Mail von WEB.de Abuse Team...Echt oder Spam??

nobear68 · 13.09.2012, 10:01

Hallo,
habe mich extra neu angemeldet weil ich vom "Web.de Abuse Team" eine mail bekommen habe.
Bin mir nicht sicher ob das mit rechten Dingen zugeht oder ob das schon eine Spam mail ansich ist!?
Zudem wenn es richtig ist, weiß ich nicht was zu tun ist??
Ich logge mich bei WEB de von zu Hause, in der Firma und über das iphone ein.....welcher Rechner ist jetzt betroffen?

(ok, hab gerade gesehen das es der Firmen-Rechner sein muss der betroffen ist. Unten in der mail steht die Uhrzeit)

Muss ich alle Passwörter jetzt ändern u.a OnlineBanking, andere mail Konten usw.?

ich habe die mail kopiert und hier angehängt:

Ihr Postfach: xxxxxxxxxxxx(hab ich raus genommen)
Unsere Referenz: [Ticket AB45518773]
Hinweis: Ihr Name in der Anrede zeigt Ihnen, dass diese Nachricht tatsächlich
von WEB.DE verschickt wurde.

Sehr geehrte/r Herr XXXXXXXXXX,

Sie erhalten heute eine dringende Nachricht zu Ihrem WEB.DE Postfach
"XXXXXX@web.de" und der Sicherheit Ihrer persönlichen Daten.

Unser Team von Sicherheitsexperten hat zwei wichtige Informationen für Sie:

- Ein Virus hat das Passwort zu Ihrem WEB.DE Postfach ausgespäht.

- Dieser Virus heißt "citadel" und befindet sich wahrscheinlich
auf Ihrem Computer.

In dieser E-Mail finden Sie alle notwendigen Informationen um die Sicherheit
Ihres Postfaches und Ihres Computers wiederherzustellen.

So gewinnen Sie den Kampf gegen den Virus:

***************************************************************************
1. Ändern Sie das Passwort zu Ihrem WEB.DE-Postfach:
***************************************************************************
Loggen Sie sich von einem sicheren Computer in Ihr Postfach ein.

Klicken Sie im linken Menü auf 'Meine Daten'. Sie gelangen in das WEB.DE
Kundencenter und ändern hier sicher Ihr Passwort.

***************************************************************************
2. Erkennen Sie, welcher Computer mit dem Virus infiziert ist:
***************************************************************************
Haben Sie in den letzten Tagen über unterschiedliche Computer auf Ihr Postfach
zugegriffen? Dann hilft Ihnen die folgende Angabe dabei den betroffenen Computer
zu finden:

Sie haben den Computer zum folgenden Zeitpunkt benutzt: 12.09.2012 13:06:04 Uhr

***************************************************************************
3. Löschen Sie den Virus:
***************************************************************************
Damit Sie den Virus gleich erkennen und ganz einfach von Ihrem Computer
entfernen können, nutzen Sie den praktischen und kostenlosen DE-Cleaner.

Dieses Programm stellt Ihnen die deutsche Initiative botfrei.de mit freundlicher
Unterstützung von Norton Symantec zur Verfügung.

Und hier geht es zum DE-Cleaner: https://www.botfrei.de/webde/

Sollten Sie bei der Anwendung des DE-Cleaners und beim Löschen des Virus
Unterstützung brauchen, hilft Ihnen das Anti-Botnet-Beratungszentrum gerne weiter.

Sie erreichen die Experten des Anti-Botnet-Beratungszentrums unter der folgenden
Rufnummer: 0221 - 677 84 977

Wichtig: Geben Sie bei Ihrem Anruf bitte die folgende Voucher-Nummer an:
01-45518773

***************************************************************************
4. Ändern Sie anschließend alle Ihre Passwörter:
***************************************************************************
Nachdem Sie den Virus erfolgreich entfernt haben, ändern Sie zur Sicherheit das
Passwort erneut.

Ändern Sie auch alle Ihre anderen Passwörter. Denken Sie an Ihre Passwörter zu:
- Ihrem Online-Banking-Zugang
- Ihren Konten bei eBay und Paypal
- Ihren anderen E-Mail-Konten

***************************************************************************
5. Sichern Sie Ihren Computer für die Zukunft:
***************************************************************************
Um Ihren Computer zukünftig optimal zu schützen, empfehlen wir Ihnen die
Installation einer professionellen Anti-Viren-Software, wie dem WEB.DE
PC-Sicherheits-Paket.

Weitere Informationen finden Sie hier: hxxp://www.pc-sicherheit.web.de

***************************************************************************

Haben Sie noch Fragen an uns? Dann antworten Sie einfach auf diese E-Mail und
belassen bitte unsere Referenz [Ticket AB45518773] in Ihrer Nachricht.

Wir freuen uns, mit Ihnen gemeinsam für die Sicherheit Ihres Postfaches zu
sorgen - vielen Dank für Ihre Mitarbeit!

Mit freundlichen Grüßen

Ihr Abuse-Team

--
Abuse-Abteilung
WEB.DE

hxxp://web.de/Impressum

markusg · 13.09.2012, 11:19

hi
ne, passwort endern wird da nicht reichen, wenn malware drauf ist.
passwörter alle von nem sauberen system aus endern, und nicht mehr vom firmen pc aus nutzen (würde ich sowieso nie tun)
zumindest nicht an dem betroffenen rechner, bei dem kann es sein, dass er formatiert werden muss.

schaun wir mal.
Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Starte bitte die
OTL.exe
.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Kopiere nun den Inhalt in die
Textbox.

Code:

ATTFilter

activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Kopiere
nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread

nobear68 · 14.09.2012, 09:31

Danke für Deine rasche Info Markusg,

vorab bevor ich die Auswertung schicke. Unser Administrator hat gestern mein Lap Top auf den Kopf gestellt und herausgekommen ist nichts!
Frei von viren!! Wundere mich ein bisschen.
Ich habe gestern noch die gleiche mail von meinem gmx. Postkoasten bekommen. Mit identischer Nachricht wie die von Web.de.
Nur komisch war die Uhrzeit als ich an dem Rechner gewesen sein sollte 07:23Uhr.
Da war ich noch im Bad!!?? Nirgends Online!!!
Ich hatte ja eingans gefragt in wie weit mein iphone den Vuirus hat!? Denn die Zeit als ich bei meinem Iphone den Flugmodus ausgeschaltet hatte war so um die Zeit.
Na ja vielleicht hast Du ja noch mal ein Tipp nachdem ich die Auswertung von OTL hier reingestellt habe...
Bis dahin schon mal viele Grüße

OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 14.09.2012 10:12:53 - Run 1
OTL by OldTimer - Version 3.2.61.3     Folder = F:\
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,93 Gb Total Physical Memory | 1,19 Gb Available Physical Memory | 61,41% Memory free
5,78 Gb Paging File | 5,07 Gb Available in Paging File | 87,72% Paging File free
Paging file location(s): D:\pagefile.sys 4092 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 127,74 Gb Total Space | 80,61 Gb Free Space | 63,11% Space Free | Partition Type: NTFS
Drive D: | 165,23 Gb Total Space | 152,86 Gb Free Space | 92,51% Space Free | Partition Type: NTFS
Drive F: | 3,75 Gb Total Space | 3,74 Gb Free Space | 99,98% Space Free | Partition Type: FAT32
Drive H: | 931,50 Gb Total Space | 690,74 Gb Free Space | 74,15% Space Free | Partition Type: NTFS
Drive I: | 931,51 Gb Total Space | 155,92 Gb Free Space | 16,74% Space Free | Partition Type: NTFS
Drive K: | 931,51 Gb Total Space | 155,92 Gb Free Space | 16,74% Space Free | Partition Type: NTFS
Drive L: | 931,50 Gb Total Space | 690,74 Gb Free Space | 74,15% Space Free | Partition Type: NTFS
Drive T: | 931,50 Gb Total Space | 690,74 Gb Free Space | 74,15% Space Free | Partition Type: NTFS
Drive U: | 931,50 Gb Total Space | 690,74 Gb Free Space | 74,15% Space Free | Partition Type: NTFS
Drive V: | 931,50 Gb Total Space | 690,74 Gb Free Space | 74,15% Space Free | Partition Type: NTFS
 
Computer Name: S-AP-023 | User Name: xxxxx | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.09.14 10:01:38 | 000,600,064 | ---- | M] (OldTimer Tools) -- F:\OTL.exe
PRC - [2012.09.13 19:09:46 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Programme\Java\jre7\bin\jqs.exe
PRC - [2012.07.03 09:04:54 | 000,252,848 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
PRC - [2012.04.12 05:05:00 | 001,664,064 | ---- | M] (Lenovo Group Limited) -- C:\Programme\ThinkPad\Utilities\PWMEWSVC.exe
PRC - [2012.04.12 05:05:00 | 001,645,568 | ---- | M] () -- C:\Programme\ThinkPad\Utilities\PWMDBSVC.exe
PRC - [2012.04.12 05:05:00 | 000,280,640 | ---- | M] (Lenovo.) -- C:\Programme\ThinkPad\Utilities\DOZESVC.EXE
PRC - [2012.04.12 05:05:00 | 000,127,040 | ---- | M] (Lenovo Group Limited) -- C:\Programme\ThinkPad\Utilities\SCHTASK.EXE
PRC - [2012.03.26 17:08:12 | 000,931,200 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Security Client\msseces.exe
PRC - [2012.03.26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Security Client\MsMpEng.exe
PRC - [2011.11.04 15:37:16 | 000,330,304 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\HOTKEY\TPONSCR.exe
PRC - [2011.10.20 10:58:46 | 000,101,440 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\VIRTSCRL\virtscrl.exe
PRC - [2011.07.25 23:14:00 | 000,028,672 | ---- | M] (Lenovo Group Limited) -- c:\Programme\Lenovo\System Update\SUService.exe
PRC - [2011.07.12 18:03:32 | 000,069,568 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\HOTKEY\TPOSDSVC.exe
PRC - [2011.07.12 17:17:04 | 000,138,680 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\ZOOM\TpScrex.exe
PRC - [2011.07.12 16:53:48 | 000,131,432 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\HOTKEY\tphkload.exe
PRC - [2011.07.12 16:53:18 | 000,142,696 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\HOTKEY\TPHKSVC.exe
PRC - [2010.09.22 14:18:46 | 000,607,584 | ---- | M] (Broadcom Corporation.) -- C:\Programme\ThinkPad\Bluetooth Software\BTTray.exe
PRC - [2010.09.22 14:18:46 | 000,349,528 | ---- | M] (Broadcom Corporation.) -- C:\Programme\ThinkPad\Bluetooth Software\bin\btwdins.exe
PRC - [2010.02.05 06:43:20 | 000,098,304 | ---- | M] () -- C:\WINDOWS\system32\DTS.exe
PRC - [2010.02.05 06:39:58 | 001,824,064 | ---- | M] (AuthenTec, Inc.) -- C:\WINDOWS\system32\AtService.exe
PRC - [2009.09.21 16:55:12 | 000,858,384 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe
PRC - [2009.09.21 16:44:48 | 000,954,368 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Intel\WiFi\bin\S24EvMon.exe
PRC - [2009.09.21 16:31:36 | 000,473,360 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Gemeinsame Dateien\Intel\WirelessCommon\RegSrvc.exe
PRC - [2009.09.05 18:29:06 | 000,385,024 | ---- | M] (shbox.de) -- C:\Programme\FreePDF_XP\fpassist.exe
PRC - [2009.08.04 05:32:00 | 000,062,240 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\NPDIRECT\tpfnf7sp.exe
PRC - [2009.07.23 04:11:00 | 000,124,248 | ---- | M] (Lenovo Group Limited) -- C:\Programme\ThinkVantage\PrdCtr\LPMLCHK.EXE
PRC - [2008.10.09 18:05:16 | 000,360,448 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\Rescue and Recovery\UpdateMonitor.exe
PRC - [2008.07.10 11:42:56 | 000,167,936 | ---- | M] (Lenovo) -- C:\Programme\Lenovo\Camera Center\bin\LenovoCameraCenter.exe
PRC - [2008.06.13 18:29:44 | 000,746,808 | ---- | M] (Lenovo Group Limited) -- c:\Programme\Gemeinsame Dateien\Lenovo\tvt_reg_monitor_svc.exe
PRC - [2008.05.14 17:42:40 | 000,487,424 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\scheduler_proxy.exe
PRC - [2008.05.14 17:42:30 | 001,155,072 | ---- | M] (Lenovo Group Limited) -- c:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\tvtsched.exe
PRC - [2008.05.14 17:25:12 | 000,520,192 | ---- | M] () -- C:\Programme\Lenovo\Rescue and Recovery\rrpservice.exe
PRC - [2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.01.04 20:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2006.10.26 13:40:34 | 000,335,872 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\mdm.exe
PRC - [2006.09.19 17:43:48 | 001,191,936 | ---- | M] (Tobit Software) -- C:\Programme\Tobit InfoCenter\DVREMIND.EXE
PRC - [2006.06.29 22:57:50 | 000,032,768 | ---- | M] () -- C:\WINDOWS\system32\TpKmpSvc.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.07.27 22:51:38 | 000,301,056 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU
MOD - [2012.06.15 09:41:34 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b84bb74d7724e147a642a1d5358feb7\System.ServiceProcess.ni.dll
MOD - [2012.06.15 09:41:33 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\dbc413807cb7360b3e26ef3ca1d54f9a\System.Web.ni.dll
MOD - [2012.06.15 08:44:38 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbadafaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll
MOD - [2012.06.15 08:44:27 | 001,592,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86f2038209a4cf0d0f5b30f6375c9b2\System.Drawing.ni.dll
MOD - [2012.06.15 08:43:31 | 012,218,368 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationCore\f33e2a4d9b385234406fa2d662f78875\PresentationCore.ni.dll
MOD - [2012.05.11 08:31:27 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\9080c8e8e7b6dfb502c1328673d636f8\System.Management.ni.dll
MOD - [2012.05.11 08:30:21 | 000,771,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\92d58f840f549f9bd880783d43db7e3c\System.Runtime.Remoting.ni.dll
MOD - [2012.05.11 08:30:04 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll
MOD - [2012.05.11 08:29:37 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\016444dfc5f7e3d11c776f2fbc7a4594\Accessibility.ni.dll
MOD - [2012.05.10 17:03:16 | 000,060,928 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\f121ccced1aa14badb316d8d9be5154d\UIAutomationProvider.ni.dll
MOD - [2012.05.10 17:03:13 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll
MOD - [2012.05.10 17:02:09 | 000,539,648 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8b873631a0855fb6aa0ad25f1d9de7fe\PresentationFramework.Luna.ni.dll
MOD - [2012.05.10 17:01:34 | 003,325,440 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsBase\6d8bef0d008389874e55c0308f0c18e5\WindowsBase.ni.dll
MOD - [2012.05.10 17:01:28 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll
MOD - [2012.05.10 17:01:20 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll
MOD - [2012.05.10 16:56:22 | 005,283,840 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
MOD - [2012.04.12 05:05:00 | 001,645,568 | ---- | M] () -- C:\Programme\ThinkPad\Utilities\PWMDBSVC.exe
MOD - [2012.04.12 05:05:00 | 000,100,864 | ---- | M] () -- C:\Programme\ThinkPad\Utilities\GR\PWRMGRRO.DLL
MOD - [2012.04.12 05:05:00 | 000,092,160 | ---- | M] () -- C:\Programme\ThinkPad\Utilities\GR\PWRMGRRT.DLL
MOD - [2010.09.22 14:18:56 | 002,860,384 | ---- | M] () -- C:\WINDOWS\system32\btwicons.dll
MOD - [2010.09.22 14:18:56 | 000,075,112 | ---- | M] () -- C:\Programme\ThinkPad\Bluetooth Software\BTKeyInd.dll
MOD - [2010.08.26 17:15:30 | 000,016,384 | R--- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2010.08.25 21:44:50 | 000,270,336 | ---- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2010.03.16 12:22:12 | 000,014,848 | ---- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Core-Static\AxInterop.WBOCXLib.dll
MOD - [2010.03.01 11:45:31 | 000,315,392 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.03.01 11:45:27 | 000,434,176 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2010.03.01 11:45:26 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll
MOD - [2010.02.05 06:43:20 | 000,098,304 | ---- | M] () -- C:\WINDOWS\system32\DTS.exe
MOD - [2010.02.05 06:42:38 | 000,634,880 | ---- | M] () -- C:\Programme\Lenovo Fingerprint Software\SharedResources.dll
MOD - [2008.07.10 11:42:50 | 000,024,576 | ---- | M] () -- C:\Programme\Lenovo\Camera Center\bin\LocalizationWrapper.dll
MOD - [2008.07.10 11:42:50 | 000,007,680 | ---- | M] () -- C:\Programme\Lenovo\Camera Center\bin\de\LocalizationWrapper.resources.dll
MOD - [2008.07.10 11:42:48 | 000,028,672 | ---- | M] () -- C:\Programme\Lenovo\Camera Center\bin\CameraApplicationLaunchPadLibrary.dll
MOD - [2008.07.10 11:42:48 | 000,020,480 | ---- | M] () -- C:\Programme\Lenovo\Camera Center\bin\CameraApplicationLaunchPadDataObjects.dll
MOD - [2008.05.14 17:25:12 | 000,520,192 | ---- | M] () -- C:\Programme\Lenovo\Rescue and Recovery\rrpservice.exe
MOD - [2008.05.14 17:08:56 | 000,139,264 | ---- | M] () -- C:\Programme\Lenovo\Rescue and Recovery\CDRecord.dll
MOD - [2008.05.14 17:08:56 | 000,139,264 | ---- | M] () -- c:\Programme\Gemeinsame Dateien\Lenovo\CDRecord.dll
MOD - [2007.06.18 17:28:44 | 000,056,056 | ---- | M] () -- C:\WINDOWS\system32\DLAAPI_W.DLL
MOD - [2006.11.10 09:56:05 | 004,112,384 | ---- | M] () -- C:\WINDOWS\TOBITCLT.DLL
MOD - [2006.07.20 17:06:24 | 000,086,016 | ---- | M] () -- C:\WINDOWS\system32\IMGMSGMO.dll
MOD - [2006.06.29 22:57:50 | 000,032,768 | ---- | M] () -- C:\WINDOWS\system32\TpKmpSvc.exe
MOD - [2005.01.06 19:33:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\redmonnt.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] -- C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\DX9\SessionLauncher.exe -- (SessionLauncher)
SRV - [2012.09.13 19:11:25 | 000,250,568 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.09.13 19:09:46 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Programme\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012.04.22 13:51:04 | 000,720,936 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012.04.12 05:05:00 | 001,664,064 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\ThinkPad\Utilities\PWMEWSVC.exe -- (PwmEWSvc)
SRV - [2012.04.12 05:05:00 | 001,645,568 | ---- | M] () [Auto | Running] -- C:\Programme\ThinkPad\Utilities\PWMDBSVC.exe -- (Power Manager DBC Service)
SRV - [2012.04.12 05:05:00 | 000,280,640 | ---- | M] (Lenovo.) [Auto | Running] -- C:\Programme\ThinkPad\Utilities\DOZESVC.EXE -- (DozeSvc)
SRV - [2012.03.26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2011.07.25 23:14:00 | 000,028,672 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- c:\Programme\Lenovo\System Update\SUService.exe -- (SUService)
SRV - [2011.07.20 05:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2011.07.12 16:53:48 | 000,131,432 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\HOTKEY\tphkload.exe -- (TPHKLOAD)
SRV - [2011.07.12 16:53:24 | 000,101,736 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Programme\Lenovo\HOTKEY\micmute.exe -- (LENOVO.MICMUTE)
SRV - [2011.07.12 16:53:18 | 000,142,696 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\HOTKEY\TPHKSVC.exe -- (TPHKSVC)
SRV - [2010.09.22 14:18:46 | 000,349,528 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\ThinkPad\Bluetooth Software\bin\btwdins.exe -- (btwdins)
SRV - [2010.02.19 20:30:16 | 000,067,360 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Programme\NOS\bin\getPlus_Helper.dll -- (getPlusHelper)
SRV - [2010.02.05 06:44:44 | 000,118,784 | ---- | M] (AuthenTec,Inc) [On_Demand | Stopped] -- C:\WINDOWS\system32\FpLogonServ.exe -- (FingerprintServer)
SRV - [2010.02.05 06:43:20 | 000,098,304 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\DTS.exe -- (dtsvc)
SRV - [2010.02.05 06:43:16 | 000,106,496 | ---- | M] () [On_Demand | Stopped] -- C:\WINDOWS\system32\ADMonitor.exe -- (ADMonitor)
SRV - [2010.02.05 06:39:58 | 001,824,064 | ---- | M] (AuthenTec, Inc.) [Auto | Running] -- C:\WINDOWS\system32\AtService.exe -- (ATService)
SRV - [2009.09.21 16:55:12 | 000,858,384 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2009.09.21 16:44:48 | 000,954,368 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\S24EvMon.exe -- (S24EventMonitor)
SRV - [2009.09.21 16:31:36 | 000,473,360 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2008.10.09 18:05:16 | 000,360,448 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\Rescue and Recovery\UpdateMonitor.exe -- (TVT_UpdateMonitor)
SRV - [2008.06.13 18:29:44 | 000,746,808 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- c:\Programme\Gemeinsame Dateien\Lenovo\tvt_reg_monitor_svc.exe -- (ThinkVantage Registry Monitor Service)
SRV - [2008.05.14 17:42:30 | 001,155,072 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- c:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\tvtsched.exe -- (TVT Scheduler)
SRV - [2008.05.14 17:25:12 | 000,520,192 | ---- | M] () [Auto | Running] -- C:\Programme\Lenovo\Rescue and Recovery\rrpservice.exe -- (TVT Backup Protection Service)
SRV - [2008.04.25 09:15:24 | 001,120,752 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -- (RoxMediaDB10)
SRV - [2008.03.24 08:35:22 | 000,074,384 | R--- | M] (MicroVision Development, Inc.) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\SureThing Shared\stllssvr.exe -- (stllssvr)
SRV - [2007.01.04 20:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2006.11.03 20:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2006.10.26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006.10.26 13:40:34 | 000,335,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\mdm.exe -- (MDM)
SRV - [2006.06.29 22:57:50 | 000,032,768 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\TpKmpSvc.exe -- (TpKmpSVC)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - [2012.04.22 13:51:38 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2012.04.12 05:05:00 | 000,024,264 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\DOZEHDD.SYS -- (DozeHDD)
DRV - [2012.04.12 05:05:00 | 000,013,936 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TPPWRIF.SYS -- (TPPWRIF)
DRV - [2012.01.09 17:28:20 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2012.01.09 17:28:20 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2012.01.09 17:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2012.01.09 17:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011.12.28 06:40:02 | 000,129,352 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\ApsX86.sys -- (Shockprf)
DRV - [2011.12.28 06:40:02 | 000,022,344 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\ApsHM86.sys -- (TPDIGIMN)
DRV - [2011.09.20 13:18:38 | 000,822,400 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CHDAU32.sys -- (CnxtHdAudService)
DRV - [2010.09.23 09:14:30 | 000,993,576 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2010.09.16 19:00:00 | 000,051,752 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2010.09.07 14:09:06 | 000,013,680 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\smiif32.sys -- (lenovo.smi)
DRV - [2010.08.26 12:33:40 | 005,386,752 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2010.02.05 10:14:14 | 000,661,448 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ATSwpWDF.sys -- (ATSwpWDF)
DRV - [2009.11.24 12:43:30 | 000,154,672 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2009.09.18 13:54:38 | 000,533,152 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2009.09.15 13:34:10 | 005,977,216 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw5x32.sys -- (NETw5x32)
DRV - [2009.08.10 02:46:38 | 000,013,952 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2009.08.05 23:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2009.08.04 05:32:00 | 000,004,608 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TSMAPIP.SYS -- (TSMAPIP)
DRV - [2009.06.30 12:59:00 | 000,986,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2009.06.30 12:58:00 | 000,731,264 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2009.06.30 12:58:00 | 000,210,304 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2009.06.23 12:49:58 | 000,040,832 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HECI.sys -- (HECI)
DRV - [2008.09.25 01:49:52 | 000,031,680 | R--- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psadd.sys -- (psadd)
DRV - [2008.07.24 17:37:10 | 000,156,816 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2008.07.11 11:48:00 | 000,046,144 | ---- | M] (Lenovo) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tvtumon.sys -- (tvtumon)
DRV - [2008.03.26 07:21:06 | 000,013,824 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tpm.sys -- (tpm)
DRV - [2008.02.22 16:54:40 | 000,037,312 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tvti2c.sys -- (TVTI2C)
DRV - [2008.02.15 11:01:00 | 000,046,592 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2008.02.04 17:57:44 | 000,037,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2007.11.29 10:35:44 | 000,163,328 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2007.07.30 04:54:00 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007.07.30 03:42:00 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007.06.18 17:29:52 | 000,009,400 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResM.SYS -- (DLADResM)
DRV - [2007.06.18 17:29:10 | 000,035,064 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2007.06.18 17:29:08 | 000,093,752 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2007.06.18 17:29:06 | 000,098,136 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2007.06.18 17:29:04 | 000,026,744 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2007.06.18 17:28:58 | 000,032,472 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2007.06.18 17:28:54 | 000,014,520 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2007.06.18 17:28:52 | 000,105,048 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2007.02.16 16:09:06 | 009,598,080 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\snp2uvc.sys -- (SNP2UVC)
DRV - [2007.02.08 21:05:30 | 000,028,120 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS -- (DLARTL_M)
DRV - [2007.02.08 21:05:30 | 000,012,856 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2001.08.18 05:33:12 | 000,322,432 | ---- | M] (Matrox Graphics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\G400m.sys -- (G400)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\SearchScopes,DefaultScope = {591668AA-EA2E-4F73-80B8-91AC335B625F}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&FORM=LENIE
IE - HKCU\..\SearchScopes\{591668AA-EA2E-4F73-80B8-91AC335B625F}: "URL" = hxxp://www.google.de/search?q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programme\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Programme\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Programme\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.09.13 15:38:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins
 
