYMTDI - ok
14:55:07.0187 4596 sym_hi - ok
14:55:07.0203 4596 sym_u3 - ok
14:55:07.0218 4596 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
14:55:07.0218 4596 sysaudio - ok
14:55:07.0250 4596 SysmonLog (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe
14:55:07.0250 4596 SysmonLog - ok
14:55:07.0281 4596 TapiSrv (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll
14:55:07.0281 4596 TapiSrv - ok
14:55:07.0312 4596 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:55:07.0328 4596 Tcpip - ok
14:55:07.0359 4596 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
14:55:07.0359 4596 TDPIPE - ok
14:55:07.0359 4596 TDslMgrService - ok
14:55:07.0375 4596 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
14:55:07.0375 4596 TDTCP - ok
14:55:07.0390 4596 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
14:55:07.0390 4596 TermDD - ok
14:55:07.0421 4596 TermService (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll
14:55:07.0437 4596 TermService - ok
14:55:07.0468 4596 Themes (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
14:55:07.0484 4596 Themes - ok
14:55:07.0500 4596 TlntSvr (03681a1ce77f51586903869a5ab1deab) C:\WINDOWS\system32\tlntsvr.exe
14:55:07.0500 4596 TlntSvr - ok
14:55:07.0515 4596 TosIde - ok
14:55:07.0546 4596 TrkWks (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll
14:55:07.0546 4596 TrkWks - ok
14:55:07.0562 4596 TSMPacket (7c1367bff5587cf49c0ed2e664f6eac0) C:\WINDOWS\system32\DRIVERS\tsmpkt.sys
14:55:07.0578 4596 TSMPacket - ok
14:55:07.0593 4596 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
14:55:07.0593 4596 Udfs - ok
14:55:07.0609 4596 ulisa - ok
14:55:07.0625 4596 ultra - ok
14:55:07.0656 4596 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
14:55:07.0656 4596 Update - ok
14:55:07.0687 4596 upnphost (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll
14:55:07.0703 4596 upnphost - ok
14:55:07.0734 4596 upperdev (b1b8bee26227dad9835019201552cb05) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
14:55:07.0734 4596 upperdev - ok
14:55:07.0750 4596 UPS (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe
14:55:07.0765 4596 UPS - ok
14:55:07.0781 4596 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
14:55:07.0781 4596 usbccgp - ok
14:55:07.0796 4596 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
14:55:07.0796 4596 usbehci - ok
14:55:07.0828 4596 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
14:55:07.0828 4596 usbhub - ok
14:55:07.0843 4596 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
14:55:07.0859 4596 usbprint - ok
14:55:07.0875 4596 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
14:55:07.0875 4596 usbscan - ok
14:55:07.0906 4596 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\drivers\usbser.sys
14:55:07.0906 4596 usbser - ok
14:55:07.0953 4596 UsbserFilt (98e1ff1d732c6c7200b6c59d4ff8c1c3) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
14:55:07.0953 4596 UsbserFilt - ok
14:55:07.0968 4596 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
14:55:07.0968 4596 usbstor - ok
14:55:07.0984 4596 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
14:55:08.0000 4596 usbuhci - ok
14:55:08.0015 4596 USB_RNDIS (bee793d4a059caea55d6ac20e19b3a8f) C:\WINDOWS\system32\DRIVERS\usb8023.sys
14:55:08.0015 4596 USB_RNDIS - ok
14:55:08.0031 4596 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
14:55:08.0031 4596 VgaSave - ok
14:55:08.0046 4596 ViaIde - ok
14:55:08.0062 4596 VolSnap (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
14:55:08.0062 4596 VolSnap - ok
14:55:08.0093 4596 VSS (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe
14:55:08.0093 4596 VSS - ok
14:55:08.0125 4596 W32Time (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\system32\w32time.dll
14:55:08.0140 4596 W32Time - ok
14:55:08.0171 4596 W8100XP (f47660ee2cc6161540106b6bfa207f35) C:\WINDOWS\system32\DRIVERS\mrv8ka51.sys
14:55:08.0187 4596 W8100XP - ok
14:55:08.0218 4596 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:55:08.0218 4596 Wanarp - ok
14:55:08.0265 4596 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys
14:55:08.0265 4596 Wdf01000 - ok
14:55:08.0296 4596 WDICA - ok
14:55:08.0312 4596 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
14:55:08.0312 4596 wdmaud - ok
14:55:08.0343 4596 WebClient (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll
14:55:08.0343 4596 WebClient - ok
14:55:08.0375 4596 winmgmt (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll
14:55:08.0375 4596 winmgmt - ok
14:55:08.0437 4596 WinRM (f10075c2ec96d2eb118012e78ece2fc2) C:\WINDOWS\system32\WsmSvc.dll
14:55:08.0453 4596 WinRM - ok
14:55:08.0500 4596 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
14:55:08.0500 4596 WmdmPmSN - ok
14:55:08.0546 4596 Wmi (ffa4d901d46d07a5bab2d8307fbb51a6) C:\WINDOWS\System32\advapi32.dll
14:55:08.0546 4596 Wmi - ok
14:55:08.0578 4596 WmiApSrv (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\system32\wbem\wmiapsrv.exe
14:55:08.0593 4596 WmiApSrv - ok
14:55:08.0640 4596 WMPNetworkSvc (bf05650bb7df5e9ebdd25974e22403bb) C:\Programme\Windows Media Player\WMPNetwk.exe
14:55:08.0671 4596 WMPNetworkSvc - ok
14:55:08.0703 4596 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
14:55:08.0703 4596 WpdUsb - ok
14:55:08.0781 4596 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
14:55:08.0796 4596 WPFFontCache_v0400 - ok
14:55:08.0843 4596 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
14:55:08.0843 4596 WS2IFSL - ok
14:55:08.0875 4596 wscsvc (300b3e84faf1a5c1f791c159ba28035d) C:\WINDOWS\system32\wscsvc.dll
14:55:08.0875 4596 wscsvc - ok
14:55:08.0890 4596 WSearch - ok
14:55:08.0921 4596 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
14:55:08.0921 4596 WSTCODEC - ok
14:55:08.0937 4596 wuauserv (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll
14:55:08.0937 4596 wuauserv - ok
14:55:08.0968 4596 WudfPf (6ff66513d372d479ef1810223c8d20ce) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
14:55:08.0968 4596 WudfPf - ok
14:55:08.0984 4596 WudfSvc (575a4190d989f64732119e4114045a4f) C:\WINDOWS\System32\WUDFSvc.dll
14:55:08.0984 4596 WudfSvc - ok
14:55:09.0015 4596 WZCSVC (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll
14:55:09.0031 4596 WZCSVC - ok
14:55:09.0046 4596 xmlprov (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll
14:55:09.0062 4596 xmlprov - ok
14:55:09.0093 4596 yukonwxp (87f126d0f8dc176b282924df0417075e) C:\WINDOWS\system32\DRIVERS\yk51x86.sys
14:55:09.0109 4596 yukonwxp - ok
14:55:09.0140 4596 MBR (0x1B8) (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
14:55:09.0203 4596 \Device\Harddisk0\DR0 - ok
14:55:09.0218 4596 MBR (0x1B8) (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk1\DR1
14:55:09.0468 4596 \Device\Harddisk1\DR1 - ok
14:55:09.0468 4596 MBR (0x1B8) (ddae9d649db12f6aff24483f2c298989) \Device\Harddisk3\DR7
14:55:09.0484 4596 \Device\Harddisk3\DR7 - ok
14:55:09.0484 4596 Boot (0x1200) (dd50333d7ff6d848fc966771f811000d) \Device\Harddisk0\DR0\Partition0
14:55:09.0484 4596 \Device\Harddisk0\DR0\Partition0 - ok
14:55:09.0484 4596 Boot (0x1200) (ac65db694b9aa890fbc7c24ff36cf083) \Device\Harddisk1\DR1\Partition0
14:55:09.0484 4596 \Device\Harddisk1\DR1\Partition0 - ok
14:55:09.0484 4596 Boot (0x1200) (01715769ca29769c713968c7fb36e9be) \Device\Harddisk3\DR7\Partition0
14:55:09.0500 4596 \Device\Harddisk3\DR7\Partition0 - ok
14:55:09.0500 4596 ============================================================
14:55:09.0500 4596 Scan finished
14:55:09.0500 4596 ============================================================
14:55:09.0515 5384 Detected object count: 0
14:55:09.0515 5384 Actual detected object count: 0

Nur Norton hat gestern Abend und soeben Auffälligkeiten gemeldet!
Diese als .txt-Datei im Anhang

markusg · 03.04.2012, 19:11

schau mal bitte auf c: da liegen die logs, tdss-killer-version-datum.txt
ist da evtl. das log mit dem funden?

toni_ks · 04.04.2012, 08:18

stimmt, da sind die logs ..