[2012.09.13 15:38:04 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.09.06 03:26:03 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2012.09.06 04:07:37 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.06 04:07:37 | 000,002,465 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.09.06 04:07:37 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.09.06 04:07:37 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.09.06 04:07:37 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.09.06 04:07:37 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2004.08.04 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [BLOG] C:\Programme\ThinkPad\Utilities\BATLOGEX.DLL ()
O4 - HKLM..\Run: [CameraApplicationLauncher] C:\Programme\Lenovo\Camera Center\bin\CameraApplicationLaunchPadLauncher.exe ()
O4 - HKLM..\Run: [FingerPrintSoftware] C:\Programme\Lenovo Fingerprint Software\fpapp.exe (Authentec,Inc)
O4 - HKLM..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [LenovoAutoScrollUtility] C:\Programme\Lenovo\VIRTSCRL\virtscrl.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [LPMailChecker] C:\Programme\ThinkVantage\PrdCtr\LPMLCHK.EXE (Lenovo Group Limited)
O4 - HKLM..\Run: [MSC] C:\Programme\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [PWRMGRTR] C:\Programme\ThinkPad\Utilities\PWRMGRTR.DLL (Lenovo Group Limited)
O4 - HKLM..\Run: [SmartAudio] C:\Programme\CONEXANT\SAII\SAIICpl.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TPFNF7] C:\Programme\Lenovo\NPDIRECT\tpfnf7sp.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [TPKMAPHELPER] C:\Programme\ThinkPad\Utilities\TpKmapAp.exe (Lenovo)
O4 - HKLM..\Run: [TVT Scheduler Proxy] C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\scheduler_proxy.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [Windows Defender] C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\BTTray.lnk = C:\Programme\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\InfoCenter Notifier.LNK = C:\Programme\Tobit InfoCenter\DVREMIND.EXE (Tobit Software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoThumbnailCache = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceStartMenuLogOff = 1
O8 - Extra context menu item: Senden an &Bluetooth-Gerät... - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Senden an Bluetooth - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1267200590375 (MUWebControl Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.153.20 192.168.153.22 192.168.153.24
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = xxxxx
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A2142F2C-17D7-42E5-AC28-B6E895DA911B}: DhcpNameServer = 192.168.153.20 192.168.153.22 192.168.153.24
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (ATGinaHook.dll) - C:\WINDOWS\System32\ATGinaHook.dll (AuthenTec, Inc.)
O20 - Winlogon\Notify\ATFUS: DllName - (C:\WINDOWS\system32\FpWinLogonNp.dll) - C:\WINDOWS\system32\FpWinlogonNp.dll (AuthenTec,Inc)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Programme\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.01.27 04:18:40 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
ActiveX: {0213C6AF-5562-4D09-884C-2ADCFC8C2F35} - Microsoft .NET Framework 1.1 Security Update (KB2656353)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {1897C549-AE52-4571-8996-44854F5612B2} - Microsoft .NET Framework 1.1 Security Update (KB2656370)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C314CE45-3392-3B73-B4E1-139CD41CA933} - .NET Framework
ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E78BFA60-5393-4C38-82AB-E8019E464EB4} - .NET Framework
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: Microsoft Base Smart Card Crypto Provider Package - 
 
NetSvcs: 6to4 -  File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: Irmon -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.09.14 09:33:45 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\xxxxx\Anwendungsdaten\TeamViewer
[2012.09.13 20:23:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\xxxxx\Lokale Einstellungen\Anwendungsdaten\Temp
[2012.09.13 20:16:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\winrm
[2012.09.13 20:16:10 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$968930Uinstall_KB968930$
[2012.09.13 19:14:30 | 000,000,000 | ---D | C] -- C:\Programme\Adobe
[2012.09.13 19:14:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\xxxx\Eigene Dateien
[2012.09.13 19:10:10 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Java
[2012.09.13 19:09:36 | 000,000,000 | ---D | C] -- C:\Programme\Java
[2012.09.13 19:08:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\xxxxx\Anwendungsdaten\Sun
[2012.09.13 19:02:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\xxxxx\Desktop\Neuer Ordner
[2012.09.13 19:02:36 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\xxxxx\Desktop\7-ZipPortable
[2012.09.13 18:41:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\xxxxx\Anwendungsdaten\PwrMgr
[2012.09.13 18:39:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ATI
[2012.09.13 18:03:04 | 000,661,448 | ---- | C] (AuthenTec, Inc.) -- C:\WINDOWS\System32\drivers\ATSwpWDF.sys
[2012.09.13 18:02:58 | 000,000,000 | ---D | C] -- C:\Programme\Fingerprint Sensor
[2012.09.13 18:01:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Catalyst Control Center
[2012.09.13 17:58:41 | 000,000,000 | ---D | C] -- C:\Programme\ATI
[2012.09.13 17:43:15 | 000,000,000 | R--D | C] -- D:\xxxxx\Kopie von Eigene Musik
[2012.09.13 17:43:15 | 000,000,000 | ---D | C] -- D:\xxxxx\Kopie von Bluetooth-Exchange-Ordner
[2012.09.13 17:43:15 | 000,000,000 | ---D | C] -- D:\xxxxx\Kopie von Access Connections
[2012.09.13 17:40:48 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Security Client
[2012.09.13 17:38:06 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\xxxxx\IECompatCache
[2012.09.13 17:37:36 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\xxxxx\PrivacIE
[2012.09.13 17:37:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\xxxxx\Anwendungsdaten\Macromedia
[2012.09.13 17:37:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\xxxxx\Anwendungsdaten\Adobe
[2012.09.13 17:35:49 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\xxxxx\Lokale Einstellungen\Anwendungsdaten\Identities
[2012.09.13 17:35:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\xxxxx\Anwendungsdaten\Windows Desktop Search
[2012.09.13 17:34:42 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\xxxxx\Anwendungsdaten\Microsoft
[2012.09.13 17:34:42 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\xxxxx\SendTo
[2012.09.13 17:34:42 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\xxxxx\Recent
[2012.09.13 17:34:42 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\xxxxx\Anwendungsdaten
[2012.09.13 17:34:42 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\xxxxx\Startmenü\Programme\Zubehör
[2012.09.13 17:34:42 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\xxxxx\Startmenü
[2012.09.13 17:34:42 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\xxxxx\Favoriten
[2012.09.13 17:34:42 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\xxxxx\Startmenü\Programme\Autostart
[2012.09.13 17:34:42 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\xxxxx\IETldCache
[2012.09.13 17:34:42 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\xxxxx\Cookies
[2012.09.13 17:34:42 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\xxxxx\Vorlagen
[2012.09.13 17:34:42 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\xxxxx\Netzwerkumgebung
[2012.09.13 17:34:42 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\xxxxx\Lokale Einstellungen
[2012.09.13 17:34:42 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\xxxxx\Druckumgebung
[2012.09.13 17:34:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\xxxxx\Lokale Einstellungen\Anwendungsdaten\Sun
[2012.09.13 17:34:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\xxxxx\Lokale Einstellungen\Anwendungsdaten\Roxio
[2012.09.13 17:34:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\xxxxx\Lokale Einstellungen\Anwendungsdaten\Microsoft Help
[2012.09.13 17:34:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\xxxxx\Lokale Einstellungen\Anwendungsdaten\Microsoft
[2012.09.13 17:34:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\xxxxx\Anwendungsdaten\Lenovo
[2012.09.13 17:34:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\xxxxx\Anwendungsdaten\Intel
[2012.09.13 17:34:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\xxxxx\Anwendungsdaten\InstallShield
[2012.09.13 17:34:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\xxxxx\Anwendungsdaten\Identities
[2012.09.13 17:34:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\xxxxx\Desktop
[2012.09.13 17:34:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\xxxxx\Anwendungsdaten\CachedFiles
[2012.09.13 17:34:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\xxxxx\Lokale Einstellungen\Anwendungsdaten\BVRP Software
[2012.09.13 17:34:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\xxxxx\Bluetooth Software
[2012.09.13 17:34:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\xxxxx\Lokale Einstellungen\Anwendungsdaten\ATI
[2012.09.13 17:34:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\xxxxx\Anwendungsdaten\ATI
[2012.09.13 17:34:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\xxxxx\Lokale Einstellungen\Anwendungsdaten\ApplicationHistory
[2012.09.13 17:34:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\xxxxx\Lokale Einstellungen\Anwendungsdaten\Adobe
[2012.09.13 15:38:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Mozilla
[2012.09.13 15:38:02 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox
[2012.09.13 14:19:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2012.09.13 14:14:57 | 000,000,000 | ---D | C] -- C:\Programme\Conduit
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.09.14 10:18:00 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{6720A6AF-5F43-462D-B8D0-FD197F03912E}.job
[2012.09.14 09:29:15 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.09.14 09:27:00 | 000,001,106 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.09.14 09:12:09 | 000,000,386 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2012.09.14 09:11:58 | 000,000,358 | -H-- | M] () -- C:\WINDOWS\tasks\MpIdleTask.job
[2012.09.14 09:03:13 | 000,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.09.14 09:03:05 | 000,002,751 | ---- | M] () -- C:\WINDOWS\Tobit.ini
[2012.09.14 09:02:58 | 000,000,318 | ---- | M] () -- C:\WINDOWS\tasks\PMTask.job
[2012.09.14 09:02:35 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2005755202-1311182532-1862565094-1543.job
[2012.09.14 09:02:31 | 000,001,102 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.09.14 09:01:51 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.09.14 09:01:44 | 2074,112,000 | -HS- | M] () -- C:\hiberfil.sys
[2012.09.14 08:23:34 | 000,000,436 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{DAA3FF8E-57F1-427F-A294-100EE13F4435}.job
[2012.09.14 00:52:29 | 000,000,187 | ---- | M] () -- C:\scan-u-beenden.bat
[2012.09.14 00:45:32 | 000,000,519 | ---- | M] () -- C:\Dokumente und Einstellungen\xxxxx\Desktop\Wartung & Runterfahren.lnk
[2012.09.14 00:40:59 | 000,002,607 | ---- | M] () -- C:\Dokumente und Einstellungen\xxxxx\Desktop\Microsoft Office Outlook 2007.lnk
[2012.09.13 20:17:29 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.09.13 19:15:20 | 000,001,720 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader X.lnk
[2012.09.13 18:56:51 | 000,001,430 | RHS- | M] () -- C:\Dokumente und Einstellungen\xxxxx\ntuser.pol
[2012.09.13 18:48:49 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012.09.13 18:07:17 | 000,000,687 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\BTTray.lnk
[2012.09.13 18:03:06 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ATSwpWDF_01009.Wdf
[2012.09.13 17:54:34 | 000,000,188 | ---- | M] () -- C:\WINDOWS\x
[2012.09.13 17:42:18 | 000,000,147 | ---- | M] () -- C:\Dokumente und Einstellungen\xxxxx\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2012.09.13 17:41:08 | 000,001,912 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2012.09.13 17:35:03 | 000,000,768 | ---- | M] () -- C:\Dokumente und Einstellungen\xxxxx\Desktop\Windows Media Player.lnk
[2012.09.13 17:29:18 | 000,000,040 | ---- | M] () -- C:\WINDOWS\nscatch.ini
[2012.09.13 15:38:08 | 000,000,702 | ---- | M] () -- C:\Dokumente und Einstellungen\xxxxx\Desktop\Mozilla Firefox.lnk
[2012.09.13 15:38:08 | 000,000,702 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk
[2012.09.13 14:26:23 | 000,004,924 | ---- | M] () -- D:\xxxxx\regsicherung.reg
[2012.09.11 08:07:59 | 000,003,370 | RHS- | M] () -- C:\Dokumente und Einstellungen\All Users\ntuser.pol
[2012.08.16 11:18:47 | 000,331,480 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.09.14 00:44:20 | 000,000,519 | ---- | C] () -- C:\Dokumente und Einstellungen\xxxxx\Desktop\Wartung & Runterfahren.lnk
[2012.09.14 00:44:14 | 000,000,187 | ---- | C] () -- C:\scan-u-beenden.bat
[2012.09.14 00:40:55 | 000,002,607 | ---- | C] () -- C:\Dokumente und Einstellungen\xxxxx\Desktop\Microsoft Office Outlook 2007.lnk
[2012.09.13 20:15:17 | 000,225,262 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msimain.sdb
[2012.09.13 19:15:20 | 000,001,804 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Reader X.lnk
[2012.09.13 19:15:20 | 000,001,720 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader X.lnk
[2012.09.13 19:11:25 | 000,000,884 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.09.13 18:08:08 | 000,000,322 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Bluetooth-Umgebung.lnk
[2012.09.13 18:07:17 | 000,000,687 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\BTTray.lnk
[2012.09.13 18:03:06 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ATSwpWDF_01009.Wdf
[2012.09.13 17:58:50 | 000,076,216 | ---- | C] () -- C:\WINDOWS\System32\atiapfxx.blb
[2012.09.13 17:54:00 | 000,000,188 | ---- | C] () -- C:\WINDOWS\x
[2012.09.13 17:51:02 | 000,000,386 | -H-- | C] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2012.09.13 17:51:02 | 000,000,358 | -H-- | C] () -- C:\WINDOWS\tasks\MpIdleTask.job
[2012.09.13 17:41:08 | 000,001,912 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2012.09.13 17:41:04 | 000,001,684 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Security Essentials.lnk
[2012.09.13 17:38:06 | 000,000,436 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{DAA3FF8E-57F1-427F-A294-100EE13F4435}.job
[2012.09.13 17:35:10 | 000,000,789 | ---- | C] () -- C:\Dokumente und Einstellungen\xxxxx\Startmenü\Programme\Internet Explorer.lnk
[2012.09.13 17:35:03 | 000,000,774 | ---- | C] () -- C:\Dokumente und Einstellungen\xxxxx\Startmenü\Programme\Windows Media Player.lnk
[2012.09.13 17:35:03 | 000,000,768 | ---- | C] () -- C:\Dokumente und Einstellungen\xxxxx\Desktop\Windows Media Player.lnk
[2012.09.13 17:34:49 | 000,001,430 | RHS- | C] () -- C:\Dokumente und Einstellungen\xxxxx\ntuser.pol
[2012.09.13 17:34:42 | 000,001,891 | ---- | C] () -- C:\Dokumente und Einstellungen\xxxxx\Startmenü\Programme\McAfee Install.lnk
[2012.09.13 17:34:42 | 000,001,599 | ---- | C] () -- C:\Dokumente und Einstellungen\xxxxx\Startmenü\Programme\Remoteunterstützung.lnk
[2012.09.13 17:34:42 | 000,000,724 | ---- | C] () -- C:\Dokumente und Einstellungen\xxxxx\Startmenü\Programme\Outlook Express.lnk
[2012.09.13 17:34:42 | 000,000,147 | ---- | C] () -- C:\Dokumente und Einstellungen\xxxxx\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2012.09.13 17:14:01 | 000,000,422 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{6720A6AF-5F43-462D-B8D0-FD197F03912E}.job
[2012.09.13 15:52:14 | 000,000,702 | ---- | C] () -- C:\Dokumente und Einstellungen\xxxxx\Desktop\Mozilla Firefox.lnk
[2012.09.13 15:52:14 | 000,000,515 | ---- | C] () -- C:\Dokumente und Einstellungen\xxxxx\Desktop\Oagfvfd v    d.lnk
[2012.09.13 15:51:23 | 000,000,678 | ---- | C] () -- C:\Dokumente und Einstellungen\xxxxx\Desktop\DIMy_Win.lnk
[2012.09.13 15:51:23 | 000,000,542 | ---- | C] () -- C:\Dokumente und Einstellungen\xxxxx\Desktop\Bücherschrank.lnk
[2012.09.13 15:50:33 | 000,001,723 | ---- | C] () -- C:\Dokumente und Einstellungen\xxxxx\Desktop\Nokia Suite.lnk
[2012.09.13 15:50:27 | 000,000,253 | ---- | C] () -- C:\Dokumente und Einstellungen\xxxxx\Desktop\*****Formeln.url
[2012.09.13 15:50:16 | 000,000,684 | ---- | C] () -- C:\Dokumente und Einstellungen\xxxxx\Desktop\Verknüpfung mit Verwaltung.lnk
[2012.09.13 15:38:08 | 000,000,708 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Mozilla Firefox.lnk
[2012.09.13 15:38:08 | 000,000,702 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk
[2012.09.13 14:26:23 | 000,004,924 | ---- | C] () -- D:\xxxxx\regsicherung.reg
[2012.09.13 08:21:05 | 001,454,792 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2012.03.01 17:00:44 | 000,000,837 | ---- | C] () -- C:\WINDOWS\ERUNILX.INI
[2012.02.29 14:42:06 | 000,000,037 | ---- | C] () -- C:\WINDOWS\EPUNIDAD.INI
[2012.02.15 11:15:05 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2010.09.22 14:18:56 | 002,860,384 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2010.03.04 11:31:03 | 000,003,370 | RHS- | C] () -- C:\Dokumente und Einstellungen\All Users\ntuser.pol
 