20:48:01.0372 4212 TDSS rootkit removing tool 2.7.24.0 Apr 2 2012 10:31:48
20:48:02.0763 4212 ============================================================
20:48:02.0763 4212 Current date / time: 2012/04/02 20:48:02.0763
20:48:02.0763 4212 SystemInfo:
20:48:02.0763 4212
20:48:02.0763 4212 OS Version: 5.1.2600 ServicePack: 3.0
20:48:02.0763 4212 Product type: Workstation
20:48:02.0763 4212 ComputerName: HANS_MUSTERMANN
20:48:02.0763 4212 UserName: Dirk
20:48:02.0763 4212 Windows directory: C:\WINDOWS
20:48:02.0763 4212 System windows directory: C:\WINDOWS
20:48:02.0763 4212 Processor architecture: Intel x86
20:48:02.0763 4212 Number of processors: 2
20:48:02.0763 4212 Page size: 0x1000
20:48:02.0763 4212 Boot type: Normal boot
20:48:02.0763 4212 ============================================================
20:48:04.0560 4212 Drive \Device\Harddisk0\DR0 - Size: 0x114FF30000 (69.25 Gb), SectorSize: 0x200, Cylinders: 0x234F, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:48:04.0560 4212 Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:48:04.0575 4212 \Device\Harddisk0\DR0:
20:48:04.0575 4212 MBR used
20:48:04.0575 4212 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x40415A3
20:48:04.0591 4212 \Device\Harddisk1\DR1:
20:48:04.0591 4212 MBR used
20:48:04.0591 4212 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C4542
20:48:04.0622 4212 Initialize success
20:48:04.0622 4212 ============================================================
20:48:11.0732 6092 ============================================================
20:48:11.0732 6092 Scan started
20:48:11.0732 6092 Mode: Manual;
20:48:11.0732 6092 ============================================================
20:48:12.0575 6092 Abiosdsk - ok
20:48:12.0654 6092 abp480n5 - ok
20:48:12.0732 6092 ACPI (deac07203d92bf9385573fa5d790ff3c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:48:12.0747 6092 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\ACPI.sys. Real md5: deac07203d92bf9385573fa5d790ff3c, Fake md5: ac407f1a62c3a300b4f2b5a9f1d55b2c
20:48:12.0747 6092 ACPI ( Virus.Win32.Rloader.a ) - infected
20:48:12.0747 6092 ACPI - detected Virus.Win32.Rloader.a (0)
20:48:12.0825 6092 ACPIEC (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
20:48:12.0841 6092 ACPIEC - ok
20:48:12.0888 6092 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:48:12.0935 6092 AdobeFlashPlayerUpdateSvc - ok
20:48:12.0935 6092 adpu160m - ok
20:48:12.0966 6092 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
20:48:12.0997 6092 aec - ok
20:48:13.0232 6092 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
20:48:13.0263 6092 AFD - ok
20:48:13.0325 6092 Aha154x - ok
20:48:13.0404 6092 aic78u2 - ok
20:48:13.0404 6092 aic78xx - ok
20:48:13.0435 6092 Alerter (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll
20:48:13.0435 6092 Alerter - ok
20:48:13.0482 6092 ALG (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe
20:48:13.0482 6092 ALG - ok
20:48:13.0497 6092 AliIde - ok
20:48:13.0513 6092 amsint - ok
20:48:13.0575 6092 AppMgmt (d45960be52c3c610d361977057f98c54) C:\WINDOWS\System32\appmgmts.dll
20:48:13.0591 6092 AppMgmt - ok
20:48:13.0622 6092 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
20:48:13.0638 6092 Arp1394 - ok
20:48:13.0654 6092 asc - ok
20:48:13.0669 6092 asc3350p - ok
20:48:13.0685 6092 asc3550 - ok
20:48:13.0747 6092 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
20:48:13.0763 6092 aspnet_state - ok
20:48:13.0794 6092 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:48:13.0794 6092 AsyncMac - ok
20:48:13.0810 6092 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
20:48:13.0810 6092 atapi - ok
20:48:13.0825 6092 Atdisk - ok
20:48:13.0857 6092 Ati HotKey Poller (2911a46a482f1bbe39f47bac4cf6f609) C:\WINDOWS\system32\Ati2evxx.exe
20:48:13.0872 6092 Ati HotKey Poller - ok
20:48:13.0904 6092 ATI Smart (2b2cc2c47f5de490f27d4292f0edc034) C:\WINDOWS\system32\ati2sgag.exe
20:48:13.0935 6092 ATI Smart - ok
20:48:14.0029 6092 ati2mtag (e9375396f55b58c2042c7c9844d297e3) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
20:48:14.0107 6092 ati2mtag - ok
20:48:14.0138 6092 atinrvxx (74e104ada8a304774713e9a9a9cb3556) C:\WINDOWS\system32\DRIVERS\atinrvxx.sys
20:48:14.0138 6092 atinrvxx - ok
20:48:14.0169 6092 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:48:14.0169 6092 Atmarpc - ok
20:48:14.0200 6092 AudioSrv (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll
20:48:14.0200 6092 AudioSrv - ok
20:48:14.0216 6092 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
20:48:14.0216 6092 audstub - ok
20:48:14.0232 6092 Automatisches LiveUpdate - Scheduler - ok
20:48:14.0263 6092 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
20:48:14.0279 6092 Beep - ok
20:48:14.0388 6092 BHDrvx86 (eb7f1f1dfa95c25d762c22d3cf13d4e0) C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120317.002\BHDrvx86.sys
20:48:14.0404 6092 BHDrvx86 - ok
20:48:14.0435 6092 BITS (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll
20:48:14.0497 6092 BITS - ok
20:48:14.0544 6092 BMUService (e2c5b1c8a046b7e5827a98747c61553f) C:\Programme\Memeo\AutoBackup\MemeoService.exe
20:48:14.0544 6092 BMUService - ok
20:48:14.0560 6092 Browser (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll
20:48:14.0575 6092 Browser - ok
20:48:14.0607 6092 BthEnum (b279426e3c0c344893ed78a613a73bde) C:\WINDOWS\system32\DRIVERS\BthEnum.sys
20:48:14.0607 6092 BthEnum - ok
20:48:14.0638 6092 BTHMODEM (fca6f069597b62d42495191ace3fc6c1) C:\WINDOWS\system32\DRIVERS\bthmodem.sys
20:48:14.0638 6092 BTHMODEM - ok
20:48:14.0685 6092 BthPan (80602b8746d3738f5886ce3d67ef06b6) C:\WINDOWS\system32\DRIVERS\bthpan.sys
20:48:14.0685 6092 BthPan - ok
20:48:14.0716 6092 BTHPORT (592e1cedbe314d0ef184dc6f46141e76) C:\WINDOWS\system32\Drivers\BTHport.sys
20:48:14.0732 6092 BTHPORT - ok
20:48:14.0747 6092 BthServ (26c601ef7525e31379744abfc6f35a1b) C:\WINDOWS\System32\bthserv.dll
20:48:14.0763 6092 BthServ - ok
20:48:14.0779 6092 BTHUSB (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys
20:48:14.0779 6092 BTHUSB - ok
20:48:14.0779 6092 catchme - ok
20:48:14.0810 6092 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
20:48:14.0810 6092 cbidf2k - ok
20:48:14.0825 6092 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
20:48:14.0825 6092 CCDECODE - ok
20:48:14.0872 6092 ccSet_NIS (599e7f6259a127c174c49938d2aa6a60) C:\WINDOWS\system32\drivers\NIS\1306020.00A\ccSetx86.sys
20:48:14.0872 6092 ccSet_NIS - ok
20:48:14.0872 6092 cd20xrnt - ok
20:48:14.0904 6092 CdaC15BA (82c4c6a2343b592c4fd590f625a724a9) C:\WINDOWS\system32\drivers\CDAC15BA.SYS
20:48:14.0904 6092 CdaC15BA - ok
20:48:14.0919 6092 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
20:48:14.0919 6092 Cdaudio - ok
20:48:14.0935 6092 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
20:48:14.0935 6092 Cdfs - ok
20:48:14.0950 6092 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:48:14.0966 6092 Cdrom - ok
20:48:14.0966 6092 Changer - ok
20:48:14.0997 6092 CiSvc (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe
20:48:14.0997 6092 CiSvc - ok
20:48:15.0013 6092 ClipSrv (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe
20:48:15.0013 6092 ClipSrv - ok
20:48:15.0075 6092 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:48:15.0091 6092 clr_optimization_v2.0.50727_32 - ok
20:48:15.0122 6092 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:48:15.0122 6092 clr_optimization_v4.0.30319_32 - ok
20:48:15.0122 6092 CmdIde - ok
20:48:15.0185 6092 cmudax (d7fcada6833a0e243ca89c03bd559bd9) C:\WINDOWS\system32\drivers\cmudax.sys
20:48:15.0216 6092 cmudax - ok
20:48:15.0232 6092 COMSysApp - ok
20:48:15.0247 6092 Cpqarray - ok
20:48:15.0247 6092 cpuz132 - ok
20:48:15.0263 6092 CryptSvc (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll
20:48:15.0263 6092 CryptSvc - ok
20:48:15.0279 6092 dac2w2k - ok
20:48:15.0294 6092 dac960nt - ok
20:48:15.0310 6092 DcomLaunch (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
20:48:15.0325 6092 DcomLaunch - ok
20:48:15.0372 6092 Dhcp (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll
20:48:15.0372 6092 Dhcp - ok
20:48:15.0404 6092 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
20:48:15.0404 6092 Disk - ok
20:48:15.0419 6092 dmadmin - ok
20:48:15.0450 6092 dmboot (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
20:48:15.0482 6092 dmboot - ok
20:48:15.0497 6092 dmio (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
20:48:15.0513 6092 dmio - ok
20:48:15.0544 6092 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
20:48:15.0544 6092 dmload - ok
20:48:15.0560 6092 dmserver (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll
20:48:15.0560 6092 dmserver - ok
20:48:15.0591 6092 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
20:48:15.0591 6092 DMusic - ok
20:48:15.0607 6092 Dnscache (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll
20:48:15.0607 6092 Dnscache - ok
20:48:15.0638 6092 Dot3svc (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll
20:48:15.0638 6092 Dot3svc - ok
20:48:15.0654 6092 dpti2o - ok
20:48:15.0669 6092 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
20:48:15.0685 6092 drmkaud - ok
20:48:15.0700 6092 dsltestSp5 (c6b2e10cfe79169c72f0269087b9a603) C:\WINDOWS\system32\Drivers\dsltestSp5.sys
20:48:15.0700 6092 dsltestSp5 - ok
20:48:15.0716 6092 EapHost (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll
20:48:15.0716 6092 EapHost - ok
20:48:15.0779 6092 eeCtrl (579a6b6135d32b857faf0e3a974535d8) C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\eeCtrl.sys
20:48:15.0779 6092 eeCtrl - ok
20:48:15.0810 6092 elcapi20 (a88fb434def5c8ae8346055c0fbb043b) C:\WINDOWS\system32\Drivers\elcapi20.sys
20:48:15.0810 6092 elcapi20 - ok
20:48:15.0857 6092 elcapibs (28e8839357b160804c6fcbe47e21df3f) C:\WINDOWS\System32\Drivers\elcapibs.sys
20:48:15.0857 6092 elcapibs - ok
20:48:15.0857 6092 elcapitd (d5e90a2e998c5b81ee86f69cdbed97e4) C:\WINDOWS\System32\Drivers\elcapitd.sys
20:48:15.0872 6092 elcapitd - ok
20:48:15.0888 6092 EraserUtilRebootDrv (028d50f059bd0d2ccb209e9011b9a9a4) C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
20:48:15.0888 6092 EraserUtilRebootDrv - ok
20:48:15.0904 6092 ERSvc (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll
20:48:15.0904 6092 ERSvc - ok
20:48:15.0935 6092 Eventlog (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
20:48:15.0935 6092 Eventlog - ok
20:48:15.0966 6092 EventSystem (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\system32\es.dll
20:48:15.0966 6092 EventSystem - ok
20:48:16.0013 6092 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
20:48:16.0013 6092 Fastfat - ok
20:48:16.0029 6092 FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
20:48:16.0044 6092 FastUserSwitchingCompatibility - ok
20:48:16.0044 6092 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
20:48:16.0060 6092 Fdc - ok
20:48:16.0075 6092 Fips (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
20:48:16.0075 6092 Fips - ok
20:48:16.0091 6092 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
20:48:16.0091 6092 Flpydisk - ok
20:48:16.0122 6092 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