========== LOP Check ==========
 
[2010.03.04 12:46:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Autodesk
[2010.03.03 16:12:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\FreePDF
[2010.03.03 11:01:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Lenovo
[2012.06.18 10:05:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Nokia
[2011.04.06 09:22:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NokiaInstallerCache
[2011.04.06 09:25:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite
[2010.03.03 12:05:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PCDr
[2010.02.26 14:12:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Uninstall
[2012.09.13 18:02:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxxxx\Anwendungsdaten\CachedFiles
[2010.02.26 14:17:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxxxx\Anwendungsdaten\Lenovo
[2012.09.13 18:41:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxxxx\Anwendungsdaten\PwrMgr
[2012.09.14 09:33:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxxxx\Anwendungsdaten\TeamViewer
[2012.09.13 17:35:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxxxx\Anwendungsdaten\Windows Desktop Search
[2012.09.14 09:11:58 | 000,000,358 | -H-- | M] () -- C:\WINDOWS\Tasks\MpIdleTask.job
[2012.09.14 09:02:58 | 000,000,318 | ---- | M] () -- C:\WINDOWS\Tasks\PMTask.job
[2012.09.14 10:18:00 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{6720A6AF-5F43-462D-B8D0-FD197F03912E}.job
[2012.09.14 08:23:34 | 000,000,436 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{DAA3FF8E-57F1-427F-A294-100EE13F4435}.job
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2010.02.26 14:15:01 | 000,000,000 | ---D | M] -- C:\AuthLog
[2012.09.11 08:58:21 | 000,000,000 | ---D | M] -- C:\DIMY4
[2012.09.13 20:09:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen
[2010.03.03 16:11:16 | 000,000,000 | ---D | M] -- C:\drivers
[2012.03.01 17:01:43 | 000,000,000 | ---D | M] -- C:\ERUNILEX
[2010.02.26 16:57:12 | 000,000,000 | ---D | M] -- C:\I386
[2010.02.26 14:12:47 | 000,000,000 | ---D | M] -- C:\Icons
[2010.02.26 13:51:57 | 000,000,000 | ---D | M] -- C:\Intel
[2010.06.02 10:49:20 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2010.02.26 14:23:24 | 000,000,000 | ---D | M] -- C:\Program Files
[2012.09.13 19:14:30 | 000,000,000 | ---D | M] -- C:\Programme
[2012.09.13 17:29:44 | 000,000,000 | -HSD | M] -- C:\RECYCLER
[2010.11.02 17:05:08 | 000,000,000 | RHSD | M] -- C:\RRbackups
[2006.01.25 22:56:11 | 000,000,000 | ---D | M] -- C:\SUPPORT
[2010.11.02 16:26:13 | 000,000,000 | ---D | M] -- C:\SWSHARE
[2010.02.26 16:56:34 | 000,000,000 | ---D | M] -- C:\SWTOOLS
[2010.02.26 16:56:20 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2006.01.25 22:56:09 | 000,000,000 | ---D | M] -- C:\VALUEADD
[2012.09.13 20:21:18 | 000,000,000 | ---D | M] -- C:\WINDOWS
 
< %PROGRAMFILES%\*.exe >
Invalid Environment Variable: LOCALAPPDATA
 
< %systemroot%\*. /mp /s >
 
< C:\Windows\system32\*.tsp >
[2008.04.14 04:23:08 | 000,266,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\h323.tsp
[2008.04.14 04:23:08 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp
[2008.04.14 04:23:08 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ipconf.tsp
[2008.04.14 04:23:08 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp
[2008.04.14 04:23:08 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp
[2008.04.14 04:23:08 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp
[2008.04.14 04:23:08 | 000,207,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
 
< MD5 for: AGP440.SYS  >
[2004.08.04 14:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\I386\sp2.cab:AGP440.sys
[2004.08.04 14:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2010.02.26 17:51:41 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2010.02.26 17:51:41 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004.08.04 09:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
 
< MD5 for: ATAPI.SYS  >
[2004.08.04 14:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\I386\sp2.cab:atapi.sys
[2004.08.04 14:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2010.02.26 17:51:41 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2010.02.26 17:51:41 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2007.04.03 12:39:42 | 000,096,384 | ---- | M] (Microsoft Corporation) MD5=2218E3FD674DC284CE98C807086CAB14 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
 
< MD5 for: EVENTLOG.DLL  >
[2008.04.14 04:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 04:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll
[2004.08.04 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
 
< MD5 for: EXPLORER.EXE  >
[2004.08.04 14:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) MD5=22FE1BE02EADDE1632E478E4125639E0 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\explorer.exe
[2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
 
< MD5 for: IASTOR.SYS  >
[2009.08.07 06:17:26 | 000,330,264 | ---- | M] (Intel Corporation) MD5=01446278D4563B3013C92830AE6CBB26 -- C:\Programme\Lenovo\System Update\session\6iim10ww\IaStor.sys
[2009.08.07 06:17:26 | 000,330,264 | ---- | M] (Intel Corporation) MD5=01446278D4563B3013C92830AE6CBB26 -- C:\WINDOWS\system32\drivers\iaStor.sys
[2008.05.07 10:40:02 | 000,317,976 | ---- | M] (Intel Corporation) MD5=80C633722DA72E97F3F5B3B11325696D -- C:\drivers\other\IaStor.sys
[2008.05.07 10:40:02 | 000,317,976 | ---- | M] (Intel Corporation) MD5=80C633722DA72E97F3F5B3B11325696D -- C:\SWTOOLS\DRIVERS\IMSM\IaStor.sys
[2008.05.07 10:40:02 | 000,317,976 | ---- | M] (Intel Corporation) MD5=80C633722DA72E97F3F5B3B11325696D -- C:\WINDOWS\system32\ReinstallBackups\0024\DriverFiles\iaStor.sys
 
< MD5 for: NETLOGON.DLL  >
[2008.04.14 04:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 04:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll
[2004.08.04 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
 
< MD5 for: SCECLI.DLL  >
[2008.04.14 04:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll
[2004.08.04 14:00:00 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
 
< MD5 for: USER32.DLL  >
[2005.03.02 20:09:46 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=3751D7CF0E0A113D84414992146BCE6A -- C:\I386\user32.dll
[2005.03.02 19:09:46 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=3751D7CF0E0A113D84414992146BCE6A -- C:\WINDOWS\$NtUninstallKB890859$\user32.dll
[2005.03.02 20:19:56 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=4C90159A69A5FD3EB39C71411F28FCFF -- C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\user32.dll
[2005.03.02 20:19:56 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=4C90159A69A5FD3EB39C71411F28FCFF -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll
[2008.04.14 04:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\ServicePackFiles\i386\user32.dll
[2008.04.14 04:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe
[2004.08.04 14:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2005.04.01 20:33:14 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=B0B3908F5432F9DBBCD83CA4C33F0D82 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2004.08.04 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2006.01.26 20:08:21 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2006.01.26 20:08:21 | 000,663,552 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2006.01.26 20:08:20 | 000,417,792 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
 
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
 
< %USERPROFILE%\*.* >
[2012.09.14 09:00:56 | 001,572,864 | -H-- | M] () -- C:\Dokumente und Einstellungen\xxxxx\NTUSER.DAT
[2012.09.14 10:17:37 | 000,001,024 | -H-- | M] () -- C:\Dokumente und Einstellungen\xxxxx\ntuser.dat.LOG
[2012.09.14 09:00:34 | 000,000,360 | -HS- | M] () -- C:\Dokumente und Einstellungen\xxxxx\ntuser.ini
[2012.09.13 18:56:51 | 000,001,430 | RHS- | M] () -- C:\Dokumente und Einstellungen\xxxxx\ntuser.pol
 
< %USERPROFILE%\Local Settings\Temp\*.exe >
 
< %USERPROFILE%\Local Settings\Temp\*.dll >
 
< %USERPROFILE%\Application Data\*.exe >
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Kmode: %SystemRoot%\system32\win32k.sys [2012.07.03 20:25:08 | 001,866,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
 
<           >

< End of report >

--- --- ---

markusg · 14.09.2012, 10:46

hi, und woher soll ich denn das ohne analyse wissen?
bin doch kein hellseher.
aber ist eher unwarscheinlich.
hatt denn das antimalware programm auf diesem gerät angeschlagen? ist das der arbeits oder privat pc?

Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.

Downloade dir bitte Combofix von einem dieser Downloadspiegel

Link 1
Link 2

WICHTIG - Speichere Combofix auf deinem Desktop

Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

starte den Rechner einfach neu. Dies sollte das Problem beheben.

nobear68 · 14.09.2012, 12:45

HI..also es ist ein Firmen Lap Top.

Hier die analyse ( Klar Namen sind raus):

Combofix Logfile:

Code:

ATTFilter

ComboFix 12-09-13.03 - xxxx 14.09.2012  13:16:31.1.2 - x86
Microsoft Windows XP Professional  5.1.2600.3.1252.49.1031.18.1978.941 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\xxxx\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\dokumente und einstellungen\xxxx.old\WINDOWS
c:\dokumente und einstellungen\xxxx\Anwendungsdaten\PriceGong
c:\dokumente und einstellungen\xxxx\Anwendungsdaten\PriceGong\Data\1.txt
c:\dokumente und einstellungen\xxxx\Anwendungsdaten\PriceGong\Data\a.txt
c:\dokumente und einstellungen\xxxx\Anwendungsdaten\PriceGong\Data\b.txt
c:\dokumente und einstellungen\xxxx\Anwendungsdaten\PriceGong\Data\c.txt
c:\dokumente und einstellungen\xxxx\Anwendungsdaten\PriceGong\Data\d.txt
c:\dokumente und einstellungen\xxxx\Anwendungsdaten\PriceGong\Data\e.txt
c:\dokumente und einstellungen\xxxx\Anwendungsdaten\PriceGong\Data\f.txt
c:\dokumente und einstellungen\xxxx\Anwendungsdaten\PriceGong\Data\g.txt
c:\dokumente und einstellungen\xxxx\Anwendungsdaten\PriceGong\Data\h.txt
c:\dokumente und einstellungen\xxxx\Anwendungsdaten\PriceGong\Data\i.txt
c:\dokumente und einstellungen\xxxx\Anwendungsdaten\PriceGong\Data\j.txt
c:\dokumente und einstellungen\xxxx\Anwendungsdaten\PriceGong\Data\k.txt
c:\dokumente und einstellungen\xxxx\Anwendungsdaten\PriceGong\Data\l.txt
c:\dokumente und einstellungen\xxxx\Anwendungsdaten\PriceGong\Data\m.txt
c:\dokumente und einstellungen\xxxx\Anwendungsdaten\PriceGong\Data\mru.xml
c:\dokumente und einstellungen\xxxx\Anwendungsdaten\PriceGong\Data\n.txt
c:\dokumente und einstellungen\xxxx\Anwendungsdaten\PriceGong\Data\o.txt
c:\dokumente und einstellungen\xxxx\Anwendungsdaten\PriceGong\Data\p.txt
c:\dokumente und einstellungen\xxxx\Anwendungsdaten\PriceGong\Data\q.txt
c:\dokumente und einstellungen\xxxx\Anwendungsdaten\PriceGong\Data\r.txt
c:\dokumente und einstellungen\xxxx\Anwendungsdaten\PriceGong\Data\s.txt
c:\dokumente und einstellungen\xxxx\Anwendungsdaten\PriceGong\Data\t.txt
c:\dokumente und einstellungen\xxxx\Anwendungsdaten\PriceGong\Data\u.txt
c:\dokumente und einstellungen\xxxx\Anwendungsdaten\PriceGong\Data\v.txt
c:\dokumente und einstellungen\xxxx\Anwendungsdaten\PriceGong\Data\w.txt
c:\dokumente und einstellungen\xxxx\Anwendungsdaten\PriceGong\Data\wlu.txt
c:\dokumente und einstellungen\xxxx\Anwendungsdaten\PriceGong\Data\x.txt
c:\dokumente und einstellungen\xxxx\Anwendungsdaten\PriceGong\Data\y.txt
c:\dokumente und einstellungen\xxxx\Anwendungsdaten\PriceGong\Data\z.txt
c:\windows\IsUn0407.exe
c:\windows\system32\ATGinaHook.dll
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\fusion.dll
c:\windows\system32\URTTemp\mscoree.dll
c:\windows\system32\URTTemp\mscoree.dll.local
c:\windows\system32\URTTemp\mscorsn.dll
c:\windows\system32\URTTemp\mscorwks.dll
c:\windows\system32\URTTemp\msvcr71.dll
c:\windows\system32\URTTemp\regtlib.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-08-14 bis 2012-09-14  ))))))))))))))))))))))))))))))
.
.
2012-09-13 23:03 . 2012-08-22 22:15	7022536	----a-w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\{E25952E2-F7F0-4562-A97D-E991910E86E2}\mpengine.dll
2012-09-13 22:44 . 2012-09-13 22:52	187	----a-w-	C:\scan-u-beenden.bat
2012-09-13 18:26 . 2012-08-22 22:15	7022536	----a-w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-09-13 18:16 . 2012-09-13 18:16	--------	d-----w-	c:\windows\system32\winrm
2012-09-13 18:16 . 2012-09-13 18:16	--------	dc-h--w-	c:\windows\$968930Uinstall_KB968930$
2012-09-13 17:11 . 2012-09-13 17:11	696520	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2012-09-13 17:10 . 2012-09-13 17:10	--------	d-----w-	c:\programme\Gemeinsame Dateien\Java
2012-09-13 17:10 . 2012-09-13 17:09	143872	----a-w-	c:\windows\system32\javacpl.cpl
2012-09-13 17:10 . 2012-09-13 17:09	821736	----a-w-	c:\windows\system32\npDeployJava1.dll
2012-09-13 17:09 . 2012-09-13 17:09	93672	----a-w-	c:\windows\system32\WindowsAccessBridge.dll
2012-09-13 17:09 . 2012-09-13 17:09	--------	d-----w-	c:\programme\Java
2012-09-13 16:39 . 2012-09-13 16:39	--------	d-----w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\ATI
2012-09-13 16:09 . 2010-07-06 19:36	301696	----a-w-	c:\windows\system32\UCI32A59.dll
2012-09-13 16:07 . 2010-09-22 12:51	91304	----a-w-	c:\windows\system32\drivers\btserial.sys
2012-09-13 16:03 . 2010-02-05 08:14	661448	----a-w-	c:\windows\system32\drivers\ATSwpWDF.sys
2012-09-13 16:02 . 2012-09-13 16:02	--------	d-----w-	c:\programme\Fingerprint Sensor
2012-09-13 15:58 . 2010-08-26 08:34	143360	----a-w-	c:\windows\system32\atiapfxx.exe
2012-09-13 15:58 . 2012-09-13 15:58	--------	d-----w-	c:\programme\ATI
2012-09-13 15:52 . 2010-09-07 12:09	13680	----a-w-	c:\windows\system32\drivers\smiif32.sys
2012-09-13 15:40 . 2012-09-13 15:41	--------	d-----w-	c:\programme\Microsoft Security Client
2012-09-13 15:34 . 2012-09-14 09:56	--------	d-----w-	c:\dokumente und einstellungen\xxxx
2012-09-13 15:08 . 2012-09-13 15:14	--------	d-----w-	c:\dokumente und einstellungen\xxxx
2012-09-13 12:14 . 2012-09-13 12:14	--------	d-----w-	c:\programme\Conduit
2012-09-11 06:13 . 2012-08-23 07:15	7022536	----a-w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\Microsoft\Windows Defender\Definition Updates\{2F2A6D48-EBE1-466F-A550-212DAEB263F3}\mpengine.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-13 17:11 . 2011-07-14 11:52	73416	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-08-01 22:51 . 2010-03-03 14:09	7023536	----a-w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2012-07-06 13:59 . 2006-01-27 01:00	78336	----a-w-	c:\windows\system32\browser.dll
2012-07-04 14:05 . 2006-01-27 01:00	139784	------w-	c:\windows\system32\drivers\rdpwd.sys
2012-07-03 18:25 . 2006-01-27 01:00	1866240	------w-	c:\windows\system32\win32k.sys
2012-07-02 17:39 . 2006-01-27 01:01	916992	----a-w-	c:\windows\system32\wininet.dll
2012-07-02 17:39 . 2006-01-27 01:01	43520	------w-	c:\windows\system32\licmgr10.dll
2012-07-02 17:39 . 2006-01-27 01:01	1469440	------w-	c:\windows\system32\inetcpl.cpl
2012-07-02 12:05 . 2006-01-27 01:01	385024	------w-	c:\windows\system32\html.iec
2012-06-21 13:31 . 2012-06-21 13:31	102400	----a-w-	c:\windows\system32\TpShCTL.exe
2012-06-21 13:30 . 2012-06-21 13:30	122880	----a-w-	c:\windows\system32\TpShEvUI.exe
2012-06-21 13:30 . 2012-06-21 13:30	229376	----a-w-	c:\windows\system32\TpShCPL.cpl
2012-06-21 13:30 . 2012-06-21 13:30	487424	----a-w-	c:\windows\system32\TpShCPL.dll
2012-06-21 13:30 . 2012-06-21 13:30	180224	----a-w-	c:\windows\system32\TpShocks.exe
2012-09-06 01:26 . 2012-09-13 13:38	266720	----a-w-	c:\programme\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FingerPrintSoftware"="c:\programme\Lenovo Fingerprint Software\fpapp.exe \s" [X]
"TPFNF7"="c:\progra~1\Lenovo\NPDIRECT\TPFNF7SP.exe" [2009-08-04 62240]
"EZEJMNAP"="c:\progra~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe" [2009-12-01 256576]
"Apoint"="c:\programme\Apoint2K\Apoint.exe" [2009-12-03 176128]
"TVT Scheduler Proxy"="c:\programme\Gemeinsame Dateien\Lenovo\Scheduler\scheduler_proxy.exe" [2008-05-14 487424]
"LPManager"="c:\progra~1\THINKV~1\PrdCtr\LPMGR.exe" [2009-07-23 185688]
"LPMailChecker"="c:\progra~1\THINKV~1\PrdCtr\LPMLCHK.exe" [2009-07-23 124248]
"CameraApplicationLauncher"="c:\programme\Lenovo\Camera Center\bin\CameraApplicationLaunchpadLauncher.exe" [2008-07-10 16384]
"PWRMGRTR"="c:\progra~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL" [2012-04-12 3662400]
"BLOG"="c:\progra~1\ThinkPad\UTILIT~1\BatLogEx.DLL" [2012-04-12 208896]
"TPKMAPHELPER"="c:\programme\ThinkPad\Utilities\TpKmapAp.exe" [2007-01-09 868352]
"FreePDF Assistant"="c:\programme\FreePDF_XP\fpassist.exe" [2009-09-05 385024]
"Synchronization Manager"="c:\windows\system32\mobsync.exe" [2008-04-14 144384]
"MSC"="c:\programme\Microsoft Security Client\msseces.exe" [2012-03-26 931200]
"LenovoAutoScrollUtility"="c:\programme\Lenovo\VIRTSCRL\virtscrl.exe" [2011-10-20 101440]
"StartCCC"="c:\programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-08-25 98304]
"TpShocks"="TpShocks.exe" [2012-06-21 180224]
"SmartAudio"="c:\programme\CONEXANT\SAII\SAIICpl.exe" [2010-04-28 307768]
"SunJavaUpdateSched"="c:\programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [2012-07-03 252848]
"Adobe ARM"="c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\GEMEIN~1\MICROS~1\DW\dwtrig20.exe" [2011-07-27 434080]
.
c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\
BTTray.lnk - c:\programme\ThinkPad\Bluetooth Software\BTTray.exe [2010-9-22 607584]
Digital Line Detect.lnk - c:\programme\Digital Line Detect\DLG.exe [2010-3-3 50688]
InfoCenter Notifier.LNK - c:\programme\Tobit InfoCenter\DVREMIND.EXE [2010-3-4 1191936]
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoThumbnailCache"= 1 (0x1)
"ForceStartMenuLogOff"= 1 (0x1)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\programme\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ATFUS]
2010-02-05 04:44	180224	----a-w-	c:\windows\system32\FpWinlogonNp.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programme\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programme\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programme\\Windows Live\\Sync\\WindowsLiveSync.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
.
R0 DozeHDD;DozeHDD;c:\windows\system32\drivers\DOZEHDD.SYS [03.03.2010 12:09 24264]
R0 TPDIGIMN;TPDIGIMN;c:\windows\system32\drivers\ApsHM86.sys [28.12.2011 06:40 22344]
R1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\drivers\smiif32.sys [13.09.2012 17:52 13680]
R1 tvtumon;tvtumon;c:\windows\system32\drivers\tvtumon.sys [09.05.2008 06:50 46144]
R2 ATService;AuthenTec Fingerprint Service;c:\windows\system32\AtService.exe [05.02.2010 06:39 1824064]
R2 DozeSvc;Lenovo Doze Mode Service;c:\programme\ThinkPad\Utilities\DOZESVC.EXE [03.03.2010 12:09 280640]
R2 dtsvc;Data Transfer Service;c:\windows\system32\DTS.exe [05.02.2010 06:43 98304]
R2 Power Manager DBC Service;Power Manager DBC Service;c:\programme\ThinkPad\Utilities\PWMDBSVC.exe [26.02.2010 14:15 1645568]
R2 PwmEWSvc;Cisco EnergyWise Enabler;c:\programme\ThinkPad\Utilities\PWMEWSVC.exe [13.09.2012 17:55 1664064]
R2 TPHKLOAD;Lenovo Hotkey Client Loader;c:\programme\Lenovo\HOTKEY\tphkload.exe [13.09.2012 17:52 131432]
R2 TPHKSVC;Anzeige am Bildschirm;c:\programme\Lenovo\HOTKEY\TPHKSVC.exe [20.05.2008 04:00 142696]
R2 TVT Backup Protection Service;TVT Backup Protection Service;c:\programme\Lenovo\Rescue and Recovery\rrpservice.exe [14.05.2008 17:25 520192]
R2 TVT_UpdateMonitor;TVT Windows Update Monitor;c:\programme\Lenovo\Rescue and Recovery\UpdateMonitor.exe [09.05.2008 06:50 360448]
R3 ATSwpWDF;AuthenTec TruePrint USB Driver;c:\windows\system32\drivers\ATSwpWDF.sys [13.09.2012 18:03 661448]
R3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\drivers\tvti2c.sys [22.02.2008 16:54 37312]
S2 gupdate;Google Update-Dienst (gupdate);c:\programme\Google\Update\GoogleUpdate.exe [13.10.2010 15:33 136176]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\programme\Lenovo\HOTKEY\micmute.exe [13.09.2012 17:52 101736]
S2 SessionLauncher;SessionLauncher;c:\dokume~1\ADMINI~1\LOKALE~1\Temp\DX9\SessionLauncher.exe --> c:\dokume~1\ADMINI~1\LOKALE~1\Temp\DX9\SessionLauncher.exe [?]
S2 WinDefend;Windows Defender;c:\programme\Windows Defender\MsMpEng.exe [03.11.2006 20:19 13592]
S3 ADMonitor;AD Monitor;c:\windows\system32\ADMonitor.exe [05.02.2010 06:43 106496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [13.09.2012 19:11 250568]
S3 FingerprintServer;Fingerprint Server;c:\windows\system32\FpLogonServ.exe [05.02.2010 06:44 118784]
S3 gupdatem;Google Update-Dienst (gupdatem);c:\programme\Google\Update\GoogleUpdate.exe [13.10.2010 15:33 136176]
S3 RoxMediaDB10;RoxMediaDB10;c:\programme\Gemeinsame Dateien\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [25.04.2008 09:15 1120752]
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper	REG_MULTI_SZ   	getPlusHelper
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
.
Inhalt des "geplante Tasks" Ordners
.
2012-09-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-13 17:11]
.
2012-09-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programme\Google\Update\GoogleUpdate.exe [2010-10-13 13:32]
.
2012-09-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programme\Google\Update\GoogleUpdate.exe [2010-10-13 13:32]
.
2012-09-14 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job
- c:\programme\Microsoft Security Client\MpCmdRun.exe [2012-03-26 15:03]
.
2012-09-14 c:\windows\Tasks\MpIdleTask.job
- c:\programme\Microsoft Security Client\MpCmdRun.exe [2012-03-26 15:03]
.
2012-09-14 c:\windows\Tasks\PMTask.job
- c:\progra~1\ThinkPad\UTILIT~1\PWMIDTSK.EXE [2010-02-26 03:05]
.
2012-09-14 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2005755202-1311182532-1862565094-1543.job
- c:\programme\Real\RealUpgrade\realupgrade.exe [2012-04-30 16:21]
.
2012-08-10 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2005755202-1311182532-1862565094-1543.job
- c:\programme\Real\RealUpgrade\realupgrade.exe [2012-04-30 16:21]
.
2012-09-14 c:\windows\Tasks\User_Feed_Synchronization-{6720A6AF-5F43-462D-B8D0-FD197F03912E}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 03:31]
.
2012-09-14 c:\windows\Tasks\User_Feed_Synchronization-{DAA3FF8E-57F1-427F-A294-100EE13F4435}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 03:31]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = about:blank
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000
IE: Senden an &Bluetooth-Gerät... - c:\programme\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
IE: Senden an Bluetooth - c:\programme\ThinkPad\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.153.20 192.168.153.22 192.168.153.24
FF - ProfilePath - 
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
AddRemove-Microsoft Interactive Training - c:\windows\IsUn0407.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2012-09-14 13:23
Windows 5.1.2600 Service Pack 3 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'winlogon.exe'(1056)
c:\windows\system32\FpWinLogonNp.dll
c:\programme\Lenovo Fingerprint Software\ATCSSINT.dll
c:\programme\Lenovo Fingerprint Software\SharedResources.dll
c:\programme\Lenovo Fingerprint Software\FPResource.dll
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
- - - - - - - > 'explorer.exe'(4568)
c:\windows\system32\btmmhook.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\programme\Lenovo\Drag-to-Disc\Shellex.dll
c:\windows\system32\DLAAPI_W.DLL
c:\programme\Lenovo\Drag-to-Disc\ShellRes.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\ibmpmsvc.exe
c:\windows\system32\Ati2evxx.exe
c:\programme\Microsoft Security Client\MsMpEng.exe
c:\programme\Intel\WiFi\bin\S24EvMon.exe
c:\windows\system32\Ati2evxx.exe
c:\programme\Intel\WiFi\bin\EvtEng.exe
c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
c:\programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe
c:\programme\Java\jre7\bin\jqs.exe
c:\programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\mdm.exe
c:\programme\LENOVO\HOTKEY\tposdsvc.exe
c:\programme\Gemeinsame Dateien\Intel\WirelessCommon\RegSrvc.exe
c:\programme\Lenovo\HOTKEY\TPONSCR.exe
c:\programme\Gemeinsame Dateien\Lenovo\tvt_reg_monitor_svc.exe
c:\programme\Lenovo\Zoom\TpScrex.exe
c:\windows\system32\TpKmpSVC.exe
c:\programme\Lenovo\Rescue and Recovery\rrservice.exe
c:\programme\Gemeinsame Dateien\Lenovo\Scheduler\tvtsched.exe
c:\windows\system32\SearchIndexer.exe
c:\programme\lenovo\system update\suservice.exe
c:\programme\Windows Media Player\WMPNetwk.exe
c:\programme\ThinkPad\Bluetooth Software\bin\btwdins.exe
c:\windows\system32\wbem\unsecapp.exe
c:\programme\Apoint2K\ApMsgFwd.exe
c:\programme\Apoint2K\Apntex.exe
c:\windows\system32\rundll32.exe
c:\programme\Lenovo\Camera Center\bin\LenovoCameraCenter.exe
c:\programme\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\windows\system32\TpShocks.exe
c:\progra~1\ThinkPad\UTILIT~1\SCHTASK.exe
c:\programme\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-09-14  13:27:37 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2012-09-14 11:27
.
Vor Suchlauf: 16 Verzeichnis(se), 86.432.632.832 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 86.667.268.096 Bytes frei
.
WindowsXP-KB310994-SP2-Pro-BootDisk-DEU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - F5BEE78AA60AEAFD4D1C6A90C5DA91A3

--- --- ---

markusg · 14.09.2012, 12:48

hi
download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
- bei funden erst mal immer skip wählen, log posten

nobear68 · 14.09.2012, 13:05

weiter gehts.....

13:57:26.0254 6024 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
13:57:26.0363 6024 ============================================================
13:57:26.0363 6024 Current date / time: 2012/09/14 13:57:26.0363
13:57:26.0363 6024 SystemInfo:
13:57:26.0363 6024
13:57:26.0363 6024 OS Version: 5.1.2600 ServicePack: 3.0
13:57:26.0363 6024 Product type: Workstation
13:57:26.0363 6024 ComputerName: S-AP-023
13:57:26.0363 6024 UserName: xxxx
13:57:26.0363 6024 Windows directory: C:\WINDOWS
13:57:26.0363 6024 System windows directory: C:\WINDOWS
13:57:26.0363 6024 Processor architecture: Intel x86
13:57:26.0363 6024 Number of processors: 2
13:57:26.0363 6024 Page size: 0x1000
13:57:26.0363 6024 Boot type: Normal boot
13:57:26.0363 6024 ============================================================
13:57:27.0035 6024 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0xA181, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000050
13:57:27.0050 6024 Drive \Device\Harddisk1\DR4 - Size: 0xF0300000 (3.75 Gb), SectorSize: 0x200, Cylinders: 0x1E9, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:57:27.0050 6024 ============================================================
13:57:27.0050 6024 \Device\Harddisk0\DR0:
13:57:27.0066 6024 MBR partitions:
13:57:27.0066 6024 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xFF79524
13:57:27.0066 6024 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xFF79563, BlocksNum 0x14A76F4D
13:57:27.0066 6024 \Device\Harddisk1\DR4:
13:57:27.0066 6024 MBR partitions:
13:57:27.0066 6024 ============================================================
13:57:27.0081 6024 C: <-> \Device\Harddisk0\DR0\Partition1
13:57:27.0128 6024 D: <-> \Device\Harddisk0\DR0\Partition2
13:57:27.0128 6024 ============================================================
13:57:27.0128 6024 Initialize success
13:57:27.0128 6024 ============================================================
13:58:37.0500 4464 ============================================================
13:58:37.0500 4464 Scan started
13:58:37.0500 4464 Mode: Manual; SigCheck; TDLFS;
13:58:37.0500 4464 ============================================================
13:58:37.0750 4464 ================ Scan system memory ========================
13:58:37.0750 4464 System memory - ok
13:58:37.0750 4464 ================ Scan services =============================
13:58:37.0937 4464 Abiosdsk - ok
13:58:37.0953 4464 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
13:58:38.0125 4464 abp480n5 - ok
13:58:38.0156 4464 [ 0F2D66D5F08EBE2F77BB904288DCF6F0 ] ac97intc C:\WINDOWS\system32\drivers\ac97intc.sys
13:58:38.0234 4464 ac97intc - ok
13:58:38.0281 4464 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
13:58:38.0390 4464 ACPI - ok
13:58:38.0390 4464 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
13:58:38.0515 4464 ACPIEC - ok
13:58:38.0546 4464 [ A71390EE50FEFF7F799F3CB0C4A98533 ] ADMonitor C:\WINDOWS\system32\ADMonitor.exe
13:58:38.0640 4464 ADMonitor ( UnsignedFile.Multi.Generic ) - warning
13:58:38.0640 4464 ADMonitor - detected UnsignedFile.Multi.Generic (1)
13:58:38.0718 4464 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:58:38.0734 4464 AdobeFlashPlayerUpdateSvc - ok
13:58:38.0765 4464 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
13:58:38.0874 4464 adpu160m - ok
13:58:38.0905 4464 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
13:58:39.0015 4464 aec - ok
13:58:39.0062 4464 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
13:58:39.0108 4464 AFD - ok
13:58:39.0140 4464 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
13:58:39.0249 4464 agp440 - ok
13:58:39.0249 4464 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
13:58:39.0343 4464 agpCPQ - ok
13:58:39.0374 4464 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
13:58:39.0421 4464 Aha154x - ok
13:58:39.0436 4464 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
13:58:39.0530 4464 aic78u2 - ok
13:58:39.0546 4464 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
13:58:39.0608 4464 aic78xx - ok
13:58:39.0639 4464 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll
13:58:39.0717 4464 Alerter - ok
13:58:39.0733 4464 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe
13:58:39.0811 4464 ALG - ok
13:58:39.0842 4464 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
13:58:39.0920 4464 AliIde - ok
13:58:39.0936 4464 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
13:58:40.0014 4464 alim1541 - ok
13:58:40.0030 4464 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
13:58:40.0108 4464 amdagp - ok
13:58:40.0123 4464 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
13:58:40.0186 4464 amsint - ok
13:58:40.0233 4464 [ BAAA6516AEC2622B8FBA6165FF5D68C2 ] ApfiltrService C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
13:58:40.0264 4464 ApfiltrService - ok
13:58:40.0295 4464 [ D45960BE52C3C610D361977057F98C54 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
13:58:40.0389 4464 AppMgmt - ok
13:58:40.0420 4464 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
13:58:40.0498 4464 Arp1394 - ok
13:58:40.0514 4464 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
13:58:40.0592 4464 asc - ok
13:58:40.0607 4464 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
13:58:40.0670 4464 asc3350p - ok
13:58:40.0670 4464 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
13:58:40.0748 4464 asc3550 - ok
13:58:40.0857 4464 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
13:58:40.0857 4464 aspnet_state - ok
13:58:40.0873 4464 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
13:58:40.0935 4464 AsyncMac - ok
13:58:40.0966 4464 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
13:58:41.0029 4464 atapi - ok
13:58:41.0029 4464 Atdisk - ok
13:58:41.0076 4464 [ DAE9B06F344AE0F877D7CE3500C12342 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
13:58:41.0138 4464 Ati HotKey Poller - ok
13:58:41.0294 4464 [ BDE0F5D73C04B3F16672A7E6EA9D2392 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
13:58:41.0450 4464 ati2mtag - ok
13:58:41.0482 4464 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
13:58:41.0591 4464 Atmarpc - ok
13:58:41.0669 4464 [ 9C4DF8D13E5EA12A747BAD0773D47B01 ] ATService C:\WINDOWS\system32\AtService.exe
13:58:41.0997 4464 ATService - ok
13:58:42.0028 4464 [ 2540B733F644B200DBA9AA64D870DE8D ] ATSwpWDF C:\WINDOWS\system32\Drivers\ATSwpWDF.sys
13:58:42.0044 4464 ATSwpWDF - ok
13:58:42.0091 4464 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
13:58:42.0169 4464 AudioSrv - ok
13:58:42.0216 4464 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
13:58:42.0278 4464 audstub - ok
13:58:42.0325 4464 [ A9D0F6EFC61D1FF69B55C495F85DD868 ] b57w2k C:\WINDOWS\system32\DRIVERS\b57xp32.sys
13:58:42.0372 4464 b57w2k - ok
13:58:42.0403 4464 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
13:58:42.0481 4464 Beep - ok
13:58:42.0512 4464 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll
13:58:42.0590 4464 BITS - ok
13:58:42.0622 4464 [ B71549F23736ADF83A571061C47777FD ] Browser C:\WINDOWS\System32\browser.dll
13:58:42.0653 4464 Browser - ok
13:58:42.0684 4464 [ 9E8CF88D340E32FCB3C53955B2DF388F ] btaudio C:\WINDOWS\system32\drivers\btaudio.sys
13:58:42.0700 4464 btaudio - ok
13:58:42.0731 4464 [ 2F9F111D31AA3FBBE5781D829A4524E6 ] BTDriver C:\WINDOWS\system32\DRIVERS\btport.sys
13:58:42.0731 4464 BTDriver - ok
13:58:42.0793 4464 [ D26B5B9A40A2B2191B35C76D5CBF5D2A ] BTKRNL C:\WINDOWS\system32\DRIVERS\btkrnl.sys
13:58:42.0825 4464 BTKRNL - ok
13:58:42.0934 4464 [ C261E704B5558BA04DD643A0D998327D ] btwdins C:\Programme\ThinkPad\Bluetooth Software\bin\btwdins.exe
13:58:42.0949 4464 btwdins - ok
13:58:42.0996 4464 [ 485020A1E1FC5C51A800CA69C618D881 ] BTWDNDIS C:\WINDOWS\system32\DRIVERS\btwdndis.sys
13:58:42.0996 4464 BTWDNDIS - ok
13:58:43.0027 4464 [ 7696F6F2E63086EEEDB76B71BB7BB455 ] BTWUSB C:\WINDOWS\system32\Drivers\btwusb.sys
13:58:43.0043 4464 BTWUSB - ok
13:58:43.0043 4464 catchme - ok
13:58:43.0074 4464 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
13:58:43.0152 4464 cbidf - ok
13:58:43.0168 4464 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
13:58:43.0230 4464 cbidf2k - ok
13:58:43.0262 4464 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
13:58:43.0340 4464 CCDECODE - ok
13:58:43.0371 4464 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
13:58:43.0418 4464 cd20xrnt - ok
13:58:43.0433 4464 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
13:58:43.0496 4464 Cdaudio - ok
13:58:43.0512 4464 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
13:58:43.0574 4464 Cdfs - ok
13:58:43.0590 4464 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
13:58:43.0668 4464 Cdrom - ok
13:58:43.0683 4464 Changer - ok
13:58:43.0699 4464 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe
13:58:43.0777 4464 CiSvc - ok
13:58:43.0793 4464 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
13:58:43.0871 4464 ClipSrv - ok
13:58:43.0917 4464 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:58:43.0933 4464 clr_optimization_v2.0.50727_32 - ok
13:58:43.0964 4464 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
13:58:44.0042 4464 CmBatt - ok
13:58:44.0074 4464 [ C687F81290303D90099B027A6474F99F ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
13:58:44.0152 4464 CmdIde - ok
13:58:44.0199 4464 [ 33602232B07F43DF8FC7350A5617D3A7 ] CnxtHdAudService C:\WINDOWS\system32\drivers\CHDAU32.sys
13:58:44.0214 4464 CnxtHdAudService - ok
13:58:44.0230 4464 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
13:58:44.0308 4464 Compbatt - ok
13:58:44.0323 4464 COMSysApp - ok
13:58:44.0339 4464 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
13:58:44.0433 4464 Cpqarray - ok
13:58:44.0464 4464 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
13:58:44.0542 4464 CryptSvc - ok
13:58:44.0573 4464 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
13:58:44.0667 4464 dac2w2k - ok
13:58:44.0667 4464 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
13:58:44.0729 4464 dac960nt - ok
13:58:44.0776 4464 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
13:58:44.0823 4464 DcomLaunch - ok
13:58:44.0870 4464 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
13:58:44.0948 4464 Dhcp - ok
13:58:44.0995 4464 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
13:58:45.0057 4464 Disk - ok
13:58:45.0104 4464 [ 5B149CCFE275F4DE0B4B8EC6B9F6821E ] DLABMFSM C:\WINDOWS\system32\DLA\DLABMFSM.SYS
13:58:45.0120 4464 DLABMFSM - ok
13:58:45.0120 4464 [ AD4CB3D783634C90A9D0CE360933A63C ] DLABOIOM C:\WINDOWS\system32\DLA\DLABOIOM.SYS
13:58:45.0135 4464 DLABOIOM - ok
13:58:45.0135 4464 [ 5230CDB7E715F3A3B4A882E254CDD35D ] DLACDBHM C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
13:58:45.0151 4464 DLACDBHM - ok
13:58:45.0151 4464 [ DAE193B1DDC6914F56B767A4F1406351 ] DLADResM C:\WINDOWS\system32\DLA\DLADResM.SYS
13:58:45.0167 4464 DLADResM - ok
13:58:45.0167 4464 [ 6A82F77C4A6F5235BF352F0028E2EF52 ] DLAIFS_M C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
13:58:45.0182 4464 DLAIFS_M - ok
13:58:45.0182 4464 [ 0E6052C0ADA37504896A847231A3907D ] DLAOPIOM C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
13:58:45.0182 4464 DLAOPIOM - ok
13:58:45.0198 4464 [ 29670BB4E2B973C5B55A76107D4910B2 ] DLAPoolM C:\WINDOWS\system32\DLA\DLAPoolM.SYS
13:58:45.0198 4464 DLAPoolM - ok
13:58:45.0198 4464 [ 77FE51F0F8D86804CB81F6EF6BFB86DD ] DLARTL_M C:\WINDOWS\system32\Drivers\DLARTL_M.SYS
13:58:45.0213 4464 DLARTL_M - ok
13:58:45.0213 4464 [ 6B087732B86C1D866D69DBBE463EA90A ] DLAUDFAM C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
13:58:45.0229 4464 DLAUDFAM - ok
13:58:45.0229 4464 [ BBEECB95F2841AE4A3E3690D46D7153D ] DLAUDF_M C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
13:58:45.0245 4464 DLAUDF_M - ok
13:58:45.0245 4464 dmadmin - ok
13:58:45.0276 4464 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
13:58:45.0354 4464 dmboot - ok
13:58:45.0370 4464 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys
13:58:45.0463 4464 dmio - ok
13:58:45.0479 4464 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
13:58:45.0541 4464 dmload - ok
13:58:45.0573 4464 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll
13:58:45.0651 4464 dmserver - ok
13:58:45.0697 4464 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
13:58:45.0776 4464 DMusic - ok
13:58:45.0822 4464 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
13:58:45.0854 4464 Dnscache - ok
13:58:45.0885 4464 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
13:58:45.0947 4464 Dot3svc - ok
13:58:46.0025 4464 [ DFA9D633510697D69C8288C54F0ADCA0 ] DozeHDD C:\WINDOWS\system32\DRIVERS\DozeHDD.sys
13:58:46.0025 4464 DozeHDD - ok
13:58:46.0103 4464 [ 84311F6C7AF747AEF5FB7E33CD9FF155 ] DozeSvc C:\Programme\ThinkPad\Utilities\DOZESVC.EXE
13:58:46.0119 4464 DozeSvc - ok
13:58:46.0150 4464 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
13:58:46.0228 4464 dpti2o - ok
13:58:46.0244 4464 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
13:58:46.0322 4464 drmkaud - ok
13:58:46.0338 4464 [ 83106585494D5EB96F59187200C144BD ] DRVMCDB C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
13:58:46.0338 4464 DRVMCDB - ok
13:58:46.0338 4464 [ FFC371525AA55D1BAE18715EBCB8797C ] DRVNDDM C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
13:58:46.0353 4464 DRVNDDM - ok
13:58:46.0384 4464 [ F74F18DFF9FB2797C3DF33C75962EE2E ] dtsvc C:\WINDOWS\system32\DTS.exe
13:58:46.0431 4464 dtsvc ( UnsignedFile.Multi.Generic ) - warning
13:58:46.0431 4464 dtsvc - detected UnsignedFile.Multi.Generic (1)
13:58:46.0463 4464 [ A6DE5342417FEC3C0AA8EFEBB899C431 ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
13:58:46.0541 4464 E100B - ok
13:58:46.0572 4464 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll
13:58:46.0650 4464 EapHost - ok
13:58:46.0681 4464 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll
13:58:46.0759 4464 ERSvc - ok
13:58:46.0790 4464 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe
13:58:46.0822 4464 Eventlog - ok
13:58:46.0822 4464 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\system32\es.dll
13:58:46.0837 4464 EventSystem - ok
13:58:46.0915 4464 [ A57BE3307ADA2FC086B5B43135735283 ] EvtEng C:\Programme\Intel\WiFi\bin\EvtEng.exe
13:58:46.0962 4464 EvtEng - ok
13:58:46.0993 4464 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
13:58:47.0087 4464 Fastfat - ok
13:58:47.0150 4464 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
13:58:47.0181 4464 FastUserSwitchingCompatibility - ok
13:58:47.0196 4464 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
13:58:47.0259 4464 Fdc - ok
13:58:47.0290 4464 [ F0213914C54CB202EFD69968357E6386 ] FingerprintServer C:\WINDOWS\system32\FpLogonServ.exe
13:58:47.0353 4464 FingerprintServer ( UnsignedFile.Multi.Generic ) - warning
13:58:47.0353 4464 FingerprintServer - detected UnsignedFile.Multi.Generic (1)
13:58:47.0384 4464 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
13:58:47.0462 4464 Fips - ok
13:58:47.0477 4464 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
13:58:47.0556 4464 Flpydisk - ok
13:58:47.0587 4464 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
13:58:47.0649 4464 FltMgr - ok
13:58:47.0696 4464 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
13:58:47.0696 4464 FontCache3.0.0.0 - ok
13:58:47.0743 4464 [ C6EE3A87FE609D3E1DB9DBD072A248DE ] fssfltr C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
13:58:47.0743 4464 fssfltr - ok
13:58:47.0837 4464 [ 206AD9A89BF05DFA1621F1FC7B82592D ] fsssvc C:\Programme\Windows Live\Family Safety\fsssvc.exe
13:58:47.0852 4464 fsssvc - ok
13:58:47.0915 4464 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
13:58:47.0993 4464 Fs_Rec - ok
13:58:48.0008 4464 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
13:58:48.0102 4464 Ftdisk - ok
13:58:48.0133 4464 [ 33D00F8CB70AC5F7A8101F79D5273615 ] G400 C:\WINDOWS\system32\DRIVERS\G400m.sys
13:58:48.0196 4464 G400 - ok
13:58:48.0211 4464 [ 360FC9E29EBCD7CB75320E2663EBA0F2 ] getPlusHelper C:\Programme\NOS\bin\getPlus_Helper.dll
13:58:48.0227 4464 getPlusHelper - ok
13:58:48.0258 4464 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
13:58:48.0336 4464 Gpc - ok
13:58:48.0414 4464 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Programme\Google\Update\GoogleUpdate.exe
13:58:48.0414 4464 gupdate - ok
13:58:48.0414 4464 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe
13:58:48.0430 4464 gupdatem - ok
13:58:48.0446 4464 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
13:58:48.0524 4464 HDAudBus - ok
13:58:48.0570 4464 [ 30D57EE84E1E169D41A6E873B549A096 ] HECI C:\WINDOWS\system32\DRIVERS\HECI.sys
13:58:48.0602 4464 HECI - ok
13:58:48.0664 4464 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
13:58:48.0789 4464 helpsvc - ok
13:58:48.0789 4464 [ B35DA85E60C0103F2E4104532DA2F12B ] HidServ C:\WINDOWS\System32\hidserv.dll
13:58:48.0867 4464 HidServ - ok
13:58:48.0914 4464 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
13:58:48.0992 4464 HidUsb - ok
13:58:49.0039 4464 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
13:58:49.0101 4464 hkmsvc - ok
13:58:49.0133 4464 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
13:58:49.0195 4464 hpn - ok
13:58:49.0242 4464 [ 0D13842210353435FC1FB35CA7807644 ] HSFHWAZL C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