20:48:16.0122 6092 FltMgr - ok
20:48:16.0169 6092 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
20:48:16.0169 6092 FontCache3.0.0.0 - ok
20:48:16.0200 6092 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:48:16.0200 6092 Fs_Rec - ok
20:48:16.0216 6092 Ftdisk (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:48:16.0216 6092 Ftdisk - ok
20:48:16.0232 6092 fwrnusb (a9e2cc3c70d3356a534789c2af2d20f2) C:\WINDOWS\system32\DRIVERS\fwrnusb.sys
20:48:16.0232 6092 fwrnusb - ok
20:48:16.0247 6092 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
20:48:16.0247 6092 gameenum - ok
20:48:16.0279 6092 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:48:16.0279 6092 Gpc - ok
20:48:16.0341 6092 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Programme\Google\Update\GoogleUpdate.exe
20:48:16.0341 6092 gupdate - ok
20:48:16.0341 6092 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Programme\Google\Update\GoogleUpdate.exe
20:48:16.0341 6092 gupdatem - ok
20:48:16.0372 6092 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
20:48:16.0372 6092 gusvc - ok
20:48:16.0419 6092 HdAudAddService (160b24fd894e79e71c983ea403a6e6e7) C:\WINDOWS\system32\drivers\HdAudio.sys
20:48:16.0419 6092 HdAudAddService - ok
20:48:16.0450 6092 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
20:48:16.0450 6092 HDAudBus - ok
20:48:16.0482 6092 helpsvc (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:48:16.0482 6092 helpsvc - ok
20:48:16.0497 6092 HidBth (a5aecf10be62459533a06ed7ebf5770b) C:\WINDOWS\system32\DRIVERS\hidbth.sys
20:48:16.0513 6092 HidBth - ok
20:48:16.0513 6092 HidServ (b35da85e60c0103f2e4104532da2f12b) C:\WINDOWS\System32\hidserv.dll
20:48:16.0529 6092 HidServ - ok
20:48:16.0544 6092 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:48:16.0544 6092 HidUsb - ok
20:48:16.0575 6092 hkmsvc (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll
20:48:16.0575 6092 hkmsvc - ok
20:48:16.0607 6092 hotcore3 (48ed16c0c98c950843e673eeee02ac94) C:\WINDOWS\system32\DRIVERS\hotcore3.sys
20:48:16.0607 6092 hotcore3 - ok
20:48:16.0607 6092 hpn - ok
20:48:16.0622 6092 hpqcxs08 - ok
20:48:16.0622 6092 hpqddsvc - ok
20:48:16.0622 6092 HPSLPSVC - ok
20:48:16.0654 6092 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
20:48:16.0654 6092 HPZid412 - ok
20:48:16.0685 6092 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
20:48:16.0685 6092 HPZipr12 - ok
20:48:16.0716 6092 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
20:48:16.0716 6092 HPZius12 - ok
20:48:16.0747 6092 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
20:48:16.0747 6092 HTTP - ok
20:48:16.0779 6092 HTTPFilter (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll
20:48:16.0794 6092 HTTPFilter - ok
20:48:16.0810 6092 i2omgmt - ok
20:48:16.0810 6092 i2omp - ok
20:48:16.0841 6092 i8042prt (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:48:16.0841 6092 i8042prt - ok
20:48:16.0888 6092 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
20:48:16.0888 6092 IDriverT - ok
20:48:16.0966 6092 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:48:16.0997 6092 idsvc - ok
20:48:17.0107 6092 IDSxpx86 (cfbc1ce72e5353d428704659199147b1) C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120330.002\IDSxpx86.sys
20:48:17.0107 6092 IDSxpx86 - ok
20:48:17.0154 6092 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
20:48:17.0154 6092 Imapi - ok
20:48:17.0185 6092 ImapiService (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\system32\imapi.exe
20:48:17.0185 6092 ImapiService - ok
20:48:17.0200 6092 ini910u - ok
20:48:17.0216 6092 IntelIde (69c4e3c9e67a1f103b94e14fdd5f3213) C:\WINDOWS\system32\DRIVERS\intelide.sys
20:48:17.0216 6092 IntelIde - ok
20:48:17.0247 6092 intelppm (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys
20:48:17.0247 6092 intelppm - ok
20:48:17.0263 6092 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
20:48:17.0279 6092 Ip6Fw - ok
20:48:17.0294 6092 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:48:17.0294 6092 IpFilterDriver - ok
20:48:17.0325 6092 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:48:17.0325 6092 IpInIp - ok
20:48:17.0357 6092 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:48:17.0357 6092 IpNat - ok
20:48:17.0388 6092 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:48:17.0388 6092 IPSec - ok
20:48:17.0404 6092 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
20:48:17.0419 6092 IRENUM - ok
20:48:17.0435 6092 isapnp (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:48:17.0435 6092 isapnp - ok
20:48:17.0435 6092 JavaQuickStarterService - ok
20:48:17.0450 6092 Kbdclass (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:48:17.0450 6092 Kbdclass - ok
20:48:17.0466 6092 kbdhid (b6d6c117d771c98130497265f26d1882) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
20:48:17.0466 6092 kbdhid - ok
20:48:17.0482 6092 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
20:48:17.0497 6092 kmixer - ok
20:48:17.0529 6092 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
20:48:17.0529 6092 KSecDD - ok
20:48:17.0560 6092 lanmanserver (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll
20:48:17.0560 6092 lanmanserver - ok
20:48:17.0575 6092 lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll
20:48:17.0591 6092 lanmanworkstation - ok
20:48:17.0591 6092 lbrtfdc - ok
20:48:17.0622 6092 LmHosts (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll
20:48:17.0622 6092 LmHosts - ok
20:48:17.0685 6092 MDM (11f714f85530a2bd134074dc30e99fca) C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
20:48:17.0700 6092 MDM - ok
20:48:17.0732 6092 Messenger (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll
20:48:17.0747 6092 Messenger - ok
20:48:17.0747 6092 Microsoft Office Groove Audit Service - ok
20:48:17.0779 6092 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
20:48:17.0779 6092 mnmdd - ok
20:48:17.0810 6092 mnmsrvc (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\system32\mnmsrvc.exe
20:48:17.0810 6092 mnmsrvc - ok
20:48:17.0841 6092 Modem (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
20:48:17.0841 6092 Modem - ok
20:48:17.0857 6092 Mouclass (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:48:17.0872 6092 Mouclass - ok
20:48:17.0888 6092 mouhid (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
20:48:17.0888 6092 mouhid - ok
20:48:17.0904 6092 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
20:48:17.0904 6092 MountMgr - ok
20:48:17.0919 6092 mraid35x - ok
20:48:17.0919 6092 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:48:17.0935 6092 MRxDAV - ok
20:48:17.0982 6092 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:48:17.0997 6092 MRxSmb - ok
20:48:18.0013 6092 MSDTC (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\system32\msdtc.exe
20:48:18.0029 6092 MSDTC - ok
20:48:18.0060 6092 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
20:48:18.0060 6092 Msfs - ok
20:48:18.0075 6092 MSIServer - ok
20:48:18.0091 6092 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:48:18.0107 6092 MSKSSRV - ok
20:48:18.0122 6092 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:48:18.0122 6092 MSPCLOCK - ok
20:48:18.0138 6092 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
20:48:18.0138 6092 MSPQM - ok
20:48:18.0169 6092 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:48:18.0169 6092 mssmbios - ok
20:48:18.0200 6092 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
20:48:18.0200 6092 MSTEE - ok
20:48:18.0216 6092 ms_mpu401 (ca3e22598f411199adc2dfee76cd0ae0) C:\WINDOWS\system32\drivers\msmpu401.sys
20:48:18.0232 6092 ms_mpu401 - ok
20:48:18.0247 6092 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
20:48:18.0247 6092 Mup - ok
20:48:18.0279 6092 MVDCODEC (514829ed3e7f140aac16154106d04981) C:\WINDOWS\system32\DRIVERS\atinmdxx.sys
20:48:18.0279 6092 MVDCODEC - ok
20:48:18.0294 6092 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
20:48:18.0310 6092 NABTSFEC - ok
20:48:18.0325 6092 napagent (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll
20:48:18.0341 6092 napagent - ok
20:48:18.0419 6092 NAVENG (862f55824ac81295837b0ab63f91071f) C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120402.002\NAVENG.SYS
20:48:18.0435 6092 NAVENG - ok
20:48:18.0482 6092 NAVEX15 (529d571b551cb9da44237389b936f1ae) C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120402.002\NAVEX15.SYS
20:48:18.0513 6092 NAVEX15 - ok
20:48:18.0560 6092 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
20:48:18.0560 6092 NDIS - ok
20:48:18.0607 6092 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
20:48:18.0607 6092 NdisIP - ok
20:48:18.0622 6092 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:48:18.0622 6092 NdisTapi - ok
20:48:18.0669 6092 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:48:18.0669 6092 Ndisuio - ok
20:48:18.0685 6092 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:48:18.0685 6092 NdisWan - ok
20:48:18.0716 6092 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
20:48:18.0716 6092 NDProxy - ok
20:48:18.0732 6092 Net Driver HPZ12 (a081cb6fb9a12668f233eb5414be3a0e) C:\WINDOWS\system32\HPZinw12.dll
20:48:18.0732 6092 Net Driver HPZ12 - ok
20:48:18.0763 6092 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
20:48:18.0763 6092 NetBIOS - ok
20:48:18.0794 6092 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
20:48:18.0794 6092 NetBT - ok
20:48:18.0841 6092 NetDDE (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
20:48:18.0841 6092 NetDDE - ok
20:48:18.0841 6092 NetDDEdsdm (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
20:48:18.0857 6092 NetDDEdsdm - ok
20:48:18.0872 6092 Netlogon (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:48:18.0872 6092 Netlogon - ok
20:48:18.0904 6092 Netman (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll
20:48:18.0904 6092 Netman - ok
20:48:18.0966 6092 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:48:18.0982 6092 NetTcpPortSharing - ok
20:48:19.0013 6092 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
20:48:19.0013 6092 NIC1394 - ok
20:48:19.0013 6092 NIS - ok
20:48:19.0060 6092 Nla (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll
20:48:19.0060 6092 Nla - ok
20:48:19.0107 6092 nm (1e421a6bcf2203cc61b821ada9de878b) C:\WINDOWS\system32\DRIVERS\NMnt.sys
20:48:19.0107 6092 nm - ok
20:48:19.0122 6092 nmwcd (28e36e677849174c910faaead3e60e9e) C:\WINDOWS\system32\drivers\ccdcmb.sys
20:48:19.0122 6092 nmwcd - ok
20:48:19.0138 6092 nmwcdc (3823deb17f9f6775de0187a98fa0536d) C:\WINDOWS\system32\drivers\ccdcmbo.sys
20:48:19.0138 6092 nmwcdc - ok
20:48:19.0169 6092 nmwcdnsu (496f34fb30dd541350b29558842cd42a) C:\WINDOWS\system32\drivers\nmwcdnsu.sys
20:48:19.0169 6092 nmwcdnsu - ok
20:48:19.0185 6092 nmwcdnsuc (99fbb538789888e6a48b902417f68dd4) C:\WINDOWS\system32\drivers\nmwcdnsuc.sys
20:48:19.0185 6092 nmwcdnsuc - ok
20:48:19.0216 6092 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
20:48:19.0216 6092 Npfs - ok
20:48:19.0247 6092 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
20:48:19.0247 6092 Ntfs - ok
20:48:19.0279 6092 NtLmSsp (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:48:19.0294 6092 NtLmSsp - ok
20:48:19.0325 6092 NtmsSvc (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll
20:48:19.0325 6092 NtmsSvc - ok
20:48:19.0372 6092 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
20:48:19.0372 6092 Null - ok
20:48:19.0404 6092 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:48:19.0404 6092 NwlnkFlt - ok
20:48:19.0419 6092 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:48:19.0419 6092 NwlnkFwd - ok
20:48:19.0482 6092 odserv (1f0e05dff4f5a833168e49be1256f002) C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE
20:48:19.0482 6092 odserv - ok
20:48:19.0529 6092 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
20:48:19.0529 6092 ohci1394 - ok
20:48:19.0544 6092 ose (5a432a042dae460abe7199b758e8606c) C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
20:48:19.0560 6092 ose - ok
20:48:19.0575 6092 Parport (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
20:48:19.0591 6092 Parport - ok
20:48:19.0622 6092 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
20:48:19.0622 6092 PartMgr - ok
20:48:19.0638 6092 ParVdm (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
20:48:19.0638 6092 ParVdm - ok
20:48:19.0654 6092 PCANDIS5 - ok
20:48:19.0685 6092 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
20:48:19.0685 6092 pccsmcfd - ok
20:48:19.0700 6092 PCI (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
20:48:19.0700 6092 PCI - ok
20:48:19.0716 6092 PCIDump - ok
20:48:19.0732 6092 PCIIde (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
20:48:19.0732 6092 PCIIde - ok
20:48:19.0763 6092 Pcmcia (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
20:48:19.0763 6092 Pcmcia - ok
20:48:19.0779 6092 PDCOMP - ok
20:48:19.0779 6092 PDFRAME - ok
20:48:19.0794 6092 PDRELI - ok
20:48:19.0810 6092 PDRFRAME - ok
20:48:19.0810 6092 perc2 - ok
20:48:19.0825 6092 perc2hib - ok
20:48:19.0857 6092 PlugPlay (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
20:48:19.0857 6092 PlugPlay - ok
20:48:19.0888 6092 Pml Driver HPZ12 (65bc271f337637731d3c71455ae1f476) C:\WINDOWS\system32\HPZipm12.dll
20:48:19.0888 6092 Pml Driver HPZ12 - ok
20:48:19.0919 6092 Point32 (2e3394c8ebf31a9b4f0a531eb5cc7bc7) C:\WINDOWS\system32\DRIVERS\point32.sys
20:48:19.0919 6092 Point32 - ok
20:48:19.0950 6092 PolicyAgent (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:48:19.0950 6092 PolicyAgent - ok
20:48:19.0982 6092 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:48:19.0982 6092 PptpMiniport - ok
20:48:19.0982 6092 ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:48:19.0997 6092 ProtectedStorage - ok
20:48:19.0997 6092 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
20:48:20.0013 6092 PSched - ok
20:48:20.0029 6092 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:48:20.0029 6092 Ptilink - ok
20:48:20.0044 6092 ql1080 - ok
20:48:20.0044 6092 Ql10wnt - ok
20:48:20.0060 6092 ql12160 - ok
20:48:20.0075 6092 ql1240 - ok
20:48:20.0075 6092 ql1280 - ok
20:48:20.0091 6092 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:48:20.0107 6092 RasAcd - ok
20:48:20.0122 6092 RasAuto (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll
20:48:20.0138 6092 RasAuto - ok
20:48:20.0154 6092 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:48:20.0154 6092 Rasl2tp - ok
20:48:20.0185 6092 RasMan (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll
20:48:20.0185 6092 RasMan - ok
20:48:20.0216 6092 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:48:20.0216 6092 RasPppoe - ok
20:48:20.0232 6092 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
20:48:20.0232 6092 Raspti - ok
20:48:20.0247 6092 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:48:20.0263 6092 Rdbss - ok
20:48:20.0279 6092 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:48:20.0279 6092 RDPCDD - ok
20:48:20.0294 6092 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
20:48:20.0310 6092 rdpdr - ok
20:48:20.0357 6092 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
20:48:20.0357 6092 RDPWD - ok
20:48:20.0372 6092 RDSessMgr (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe
20:48:20.0372 6092 RDSessMgr - ok
20:48:20.0404 6092 redbook (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
20:48:20.0404 6092 redbook - ok
20:48:20.0435 6092 RemoteAccess (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll
20:48:20.0435 6092 RemoteAccess - ok
20:48:20.0450 6092 RemoteRegistry (e4cd1f3d84e1c2ca0b8cf7501e201593) C:\WINDOWS\system32\regsvc.dll
20:48:20.0466 6092 RemoteRegistry - ok
20:48:20.0482 6092 RFCOMM (851c30df2807fcfa21e4c681a7d6440e) C:\WINDOWS\system32\DRIVERS\rfcomm.sys
20:48:20.0482 6092 RFCOMM - ok
20:48:20.0513 6092 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
20:48:20.0513 6092 ROOTMODEM - ok
20:48:20.0529 6092 RpcLocator (2a02e21867497df20b8fc95631395169) C:\WINDOWS\system32\locator.exe
20:48:20.0544 6092 RpcLocator - ok
20:48:20.0575 6092 RpcSs (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\System32\rpcss.dll
20:48:20.0575 6092 RpcSs - ok
20:48:20.0607 6092 RSVP (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\system32\rsvp.exe
20:48:20.0607 6092 RSVP - ok
20:48:20.0654 6092 RVS_CE (777fa0d2ca9728789a7d8e072c4491b2) C:\WINDOWS\system32\rvs_cent.exe
20:48:20.0685 6092 RVS_CE - ok
20:48:20.0732 6092 SamSs (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:48:20.0747 6092 SamSs - ok
20:48:20.0763 6092 SCardSvr (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe
20:48:20.0763 6092 SCardSvr - ok
20:48:20.0794 6092 Schedule (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll
20:48:20.0810 6092 Schedule - ok
20:48:20.0841 6092 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:48:20.0841 6092 Secdrv - ok
20:48:20.0872 6092 seclogon (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll
20:48:20.0872 6092 seclogon - ok
20:48:20.0888 6092 SENS (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll
20:48:20.0888 6092 SENS - ok
20:48:20.0919 6092 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
20:48:20.0919 6092 serenum - ok
20:48:20.0950 6092 Serial (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
20:48:20.0950 6092 Serial - ok
20:48:21.0013 6092 ServiceLayer (5bf59c6bc737baaf541168e5cb2ec1d9) C:\Programme\PC Connectivity Solution\ServiceLayer.exe
20:48:21.0029 6092 ServiceLayer - ok
20:48:21.0075 6092 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys
20:48:21.0075 6092 Sfloppy - ok
20:48:21.0107 6092 SharedAccess (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll
20:48:21.0122 6092 SharedAccess - ok
20:48:21.0154 6092 ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
20:48:21.0154 6092 ShellHWDetection - ok
20:48:21.0185 6092 Si3114r5 (09889d435edc82435b18c7c311fe5721) C:\WINDOWS\system32\DRIVERS\Si3114r5.sys
20:48:21.0185 6092 Si3114r5 - ok
20:48:21.0216 6092 SiFilter (46b92189fe4db53a09e3a0099aa3084c) C:\WINDOWS\system32\DRIVERS\SiWinAcc.sys
20:48:21.0216 6092 SiFilter - ok
20:48:21.0232 6092 Simbad - ok
20:48:21.0247 6092 SiRemFil (b688378d258d1ecce4768cdb55d48d92) C:\WINDOWS\system32\DRIVERS\SiRemFil.sys
20:48:21.0247 6092 SiRemFil - ok
20:48:21.0263 6092 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
20:48:21.0263 6092 SLIP - ok
20:48:21.0279 6092 Sparrow - ok
20:48:21.0310 6092 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
20:48:21.0310 6092 splitter - ok
20:48:21.0341 6092 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
20:48:21.0341 6092 Spooler - ok
20:48:21.0372 6092 sptd (cdddec541bc3c96f91ecb48759673505) C:\WINDOWS\System32\Drivers\sptd.sys
20:48:21.0388 6092 sptd - ok
20:48:21.0419 6092 sr (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
20:48:21.0419 6092 sr - ok
20:48:21.0450 6092 srservice (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\system32\srsvc.dll
20:48:21.0450 6092 srservice - ok
20:48:21.0497 6092 SRTSP (c16d048faf2978d2121f9f40594a6bdc) C:\WINDOWS\System32\Drivers\NIS\1306020.00A\SRTSP.SYS
20:48:21.0497 6092 SRTSP - ok
20:48:21.0544 6092 SRTSPX (f0d02c2e25970c9c72a5cd278c17cdb6) C:\WINDOWS\system32\drivers\NIS\1306020.00A\SRTSPX.SYS
20:48:21.0544 6092 SRTSPX - ok
20:48:21.0575 6092 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
20:48:21.0575 6092 Srv - ok
20:48:21.0622 6092 SSDPSRV (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll
20:48:21.0622 6092 SSDPSRV - ok
20:48:21.0654 6092 stisvc (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll
20:48:21.0654 6092 stisvc - ok
20:48:21.0685 6092 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
20:48:21.0685 6092 streamip - ok
20:48:21.0716 6092 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
20:48:21.0716 6092 swenum - ok
20:48:21.0732 6092 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
20:48:21.0732 6092 swmidi - ok
20:48:21.0732 6092 SwPrv - ok
20:48:21.0747 6092 symc810 - ok
20:48:21.0763 6092 symc8xx - ok
20:48:21.0794 6092 SymDS (690fa0e61b90084c4d9a721bd4f3d779) C:\WINDOWS\system32\drivers\NIS\1306020.00A\SYMDS.SYS
20:48:21.0810 6092 SymDS - ok
20:48:21.0857 6092 SymEFA (4e55148a2e044d02245cbcdbb266b98c) C:\WINDOWS\system32\drivers\NIS\1306020.00A\SYMEFA.SYS
20:48:21.0888 6092 SymEFA - ok
20:48:21.0935 6092 SymEvent (555fb450fe6908600310e990738b41d6) C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
20:48:21.0935 6092 SymEvent - ok
20:48:21.0966 6092 SymIRON (2c356cca706505cf63cbe39d532b9236) C:\WINDOWS\system32\drivers\NIS\1306020.00A\Ironx86.SYS
20:48:21.0966 6092 SymIRON - ok
20:48:21.0997 6092 SYMTDI (508bd882040f9cb12319e3a4fc78edb9) C:\WINDOWS\System32\Drivers\NIS\1306020.00A\SYMTDI.SYS
20:48:21.0997 6092 SYMTDI - ok
20:48:22.0013 6092 sym_hi - ok
20:48:22.0029 6092 sym_u3 - ok
20:48:22.0044 6092 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
20:48:22.0044 6092 sysaudio - ok
20:48:22.0060 6092 SysmonLog (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe
20:48:22.0075 6092 SysmonLog - ok
20:48:22.0107 6092 TapiSrv (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll
20:48:22.0107 6092 TapiSrv - ok
20:48:22.0154 6092 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:48:22.0154 6092 Tcpip - ok
20:48:22.0169 6092 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
20:48:22.0169 6092 TDPIPE - ok
20:48:22.0185 6092 TDslMgrService - ok
20:48:22.0200 6092 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
20:48:22.0200 6092 TDTCP - ok
20:48:22.0232 6092 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
20:48:22.0232 6092 TermDD - ok
20:48:22.0263 6092 TermService (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll
20:48:22.0263 6092 TermService - ok
20:48:22.0294 6092 Themes (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
20:48:22.0294 6092 Themes - ok
20:48:22.0310 6092 TlntSvr (03681a1ce77f51586903869a5ab1deab) C:\WINDOWS\system32\tlntsvr.exe
20:48:22.0325 6092 TlntSvr - ok
20:48:22.0341 6092 TosIde - ok
20:48:22.0357 6092 TrkWks (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll
20:48:22.0357 6092 TrkWks - ok
20:48:22.0388 6092 TSMPacket (7c1367bff5587cf49c0ed2e664f6eac0) C:\WINDOWS\system32\DRIVERS\tsmpkt.sys
20:48:22.0388 6092 TSMPacket - ok