13:58:49.0273 4464 HSFHWAZL - ok
13:58:49.0304 4464 [ 8BC605518B1052DB7011E5C4CC8417BF ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
13:58:49.0351 4464 HSF_DPV - ok
13:58:49.0429 4464 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
13:58:49.0476 4464 HTTP - ok
13:58:49.0492 4464 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
13:58:49.0570 4464 HTTPFilter - ok
13:58:49.0601 4464 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
13:58:49.0663 4464 i2omgmt - ok
13:58:49.0695 4464 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
13:58:49.0757 4464 i2omp - ok
13:58:49.0788 4464 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
13:58:49.0866 4464 i8042prt - ok
13:58:49.0913 4464 [ 01446278D4563B3013C92830AE6CBB26 ] iaStor C:\WINDOWS\system32\DRIVERS\iaStor.sys
13:58:49.0929 4464 iaStor - ok
13:58:49.0960 4464 [ 400D7095D5AE08970F839BCAC1843106 ] IBMPMDRV C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys
13:58:49.0976 4464 IBMPMDRV - ok
13:58:50.0007 4464 [ 06AF18300C5B511A3D85C3E0B7909C10 ] IBMPMSVC C:\WINDOWS\system32\ibmpmsvc.exe
13:58:50.0023 4464 IBMPMSVC - ok
13:58:50.0069 4464 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:58:50.0101 4464 idsvc - ok
13:58:50.0147 4464 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
13:58:50.0241 4464 Imapi - ok
13:58:50.0272 4464 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe
13:58:50.0350 4464 ImapiService - ok
13:58:50.0382 4464 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
13:58:50.0475 4464 ini910u - ok
13:58:50.0491 4464 [ 69C4E3C9E67A1F103B94E14FDD5F3213 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
13:58:50.0553 4464 IntelIde - ok
13:58:50.0585 4464 [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
13:58:50.0678 4464 intelppm - ok
13:58:50.0694 4464 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
13:58:50.0756 4464 Ip6Fw - ok
13:58:50.0756 4464 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
13:58:50.0819 4464 IpFilterDriver - ok
13:58:50.0850 4464 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
13:58:50.0913 4464 IpInIp - ok
13:58:50.0944 4464 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
13:58:51.0006 4464 IpNat - ok
13:58:51.0022 4464 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
13:58:51.0115 4464 IPSec - ok
13:58:51.0131 4464 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
13:58:51.0209 4464 IRENUM - ok
13:58:51.0240 4464 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
13:58:51.0303 4464 isapnp - ok
13:58:51.0381 4464 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe
13:58:51.0397 4464 IviRegMgr - ok
13:58:51.0459 4464 [ A12175F063302CD68F8FC6D572D7E5FD ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe
13:58:51.0475 4464 JavaQuickStarterService - ok
13:58:51.0506 4464 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
13:58:51.0600 4464 Kbdclass - ok
13:58:51.0615 4464 [ B6D6C117D771C98130497265F26D1882 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
13:58:51.0693 4464 kbdhid - ok
13:58:51.0724 4464 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
13:58:51.0803 4464 kmixer - ok
13:58:51.0849 4464 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
13:58:51.0912 4464 KSecDD - ok
13:58:51.0927 4464 [ 2BBDCB79900990F0716DFCB714E72DE7 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
13:58:51.0990 4464 lanmanserver - ok
13:58:52.0037 4464 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
13:58:52.0084 4464 lanmanworkstation - ok
13:58:52.0084 4464 lbrtfdc - ok
13:58:52.0146 4464 [ 340288B3B2EDC8AFD5FF127DF85142A7 ] LENOVO.MICMUTE C:\Programme\LENOVO\HOTKEY\MICMUTE.exe
13:58:52.0162 4464 LENOVO.MICMUTE - ok
13:58:52.0177 4464 [ 9AAC267A225F3CAEBB9E633F7EB16E4B ] lenovo.smi C:\WINDOWS\system32\DRIVERS\smiif32.sys
13:58:52.0193 4464 lenovo.smi - ok
13:58:52.0224 4464 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
13:58:52.0302 4464 LmHosts - ok
13:58:52.0396 4464 [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\mdm.exe
13:58:52.0411 4464 MDM ( UnsignedFile.Multi.Generic ) - warning
13:58:52.0411 4464 MDM - detected UnsignedFile.Multi.Generic (1)
13:58:52.0458 4464 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
13:58:52.0474 4464 mdmxsdk - ok
13:58:52.0505 4464 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll
13:58:52.0614 4464 Messenger - ok
13:58:52.0661 4464 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
13:58:52.0771 4464 mnmdd - ok
13:58:52.0802 4464 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
13:58:52.0911 4464 mnmsrvc - ok
13:58:52.0942 4464 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
13:58:53.0052 4464 Modem - ok
13:58:53.0067 4464 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
13:58:53.0192 4464 Mouclass - ok
13:58:53.0208 4464 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
13:58:53.0333 4464 mouhid - ok
13:58:53.0364 4464 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
13:58:53.0458 4464 MountMgr - ok
13:58:53.0489 4464 [ D993BEA500E7382DC4E760BF4F35EFCB ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys
13:58:53.0504 4464 MpFilter - ok
13:58:53.0598 4464 [ A69630D039C38018689190234F866D77 ] MpKslbfa0a4c0 C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\{2E28DECB-69A6-44E6-AB49-DAEF583ECEAB}\MpKslbfa0a4c0.sys
13:58:53.0614 4464 MpKslbfa0a4c0 - ok
13:58:53.0629 4464 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
13:58:53.0739 4464 mraid35x - ok
13:58:53.0739 4464 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
13:58:53.0848 4464 MRxDAV - ok
13:58:53.0895 4464 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
13:58:53.0942 4464 MRxSmb - ok
13:58:53.0973 4464 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\system32\msdtc.exe
13:58:54.0051 4464 MSDTC - ok
13:58:54.0067 4464 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
13:58:54.0129 4464 Msfs - ok
13:58:54.0129 4464 MSIServer - ok
13:58:54.0145 4464 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
13:58:54.0223 4464 MSKSSRV - ok
13:58:54.0269 4464 [ 24516BF4E12A46CB67302E2CDCB8CDDF ] MsMpSvc C:\Programme\Microsoft Security Client\MsMpEng.exe
13:58:54.0285 4464 MsMpSvc - ok
13:58:54.0301 4464 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
13:58:54.0363 4464 MSPCLOCK - ok
13:58:54.0379 4464 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
13:58:54.0457 4464 MSPQM - ok
13:58:54.0472 4464 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
13:58:54.0535 4464 mssmbios - ok
13:58:54.0582 4464 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
13:58:54.0660 4464 MSTEE - ok
13:58:54.0691 4464 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
13:58:54.0738 4464 Mup - ok
13:58:54.0769 4464 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
13:58:54.0847 4464 NABTSFEC - ok
13:58:54.0878 4464 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll
13:58:54.0957 4464 napagent - ok
13:58:54.0988 4464 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
13:58:55.0066 4464 NDIS - ok
13:58:55.0097 4464 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
13:58:55.0175 4464 NdisIP - ok
13:58:55.0222 4464 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
13:58:55.0269 4464 NdisTapi - ok
13:58:55.0284 4464 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
13:58:55.0394 4464 Ndisuio - ok
13:58:55.0394 4464 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:58:55.0503 4464 NdisWan - ok
13:58:55.0550 4464 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
13:58:55.0581 4464 NDProxy - ok
13:58:55.0612 4464 [ 51C6D8BFBD4EA5B62A1BA7F4469250D3 ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
13:58:55.0612 4464 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
13:58:55.0612 4464 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
13:58:55.0644 4464 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
13:58:55.0737 4464 NetBIOS - ok
13:58:55.0753 4464 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
13:58:55.0847 4464 NetBT - ok
13:58:55.0862 4464 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe
13:58:55.0940 4464 NetDDE - ok
13:58:55.0956 4464 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
13:58:56.0018 4464 NetDDEdsdm - ok
13:58:56.0034 4464 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe
13:58:56.0112 4464 Netlogon - ok
13:58:56.0143 4464 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll
13:58:56.0237 4464 Netman - ok
13:58:56.0268 4464 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:58:56.0268 4464 NetTcpPortSharing - ok
13:58:56.0440 4464 [ 580207A7C9BDE8BA65401F51F9BA9741 ] NETw5x32 C:\WINDOWS\system32\DRIVERS\NETw5x32.sys
13:58:56.0721 4464 NETw5x32 - ok
13:58:56.0736 4464 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
13:58:56.0861 4464 NIC1394 - ok
13:58:56.0893 4464 [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla C:\WINDOWS\System32\mswsock.dll
13:58:56.0924 4464 Nla - ok
13:58:56.0955 4464 [ F6C40E0A565EE3CE5AEEB325E10054F2 ] nmwcd C:\WINDOWS\system32\drivers\ccdcmb.sys
13:58:57.0127 4464 nmwcd - ok
13:58:57.0158 4464 [ 2A394E9E1FA3565E4B2FEA470FFE4D6B ] nmwcdc C:\WINDOWS\system32\drivers\ccdcmbo.sys
13:58:57.0236 4464 nmwcdc - ok
13:58:57.0267 4464 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
13:58:57.0361 4464 Npfs - ok
13:58:57.0377 4464 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
13:58:57.0486 4464 Ntfs - ok
13:58:57.0517 4464 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
13:58:57.0580 4464 NtLmSsp - ok
13:58:57.0611 4464 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
13:58:57.0689 4464 NtmsSvc - ok
13:58:57.0736 4464 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
13:58:57.0798 4464 Null - ok
13:58:57.0861 4464 [ 2B298519EDBFCF451D43E0F1E8F1006D ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
13:58:57.0986 4464 nv - ok
13:58:58.0001 4464 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
13:58:58.0064 4464 NwlnkFlt - ok
13:58:58.0064 4464 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
13:58:58.0142 4464 NwlnkFwd - ok
13:58:58.0204 4464 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE
13:58:58.0235 4464 odserv - ok
13:58:58.0251 4464 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
13:58:58.0345 4464 ohci1394 - ok
13:58:58.0376 4464 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
13:58:58.0392 4464 ose - ok
13:58:58.0407 4464 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
13:58:58.0485 4464 Parport - ok
13:58:58.0501 4464 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
13:58:58.0563 4464 PartMgr - ok
13:58:58.0579 4464 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
13:58:58.0657 4464 ParVdm - ok
13:58:58.0688 4464 [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
13:58:58.0704 4464 pccsmcfd - ok
13:58:58.0735 4464 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
13:58:58.0813 4464 PCI - ok
13:58:58.0813 4464 PCIDump - ok
13:58:58.0829 4464 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
13:58:58.0891 4464 PCIIde - ok
13:58:58.0907 4464 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
13:58:58.0985 4464 Pcmcia - ok
13:58:58.0985 4464 PDCOMP - ok
13:58:58.0985 4464 PDFRAME - ok
13:58:58.0985 4464 PDRELI - ok
13:58:58.0985 4464 PDRFRAME - ok
13:58:59.0032 4464 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
13:58:59.0110 4464 perc2 - ok
13:58:59.0110 4464 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
13:58:59.0188 4464 perc2hib - ok
13:58:59.0219 4464 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe
13:58:59.0235 4464 PlugPlay - ok
13:58:59.0282 4464 [ DEDEF40E1D05842639491365CB2C069E ] pmem C:\WINDOWS\System32\drivers\pmemnt.sys
13:58:59.0282 4464 pmem ( UnsignedFile.Multi.Generic ) - warning
13:58:59.0282 4464 pmem - detected UnsignedFile.Multi.Generic (1)
13:58:59.0313 4464 [ 79834AA2FBF9FE81EEBB229024F6F7FC ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
13:58:59.0328 4464 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
13:58:59.0328 4464 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
13:58:59.0328 4464 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
13:58:59.0406 4464 PolicyAgent - ok
13:58:59.0453 4464 [ 9036E304C78C7B36F232B1DE319DE934 ] Power Manager DBC Service C:\Programme\ThinkPad\Utilities\PWMDBSVC.exe
13:58:59.0563 4464 Power Manager DBC Service ( UnsignedFile.Multi.Generic ) - warning
13:58:59.0563 4464 Power Manager DBC Service - detected UnsignedFile.Multi.Generic (1)
13:58:59.0609 4464 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
13:58:59.0688 4464 PptpMiniport - ok
13:58:59.0703 4464 [ 2CB55427C58679F49AD600FCCBA76360 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
13:58:59.0766 4464 Processor - ok
13:58:59.0781 4464 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
13:58:59.0844 4464 ProtectedStorage - ok
13:58:59.0891 4464 [ 271F3E304CF2A467188EF393C8FBD2B7 ] psadd C:\WINDOWS\system32\DRIVERS\psadd.sys
13:58:59.0906 4464 psadd - ok
13:58:59.0906 4464 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
13:58:59.0969 4464 PSched - ok
13:59:00.0000 4464 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
13:59:00.0093 4464 Ptilink - ok
13:59:00.0156 4464 [ 65FCFEC6809E70733E1B1658CBA3D1C6 ] PwmEWSvc C:\Programme\ThinkPad\Utilities\PWMEWSVC.exe
13:59:00.0218 4464 PwmEWSvc - ok
13:59:00.0265 4464 [ 153D02480A0A2F45785522E814C634B6 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
13:59:00.0281 4464 PxHelp20 - ok
13:59:00.0296 4464 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
13:59:00.0375 4464 ql1080 - ok
13:59:00.0390 4464 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
13:59:00.0453 4464 Ql10wnt - ok
13:59:00.0484 4464 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
13:59:00.0546 4464 ql12160 - ok
13:59:00.0546 4464 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
13:59:00.0640 4464 ql1240 - ok
13:59:00.0640 4464 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
13:59:00.0702 4464 ql1280 - ok
13:59:00.0734 4464 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
13:59:00.0812 4464 RasAcd - ok
13:59:00.0843 4464 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll
13:59:00.0905 4464 RasAuto - ok
13:59:00.0952 4464 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
13:59:01.0015 4464 Rasl2tp - ok
13:59:01.0046 4464 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll
13:59:01.0124 4464 RasMan - ok
13:59:01.0124 4464 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
13:59:01.0186 4464 RasPppoe - ok
13:59:01.0202 4464 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
13:59:01.0265 4464 Raspti - ok
13:59:01.0296 4464 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
13:59:01.0374 4464 Rdbss - ok
13:59:01.0405 4464 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
13:59:01.0468 4464 RDPCDD - ok
13:59:01.0483 4464 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
13:59:01.0546 4464 rdpdr - ok
13:59:01.0577 4464 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
13:59:01.0624 4464 RDPWD - ok
13:59:01.0655 4464 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
13:59:01.0717 4464 RDSessMgr - ok
13:59:01.0733 4464 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
13:59:01.0827 4464 redbook - ok
13:59:01.0905 4464 [ A171029D6B6C2D93C22861A347F43C2A ] RegSrvc C:\Programme\Gemeinsame Dateien\Intel\WirelessCommon\RegSrvc.exe
13:59:01.0920 4464 RegSrvc - ok
13:59:01.0952 4464 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
13:59:02.0030 4464 RemoteAccess - ok
13:59:02.0045 4464 [ E4CD1F3D84E1C2CA0B8CF7501E201593 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
13:59:02.0123 4464 RemoteRegistry - ok
13:59:02.0170 4464 [ C2EF513BBE069F0D4EE0938A76F975D3 ] rimmptsk C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
13:59:02.0186 4464 rimmptsk - ok
13:59:02.0201 4464 [ C398BCA91216755B098679A8DA8A2300 ] rimsptsk C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
13:59:02.0217 4464 rimsptsk - ok
13:59:02.0233 4464 [ 2A2554CB24506E0A0508FC395C4A1B42 ] rismxdp C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
13:59:02.0264 4464 rismxdp - ok
13:59:02.0357 4464 [ EB9EEB379848F356797EB9EF31114CA5 ] RoxMediaDB10 C:\Programme\Gemeinsame Dateien\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
13:59:02.0389 4464 RoxMediaDB10 - ok
13:59:02.0436 4464 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\system32\locator.exe
13:59:02.0514 4464 RpcLocator - ok
13:59:02.0545 4464 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs C:\WINDOWS\System32\rpcss.dll
13:59:02.0592 4464 RpcSs - ok
13:59:02.0623 4464 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\system32\rsvp.exe
13:59:02.0685 4464 RSVP - ok
13:59:02.0732 4464 [ 87955061FD3789CA7A5C4C72A05A1A9F ] S24EventMonitor C:\Programme\Intel\WiFi\bin\S24EvMon.exe
13:59:02.0982 4464 S24EventMonitor ( UnsignedFile.Multi.Generic ) - warning
13:59:02.0982 4464 S24EventMonitor - detected UnsignedFile.Multi.Generic (1)
13:59:02.0982 4464 [ E7958E8ACDA7CA20127EF5F2235F25CC ] s24trans C:\WINDOWS\system32\DRIVERS\s24trans.sys
13:59:03.0045 4464 s24trans - ok
13:59:03.0076 4464 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe
13:59:03.0138 4464 SamSs - ok
13:59:03.0154 4464 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
13:59:03.0216 4464 SCardSvr - ok
13:59:03.0263 4464 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll
13:59:03.0341 4464 Schedule - ok
13:59:03.0388 4464 [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys
13:59:03.0466 4464 sdbus - ok
13:59:03.0513 4464 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
13:59:03.0575 4464 Secdrv - ok
13:59:03.0591 4464 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll
13:59:03.0685 4464 seclogon - ok
13:59:03.0685 4464 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll
13:59:03.0778 4464 SENS - ok
13:59:03.0794 4464 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
13:59:03.0856 4464 serenum - ok
13:59:03.0872 4464 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
13:59:03.0966 4464 Serial - ok
13:59:04.0075 4464 [ C15B813F2FDB44F87F23312472C6E790 ] ServiceLayer C:\Programme\PC Connectivity Solution\ServiceLayer.exe
13:59:04.0106 4464 ServiceLayer - ok
13:59:04.0122 4464 SessionLauncher - ok
13:59:04.0137 4464 [ 0FA803C64DF0914B41F807EA276BF2A6 ] sffdisk C:\WINDOWS\system32\DRIVERS\sffdisk.sys
13:59:04.0216 4464 sffdisk - ok
13:59:04.0247 4464 [ C17C331E435ED8737525C86A7557B3AC ] sffp_sd C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
13:59:04.0325 4464 sffp_sd - ok
13:59:04.0340 4464 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
13:59:04.0419 4464 Sfloppy - ok
13:59:04.0465 4464 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
13:59:04.0559 4464 SharedAccess - ok
13:59:04.0575 4464 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
13:59:04.0575 4464 ShellHWDetection - ok
13:59:04.0622 4464 [ E91FA3B0F15FADB90B1346A0FAABFFFB ] Shockprf C:\WINDOWS\system32\DRIVERS\Apsx86.sys
13:59:04.0622 4464 Shockprf - ok
13:59:04.0637 4464 Simbad - ok
13:59:04.0653 4464 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
13:59:04.0715 4464 sisagp - ok
13:59:04.0731 4464 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
13:59:04.0809 4464 SLIP - ok
13:59:05.0043 4464 [ 537CD54295CDBCC4DCFFE95E234387AE ] SNP2UVC C:\WINDOWS\system32\DRIVERS\snp2uvc.sys
13:59:05.0496 4464 SNP2UVC - ok
13:59:05.0527 4464 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
13:59:05.0590 4464 Sparrow - ok
13:59:05.0605 4464 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
13:59:05.0730 4464 splitter - ok
13:59:05.0777 4464 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
13:59:05.0793 4464 Spooler - ok
13:59:05.0808 4464 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
13:59:05.0902 4464 sr - ok
13:59:05.0964 4464 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll
13:59:06.0105 4464 srservice - ok
13:59:06.0120 4464 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
13:59:06.0199 4464 Srv - ok
13:59:06.0214 4464 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
13:59:06.0308 4464 SSDPSRV - ok
13:59:06.0323 4464 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll
13:59:06.0480 4464 stisvc - ok
13:59:06.0511 4464 [ 1D0063597C3666404FCF97698ABEB019 ] stllssvr C:\Programme\Gemeinsame Dateien\SureThing Shared\stllssvr.exe
13:59:06.0573 4464 stllssvr - ok
13:59:06.0604 4464 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
13:59:06.0714 4464 streamip - ok
13:59:06.0792 4464 [ C2191C1A5DFED0795E3D3B68905B195B ] SUService c:\programme\lenovo\system update\suservice.exe
13:59:06.0823 4464 SUService ( UnsignedFile.Multi.Generic ) - warning
13:59:06.0823 4464 SUService - detected UnsignedFile.Multi.Generic (1)
13:59:06.0854 4464 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
13:59:06.0964 4464 swenum - ok
13:59:07.0010 4464 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
13:59:07.0104 4464 swmidi - ok
13:59:07.0104 4464 SwPrv - ok
13:59:07.0151 4464 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
13:59:07.0245 4464 symc810 - ok
13:59:07.0260 4464 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
13:59:07.0338 4464 symc8xx - ok
13:59:07.0338 4464 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
13:59:07.0416 4464 sym_hi - ok
13:59:07.0432 4464 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
13:59:07.0494 4464 sym_u3 - ok
13:59:07.0510 4464 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
13:59:07.0573 4464 sysaudio - ok
13:59:07.0604 4464 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
13:59:07.0682 4464 SysmonLog - ok
13:59:07.0713 4464 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
13:59:07.0791 4464 TapiSrv - ok
13:59:07.0838 4464 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
13:59:07.0885 4464 Tcpip - ok
13:59:07.0900 4464 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
13:59:07.0979 4464 TDPIPE - ok
13:59:07.0994 4464 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
13:59:08.0072 4464 TDTCP - ok
13:59:08.0088 4464 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
13:59:08.0166 4464 TermDD - ok
13:59:08.0197 4464 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll
13:59:08.0275 4464 TermService - ok
13:59:08.0306 4464 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll
13:59:08.0306 4464 Themes - ok
13:59:08.0400 4464 [ EB90A37AABAEFD7B4F4F92BEFEA8C2E2 ] ThinkVantage Registry Monitor Service c:\Programme\Gemeinsame Dateien\Lenovo\tvt_reg_monitor_svc.exe
13:59:08.0416 4464 ThinkVantage Registry Monitor Service - ok
13:59:08.0478 4464 [ 03681A1CE77F51586903869A5AB1DEAB ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
13:59:08.0556 4464 TlntSvr - ok
13:59:08.0572 4464 [ D213A9247DC347F305A2D4CC9B951487 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
13:59:08.0634 4464 TosIde - ok
13:59:08.0666 4464 [ 8F58C4FBF3F6E5B816C47201EDE90DCE ] TPDIGIMN C:\WINDOWS\system32\DRIVERS\ApsHM86.sys
13:59:08.0666 4464 TPDIGIMN - ok
13:59:08.0712 4464 [ 116156A5835224407A6DC8C44B6EF4EE ] TPHDEXLGSVC C:\WINDOWS\system32\TPHDEXLG.exe
13:59:08.0728 4464 TPHDEXLGSVC - ok
13:59:08.0759 4464 [ 8AEF2188630F5ECD79AD9ABBA630630B ] TPHKDRV C:\WINDOWS\system32\DRIVERS\TPHKDRV.sys
13:59:08.0806 4464 TPHKDRV - ok
13:59:08.0837 4464 [ 9CD364ECB3A10B24C7CAC8FF89993A67 ] TPHKLOAD C:\Programme\LENOVO\HOTKEY\TPHKLOAD.exe
13:59:08.0853 4464 TPHKLOAD - ok
13:59:08.0884 4464 [ C04BB65441913AB621C58A8BD3169B23 ] TPHKSVC C:\Programme\LENOVO\HOTKEY\TPHKSVC.exe
13:59:08.0900 4464 TPHKSVC - ok
13:59:08.0931 4464 [ DFB268FF0A6DCB9280015FF527F892FF ] TpKmpSVC C:\WINDOWS\system32\TpKmpSVC.exe
13:59:08.0947 4464 TpKmpSVC ( UnsignedFile.Multi.Generic ) - warning
13:59:08.0947 4464 TpKmpSVC - detected UnsignedFile.Multi.Generic (1)
13:59:08.0978 4464 [ 3724DFF72B0F5307CF761CC91C2BB9F7 ] tpm C:\WINDOWS\system32\DRIVERS\tpm.sys
13:59:08.0993 4464 tpm - ok
13:59:09.0040 4464 [ 9E70C240868ED6A55B3B86D4A3A59FD6 ] TPPWRIF C:\WINDOWS\system32\drivers\Tppwrif.sys
13:59:09.0056 4464 TPPWRIF - ok
13:59:09.0087 4464 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll
13:59:09.0181 4464 TrkWks - ok
13:59:09.0196 4464 [ F10F36E20448A5500A5F83F67EE4AAD4 ] TSMAPIP C:\WINDOWS\system32\drivers\TSMAPIP.SYS
13:59:09.0228 4464 TSMAPIP ( UnsignedFile.Multi.Generic ) - warning
13:59:09.0228 4464 TSMAPIP - detected UnsignedFile.Multi.Generic (1)
13:59:09.0306 4464 [ D6EE5DCB3EC401BAA10395809047935E ] TVT Backup Protection Service C:\Programme\Lenovo\Rescue and Recovery\rrpservice.exe
13:59:09.0477 4464 TVT Backup Protection Service ( UnsignedFile.Multi.Generic ) - warning
13:59:09.0477 4464 TVT Backup Protection Service - detected UnsignedFile.Multi.Generic (1)
13:59:09.0493 4464 [ 0DB73F3FB565CF028C7458C70FA59121 ] TVT Backup Service C:\Programme\Lenovo\Rescue and Recovery\rrservice.exe
13:59:09.0634 4464 TVT Backup Service ( UnsignedFile.Multi.Generic ) - warning
13:59:09.0634 4464 TVT Backup Service - detected UnsignedFile.Multi.Generic (1)
13:59:09.0712 4464 [ 6C69FE90F0CC12EF0638AE10DFA4DB4E ] TVT Scheduler c:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\tvtsched.exe
13:59:10.0118 4464 TVT Scheduler ( UnsignedFile.Multi.Generic ) - warning
13:59:10.0118 4464 TVT Scheduler - detected UnsignedFile.Multi.Generic (1)
13:59:10.0180 4464 [ 49258A02A1E8D304ED88B0F1C56B1738 ] tvtfilter C:\WINDOWS\system32\DRIVERS\tvtfilter.sys
13:59:10.0211 4464 tvtfilter - ok
13:59:10.0243 4464 [ 7E66DDA1EF146BFC3A6E36E08E036602 ] TVTI2C C:\WINDOWS\system32\DRIVERS\Tvti2c.sys
13:59:10.0243 4464 TVTI2C - ok
13:59:10.0289 4464 [ 930B8B8EF659A714CF1C755928B8850C ] tvtumon C:\WINDOWS\system32\DRIVERS\tvtumon.sys
13:59:10.0305 4464 tvtumon - ok
13:59:10.0305 4464 [ 22A001F3FBB92E3811C3BFD8FDAD3ED3 ] TVT_UpdateMonitor C:\Programme\Lenovo\Rescue and Recovery\UpdateMonitor.exe
13:59:10.0352 4464 TVT_UpdateMonitor ( UnsignedFile.Multi.Generic ) - warning
13:59:10.0352 4464 TVT_UpdateMonitor - detected UnsignedFile.Multi.Generic (1)
13:59:10.0352 4464 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
13:59:10.0445 4464 Udfs - ok
13:59:10.0461 4464 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
13:59:10.0508 4464 ultra - ok
13:59:10.0539 4464 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
13:59:10.0664 4464 Update - ok
13:59:10.0711 4464 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll
13:59:10.0836 4464 upnphost - ok
13:59:10.0867 4464 [ 47F5F9D837D80FFD5882A14DB9DA0A67 ] upperdev C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
13:59:10.0945 4464 upperdev - ok
13:59:10.0976 4464 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe
13:59:11.0086 4464 UPS - ok
13:59:11.0117 4464 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
13:59:11.0211 4464 usbccgp - ok
13:59:11.0242 4464 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
13:59:11.0335 4464 usbehci - ok
13:59:11.0351 4464 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
13:59:11.0460 4464 usbhub - ok
13:59:11.0476 4464 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
13:59:11.0554 4464 usbscan - ok
13:59:11.0585 4464 [ 1C888B000C2F9492F4B15B5B6B84873E ] usbser C:\WINDOWS\system32\DRIVERS\usbser.sys
13:59:11.0648 4464 usbser - ok
13:59:11.0679 4464 [ E44F0D17BE0908B58DCC99CCB99C6C32 ] UsbserFilt C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
13:59:11.0741 4464 UsbserFilt - ok
13:59:11.0757 4464 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
13:59:11.0835 4464 USBSTOR - ok
13:59:11.0866 4464 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
13:59:11.0929 4464 usbuhci - ok
13:59:11.0976 4464 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
13:59:12.0054 4464 usbvideo - ok
13:59:12.0085 4464 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
13:59:12.0179 4464 VgaSave - ok
13:59:12.0194 4464 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
13:59:12.0257 4464 viaagp - ok
13:59:12.0257 4464 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
13:59:12.0335 4464 ViaIde - ok
13:59:12.0366 4464 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
13:59:12.0428 4464 VolSnap - ok
13:59:12.0460 4464 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe
13:59:12.0553 4464 VSS - ok
13:59:12.0569 4464 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll
13:59:12.0663 4464 W32Time - ok
13:59:12.0678 4464 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
13:59:12.0756 4464 Wanarp - ok
13:59:12.0803 4464 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
13:59:12.0819 4464 Wdf01000 - ok
13:59:12.0819 4464 WDICA - ok
13:59:12.0866 4464 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
13:59:12.0944 4464 wdmaud - ok
13:59:12.0991 4464 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll
13:59:13.0069 4464 WebClient - ok
13:59:13.0100 4464 [ E08CA06BD56B66D6565123445ADB37A6 ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
13:59:13.0147 4464 winachsf - ok
13:59:13.0225 4464 [ F45DD1E1365D857DD08BC23563370D0E ] WinDefend C:\Programme\Windows Defender\MsMpEng.exe
13:59:13.0240 4464 WinDefend - ok
13:59:13.0318 4464 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
13:59:13.0397 4464 winmgmt - ok
13:59:13.0459 4464 [ F10075C2EC96D2EB118012E78ECE2FC2 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
13:59:13.0521 4464 WinRM - ok
13:59:13.0584 4464 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
13:59:13.0615 4464 WmdmPmSN - ok
13:59:13.0646 4464 [ FFA4D901D46D07A5BAB2D8307FBB51A6 ] Wmi C:\WINDOWS\System32\advapi32.dll
13:59:13.0693 4464 Wmi - ok
13:59:13.0724 4464 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
13:59:13.0834 4464 WmiAcpi - ok
13:59:13.0881 4464 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
13:59:14.0005 4464 WmiApSrv - ok
13:59:14.0068 4464 [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc C:\Programme\Windows Media Player\WMPNetwk.exe
13:59:14.0130 4464 WMPNetworkSvc - ok
13:59:14.0193 4464 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
13:59:14.0224 4464 WpdUsb - ok
13:59:14.0255 4464 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
13:59:14.0380 4464 WS2IFSL - ok
13:59:14.0411 4464 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINDOWS\system32\wscsvc.dll
13:59:14.0536 4464 wscsvc - ok
13:59:14.0536 4464 WSearch - ok
13:59:14.0552 4464 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
13:59:14.0630 4464 WSTCODEC - ok
13:59:14.0646 4464 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
13:59:14.0708 4464 wuauserv - ok
13:59:14.0771 4464 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
13:59:14.0802 4464 WudfPf - ok
13:59:14.0817 4464 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
13:59:14.0833 4464 WudfRd - ok
13:59:14.0833 4464 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
13:59:14.0864 4464 WudfSvc - ok
13:59:14.0911 4464 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
13:59:15.0005 4464 WZCSVC - ok
13:59:15.0036 4464 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
13:59:15.0114 4464 xmlprov - ok
13:59:15.0114 4464 ================ Scan global ===============================
13:59:15.0161 4464 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
13:59:15.0192 4464 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
13:59:15.0208 4464 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
13:59:15.0223 4464 [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe
13:59:15.0223 4464 [Global] - ok
13:59:15.0223 4464 ================ Scan MBR ==================================
13:59:15.0255 4464 [ D40442C0074CC13B2A01A7BA686BD3E8 ] \Device\Harddisk0\DR0
13:59:15.0504 4464 \Device\Harddisk0\DR0 - ok
13:59:15.0520 4464 [ EAC4ED3A29002C1FED696F8B797710BA ] \Device\Harddisk1\DR4
13:59:18.0690 4464 \Device\Harddisk1\DR4 - ok
13:59:18.0690 4464 ================ Scan VBR ==================================
13:59:18.0705 4464 [ 9C11F7CA278DA432A70B8324C36740A1 ] \Device\Harddisk0\DR0\Partition1
13:59:18.0705 4464 \Device\Harddisk0\DR0\Partition1 - ok
13:59:18.0721 4464 [ 759D9D88014AA3A483E9F2CC6A026B01 ] \Device\Harddisk0\DR0\Partition2
13:59:18.0721 4464 \Device\Harddisk0\DR0\Partition2 - ok
13:59:18.0736 4464 ============================================================
13:59:18.0736 4464 Scan finished
13:59:18.0736 4464 ============================================================
13:59:18.0846 2436 Detected object count: 16
13:59:18.0846 2436 Actual detected object count: 16
14:00:02.0783 2436 ADMonitor ( UnsignedFile.Multi.Generic ) - skipped by user
14:00:02.0783 2436 ADMonitor ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:00:02.0783 2436 dtsvc ( UnsignedFile.Multi.Generic ) - skipped by user
14:00:02.0783 2436 dtsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:00:02.0783 2436 FingerprintServer ( UnsignedFile.Multi.Generic ) - skipped by user
14:00:02.0783 2436 FingerprintServer ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:00:02.0783 2436 MDM ( UnsignedFile.Multi.Generic ) - skipped by user
14:00:02.0783 2436 MDM ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:00:02.0783 2436 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
14:00:02.0783 2436 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:00:02.0799 2436 pmem ( UnsignedFile.Multi.Generic ) - skipped by user
14:00:02.0799 2436 pmem ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:00:02.0799 2436 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
14:00:02.0799 2436 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:00:02.0799 2436 Power Manager DBC Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:00:02.0799 2436 Power Manager DBC Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:00:02.0799 2436 S24EventMonitor ( UnsignedFile.Multi.Generic ) - skipped by user
14:00:02.0799 2436 S24EventMonitor ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:00:02.0799 2436 SUService ( UnsignedFile.Multi.Generic ) - skipped by user
14:00:02.0799 2436 SUService ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:00:02.0799 2436 TpKmpSVC ( UnsignedFile.Multi.Generic ) - skipped by user
14:00:02.0799 2436 TpKmpSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:00:02.0799 2436 TSMAPIP ( UnsignedFile.Multi.Generic ) - skipped by user
14:00:02.0799 2436 TSMAPIP ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:00:02.0799 2436 TVT Backup Protection Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:00:02.0799 2436 TVT Backup Protection Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:00:02.0815 2436 TVT Backup Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:00:02.0815 2436 TVT Backup Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:00:02.0815 2436 TVT Scheduler ( UnsignedFile.Multi.Generic ) - skipped by user
14:00:02.0815 2436 TVT Scheduler ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:00:02.0815 2436 TVT_UpdateMonitor ( UnsignedFile.Multi.Generic ) - skipped by user
14:00:02.0815 2436 TVT_UpdateMonitor ( UnsignedFile.Multi.Generic ) - User select action: Skip