20:48:22.0419 6092 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
20:48:22.0419 6092 Udfs - ok
20:48:22.0435 6092 ulisa - ok
20:48:22.0435 6092 ultra - ok
20:48:22.0482 6092 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
20:48:22.0482 6092 Update - ok
20:48:22.0513 6092 upnphost (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll
20:48:22.0513 6092 upnphost - ok
20:48:22.0560 6092 upperdev (b1b8bee26227dad9835019201552cb05) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
20:48:22.0560 6092 upperdev - ok
20:48:22.0575 6092 UPS (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe
20:48:22.0575 6092 UPS - ok
20:48:22.0607 6092 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:48:22.0607 6092 usbccgp - ok
20:48:22.0622 6092 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:48:22.0622 6092 usbehci - ok
20:48:22.0654 6092 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:48:22.0654 6092 usbhub - ok
20:48:22.0685 6092 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
20:48:22.0685 6092 usbprint - ok
20:48:22.0700 6092 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:48:22.0700 6092 usbscan - ok
20:48:22.0732 6092 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\drivers\usbser.sys
20:48:22.0732 6092 usbser - ok
20:48:22.0763 6092 UsbserFilt (98e1ff1d732c6c7200b6c59d4ff8c1c3) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
20:48:22.0763 6092 UsbserFilt - ok
20:48:22.0779 6092 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:48:22.0794 6092 usbstor - ok
20:48:22.0810 6092 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
20:48:22.0810 6092 usbuhci - ok
20:48:22.0825 6092 USB_RNDIS (bee793d4a059caea55d6ac20e19b3a8f) C:\WINDOWS\system32\DRIVERS\usb8023.sys
20:48:22.0841 6092 USB_RNDIS - ok
20:48:22.0857 6092 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
20:48:22.0857 6092 VgaSave - ok
20:48:22.0857 6092 ViaIde - ok
20:48:22.0904 6092 VolSnap (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
20:48:22.0904 6092 VolSnap - ok
20:48:22.0935 6092 VSS (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe
20:48:22.0935 6092 VSS - ok
20:48:22.0982 6092 W32Time (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\system32\w32time.dll
20:48:22.0982 6092 W32Time - ok
20:48:23.0029 6092 W8100XP (f47660ee2cc6161540106b6bfa207f35) C:\WINDOWS\system32\DRIVERS\mrv8ka51.sys
20:48:23.0029 6092 W8100XP - ok
20:48:23.0075 6092 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:48:23.0075 6092 Wanarp - ok
20:48:23.0107 6092 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys
20:48:23.0122 6092 Wdf01000 - ok
20:48:23.0154 6092 WDICA - ok
20:48:23.0185 6092 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
20:48:23.0185 6092 wdmaud - ok
20:48:23.0216 6092 WebClient (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll
20:48:23.0216 6092 WebClient - ok
20:48:23.0263 6092 winmgmt (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll
20:48:23.0279 6092 winmgmt - ok
20:48:23.0325 6092 WinRM (f10075c2ec96d2eb118012e78ece2fc2) C:\WINDOWS\system32\WsmSvc.dll
20:48:23.0357 6092 WinRM - ok
20:48:23.0388 6092 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
20:48:23.0388 6092 WmdmPmSN - ok
20:48:23.0419 6092 Wmi (ffa4d901d46d07a5bab2d8307fbb51a6) C:\WINDOWS\System32\advapi32.dll
20:48:23.0435 6092 Wmi - ok
20:48:23.0466 6092 WmiApSrv (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\system32\wbem\wmiapsrv.exe
20:48:23.0466 6092 WmiApSrv - ok
20:48:23.0529 6092 WMPNetworkSvc (bf05650bb7df5e9ebdd25974e22403bb) C:\Programme\Windows Media Player\WMPNetwk.exe
20:48:23.0560 6092 WMPNetworkSvc - ok
20:48:23.0591 6092 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
20:48:23.0591 6092 WpdUsb - ok
20:48:23.0669 6092 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:48:23.0685 6092 WPFFontCache_v0400 - ok
20:48:23.0732 6092 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
20:48:23.0732 6092 WS2IFSL - ok
20:48:23.0763 6092 wscsvc (300b3e84faf1a5c1f791c159ba28035d) C:\WINDOWS\system32\wscsvc.dll
20:48:23.0763 6092 wscsvc - ok
20:48:23.0779 6092 WSearch - ok
20:48:23.0794 6092 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
20:48:23.0810 6092 WSTCODEC - ok
20:48:23.0825 6092 wuauserv (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll
20:48:23.0825 6092 wuauserv - ok
20:48:23.0857 6092 WudfPf (6ff66513d372d479ef1810223c8d20ce) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
20:48:23.0857 6092 WudfPf - ok
20:48:23.0872 6092 WudfSvc (575a4190d989f64732119e4114045a4f) C:\WINDOWS\System32\WUDFSvc.dll
20:48:23.0872 6092 WudfSvc - ok
20:48:23.0904 6092 WZCSVC (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll
20:48:23.0919 6092 WZCSVC - ok
20:48:23.0935 6092 xmlprov (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll
20:48:23.0950 6092 xmlprov - ok
20:48:23.0982 6092 yukonwxp (87f126d0f8dc176b282924df0417075e) C:\WINDOWS\system32\DRIVERS\yk51x86.sys
20:48:23.0982 6092 yukonwxp - ok
20:48:24.0013 6092 MBR (0x1B8) (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
20:48:24.0091 6092 \Device\Harddisk0\DR0 - ok
20:48:24.0107 6092 MBR (0x1B8) (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk1\DR1
20:48:24.0357 6092 \Device\Harddisk1\DR1 - ok
20:48:24.0357 6092 Boot (0x1200) (dd50333d7ff6d848fc966771f811000d) \Device\Harddisk0\DR0\Partition0
20:48:24.0357 6092 \Device\Harddisk0\DR0\Partition0 - ok
20:48:24.0357 6092 Boot (0x1200) (570b86e335be17bc4aa8204e28b25aa9) \Device\Harddisk1\DR1\Partition0
20:48:24.0357 6092 \Device\Harddisk1\DR1\Partition0 - ok
20:48:24.0357 6092 ============================================================
20:48:24.0357 6092 Scan finished
20:48:24.0357 6092 ============================================================
20:48:24.0372 6032 Detected object count: 1
20:48:24.0372 6032 Actual detected object count: 1
20:48:55.0200 6032 C:\WINDOWS\system32\DRIVERS\ACPI.sys - copied to quarantine
20:48:55.0216 6032 ACPI ( Virus.Win32.Rloader.a ) - User select action: Quarantine
20:49:15.0091 5836 ============================================================
20:49:15.0091 5836 Scan started
20:49:15.0091 5836 Mode: Manual;
20:49:15.0091 5836 ============================================================
20:49:15.0497 5836 Abiosdsk - ok
20:49:15.0497 5836 abp480n5 - ok
20:49:15.0544 5836 ACPI (deac07203d92bf9385573fa5d790ff3c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:49:15.0544 5836 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\ACPI.sys. Real md5: deac07203d92bf9385573fa5d790ff3c, Fake md5: ac407f1a62c3a300b4f2b5a9f1d55b2c
20:49:15.0544 5836 ACPI ( Virus.Win32.Rloader.a ) - infected
20:49:15.0544 5836 ACPI - detected Virus.Win32.Rloader.a (0)
20:49:15.0575 5836 ACPIEC (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
20:49:15.0575 5836 ACPIEC - ok
20:49:15.0607 5836 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:49:15.0607 5836 AdobeFlashPlayerUpdateSvc - ok
20:49:15.0622 5836 adpu160m - ok
20:49:15.0638 5836 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
20:49:15.0638 5836 aec - ok
20:49:15.0685 5836 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
20:49:15.0685 5836 AFD - ok
20:49:15.0685 5836 Aha154x - ok
20:49:15.0700 5836 aic78u2 - ok
20:49:15.0716 5836 aic78xx - ok
20:49:15.0732 5836 Alerter (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll
20:49:15.0732 5836 Alerter - ok
20:49:15.0747 5836 ALG (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe
20:49:15.0747 5836 ALG - ok
20:49:15.0763 5836 AliIde - ok
20:49:15.0779 5836 amsint - ok
20:49:15.0794 5836 AppMgmt (d45960be52c3c610d361977057f98c54) C:\WINDOWS\System32\appmgmts.dll
20:49:15.0794 5836 AppMgmt - ok
20:49:15.0810 5836 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
20:49:15.0825 5836 Arp1394 - ok
20:49:15.0825 5836 asc - ok
20:49:15.0841 5836 asc3350p - ok
20:49:15.0841 5836 asc3550 - ok
20:49:15.0919 5836 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
20:49:15.0919 5836 aspnet_state - ok
20:49:15.0935 5836 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:49:15.0935 5836 AsyncMac - ok
20:49:15.0966 5836 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
20:49:15.0966 5836 atapi - ok
20:49:15.0966 5836 Atdisk - ok
20:49:15.0997 5836 Ati HotKey Poller (2911a46a482f1bbe39f47bac4cf6f609) C:\WINDOWS\system32\Ati2evxx.exe
20:49:16.0013 5836 Ati HotKey Poller - ok
20:49:16.0044 5836 ATI Smart (2b2cc2c47f5de490f27d4292f0edc034) C:\WINDOWS\system32\ati2sgag.exe
20:49:16.0044 5836 ATI Smart - ok
20:49:16.0154 5836 ati2mtag (e9375396f55b58c2042c7c9844d297e3) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
20:49:16.0169 5836 ati2mtag - ok
20:49:16.0200 5836 atinrvxx (74e104ada8a304774713e9a9a9cb3556) C:\WINDOWS\system32\DRIVERS\atinrvxx.sys
20:49:16.0200 5836 atinrvxx - ok
20:49:16.0216 5836 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:49:16.0216 5836 Atmarpc - ok
20:49:16.0247 5836 AudioSrv (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll
20:49:16.0247 5836 AudioSrv - ok
20:49:16.0263 5836 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
20:49:16.0263 5836 audstub - ok
20:49:16.0294 5836 Automatisches LiveUpdate - Scheduler - ok
20:49:16.0310 5836 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
20:49:16.0310 5836 Beep - ok
20:49:16.0435 5836 BHDrvx86 (eb7f1f1dfa95c25d762c22d3cf13d4e0) C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120317.002\BHDrvx86.sys
20:49:16.0435 5836 BHDrvx86 - ok
20:49:16.0482 5836 BITS (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll
20:49:16.0482 5836 BITS - ok
20:49:16.0529 5836 BMUService (e2c5b1c8a046b7e5827a98747c61553f) C:\Programme\Memeo\AutoBackup\MemeoService.exe
20:49:16.0529 5836 BMUService - ok
20:49:16.0544 5836 Browser (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll
20:49:16.0544 5836 Browser - ok
20:49:16.0575 5836 BthEnum (b279426e3c0c344893ed78a613a73bde) C:\WINDOWS\system32\DRIVERS\BthEnum.sys
20:49:16.0575 5836 BthEnum - ok
20:49:16.0591 5836 BTHMODEM (fca6f069597b62d42495191ace3fc6c1) C:\WINDOWS\system32\DRIVERS\bthmodem.sys
20:49:16.0591 5836 BTHMODEM - ok
20:49:16.0622 5836 BthPan (80602b8746d3738f5886ce3d67ef06b6) C:\WINDOWS\system32\DRIVERS\bthpan.sys
20:49:16.0622 5836 BthPan - ok
20:49:16.0654 5836 BTHPORT (592e1cedbe314d0ef184dc6f46141e76) C:\WINDOWS\system32\Drivers\BTHport.sys
20:49:16.0654 5836 BTHPORT - ok
20:49:16.0685 5836 BthServ (26c601ef7525e31379744abfc6f35a1b) C:\WINDOWS\System32\bthserv.dll
20:49:16.0685 5836 BthServ - ok
20:49:16.0716 5836 BTHUSB (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys
20:49:16.0716 5836 BTHUSB - ok
20:49:16.0716 5836 catchme - ok
20:49:16.0747 5836 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
20:49:16.0747 5836 cbidf2k - ok
20:49:16.0763 5836 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
20:49:16.0763 5836 CCDECODE - ok
20:49:16.0810 5836 ccSet_NIS (599e7f6259a127c174c49938d2aa6a60) C:\WINDOWS\system32\drivers\NIS\1306020.00A\ccSetx86.sys
20:49:16.0810 5836 ccSet_NIS - ok
20:49:16.0810 5836 cd20xrnt - ok
20:49:16.0841 5836 CdaC15BA (82c4c6a2343b592c4fd590f625a724a9) C:\WINDOWS\system32\drivers\CDAC15BA.SYS
20:49:16.0841 5836 CdaC15BA - ok
20:49:16.0857 5836 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
20:49:16.0857 5836 Cdaudio - ok
20:49:16.0872 5836 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
20:49:16.0872 5836 Cdfs - ok
20:49:16.0904 5836 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:49:16.0904 5836 Cdrom - ok
20:49:16.0904 5836 Changer - ok
20:49:16.0935 5836 CiSvc (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe
20:49:16.0935 5836 CiSvc - ok
20:49:16.0950 5836 ClipSrv (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe
20:49:16.0950 5836 ClipSrv - ok
20:49:16.0997 5836 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:49:16.0997 5836 clr_optimization_v2.0.50727_32 - ok
20:49:17.0029 5836 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:49:17.0044 5836 clr_optimization_v4.0.30319_32 - ok
20:49:17.0044 5836 CmdIde - ok
20:49:17.0091 5836 cmudax (d7fcada6833a0e243ca89c03bd559bd9) C:\WINDOWS\system32\drivers\cmudax.sys
20:49:17.0107 5836 cmudax - ok
20:49:17.0122 5836 COMSysApp - ok
20:49:17.0138 5836 Cpqarray - ok
20:49:17.0138 5836 cpuz132 - ok
20:49:17.0154 5836 CryptSvc (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll
20:49:17.0154 5836 CryptSvc - ok
20:49:17.0154 5836 dac2w2k - ok
20:49:17.0169 5836 dac960nt - ok
20:49:17.0200 5836 DcomLaunch (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
20:49:17.0216 5836 DcomLaunch - ok
20:49:17.0247 5836 Dhcp (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll
20:49:17.0247 5836 Dhcp - ok
20:49:17.0279 5836 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
20:49:17.0279 5836 Disk - ok
20:49:17.0279 5836 dmadmin - ok
20:49:17.0325 5836 dmboot (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
20:49:17.0325 5836 dmboot - ok
20:49:17.0341 5836 dmio (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
20:49:17.0341 5836 dmio - ok
20:49:17.0357 5836 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
20:49:17.0357 5836 dmload - ok
20:49:17.0388 5836 dmserver (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll
20:49:17.0388 5836 dmserver - ok
20:49:17.0404 5836 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
20:49:17.0404 5836 DMusic - ok
20:49:17.0435 5836 Dnscache (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll
20:49:17.0435 5836 Dnscache - ok
20:49:17.0466 5836 Dot3svc (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll
20:49:17.0466 5836 Dot3svc - ok
20:49:17.0466 5836 dpti2o - ok
20:49:17.0497 5836 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
20:49:17.0497 5836 drmkaud - ok
20:49:17.0529 5836 dsltestSp5 (c6b2e10cfe79169c72f0269087b9a603) C:\WINDOWS\system32\Drivers\dsltestSp5.sys
20:49:17.0529 5836 dsltestSp5 - ok
20:49:17.0544 5836 EapHost (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll
20:49:17.0544 5836 EapHost - ok
20:49:17.0591 5836 eeCtrl (579a6b6135d32b857faf0e3a974535d8) C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\eeCtrl.sys
20:49:17.0591 5836 eeCtrl - ok
20:49:17.0622 5836 elcapi20 (a88fb434def5c8ae8346055c0fbb043b) C:\WINDOWS\system32\Drivers\elcapi20.sys
20:49:17.0622 5836 elcapi20 - ok
20:49:17.0638 5836 elcapibs (28e8839357b160804c6fcbe47e21df3f) C:\WINDOWS\System32\Drivers\elcapibs.sys
20:49:17.0638 5836 elcapibs - ok
20:49:17.0638 5836 elcapitd (d5e90a2e998c5b81ee86f69cdbed97e4) C:\WINDOWS\System32\Drivers\elcapitd.sys
20:49:17.0638 5836 elcapitd - ok
20:49:17.0669 5836 EraserUtilRebootDrv (028d50f059bd0d2ccb209e9011b9a9a4) C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
20:49:17.0669 5836 EraserUtilRebootDrv - ok
20:49:17.0685 5836 ERSvc (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll
20:49:17.0685 5836 ERSvc - ok
20:49:17.0716 5836 Eventlog (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
20:49:17.0716 5836 Eventlog - ok
20:49:17.0732 5836 EventSystem (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\system32\es.dll
20:49:17.0732 5836 EventSystem - ok
20:49:17.0763 5836 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
20:49:17.0763 5836 Fastfat - ok
20:49:17.0794 5836 FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
20:49:17.0794 5836 FastUserSwitchingCompatibility - ok
20:49:17.0810 5836 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
20:49:17.0810 5836 Fdc - ok
20:49:17.0825 5836 Fips (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
20:49:17.0825 5836 Fips - ok
20:49:17.0841 5836 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
20:49:17.0841 5836 Flpydisk - ok
20:49:17.0872 5836 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
20:49:17.0872 5836 FltMgr - ok
20:49:17.0935 5836 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
20:49:17.0935 5836 FontCache3.0.0.0 - ok
20:49:17.0950 5836 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:49:17.0950 5836 Fs_Rec - ok
20:49:17.0966 5836 Ftdisk (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:49:17.0966 5836 Ftdisk - ok
20:49:17.0982 5836 fwrnusb (a9e2cc3c70d3356a534789c2af2d20f2) C:\WINDOWS\system32\DRIVERS\fwrnusb.sys
20:49:17.0982 5836 fwrnusb - ok
20:49:17.0997 5836 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
20:49:17.0997 5836 gameenum - ok
20:49:18.0029 5836 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:49:18.0029 5836 Gpc - ok
20:49:18.0091 5836 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Programme\Google\Update\GoogleUpdate.exe
20:49:18.0091 5836 gupdate - ok
20:49:18.0091 5836 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Programme\Google\Update\GoogleUpdate.exe
20:49:18.0091 5836 gupdatem - ok
20:49:18.0122 5836 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
20:49:18.0122 5836 gusvc - ok
20:49:18.0138 5836 HdAudAddService (160b24fd894e79e71c983ea403a6e6e7) C:\WINDOWS\system32\drivers\HdAudio.sys
20:49:18.0138 5836 HdAudAddService - ok
20:49:18.0169 5836 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
20:49:18.0169 5836 HDAudBus - ok
20:49:18.0200 5836 helpsvc (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:49:18.0200 5836 helpsvc - ok
20:49:18.0216 5836 HidBth (a5aecf10be62459533a06ed7ebf5770b) C:\WINDOWS\system32\DRIVERS\hidbth.sys
20:49:18.0216 5836 HidBth - ok
20:49:18.0232 5836 HidServ (b35da85e60c0103f2e4104532da2f12b) C:\WINDOWS\System32\hidserv.dll
20:49:18.0232 5836 HidServ - ok
20:49:18.0263 5836 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:49:18.0263 5836 HidUsb - ok
20:49:18.0279 5836 hkmsvc (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll
20:49:18.0279 5836 hkmsvc - ok
20:49:18.0310 5836 hotcore3 (48ed16c0c98c950843e673eeee02ac94) C:\WINDOWS\system32\DRIVERS\hotcore3.sys
20:49:18.0310 5836 hotcore3 - ok
20:49:18.0310 5836 hpn - ok
20:49:18.0325 5836 hpqcxs08 - ok
20:49:18.0325 5836 hpqddsvc - ok
20:49:18.0325 5836 HPSLPSVC - ok
20:49:18.0357 5836 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
20:49:18.0357 5836 HPZid412 - ok
20:49:18.0372 5836 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
20:49:18.0372 5836 HPZipr12 - ok
20:49:18.0404 5836 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
20:49:18.0404 5836 HPZius12 - ok
20:49:18.0435 5836 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
20:49:18.0435 5836 HTTP - ok
20:49:18.0450 5836 HTTPFilter (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll
20:49:18.0466 5836 HTTPFilter - ok
20:49:18.0466 5836 i2omgmt - ok
20:49:18.0482 5836 i2omp - ok
20:49:18.0497 5836 i8042prt (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:49:18.0497 5836 i8042prt - ok
20:49:18.0544 5836 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
20:49:18.0544 5836 IDriverT - ok
20:49:18.0622 5836 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:49:18.0638 5836 idsvc - ok
20:49:18.0747 5836 IDSxpx86 (cfbc1ce72e5353d428704659199147b1) C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120330.002\IDSxpx86.sys
20:49:18.0747 5836 IDSxpx86 - ok
20:49:18.0779 5836 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
20:49:18.0779 5836 Imapi - ok
20:49:18.0794 5836 ImapiService (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\system32\imapi.exe
20:49:18.0794 5836 ImapiService - ok
20:49:18.0810 5836 ini910u - ok
20:49:18.0841 5836 IntelIde (69c4e3c9e67a1f103b94e14fdd5f3213) C:\WINDOWS\system32\DRIVERS\intelide.sys
20:49:18.0841 5836 IntelIde - ok
20:49:18.0857 5836 intelppm (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys
20:49:18.0857 5836 intelppm - ok
20:49:18.0888 5836 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
20:49:18.0888 5836 Ip6Fw - ok
20:49:18.0904 5836 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:49:18.0904 5836 IpFilterDriver - ok
20:49:18.0919 5836 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:49:18.0935 5836 IpInIp - ok
20:49:18.0950 5836 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:49:18.0950 5836 IpNat - ok
20:49:18.0966 5836 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:49:18.0966 5836 IPSec - ok
20:49:18.0982 5836 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
20:49:18.0982 5836 IRENUM - ok
20:49:19.0013 5836 isapnp (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:49:19.0013 5836 isapnp - ok
20:49:19.0013 5836 JavaQuickStarterService - ok
20:49:19.0029 5836 Kbdclass (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:49:19.0029 5836 Kbdclass - ok
20:49:19.0044 5836 kbdhid (b6d6c117d771c98130497265f26d1882) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
20:49:19.0044 5836 kbdhid - ok
20:49:19.0075 5836 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
20:49:19.0075 5836 kmixer - ok
20:49:19.0091 5836 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
20:49:19.0091 5836 KSecDD - ok
20:49:19.0107 5836 lanmanserver (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll
20:49:19.0122 5836 lanmanserver - ok
20:49:19.0138 5836 lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll
20:49:19.0138 5836 lanmanworkstation - ok
20:49:19.0154 5836 lbrtfdc - ok
20:49:19.0185 5836 LmHosts (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll
20:49:19.0185 5836 LmHosts - ok
20:49:19.0232 5836 MDM (11f714f85530a2bd134074dc30e99fca) C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
20:49:19.0232 5836 MDM - ok
20:49:19.0263 5836 Messenger (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll
20:49:19.0263 5836 Messenger - ok
20:49:19.0279 5836 Microsoft Office Groove Audit Service - ok
20:49:19.0310 5836 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
20:49:19.0310 5836 mnmdd - ok
20:49:19.0325 5836 mnmsrvc (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\system32\mnmsrvc.exe
20:49:19.0325 5836 mnmsrvc - ok
20:49:19.0357 5836 Modem (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
20:49:19.0357 5836 Modem - ok
20:49:19.0388 5836 Mouclass (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:49:19.0388 5836 Mouclass - ok
20:49:19.0404 5836 mouhid (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
20:49:19.0419 5836 mouhid - ok
20:49:19.0435 5836 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
20:49:19.0435 5836 MountMgr - ok
20:49:19.0450 5836 mraid35x - ok
20:49:19.0466 5836 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:49:19.0466 5836 MRxDAV - ok