markusg · 14.09.2012, 16:49

sieht unvollständig aus, hänge es mal komplett an.
eröffne für deinen heim pc nen neues thema, den gucken wir uns auch an.

nobear68 · 14.09.2012, 17:17

Hey,
doch das der gesamte Text.!?
Ich kann Montag noch mal wg dem Firmen Lap Top schauen. Bion nun zu Hause...
ok, eröffne jetzt ein neues Thema für Heim PC...unter web.de Abuse Team ok?
Vielen Dank schon mal :-)

markusg · 14.09.2012, 17:18

ist ok
häng den bericht mal an, ich bin mir ziemlich sicher das da was fehlt :-)

nobear68 · 17.09.2012, 07:35

Guten Morgen,
noch mal der scan......

13:57:26.0254 6024 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
13:57:26.0363 6024 ============================================================
13:57:26.0363 6024 Current date / time: 2012/09/14 13:57:26.0363
13:57:26.0363 6024 SystemInfo:
13:57:26.0363 6024
13:57:26.0363 6024 OS Version: 5.1.2600 ServicePack: 3.0
13:57:26.0363 6024 Product type: Workstation
13:57:26.0363 6024 ComputerName: S-AP-023
13:57:26.0363 6024 UserName: xxxx
13:57:26.0363 6024 Windows directory: C:\WINDOWS
13:57:26.0363 6024 System windows directory: C:\WINDOWS
13:57:26.0363 6024 Processor architecture: Intel x86
13:57:26.0363 6024 Number of processors: 2
13:57:26.0363 6024 Page size: 0x1000
13:57:26.0363 6024 Boot type: Normal boot
13:57:26.0363 6024 ============================================================
13:57:27.0035 6024 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0xA181, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000050
13:57:27.0050 6024 Drive \Device\Harddisk1\DR4 - Size: 0xF0300000 (3.75 Gb), SectorSize: 0x200, Cylinders: 0x1E9, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:57:27.0050 6024 ============================================================
13:57:27.0050 6024 \Device\Harddisk0\DR0:
13:57:27.0066 6024 MBR partitions:
13:57:27.0066 6024 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xFF79524
13:57:27.0066 6024 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xFF79563, BlocksNum 0x14A76F4D
13:57:27.0066 6024 \Device\Harddisk1\DR4:
13:57:27.0066 6024 MBR partitions:
13:57:27.0066 6024 ============================================================
13:57:27.0081 6024 C: <-> \Device\Harddisk0\DR0\Partition1
13:57:27.0128 6024 D: <-> \Device\Harddisk0\DR0\Partition2
13:57:27.0128 6024 ============================================================
13:57:27.0128 6024 Initialize success
13:57:27.0128 6024 ============================================================
13:58:37.0500 4464 ============================================================
13:58:37.0500 4464 Scan started
13:58:37.0500 4464 Mode: Manual; SigCheck; TDLFS;
13:58:37.0500 4464 ============================================================
13:58:37.0750 4464 ================ Scan system memory ========================
13:58:37.0750 4464 System memory - ok
13:58:37.0750 4464 ================ Scan services =============================
13:58:37.0937 4464 Abiosdsk - ok
13:58:37.0953 4464 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
13:58:38.0125 4464 abp480n5 - ok
13:58:38.0156 4464 [ 0F2D66D5F08EBE2F77BB904288DCF6F0 ] ac97intc C:\WINDOWS\system32\drivers\ac97intc.sys
13:58:38.0234 4464 ac97intc - ok
13:58:38.0281 4464 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
13:58:38.0390 4464 ACPI - ok
13:58:38.0390 4464 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
13:58:38.0515 4464 ACPIEC - ok
13:58:38.0546 4464 [ A71390EE50FEFF7F799F3CB0C4A98533 ] ADMonitor C:\WINDOWS\system32\ADMonitor.exe
13:58:38.0640 4464 ADMonitor ( UnsignedFile.Multi.Generic ) - warning
13:58:38.0640 4464 ADMonitor - detected UnsignedFile.Multi.Generic (1)
13:58:38.0718 4464 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:58:38.0734 4464 AdobeFlashPlayerUpdateSvc - ok
13:58:38.0765 4464 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
13:58:38.0874 4464 adpu160m - ok
13:58:38.0905 4464 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
13:58:39.0015 4464 aec - ok
13:58:39.0062 4464 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
13:58:39.0108 4464 AFD - ok
13:58:39.0140 4464 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
13:58:39.0249 4464 agp440 - ok
13:58:39.0249 4464 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
13:58:39.0343 4464 agpCPQ - ok
13:58:39.0374 4464 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
13:58:39.0421 4464 Aha154x - ok
13:58:39.0436 4464 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
13:58:39.0530 4464 aic78u2 - ok
13:58:39.0546 4464 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
13:58:39.0608 4464 aic78xx - ok
13:58:39.0639 4464 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll
13:58:39.0717 4464 Alerter - ok
13:58:39.0733 4464 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe
13:58:39.0811 4464 ALG - ok
13:58:39.0842 4464 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
13:58:39.0920 4464 AliIde - ok
13:58:39.0936 4464 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
13:58:40.0014 4464 alim1541 - ok
13:58:40.0030 4464 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
13:58:40.0108 4464 amdagp - ok
13:58:40.0123 4464 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
13:58:40.0186 4464 amsint - ok
13:58:40.0233 4464 [ BAAA6516AEC2622B8FBA6165FF5D68C2 ] ApfiltrService C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
13:58:40.0264 4464 ApfiltrService - ok
13:58:40.0295 4464 [ D45960BE52C3C610D361977057F98C54 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
13:58:40.0389 4464 AppMgmt - ok
13:58:40.0420 4464 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
13:58:40.0498 4464 Arp1394 - ok
13:58:40.0514 4464 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
13:58:40.0592 4464 asc - ok
13:58:40.0607 4464 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
13:58:40.0670 4464 asc3350p - ok
13:58:40.0670 4464 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
13:58:40.0748 4464 asc3550 - ok
13:58:40.0857 4464 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
13:58:40.0857 4464 aspnet_state - ok
13:58:40.0873 4464 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
13:58:40.0935 4464 AsyncMac - ok
13:58:40.0966 4464 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
13:58:41.0029 4464 atapi - ok
13:58:41.0029 4464 Atdisk - ok
13:58:41.0076 4464 [ DAE9B06F344AE0F877D7CE3500C12342 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
13:58:41.0138 4464 Ati HotKey Poller - ok
13:58:41.0294 4464 [ BDE0F5D73C04B3F16672A7E6EA9D2392 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
13:58:41.0450 4464 ati2mtag - ok
13:58:41.0482 4464 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
13:58:41.0591 4464 Atmarpc - ok
13:58:41.0669 4464 [ 9C4DF8D13E5EA12A747BAD0773D47B01 ] ATService C:\WINDOWS\system32\AtService.exe
13:58:41.0997 4464 ATService - ok
13:58:42.0028 4464 [ 2540B733F644B200DBA9AA64D870DE8D ] ATSwpWDF C:\WINDOWS\system32\Drivers\ATSwpWDF.sys
13:58:42.0044 4464 ATSwpWDF - ok
13:58:42.0091 4464 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
13:58:42.0169 4464 AudioSrv - ok
13:58:42.0216 4464 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
13:58:42.0278 4464 audstub - ok
13:58:42.0325 4464 [ A9D0F6EFC61D1FF69B55C495F85DD868 ] b57w2k C:\WINDOWS\system32\DRIVERS\b57xp32.sys
13:58:42.0372 4464 b57w2k - ok
13:58:42.0403 4464 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
13:58:42.0481 4464 Beep - ok
13:58:42.0512 4464 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll
13:58:42.0590 4464 BITS - ok
13:58:42.0622 4464 [ B71549F23736ADF83A571061C47777FD ] Browser C:\WINDOWS\System32\browser.dll
13:58:42.0653 4464 Browser - ok
13:58:42.0684 4464 [ 9E8CF88D340E32FCB3C53955B2DF388F ] btaudio C:\WINDOWS\system32\drivers\btaudio.sys
13:58:42.0700 4464 btaudio - ok
13:58:42.0731 4464 [ 2F9F111D31AA3FBBE5781D829A4524E6 ] BTDriver C:\WINDOWS\system32\DRIVERS\btport.sys
13:58:42.0731 4464 BTDriver - ok
13:58:42.0793 4464 [ D26B5B9A40A2B2191B35C76D5CBF5D2A ] BTKRNL C:\WINDOWS\system32\DRIVERS\btkrnl.sys
13:58:42.0825 4464 BTKRNL - ok
13:58:42.0934 4464 [ C261E704B5558BA04DD643A0D998327D ] btwdins C:\Programme\ThinkPad\Bluetooth Software\bin\btwdins.exe
13:58:42.0949 4464 btwdins - ok
13:58:42.0996 4464 [ 485020A1E1FC5C51A800CA69C618D881 ] BTWDNDIS C:\WINDOWS\system32\DRIVERS\btwdndis.sys
13:58:42.0996 4464 BTWDNDIS - ok
13:58:43.0027 4464 [ 7696F6F2E63086EEEDB76B71BB7BB455 ] BTWUSB C:\WINDOWS\system32\Drivers\btwusb.sys
13:58:43.0043 4464 BTWUSB - ok
13:58:43.0043 4464 catchme - ok
13:58:43.0074 4464 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
13:58:43.0152 4464 cbidf - ok
13:58:43.0168 4464 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
13:58:43.0230 4464 cbidf2k - ok
13:58:43.0262 4464 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
13:58:43.0340 4464 CCDECODE - ok
13:58:43.0371 4464 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
13:58:43.0418 4464 cd20xrnt - ok
13:58:43.0433 4464 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
13:58:43.0496 4464 Cdaudio - ok
13:58:43.0512 4464 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
13:58:43.0574 4464 Cdfs - ok
13:58:43.0590 4464 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
13:58:43.0668 4464 Cdrom - ok
13:58:43.0683 4464 Changer - ok
13:58:43.0699 4464 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe
13:58:43.0777 4464 CiSvc - ok
13:58:43.0793 4464 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
13:58:43.0871 4464 ClipSrv - ok
13:58:43.0917 4464 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:58:43.0933 4464 clr_optimization_v2.0.50727_32 - ok
13:58:43.0964 4464 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
13:58:44.0042 4464 CmBatt - ok
13:58:44.0074 4464 [ C687F81290303D90099B027A6474F99F ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
13:58:44.0152 4464 CmdIde - ok
13:58:44.0199 4464 [ 33602232B07F43DF8FC7350A5617D3A7 ] CnxtHdAudService C:\WINDOWS\system32\drivers\CHDAU32.sys
13:58:44.0214 4464 CnxtHdAudService - ok
13:58:44.0230 4464 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
13:58:44.0308 4464 Compbatt - ok
13:58:44.0323 4464 COMSysApp - ok
13:58:44.0339 4464 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
13:58:44.0433 4464 Cpqarray - ok
13:58:44.0464 4464 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
13:58:44.0542 4464 CryptSvc - ok
13:58:44.0573 4464 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
13:58:44.0667 4464 dac2w2k - ok
13:58:44.0667 4464 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
13:58:44.0729 4464 dac960nt - ok
13:58:44.0776 4464 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
13:58:44.0823 4464 DcomLaunch - ok
13:58:44.0870 4464 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
13:58:44.0948 4464 Dhcp - ok
13:58:44.0995 4464 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
13:58:45.0057 4464 Disk - ok
13:58:45.0104 4464 [ 5B149CCFE275F4DE0B4B8EC6B9F6821E ] DLABMFSM C:\WINDOWS\system32\DLA\DLABMFSM.SYS
13:58:45.0120 4464 DLABMFSM - ok
13:58:45.0120 4464 [ AD4CB3D783634C90A9D0CE360933A63C ] DLABOIOM C:\WINDOWS\system32\DLA\DLABOIOM.SYS
13:58:45.0135 4464 DLABOIOM - ok
13:58:45.0135 4464 [ 5230CDB7E715F3A3B4A882E254CDD35D ] DLACDBHM C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
13:58:45.0151 4464 DLACDBHM - ok
13:58:45.0151 4464 [ DAE193B1DDC6914F56B767A4F1406351 ] DLADResM C:\WINDOWS\system32\DLA\DLADResM.SYS
13:58:45.0167 4464 DLADResM - ok
13:58:45.0167 4464 [ 6A82F77C4A6F5235BF352F0028E2EF52 ] DLAIFS_M C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
13:58:45.0182 4464 DLAIFS_M - ok
13:58:45.0182 4464 [ 0E6052C0ADA37504896A847231A3907D ] DLAOPIOM C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
13:58:45.0182 4464 DLAOPIOM - ok
13:58:45.0198 4464 [ 29670BB4E2B973C5B55A76107D4910B2 ] DLAPoolM C:\WINDOWS\system32\DLA\DLAPoolM.SYS
13:58:45.0198 4464 DLAPoolM - ok
13:58:45.0198 4464 [ 77FE51F0F8D86804CB81F6EF6BFB86DD ] DLARTL_M C:\WINDOWS\system32\Drivers\DLARTL_M.SYS
13:58:45.0213 4464 DLARTL_M - ok
13:58:45.0213 4464 [ 6B087732B86C1D866D69DBBE463EA90A ] DLAUDFAM C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
13:58:45.0229 4464 DLAUDFAM - ok
13:58:45.0229 4464 [ BBEECB95F2841AE4A3E3690D46D7153D ] DLAUDF_M C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
13:58:45.0245 4464 DLAUDF_M - ok
13:58:45.0245 4464 dmadmin - ok
13:58:45.0276 4464 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
13:58:45.0354 4464 dmboot - ok
13:58:45.0370 4464 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys
13:58:45.0463 4464 dmio - ok
13:58:45.0479 4464 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
13:58:45.0541 4464 dmload - ok
13:58:45.0573 4464 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll
13:58:45.0651 4464 dmserver - ok
13:58:45.0697 4464 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
13:58:45.0776 4464 DMusic - ok
13:58:45.0822 4464 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
13:58:45.0854 4464 Dnscache - ok
13:58:45.0885 4464 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
13:58:45.0947 4464 Dot3svc - ok
13:58:46.0025 4464 [ DFA9D633510697D69C8288C54F0ADCA0 ] DozeHDD C:\WINDOWS\system32\DRIVERS\DozeHDD.sys
13:58:46.0025 4464 DozeHDD - ok
13:58:46.0103 4464 [ 84311F6C7AF747AEF5FB7E33CD9FF155 ] DozeSvc C:\Programme\ThinkPad\Utilities\DOZESVC.EXE
13:58:46.0119 4464 DozeSvc - ok
13:58:46.0150 4464 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
13:58:46.0228 4464 dpti2o - ok
13:58:46.0244 4464 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
13:58:46.0322 4464 drmkaud - ok
13:58:46.0338 4464 [ 83106585494D5EB96F59187200C144BD ] DRVMCDB C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
13:58:46.0338 4464 DRVMCDB - ok
13:58:46.0338 4464 [ FFC371525AA55D1BAE18715EBCB8797C ] DRVNDDM C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
13:58:46.0353 4464 DRVNDDM - ok
13:58:46.0384 4464 [ F74F18DFF9FB2797C3DF33C75962EE2E ] dtsvc C:\WINDOWS\system32\DTS.exe
13:58:46.0431 4464 dtsvc ( UnsignedFile.Multi.Generic ) - warning
13:58:46.0431 4464 dtsvc - detected UnsignedFile.Multi.Generic (1)
13:58:46.0463 4464 [ A6DE5342417FEC3C0AA8EFEBB899C431 ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
13:58:46.0541 4464 E100B - ok
13:58:46.0572 4464 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll
13:58:46.0650 4464 EapHost - ok
13:58:46.0681 4464 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll
13:58:46.0759 4464 ERSvc - ok
13:58:46.0790 4464 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe
13:58:46.0822 4464 Eventlog - ok
13:58:46.0822 4464 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\system32\es.dll
13:58:46.0837 4464 EventSystem - ok
13:58:46.0915 4464 [ A57BE3307ADA2FC086B5B43135735283 ] EvtEng C:\Programme\Intel\WiFi\bin\EvtEng.exe
13:58:46.0962 4464 EvtEng - ok
13:58:46.0993 4464 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
13:58:47.0087 4464 Fastfat - ok
13:58:47.0150 4464 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
13:58:47.0181 4464 FastUserSwitchingCompatibility - ok
13:58:47.0196 4464 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
13:58:47.0259 4464 Fdc - ok
13:58:47.0290 4464 [ F0213914C54CB202EFD69968357E6386 ] FingerprintServer C:\WINDOWS\system32\FpLogonServ.exe
13:58:47.0353 4464 FingerprintServer ( UnsignedFile.Multi.Generic ) - warning
13:58:47.0353 4464 FingerprintServer - detected UnsignedFile.Multi.Generic (1)
13:58:47.0384 4464 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
13:58:47.0462 4464 Fips - ok
13:58:47.0477 4464 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
13:58:47.0556 4464 Flpydisk - ok
13:58:47.0587 4464 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
13:58:47.0649 4464 FltMgr - ok
13:58:47.0696 4464 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
13:58:47.0696 4464 FontCache3.0.0.0 - ok
13:58:47.0743 4464 [ C6EE3A87FE609D3E1DB9DBD072A248DE ] fssfltr C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
13:58:47.0743 4464 fssfltr - ok
13:58:47.0837 4464 [ 206AD9A89BF05DFA1621F1FC7B82592D ] fsssvc C:\Programme\Windows Live\Family Safety\fsssvc.exe
13:58:47.0852 4464 fsssvc - ok
13:58:47.0915 4464 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
13:58:47.0993 4464 Fs_Rec - ok
13:58:48.0008 4464 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
13:58:48.0102 4464 Ftdisk - ok
13:58:48.0133 4464 [ 33D00F8CB70AC5F7A8101F79D5273615 ] G400 C:\WINDOWS\system32\DRIVERS\G400m.sys
13:58:48.0196 4464 G400 - ok
13:58:48.0211 4464 [ 360FC9E29EBCD7CB75320E2663EBA0F2 ] getPlusHelper C:\Programme\NOS\bin\getPlus_Helper.dll
13:58:48.0227 4464 getPlusHelper - ok
13:58:48.0258 4464 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
13:58:48.0336 4464 Gpc - ok
13:58:48.0414 4464 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Programme\Google\Update\GoogleUpdate.exe
13:58:48.0414 4464 gupdate - ok
13:58:48.0414 4464 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe
13:58:48.0430 4464 gupdatem - ok
13:58:48.0446 4464 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
13:58:48.0524 4464 HDAudBus - ok
13:58:48.0570 4464 [ 30D57EE84E1E169D41A6E873B549A096 ] HECI C:\WINDOWS\system32\DRIVERS\HECI.sys
13:58:48.0602 4464 HECI - ok
13:58:48.0664 4464 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
13:58:48.0789 4464 helpsvc - ok
13:58:48.0789 4464 [ B35DA85E60C0103F2E4104532DA2F12B ] HidServ C:\WINDOWS\System32\hidserv.dll
13:58:48.0867 4464 HidServ - ok
13:58:48.0914 4464 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
13:58:48.0992 4464 HidUsb - ok
13:58:49.0039 4464 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
13:58:49.0101 4464 hkmsvc - ok
13:58:49.0133 4464 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
13:58:49.0195 4464 hpn - ok
13:58:49.0242 4464 [ 0D13842210353435FC1FB35CA7807644 ] HSFHWAZL C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
13:58:49.0273 4464 HSFHWAZL - ok
13:58:49.0304 4464 [ 8BC605518B1052DB7011E5C4CC8417BF ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
13:58:49.0351 4464 HSF_DPV - ok
13:58:49.0429 4464 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
13:58:49.0476 4464 HTTP - ok
13:58:49.0492 4464 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
13:58:49.0570 4464 HTTPFilter - ok
13:58:49.0601 4464 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
13:58:49.0663 4464 i2omgmt - ok
13:58:49.0695 4464 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
13:58:49.0757 4464 i2omp - ok
13:58:49.0788 4464 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
13:58:49.0866 4464 i8042prt - ok
13:58:49.0913 4464 [ 01446278D4563B3013C92830AE6CBB26 ] iaStor C:\WINDOWS\system32\DRIVERS\iaStor.sys
13:58:49.0929 4464 iaStor - ok
13:58:49.0960 4464 [ 400D7095D5AE08970F839BCAC1843106 ] IBMPMDRV C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys
13:58:49.0976 4464 IBMPMDRV - ok
13:58:50.0007 4464 [ 06AF18300C5B511A3D85C3E0B7909C10 ] IBMPMSVC C:\WINDOWS\system32\ibmpmsvc.exe
13:58:50.0023 4464 IBMPMSVC - ok
13:58:50.0069 4464 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:58:50.0101 4464 idsvc - ok
13:58:50.0147 4464 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
13:58:50.0241 4464 Imapi - ok
13:58:50.0272 4464 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe
13:58:50.0350 4464 ImapiService - ok
13:58:50.0382 4464 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
13:58:50.0475 4464 ini910u - ok
13:58:50.0491 4464 [ 69C4E3C9E67A1F103B94E14FDD5F3213 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
13:58:50.0553 4464 IntelIde - ok
13:58:50.0585 4464 [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
13:58:50.0678 4464 intelppm - ok
13:58:50.0694 4464 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
13:58:50.0756 4464 Ip6Fw - ok
13:58:50.0756 4464 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
13:58:50.0819 4464 IpFilterDriver - ok
13:58:50.0850 4464 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
13:58:50.0913 4464 IpInIp - ok
13:58:50.0944 4464 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
13:58:51.0006 4464 IpNat - ok
13:58:51.0022 4464 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
13:58:51.0115 4464 IPSec - ok
13:58:51.0131 4464 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
13:58:51.0209 4464 IRENUM - ok
13:58:51.0240 4464 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
13:58:51.0303 4464 isapnp - ok
13:58:51.0381 4464 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe
13:58:51.0397 4464 IviRegMgr - ok
13:58:51.0459 4464 [ A12175F063302CD68F8FC6D572D7E5FD ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe
13:58:51.0475 4464 JavaQuickStarterService - ok
13:58:51.0506 4464 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
13:58:51.0600 4464 Kbdclass - ok
13:58:51.0615 4464 [ B6D6C117D771C98130497265F26D1882 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
13:58:51.0693 4464 kbdhid - ok
13:58:51.0724 4464 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
13:58:51.0803 4464 kmixer - ok
13:58:51.0849 4464 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
13:58:51.0912 4464 KSecDD - ok
13:58:51.0927 4464 [ 2BBDCB79900990F0716DFCB714E72DE7 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
13:58:51.0990 4464 lanmanserver - ok
13:58:52.0037 4464 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
13:58:52.0084 4464 lanmanworkstation - ok
13:58:52.0084 4464 lbrtfdc - ok
13:58:52.0146 4464 [ 340288B3B2EDC8AFD5FF127DF85142A7 ] LENOVO.MICMUTE C:\Programme\LENOVO\HOTKEY\MICMUTE.exe
13:58:52.0162 4464 LENOVO.MICMUTE - ok
13:58:52.0177 4464 [ 9AAC267A225F3CAEBB9E633F7EB16E4B ] lenovo.smi C:\WINDOWS\system32\DRIVERS\smiif32.sys
13:58:52.0193 4464 lenovo.smi - ok
13:58:52.0224 4464 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
13:58:52.0302 4464 LmHosts - ok
13:58:52.0396 4464 [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\mdm.exe
13:58:52.0411 4464 MDM ( UnsignedFile.Multi.Generic ) - warning
13:58:52.0411 4464 MDM - detected UnsignedFile.Multi.Generic (1)
13:58:52.0458 4464 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
13:58:52.0474 4464 mdmxsdk - ok
13:58:52.0505 4464 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll
13:58:52.0614 4464 Messenger - ok
13:58:52.0661 4464 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
13:58:52.0771 4464 mnmdd - ok
13:58:52.0802 4464 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
13:58:52.0911 4464 mnmsrvc - ok
13:58:52.0942 4464 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
13:58:53.0052 4464 Modem - ok
13:58:53.0067 4464 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
13:58:53.0192 4464 Mouclass - ok
13:58:53.0208 4464 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
13:58:53.0333 4464 mouhid - ok
13:58:53.0364 4464 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
13:58:53.0458 4464 MountMgr - ok
13:58:53.0489 4464 [ D993BEA500E7382DC4E760BF4F35EFCB ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys
13:58:53.0504 4464 MpFilter - ok
13:58:53.0598 4464 [ A69630D039C38018689190234F866D77 ] MpKslbfa0a4c0 C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\{2E28DECB-69A6-44E6-AB49-DAEF583ECEAB}\MpKslbfa0a4c0.sys
13:58:53.0614 4464 MpKslbfa0a4c0 - ok
13:58:53.0629 4464 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
13:58:53.0739 4464 mraid35x - ok
13:58:53.0739 4464 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
13:58:53.0848 4464 MRxDAV - ok
13:58:53.0895 4464 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
13:58:53.0942 4464 MRxSmb - ok
13:58:53.0973 4464 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\system32\msdtc.exe
13:58:54.0051 4464 MSDTC - ok
13:58:54.0067 4464 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
13:58:54.0129 4464 Msfs - ok
13:58:54.0129 4464 MSIServer - ok
13:58:54.0145 4464 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
13:58:54.0223 4464 MSKSSRV - ok
13:58:54.0269 4464 [ 24516BF4E12A46CB67302E2CDCB8CDDF ] MsMpSvc C:\Programme\Microsoft Security Client\MsMpEng.exe
13:58:54.0285 4464 MsMpSvc - ok
13:58:54.0301 4464 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
13:58:54.0363 4464 MSPCLOCK - ok
13:58:54.0379 4464 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
13:58:54.0457 4464 MSPQM - ok
13:58:54.0472 4464 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
13:58:54.0535 4464 mssmbios - ok
13:58:54.0582 4464 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
13:58:54.0660 4464 MSTEE - ok
13:58:54.0691 4464 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
13:58:54.0738 4464 Mup - ok
13:58:54.0769 4464 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
13:58:54.0847 4464 NABTSFEC - ok