20:49:19.0497 5836 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:49:19.0497 5836 MRxSmb - ok
20:49:19.0529 5836 MSDTC (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\system32\msdtc.exe
20:49:19.0529 5836 MSDTC - ok
20:49:19.0560 5836 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
20:49:19.0575 5836 Msfs - ok
20:49:19.0575 5836 MSIServer - ok
20:49:19.0607 5836 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:49:19.0607 5836 MSKSSRV - ok
20:49:19.0638 5836 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:49:19.0638 5836 MSPCLOCK - ok
20:49:19.0669 5836 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
20:49:19.0669 5836 MSPQM - ok
20:49:19.0700 5836 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:49:19.0700 5836 mssmbios - ok
20:49:19.0732 5836 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
20:49:19.0732 5836 MSTEE - ok
20:49:19.0747 5836 ms_mpu401 (ca3e22598f411199adc2dfee76cd0ae0) C:\WINDOWS\system32\drivers\msmpu401.sys
20:49:19.0747 5836 ms_mpu401 - ok
20:49:19.0763 5836 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
20:49:19.0779 5836 Mup - ok
20:49:19.0794 5836 MVDCODEC (514829ed3e7f140aac16154106d04981) C:\WINDOWS\system32\DRIVERS\atinmdxx.sys
20:49:19.0794 5836 MVDCODEC - ok
20:49:19.0825 5836 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
20:49:19.0825 5836 NABTSFEC - ok
20:49:19.0857 5836 napagent (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll
20:49:19.0872 5836 napagent - ok
20:49:20.0013 5836 NAVENG (862f55824ac81295837b0ab63f91071f) C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120402.002\NAVENG.SYS
20:49:20.0013 5836 NAVENG - ok
20:49:20.0122 5836 NAVEX15 (529d571b551cb9da44237389b936f1ae) C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120402.002\NAVEX15.SYS
20:49:20.0138 5836 NAVEX15 - ok
20:49:20.0169 5836 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
20:49:20.0169 5836 NDIS - ok
20:49:20.0185 5836 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
20:49:20.0185 5836 NdisIP - ok
20:49:20.0216 5836 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:49:20.0216 5836 NdisTapi - ok
20:49:20.0247 5836 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:49:20.0247 5836 Ndisuio - ok
20:49:20.0247 5836 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:49:20.0247 5836 NdisWan - ok
20:49:20.0279 5836 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
20:49:20.0279 5836 NDProxy - ok
20:49:20.0310 5836 Net Driver HPZ12 (a081cb6fb9a12668f233eb5414be3a0e) C:\WINDOWS\system32\HPZinw12.dll
20:49:20.0310 5836 Net Driver HPZ12 - ok
20:49:20.0341 5836 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
20:49:20.0341 5836 NetBIOS - ok
20:49:20.0372 5836 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
20:49:20.0372 5836 NetBT - ok
20:49:20.0388 5836 NetDDE (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
20:49:20.0388 5836 NetDDE - ok
20:49:20.0404 5836 NetDDEdsdm (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
20:49:20.0404 5836 NetDDEdsdm - ok
20:49:20.0419 5836 Netlogon (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:49:20.0435 5836 Netlogon - ok
20:49:20.0466 5836 Netman (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll
20:49:20.0466 5836 Netman - ok
20:49:20.0529 5836 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:49:20.0529 5836 NetTcpPortSharing - ok
20:49:20.0544 5836 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
20:49:20.0560 5836 NIC1394 - ok
20:49:20.0560 5836 NIS - ok
20:49:20.0591 5836 Nla (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll
20:49:20.0591 5836 Nla - ok
20:49:20.0607 5836 nm (1e421a6bcf2203cc61b821ada9de878b) C:\WINDOWS\system32\DRIVERS\NMnt.sys
20:49:20.0607 5836 nm - ok
20:49:20.0638 5836 nmwcd (28e36e677849174c910faaead3e60e9e) C:\WINDOWS\system32\drivers\ccdcmb.sys
20:49:20.0638 5836 nmwcd - ok
20:49:20.0654 5836 nmwcdc (3823deb17f9f6775de0187a98fa0536d) C:\WINDOWS\system32\drivers\ccdcmbo.sys
20:49:20.0654 5836 nmwcdc - ok
20:49:20.0685 5836 nmwcdnsu (496f34fb30dd541350b29558842cd42a) C:\WINDOWS\system32\drivers\nmwcdnsu.sys
20:49:20.0685 5836 nmwcdnsu - ok
20:49:20.0700 5836 nmwcdnsuc (99fbb538789888e6a48b902417f68dd4) C:\WINDOWS\system32\drivers\nmwcdnsuc.sys
20:49:20.0700 5836 nmwcdnsuc - ok
20:49:20.0716 5836 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
20:49:20.0716 5836 Npfs - ok
20:49:20.0747 5836 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
20:49:20.0747 5836 Ntfs - ok
20:49:20.0779 5836 NtLmSsp (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:49:20.0779 5836 NtLmSsp - ok
20:49:20.0810 5836 NtmsSvc (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll
20:49:20.0825 5836 NtmsSvc - ok
20:49:20.0857 5836 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
20:49:20.0872 5836 Null - ok
20:49:20.0888 5836 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:49:20.0888 5836 NwlnkFlt - ok
20:49:20.0904 5836 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:49:20.0904 5836 NwlnkFwd - ok
20:49:20.0966 5836 odserv (1f0e05dff4f5a833168e49be1256f002) C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE
20:49:20.0966 5836 odserv - ok
20:49:20.0997 5836 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
20:49:20.0997 5836 ohci1394 - ok
20:49:21.0029 5836 ose (5a432a042dae460abe7199b758e8606c) C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
20:49:21.0029 5836 ose - ok
20:49:21.0044 5836 Parport (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
20:49:21.0044 5836 Parport - ok
20:49:21.0075 5836 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
20:49:21.0075 5836 PartMgr - ok
20:49:21.0091 5836 ParVdm (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
20:49:21.0091 5836 ParVdm - ok
20:49:21.0107 5836 PCANDIS5 - ok
20:49:21.0138 5836 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
20:49:21.0138 5836 pccsmcfd - ok
20:49:21.0169 5836 PCI (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
20:49:21.0169 5836 PCI - ok
20:49:21.0169 5836 PCIDump - ok
20:49:21.0185 5836 PCIIde (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
20:49:21.0185 5836 PCIIde - ok
20:49:21.0216 5836 Pcmcia (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
20:49:21.0216 5836 Pcmcia - ok
20:49:21.0216 5836 PDCOMP - ok
20:49:21.0232 5836 PDFRAME - ok
20:49:21.0247 5836 PDRELI - ok
20:49:21.0247 5836 PDRFRAME - ok
20:49:21.0263 5836 perc2 - ok
20:49:21.0279 5836 perc2hib - ok
20:49:21.0310 5836 PlugPlay (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
20:49:21.0310 5836 PlugPlay - ok
20:49:21.0341 5836 Pml Driver HPZ12 (65bc271f337637731d3c71455ae1f476) C:\WINDOWS\system32\HPZipm12.dll
20:49:21.0341 5836 Pml Driver HPZ12 - ok
20:49:21.0372 5836 Point32 (2e3394c8ebf31a9b4f0a531eb5cc7bc7) C:\WINDOWS\system32\DRIVERS\point32.sys
20:49:21.0372 5836 Point32 - ok
20:49:21.0388 5836 PolicyAgent (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:49:21.0388 5836 PolicyAgent - ok
20:49:21.0419 5836 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:49:21.0419 5836 PptpMiniport - ok
20:49:21.0435 5836 ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:49:21.0435 5836 ProtectedStorage - ok
20:49:21.0450 5836 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
20:49:21.0450 5836 PSched - ok
20:49:21.0466 5836 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:49:21.0466 5836 Ptilink - ok
20:49:21.0482 5836 ql1080 - ok
20:49:21.0482 5836 Ql10wnt - ok
20:49:21.0497 5836 ql12160 - ok
20:49:21.0513 5836 ql1240 - ok
20:49:21.0513 5836 ql1280 - ok
20:49:21.0544 5836 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:49:21.0544 5836 RasAcd - ok
20:49:21.0560 5836 RasAuto (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll
20:49:21.0560 5836 RasAuto - ok
20:49:21.0591 5836 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:49:21.0591 5836 Rasl2tp - ok
20:49:21.0622 5836 RasMan (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll
20:49:21.0622 5836 RasMan - ok
20:49:21.0622 5836 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:49:21.0638 5836 RasPppoe - ok
20:49:21.0638 5836 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
20:49:21.0638 5836 Raspti - ok
20:49:21.0669 5836 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:49:21.0669 5836 Rdbss - ok
20:49:21.0685 5836 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:49:21.0685 5836 RDPCDD - ok
20:49:21.0700 5836 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
20:49:21.0700 5836 rdpdr - ok
20:49:21.0732 5836 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
20:49:21.0732 5836 RDPWD - ok
20:49:21.0747 5836 RDSessMgr (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe
20:49:21.0747 5836 RDSessMgr - ok
20:49:21.0779 5836 redbook (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
20:49:21.0779 5836 redbook - ok
20:49:21.0794 5836 RemoteAccess (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll
20:49:21.0794 5836 RemoteAccess - ok
20:49:21.0825 5836 RemoteRegistry (e4cd1f3d84e1c2ca0b8cf7501e201593) C:\WINDOWS\system32\regsvc.dll
20:49:21.0825 5836 RemoteRegistry - ok
20:49:21.0857 5836 RFCOMM (851c30df2807fcfa21e4c681a7d6440e) C:\WINDOWS\system32\DRIVERS\rfcomm.sys
20:49:21.0857 5836 RFCOMM - ok
20:49:21.0888 5836 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
20:49:21.0888 5836 ROOTMODEM - ok
20:49:21.0904 5836 RpcLocator (2a02e21867497df20b8fc95631395169) C:\WINDOWS\system32\locator.exe
20:49:21.0904 5836 RpcLocator - ok
20:49:21.0935 5836 RpcSs (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\System32\rpcss.dll
20:49:21.0935 5836 RpcSs - ok
20:49:21.0966 5836 RSVP (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\system32\rsvp.exe
20:49:21.0966 5836 RSVP - ok
20:49:22.0013 5836 RVS_CE (777fa0d2ca9728789a7d8e072c4491b2) C:\WINDOWS\system32\rvs_cent.exe
20:49:22.0029 5836 RVS_CE - ok
20:49:22.0060 5836 SamSs (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:49:22.0060 5836 SamSs - ok
20:49:22.0091 5836 SCardSvr (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe
20:49:22.0091 5836 SCardSvr - ok
20:49:22.0122 5836 Schedule (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll
20:49:22.0122 5836 Schedule - ok
20:49:22.0154 5836 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:49:22.0154 5836 Secdrv - ok
20:49:22.0185 5836 seclogon (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll
20:49:22.0185 5836 seclogon - ok
20:49:22.0200 5836 SENS (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll
20:49:22.0200 5836 SENS - ok
20:49:22.0232 5836 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
20:49:22.0232 5836 serenum - ok
20:49:22.0263 5836 Serial (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
20:49:22.0263 5836 Serial - ok
20:49:22.0325 5836 ServiceLayer (5bf59c6bc737baaf541168e5cb2ec1d9) C:\Programme\PC Connectivity Solution\ServiceLayer.exe
20:49:22.0341 5836 ServiceLayer - ok
20:49:22.0372 5836 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys
20:49:22.0372 5836 Sfloppy - ok
20:49:22.0419 5836 SharedAccess (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll
20:49:22.0419 5836 SharedAccess - ok
20:49:22.0450 5836 ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
20:49:22.0450 5836 ShellHWDetection - ok
20:49:22.0482 5836 Si3114r5 (09889d435edc82435b18c7c311fe5721) C:\WINDOWS\system32\DRIVERS\Si3114r5.sys
20:49:22.0482 5836 Si3114r5 - ok
20:49:22.0497 5836 SiFilter (46b92189fe4db53a09e3a0099aa3084c) C:\WINDOWS\system32\DRIVERS\SiWinAcc.sys
20:49:22.0497 5836 SiFilter - ok
20:49:22.0513 5836 Simbad - ok
20:49:22.0513 5836 SiRemFil (b688378d258d1ecce4768cdb55d48d92) C:\WINDOWS\system32\DRIVERS\SiRemFil.sys
20:49:22.0513 5836 SiRemFil - ok
20:49:22.0544 5836 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
20:49:22.0544 5836 SLIP - ok
20:49:22.0560 5836 Sparrow - ok
20:49:22.0575 5836 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
20:49:22.0575 5836 splitter - ok
20:49:22.0607 5836 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
20:49:22.0607 5836 Spooler - ok
20:49:22.0654 5836 sptd (cdddec541bc3c96f91ecb48759673505) C:\WINDOWS\System32\Drivers\sptd.sys
20:49:22.0654 5836 sptd - ok
20:49:22.0700 5836 sr (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
20:49:22.0700 5836 sr - ok
20:49:22.0716 5836 srservice (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\system32\srsvc.dll
20:49:22.0732 5836 srservice - ok
20:49:22.0763 5836 SRTSP (c16d048faf2978d2121f9f40594a6bdc) C:\WINDOWS\System32\Drivers\NIS\1306020.00A\SRTSP.SYS
20:49:22.0763 5836 SRTSP - ok
20:49:22.0810 5836 SRTSPX (f0d02c2e25970c9c72a5cd278c17cdb6) C:\WINDOWS\system32\drivers\NIS\1306020.00A\SRTSPX.SYS
20:49:22.0810 5836 SRTSPX - ok
20:49:22.0841 5836 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
20:49:22.0841 5836 Srv - ok
20:49:22.0888 5836 SSDPSRV (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll
20:49:22.0888 5836 SSDPSRV - ok
20:49:22.0919 5836 stisvc (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll
20:49:22.0919 5836 stisvc - ok
20:49:22.0950 5836 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
20:49:22.0950 5836 streamip - ok
20:49:22.0966 5836 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
20:49:22.0966 5836 swenum - ok
20:49:22.0982 5836 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
20:49:22.0982 5836 swmidi - ok
20:49:22.0997 5836 SwPrv - ok
20:49:23.0013 5836 symc810 - ok
20:49:23.0029 5836 symc8xx - ok
20:49:23.0060 5836 SymDS (690fa0e61b90084c4d9a721bd4f3d779) C:\WINDOWS\system32\drivers\NIS\1306020.00A\SYMDS.SYS
20:49:23.0060 5836 SymDS - ok
20:49:23.0107 5836 SymEFA (4e55148a2e044d02245cbcdbb266b98c) C:\WINDOWS\system32\drivers\NIS\1306020.00A\SYMEFA.SYS
20:49:23.0122 5836 SymEFA - ok
20:49:23.0154 5836 SymEvent (555fb450fe6908600310e990738b41d6) C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
20:49:23.0154 5836 SymEvent - ok
20:49:23.0185 5836 SymIRON (2c356cca706505cf63cbe39d532b9236) C:\WINDOWS\system32\drivers\NIS\1306020.00A\Ironx86.SYS
20:49:23.0185 5836 SymIRON - ok
20:49:23.0200 5836 SYMTDI (508bd882040f9cb12319e3a4fc78edb9) C:\WINDOWS\System32\Drivers\NIS\1306020.00A\SYMTDI.SYS
20:49:23.0216 5836 SYMTDI - ok
20:49:23.0216 5836 sym_hi - ok
20:49:23.0232 5836 sym_u3 - ok
20:49:23.0247 5836 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
20:49:23.0247 5836 sysaudio - ok
20:49:23.0279 5836 SysmonLog (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe
20:49:23.0279 5836 SysmonLog - ok
20:49:23.0294 5836 TapiSrv (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll
20:49:23.0310 5836 TapiSrv - ok
20:49:23.0341 5836 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:49:23.0341 5836 Tcpip - ok
20:49:23.0357 5836 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
20:49:23.0357 5836 TDPIPE - ok
20:49:23.0372 5836 TDslMgrService - ok
20:49:23.0388 5836 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
20:49:23.0388 5836 TDTCP - ok
20:49:23.0404 5836 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
20:49:23.0404 5836 TermDD - ok
20:49:23.0435 5836 TermService (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll
20:49:23.0435 5836 TermService - ok
20:49:23.0482 5836 Themes (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
20:49:23.0482 5836 Themes - ok
20:49:23.0497 5836 TlntSvr (03681a1ce77f51586903869a5ab1deab) C:\WINDOWS\system32\tlntsvr.exe
20:49:23.0497 5836 TlntSvr - ok
20:49:23.0513 5836 TosIde - ok
20:49:23.0544 5836 TrkWks (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll
20:49:23.0560 5836 TrkWks - ok
20:49:23.0575 5836 TSMPacket (7c1367bff5587cf49c0ed2e664f6eac0) C:\WINDOWS\system32\DRIVERS\tsmpkt.sys
20:49:23.0575 5836 TSMPacket - ok
20:49:23.0607 5836 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
20:49:23.0607 5836 Udfs - ok
20:49:23.0622 5836 ulisa - ok
20:49:23.0638 5836 ultra - ok
20:49:23.0685 5836 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
20:49:23.0685 5836 Update - ok
20:49:23.0716 5836 upnphost (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll
20:49:23.0716 5836 upnphost - ok
20:49:23.0747 5836 upperdev (b1b8bee26227dad9835019201552cb05) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
20:49:23.0747 5836 upperdev - ok
20:49:23.0763 5836 UPS (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe
20:49:23.0763 5836 UPS - ok
20:49:23.0779 5836 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:49:23.0779 5836 usbccgp - ok
20:49:23.0810 5836 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:49:23.0810 5836 usbehci - ok
20:49:23.0825 5836 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:49:23.0841 5836 usbhub - ok
20:49:23.0872 5836 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
20:49:23.0872 5836 usbprint - ok
20:49:23.0888 5836 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:49:23.0888 5836 usbscan - ok
20:49:23.0919 5836 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\drivers\usbser.sys
20:49:23.0919 5836 usbser - ok
20:49:23.0935 5836 UsbserFilt (98e1ff1d732c6c7200b6c59d4ff8c1c3) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
20:49:23.0935 5836 UsbserFilt - ok
20:49:23.0966 5836 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:49:23.0966 5836 usbstor - ok
20:49:23.0982 5836 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
20:49:23.0982 5836 usbuhci - ok
20:49:23.0997 5836 USB_RNDIS (bee793d4a059caea55d6ac20e19b3a8f) C:\WINDOWS\system32\DRIVERS\usb8023.sys
20:49:23.0997 5836 USB_RNDIS - ok
20:49:24.0029 5836 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
20:49:24.0029 5836 VgaSave - ok
20:49:24.0044 5836 ViaIde - ok
20:49:24.0060 5836 VolSnap (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
20:49:24.0060 5836 VolSnap - ok
20:49:24.0075 5836 VSS (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe
20:49:24.0091 5836 VSS - ok
20:49:24.0138 5836 W32Time (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\system32\w32time.dll
20:49:24.0138 5836 W32Time - ok
20:49:24.0169 5836 W8100XP (f47660ee2cc6161540106b6bfa207f35) C:\WINDOWS\system32\DRIVERS\mrv8ka51.sys
20:49:24.0169 5836 W8100XP - ok
20:49:24.0200 5836 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:49:24.0200 5836 Wanarp - ok
20:49:24.0232 5836 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys
20:49:24.0232 5836 Wdf01000 - ok
20:49:24.0247 5836 WDICA - ok
20:49:24.0279 5836 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
20:49:24.0279 5836 wdmaud - ok
20:49:24.0310 5836 WebClient (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll
20:49:24.0325 5836 WebClient - ok
20:49:24.0357 5836 winmgmt (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll
20:49:24.0357 5836 winmgmt - ok
20:49:24.0404 5836 WinRM (f10075c2ec96d2eb118012e78ece2fc2) C:\WINDOWS\system32\WsmSvc.dll
20:49:24.0419 5836 WinRM - ok
20:49:24.0450 5836 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
20:49:24.0466 5836 WmdmPmSN - ok
20:49:24.0497 5836 Wmi (ffa4d901d46d07a5bab2d8307fbb51a6) C:\WINDOWS\System32\advapi32.dll
20:49:24.0497 5836 Wmi - ok
20:49:24.0529 5836 WmiApSrv (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\system32\wbem\wmiapsrv.exe
20:49:24.0529 5836 WmiApSrv - ok
20:49:24.0591 5836 WMPNetworkSvc (bf05650bb7df5e9ebdd25974e22403bb) C:\Programme\Windows Media Player\WMPNetwk.exe
20:49:24.0607 5836 WMPNetworkSvc - ok
20:49:24.0638 5836 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
20:49:24.0638 5836 WpdUsb - ok
20:49:24.0716 5836 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:49:24.0716 5836 WPFFontCache_v0400 - ok
20:49:24.0763 5836 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
20:49:24.0763 5836 WS2IFSL - ok
20:49:24.0779 5836 wscsvc (300b3e84faf1a5c1f791c159ba28035d) C:\WINDOWS\system32\wscsvc.dll
20:49:24.0794 5836 wscsvc - ok
20:49:24.0794 5836 WSearch - ok
20:49:24.0825 5836 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
20:49:24.0825 5836 WSTCODEC - ok
20:49:24.0841 5836 wuauserv (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll
20:49:24.0841 5836 wuauserv - ok
20:49:24.0872 5836 WudfPf (6ff66513d372d479ef1810223c8d20ce) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
20:49:24.0872 5836 WudfPf - ok
20:49:24.0888 5836 WudfSvc (575a4190d989f64732119e4114045a4f) C:\WINDOWS\System32\WUDFSvc.dll
20:49:24.0888 5836 WudfSvc - ok
20:49:24.0919 5836 WZCSVC (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll
20:49:24.0935 5836 WZCSVC - ok
20:49:24.0950 5836 xmlprov (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll
20:49:24.0950 5836 xmlprov - ok
20:49:24.0982 5836 yukonwxp (87f126d0f8dc176b282924df0417075e) C:\WINDOWS\system32\DRIVERS\yk51x86.sys
20:49:24.0997 5836 yukonwxp - ok
20:49:25.0029 5836 MBR (0x1B8) (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
20:49:25.0107 5836 \Device\Harddisk0\DR0 - ok
20:49:25.0122 5836 MBR (0x1B8) (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk1\DR1
20:49:25.0357 5836 \Device\Harddisk1\DR1 - ok
20:49:25.0357 5836 Boot (0x1200) (dd50333d7ff6d848fc966771f811000d) \Device\Harddisk0\DR0\Partition0
20:49:25.0357 5836 \Device\Harddisk0\DR0\Partition0 - ok
20:49:25.0372 5836 Boot (0x1200) (ac65db694b9aa890fbc7c24ff36cf083) \Device\Harddisk1\DR1\Partition0
20:49:25.0372 5836 \Device\Harddisk1\DR1\Partition0 - ok
20:49:25.0372 5836 ============================================================
20:49:25.0372 5836 Scan finished
20:49:25.0372 5836 ============================================================
20:49:25.0372 4776 Detected object count: 1
20:49:25.0372 4776 Actual detected object count: 1
20:50:47.0513 4776 C:\WINDOWS\system32\DRIVERS\ACPI.sys - copied to quarantine
20:50:47.0529 4776 ACPI ( Virus.Win32.Rloader.a ) - User select action: Quarantine

markusg · 04.04.2012, 12:14

ok,
nutzt du den pc für onlinebanking, einkäufe, sonstige zahlungsabwicklungen, oder ähnlich wichtiges, wie berufliches?

toni_ks · 04.04.2012, 15:26

berufliche Dinge laufen zumeist über den Firmenlaptop, aber alle Bankgeschäfte (Onlinebanking), Shopping (eBay und andere Versandhäuser die meine Frau bevorzugt :-) ) und der gesamte Schriftverkehr mit Mietern und auch privat läuft über den PC.

Worauf zielt deine Frage ab?

50€-Trojaner "Suspicious.Cloud.7.EP"

Plagegeister aller Art und deren Bekämpfung: 50€-Trojaner "Suspicious.Cloud.7.EP"