13:58:54.0878 4464 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll
13:58:54.0957 4464 napagent - ok
13:58:54.0988 4464 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
13:58:55.0066 4464 NDIS - ok
13:58:55.0097 4464 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
13:58:55.0175 4464 NdisIP - ok
13:58:55.0222 4464 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
13:58:55.0269 4464 NdisTapi - ok
13:58:55.0284 4464 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
13:58:55.0394 4464 Ndisuio - ok
13:58:55.0394 4464 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:58:55.0503 4464 NdisWan - ok
13:58:55.0550 4464 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
13:58:55.0581 4464 NDProxy - ok
13:58:55.0612 4464 [ 51C6D8BFBD4EA5B62A1BA7F4469250D3 ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
13:58:55.0612 4464 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
13:58:55.0612 4464 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
13:58:55.0644 4464 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
13:58:55.0737 4464 NetBIOS - ok
13:58:55.0753 4464 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
13:58:55.0847 4464 NetBT - ok
13:58:55.0862 4464 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe
13:58:55.0940 4464 NetDDE - ok
13:58:55.0956 4464 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
13:58:56.0018 4464 NetDDEdsdm - ok
13:58:56.0034 4464 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe
13:58:56.0112 4464 Netlogon - ok
13:58:56.0143 4464 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll
13:58:56.0237 4464 Netman - ok
13:58:56.0268 4464 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:58:56.0268 4464 NetTcpPortSharing - ok
13:58:56.0440 4464 [ 580207A7C9BDE8BA65401F51F9BA9741 ] NETw5x32 C:\WINDOWS\system32\DRIVERS\NETw5x32.sys
13:58:56.0721 4464 NETw5x32 - ok
13:58:56.0736 4464 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
13:58:56.0861 4464 NIC1394 - ok
13:58:56.0893 4464 [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla C:\WINDOWS\System32\mswsock.dll
13:58:56.0924 4464 Nla - ok
13:58:56.0955 4464 [ F6C40E0A565EE3CE5AEEB325E10054F2 ] nmwcd C:\WINDOWS\system32\drivers\ccdcmb.sys
13:58:57.0127 4464 nmwcd - ok
13:58:57.0158 4464 [ 2A394E9E1FA3565E4B2FEA470FFE4D6B ] nmwcdc C:\WINDOWS\system32\drivers\ccdcmbo.sys
13:58:57.0236 4464 nmwcdc - ok
13:58:57.0267 4464 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
13:58:57.0361 4464 Npfs - ok
13:58:57.0377 4464 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
13:58:57.0486 4464 Ntfs - ok
13:58:57.0517 4464 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
13:58:57.0580 4464 NtLmSsp - ok
13:58:57.0611 4464 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
13:58:57.0689 4464 NtmsSvc - ok
13:58:57.0736 4464 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
13:58:57.0798 4464 Null - ok
13:58:57.0861 4464 [ 2B298519EDBFCF451D43E0F1E8F1006D ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
13:58:57.0986 4464 nv - ok
13:58:58.0001 4464 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
13:58:58.0064 4464 NwlnkFlt - ok
13:58:58.0064 4464 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
13:58:58.0142 4464 NwlnkFwd - ok
13:58:58.0204 4464 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE
13:58:58.0235 4464 odserv - ok
13:58:58.0251 4464 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
13:58:58.0345 4464 ohci1394 - ok
13:58:58.0376 4464 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
13:58:58.0392 4464 ose - ok
13:58:58.0407 4464 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
13:58:58.0485 4464 Parport - ok
13:58:58.0501 4464 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
13:58:58.0563 4464 PartMgr - ok
13:58:58.0579 4464 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
13:58:58.0657 4464 ParVdm - ok
13:58:58.0688 4464 [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
13:58:58.0704 4464 pccsmcfd - ok
13:58:58.0735 4464 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
13:58:58.0813 4464 PCI - ok
13:58:58.0813 4464 PCIDump - ok
13:58:58.0829 4464 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
13:58:58.0891 4464 PCIIde - ok
13:58:58.0907 4464 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
13:58:58.0985 4464 Pcmcia - ok
13:58:58.0985 4464 PDCOMP - ok
13:58:58.0985 4464 PDFRAME - ok
13:58:58.0985 4464 PDRELI - ok
13:58:58.0985 4464 PDRFRAME - ok
13:58:59.0032 4464 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
13:58:59.0110 4464 perc2 - ok
13:58:59.0110 4464 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
13:58:59.0188 4464 perc2hib - ok
13:58:59.0219 4464 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe
13:58:59.0235 4464 PlugPlay - ok
13:58:59.0282 4464 [ DEDEF40E1D05842639491365CB2C069E ] pmem C:\WINDOWS\System32\drivers\pmemnt.sys
13:58:59.0282 4464 pmem ( UnsignedFile.Multi.Generic ) - warning
13:58:59.0282 4464 pmem - detected UnsignedFile.Multi.Generic (1)
13:58:59.0313 4464 [ 79834AA2FBF9FE81EEBB229024F6F7FC ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
13:58:59.0328 4464 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
13:58:59.0328 4464 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
13:58:59.0328 4464 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
13:58:59.0406 4464 PolicyAgent - ok
13:58:59.0453 4464 [ 9036E304C78C7B36F232B1DE319DE934 ] Power Manager DBC Service C:\Programme\ThinkPad\Utilities\PWMDBSVC.exe
13:58:59.0563 4464 Power Manager DBC Service ( UnsignedFile.Multi.Generic ) - warning
13:58:59.0563 4464 Power Manager DBC Service - detected UnsignedFile.Multi.Generic (1)
13:58:59.0609 4464 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
13:58:59.0688 4464 PptpMiniport - ok
13:58:59.0703 4464 [ 2CB55427C58679F49AD600FCCBA76360 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
13:58:59.0766 4464 Processor - ok
13:58:59.0781 4464 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
13:58:59.0844 4464 ProtectedStorage - ok
13:58:59.0891 4464 [ 271F3E304CF2A467188EF393C8FBD2B7 ] psadd C:\WINDOWS\system32\DRIVERS\psadd.sys
13:58:59.0906 4464 psadd - ok
13:58:59.0906 4464 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
13:58:59.0969 4464 PSched - ok
13:59:00.0000 4464 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
13:59:00.0093 4464 Ptilink - ok
13:59:00.0156 4464 [ 65FCFEC6809E70733E1B1658CBA3D1C6 ] PwmEWSvc C:\Programme\ThinkPad\Utilities\PWMEWSVC.exe
13:59:00.0218 4464 PwmEWSvc - ok
13:59:00.0265 4464 [ 153D02480A0A2F45785522E814C634B6 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
13:59:00.0281 4464 PxHelp20 - ok
13:59:00.0296 4464 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
13:59:00.0375 4464 ql1080 - ok
13:59:00.0390 4464 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
13:59:00.0453 4464 Ql10wnt - ok
13:59:00.0484 4464 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
13:59:00.0546 4464 ql12160 - ok
13:59:00.0546 4464 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
13:59:00.0640 4464 ql1240 - ok
13:59:00.0640 4464 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
13:59:00.0702 4464 ql1280 - ok
13:59:00.0734 4464 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
13:59:00.0812 4464 RasAcd - ok
13:59:00.0843 4464 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll
13:59:00.0905 4464 RasAuto - ok
13:59:00.0952 4464 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
13:59:01.0015 4464 Rasl2tp - ok
13:59:01.0046 4464 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll
13:59:01.0124 4464 RasMan - ok
13:59:01.0124 4464 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
13:59:01.0186 4464 RasPppoe - ok
13:59:01.0202 4464 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
13:59:01.0265 4464 Raspti - ok
13:59:01.0296 4464 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
13:59:01.0374 4464 Rdbss - ok
13:59:01.0405 4464 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
13:59:01.0468 4464 RDPCDD - ok
13:59:01.0483 4464 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
13:59:01.0546 4464 rdpdr - ok
13:59:01.0577 4464 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
13:59:01.0624 4464 RDPWD - ok
13:59:01.0655 4464 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
13:59:01.0717 4464 RDSessMgr - ok
13:59:01.0733 4464 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
13:59:01.0827 4464 redbook - ok
13:59:01.0905 4464 [ A171029D6B6C2D93C22861A347F43C2A ] RegSrvc C:\Programme\Gemeinsame Dateien\Intel\WirelessCommon\RegSrvc.exe
13:59:01.0920 4464 RegSrvc - ok
13:59:01.0952 4464 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
13:59:02.0030 4464 RemoteAccess - ok
13:59:02.0045 4464 [ E4CD1F3D84E1C2CA0B8CF7501E201593 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
13:59:02.0123 4464 RemoteRegistry - ok
13:59:02.0170 4464 [ C2EF513BBE069F0D4EE0938A76F975D3 ] rimmptsk C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
13:59:02.0186 4464 rimmptsk - ok
13:59:02.0201 4464 [ C398BCA91216755B098679A8DA8A2300 ] rimsptsk C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
13:59:02.0217 4464 rimsptsk - ok
13:59:02.0233 4464 [ 2A2554CB24506E0A0508FC395C4A1B42 ] rismxdp C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
13:59:02.0264 4464 rismxdp - ok
13:59:02.0357 4464 [ EB9EEB379848F356797EB9EF31114CA5 ] RoxMediaDB10 C:\Programme\Gemeinsame Dateien\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
13:59:02.0389 4464 RoxMediaDB10 - ok
13:59:02.0436 4464 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\system32\locator.exe
13:59:02.0514 4464 RpcLocator - ok
13:59:02.0545 4464 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs C:\WINDOWS\System32\rpcss.dll
13:59:02.0592 4464 RpcSs - ok
13:59:02.0623 4464 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\system32\rsvp.exe
13:59:02.0685 4464 RSVP - ok
13:59:02.0732 4464 [ 87955061FD3789CA7A5C4C72A05A1A9F ] S24EventMonitor C:\Programme\Intel\WiFi\bin\S24EvMon.exe
13:59:02.0982 4464 S24EventMonitor ( UnsignedFile.Multi.Generic ) - warning
13:59:02.0982 4464 S24EventMonitor - detected UnsignedFile.Multi.Generic (1)
13:59:02.0982 4464 [ E7958E8ACDA7CA20127EF5F2235F25CC ] s24trans C:\WINDOWS\system32\DRIVERS\s24trans.sys
13:59:03.0045 4464 s24trans - ok
13:59:03.0076 4464 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe
13:59:03.0138 4464 SamSs - ok
13:59:03.0154 4464 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
13:59:03.0216 4464 SCardSvr - ok
13:59:03.0263 4464 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll
13:59:03.0341 4464 Schedule - ok
13:59:03.0388 4464 [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys
13:59:03.0466 4464 sdbus - ok
13:59:03.0513 4464 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
13:59:03.0575 4464 Secdrv - ok
13:59:03.0591 4464 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll
13:59:03.0685 4464 seclogon - ok
13:59:03.0685 4464 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll
13:59:03.0778 4464 SENS - ok
13:59:03.0794 4464 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
13:59:03.0856 4464 serenum - ok
13:59:03.0872 4464 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
13:59:03.0966 4464 Serial - ok
13:59:04.0075 4464 [ C15B813F2FDB44F87F23312472C6E790 ] ServiceLayer C:\Programme\PC Connectivity Solution\ServiceLayer.exe
13:59:04.0106 4464 ServiceLayer - ok
13:59:04.0122 4464 SessionLauncher - ok
13:59:04.0137 4464 [ 0FA803C64DF0914B41F807EA276BF2A6 ] sffdisk C:\WINDOWS\system32\DRIVERS\sffdisk.sys
13:59:04.0216 4464 sffdisk - ok
13:59:04.0247 4464 [ C17C331E435ED8737525C86A7557B3AC ] sffp_sd C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
13:59:04.0325 4464 sffp_sd - ok
13:59:04.0340 4464 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
13:59:04.0419 4464 Sfloppy - ok
13:59:04.0465 4464 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
13:59:04.0559 4464 SharedAccess - ok
13:59:04.0575 4464 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
13:59:04.0575 4464 ShellHWDetection - ok
13:59:04.0622 4464 [ E91FA3B0F15FADB90B1346A0FAABFFFB ] Shockprf C:\WINDOWS\system32\DRIVERS\Apsx86.sys
13:59:04.0622 4464 Shockprf - ok
13:59:04.0637 4464 Simbad - ok
13:59:04.0653 4464 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
13:59:04.0715 4464 sisagp - ok
13:59:04.0731 4464 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
13:59:04.0809 4464 SLIP - ok
13:59:05.0043 4464 [ 537CD54295CDBCC4DCFFE95E234387AE ] SNP2UVC C:\WINDOWS\system32\DRIVERS\snp2uvc.sys
13:59:05.0496 4464 SNP2UVC - ok
13:59:05.0527 4464 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
13:59:05.0590 4464 Sparrow - ok
13:59:05.0605 4464 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
13:59:05.0730 4464 splitter - ok
13:59:05.0777 4464 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
13:59:05.0793 4464 Spooler - ok
13:59:05.0808 4464 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
13:59:05.0902 4464 sr - ok
13:59:05.0964 4464 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll
13:59:06.0105 4464 srservice - ok
13:59:06.0120 4464 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
13:59:06.0199 4464 Srv - ok
13:59:06.0214 4464 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
13:59:06.0308 4464 SSDPSRV - ok
13:59:06.0323 4464 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll
13:59:06.0480 4464 stisvc - ok
13:59:06.0511 4464 [ 1D0063597C3666404FCF97698ABEB019 ] stllssvr C:\Programme\Gemeinsame Dateien\SureThing Shared\stllssvr.exe
13:59:06.0573 4464 stllssvr - ok
13:59:06.0604 4464 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
13:59:06.0714 4464 streamip - ok
13:59:06.0792 4464 [ C2191C1A5DFED0795E3D3B68905B195B ] SUService c:\programme\lenovo\system update\suservice.exe
13:59:06.0823 4464 SUService ( UnsignedFile.Multi.Generic ) - warning
13:59:06.0823 4464 SUService - detected UnsignedFile.Multi.Generic (1)
13:59:06.0854 4464 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
13:59:06.0964 4464 swenum - ok
13:59:07.0010 4464 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
13:59:07.0104 4464 swmidi - ok
13:59:07.0104 4464 SwPrv - ok
13:59:07.0151 4464 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
13:59:07.0245 4464 symc810 - ok
13:59:07.0260 4464 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
13:59:07.0338 4464 symc8xx - ok
13:59:07.0338 4464 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
13:59:07.0416 4464 sym_hi - ok
13:59:07.0432 4464 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
13:59:07.0494 4464 sym_u3 - ok
13:59:07.0510 4464 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
13:59:07.0573 4464 sysaudio - ok
13:59:07.0604 4464 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
13:59:07.0682 4464 SysmonLog - ok
13:59:07.0713 4464 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
13:59:07.0791 4464 TapiSrv - ok
13:59:07.0838 4464 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
13:59:07.0885 4464 Tcpip - ok
13:59:07.0900 4464 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
13:59:07.0979 4464 TDPIPE - ok
13:59:07.0994 4464 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
13:59:08.0072 4464 TDTCP - ok
13:59:08.0088 4464 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
13:59:08.0166 4464 TermDD - ok
13:59:08.0197 4464 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll
13:59:08.0275 4464 TermService - ok
13:59:08.0306 4464 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll
13:59:08.0306 4464 Themes - ok
13:59:08.0400 4464 [ EB90A37AABAEFD7B4F4F92BEFEA8C2E2 ] ThinkVantage Registry Monitor Service c:\Programme\Gemeinsame Dateien\Lenovo\tvt_reg_monitor_svc.exe
13:59:08.0416 4464 ThinkVantage Registry Monitor Service - ok
13:59:08.0478 4464 [ 03681A1CE77F51586903869A5AB1DEAB ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
13:59:08.0556 4464 TlntSvr - ok
13:59:08.0572 4464 [ D213A9247DC347F305A2D4CC9B951487 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
13:59:08.0634 4464 TosIde - ok
13:59:08.0666 4464 [ 8F58C4FBF3F6E5B816C47201EDE90DCE ] TPDIGIMN C:\WINDOWS\system32\DRIVERS\ApsHM86.sys
13:59:08.0666 4464 TPDIGIMN - ok
13:59:08.0712 4464 [ 116156A5835224407A6DC8C44B6EF4EE ] TPHDEXLGSVC C:\WINDOWS\system32\TPHDEXLG.exe
13:59:08.0728 4464 TPHDEXLGSVC - ok
13:59:08.0759 4464 [ 8AEF2188630F5ECD79AD9ABBA630630B ] TPHKDRV C:\WINDOWS\system32\DRIVERS\TPHKDRV.sys
13:59:08.0806 4464 TPHKDRV - ok
13:59:08.0837 4464 [ 9CD364ECB3A10B24C7CAC8FF89993A67 ] TPHKLOAD C:\Programme\LENOVO\HOTKEY\TPHKLOAD.exe
13:59:08.0853 4464 TPHKLOAD - ok
13:59:08.0884 4464 [ C04BB65441913AB621C58A8BD3169B23 ] TPHKSVC C:\Programme\LENOVO\HOTKEY\TPHKSVC.exe
13:59:08.0900 4464 TPHKSVC - ok
13:59:08.0931 4464 [ DFB268FF0A6DCB9280015FF527F892FF ] TpKmpSVC C:\WINDOWS\system32\TpKmpSVC.exe
13:59:08.0947 4464 TpKmpSVC ( UnsignedFile.Multi.Generic ) - warning
13:59:08.0947 4464 TpKmpSVC - detected UnsignedFile.Multi.Generic (1)
13:59:08.0978 4464 [ 3724DFF72B0F5307CF761CC91C2BB9F7 ] tpm C:\WINDOWS\system32\DRIVERS\tpm.sys
13:59:08.0993 4464 tpm - ok
13:59:09.0040 4464 [ 9E70C240868ED6A55B3B86D4A3A59FD6 ] TPPWRIF C:\WINDOWS\system32\drivers\Tppwrif.sys
13:59:09.0056 4464 TPPWRIF - ok
13:59:09.0087 4464 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll
13:59:09.0181 4464 TrkWks - ok
13:59:09.0196 4464 [ F10F36E20448A5500A5F83F67EE4AAD4 ] TSMAPIP C:\WINDOWS\system32\drivers\TSMAPIP.SYS
13:59:09.0228 4464 TSMAPIP ( UnsignedFile.Multi.Generic ) - warning
13:59:09.0228 4464 TSMAPIP - detected UnsignedFile.Multi.Generic (1)
13:59:09.0306 4464 [ D6EE5DCB3EC401BAA10395809047935E ] TVT Backup Protection Service C:\Programme\Lenovo\Rescue and Recovery\rrpservice.exe
13:59:09.0477 4464 TVT Backup Protection Service ( UnsignedFile.Multi.Generic ) - warning
13:59:09.0477 4464 TVT Backup Protection Service - detected UnsignedFile.Multi.Generic (1)
13:59:09.0493 4464 [ 0DB73F3FB565CF028C7458C70FA59121 ] TVT Backup Service C:\Programme\Lenovo\Rescue and Recovery\rrservice.exe
13:59:09.0634 4464 TVT Backup Service ( UnsignedFile.Multi.Generic ) - warning
13:59:09.0634 4464 TVT Backup Service - detected UnsignedFile.Multi.Generic (1)
13:59:09.0712 4464 [ 6C69FE90F0CC12EF0638AE10DFA4DB4E ] TVT Scheduler c:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\tvtsched.exe
13:59:10.0118 4464 TVT Scheduler ( UnsignedFile.Multi.Generic ) - warning
13:59:10.0118 4464 TVT Scheduler - detected UnsignedFile.Multi.Generic (1)
13:59:10.0180 4464 [ 49258A02A1E8D304ED88B0F1C56B1738 ] tvtfilter C:\WINDOWS\system32\DRIVERS\tvtfilter.sys
13:59:10.0211 4464 tvtfilter - ok
13:59:10.0243 4464 [ 7E66DDA1EF146BFC3A6E36E08E036602 ] TVTI2C C:\WINDOWS\system32\DRIVERS\Tvti2c.sys
13:59:10.0243 4464 TVTI2C - ok
13:59:10.0289 4464 [ 930B8B8EF659A714CF1C755928B8850C ] tvtumon C:\WINDOWS\system32\DRIVERS\tvtumon.sys
13:59:10.0305 4464 tvtumon - ok
13:59:10.0305 4464 [ 22A001F3FBB92E3811C3BFD8FDAD3ED3 ] TVT_UpdateMonitor C:\Programme\Lenovo\Rescue and Recovery\UpdateMonitor.exe
13:59:10.0352 4464 TVT_UpdateMonitor ( UnsignedFile.Multi.Generic ) - warning
13:59:10.0352 4464 TVT_UpdateMonitor - detected UnsignedFile.Multi.Generic (1)
13:59:10.0352 4464 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
13:59:10.0445 4464 Udfs - ok
13:59:10.0461 4464 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
13:59:10.0508 4464 ultra - ok
13:59:10.0539 4464 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
13:59:10.0664 4464 Update - ok
13:59:10.0711 4464 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll
13:59:10.0836 4464 upnphost - ok
13:59:10.0867 4464 [ 47F5F9D837D80FFD5882A14DB9DA0A67 ] upperdev C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
13:59:10.0945 4464 upperdev - ok
13:59:10.0976 4464 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe
13:59:11.0086 4464 UPS - ok
13:59:11.0117 4464 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
13:59:11.0211 4464 usbccgp - ok
13:59:11.0242 4464 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
13:59:11.0335 4464 usbehci - ok
13:59:11.0351 4464 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
13:59:11.0460 4464 usbhub - ok
13:59:11.0476 4464 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
13:59:11.0554 4464 usbscan - ok
13:59:11.0585 4464 [ 1C888B000C2F9492F4B15B5B6B84873E ] usbser C:\WINDOWS\system32\DRIVERS\usbser.sys
13:59:11.0648 4464 usbser - ok
13:59:11.0679 4464 [ E44F0D17BE0908B58DCC99CCB99C6C32 ] UsbserFilt C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
13:59:11.0741 4464 UsbserFilt - ok
13:59:11.0757 4464 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
13:59:11.0835 4464 USBSTOR - ok
13:59:11.0866 4464 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
13:59:11.0929 4464 usbuhci - ok
13:59:11.0976 4464 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
13:59:12.0054 4464 usbvideo - ok
13:59:12.0085 4464 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
13:59:12.0179 4464 VgaSave - ok
13:59:12.0194 4464 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
13:59:12.0257 4464 viaagp - ok
13:59:12.0257 4464 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
13:59:12.0335 4464 ViaIde - ok
13:59:12.0366 4464 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
13:59:12.0428 4464 VolSnap - ok
13:59:12.0460 4464 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe
13:59:12.0553 4464 VSS - ok
13:59:12.0569 4464 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll
13:59:12.0663 4464 W32Time - ok
13:59:12.0678 4464 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
13:59:12.0756 4464 Wanarp - ok
13:59:12.0803 4464 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
13:59:12.0819 4464 Wdf01000 - ok
13:59:12.0819 4464 WDICA - ok
13:59:12.0866 4464 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
13:59:12.0944 4464 wdmaud - ok
13:59:12.0991 4464 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll
13:59:13.0069 4464 WebClient - ok
13:59:13.0100 4464 [ E08CA06BD56B66D6565123445ADB37A6 ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
13:59:13.0147 4464 winachsf - ok
13:59:13.0225 4464 [ F45DD1E1365D857DD08BC23563370D0E ] WinDefend C:\Programme\Windows Defender\MsMpEng.exe
13:59:13.0240 4464 WinDefend - ok
13:59:13.0318 4464 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
13:59:13.0397 4464 winmgmt - ok
13:59:13.0459 4464 [ F10075C2EC96D2EB118012E78ECE2FC2 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
13:59:13.0521 4464 WinRM - ok
13:59:13.0584 4464 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
13:59:13.0615 4464 WmdmPmSN - ok
13:59:13.0646 4464 [ FFA4D901D46D07A5BAB2D8307FBB51A6 ] Wmi C:\WINDOWS\System32\advapi32.dll
13:59:13.0693 4464 Wmi - ok
13:59:13.0724 4464 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
13:59:13.0834 4464 WmiAcpi - ok
13:59:13.0881 4464 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
13:59:14.0005 4464 WmiApSrv - ok
13:59:14.0068 4464 [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc C:\Programme\Windows Media Player\WMPNetwk.exe
13:59:14.0130 4464 WMPNetworkSvc - ok
13:59:14.0193 4464 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
13:59:14.0224 4464 WpdUsb - ok
13:59:14.0255 4464 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
13:59:14.0380 4464 WS2IFSL - ok
13:59:14.0411 4464 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINDOWS\system32\wscsvc.dll
13:59:14.0536 4464 wscsvc - ok
13:59:14.0536 4464 WSearch - ok
13:59:14.0552 4464 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
13:59:14.0630 4464 WSTCODEC - ok
13:59:14.0646 4464 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
13:59:14.0708 4464 wuauserv - ok
13:59:14.0771 4464 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
13:59:14.0802 4464 WudfPf - ok
13:59:14.0817 4464 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
13:59:14.0833 4464 WudfRd - ok
13:59:14.0833 4464 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
13:59:14.0864 4464 WudfSvc - ok
13:59:14.0911 4464 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
13:59:15.0005 4464 WZCSVC - ok
13:59:15.0036 4464 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
13:59:15.0114 4464 xmlprov - ok
13:59:15.0114 4464 ================ Scan global ===============================
13:59:15.0161 4464 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
13:59:15.0192 4464 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
13:59:15.0208 4464 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
13:59:15.0223 4464 [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe
13:59:15.0223 4464 [Global] - ok
13:59:15.0223 4464 ================ Scan MBR ==================================
13:59:15.0255 4464 [ D40442C0074CC13B2A01A7BA686BD3E8 ] \Device\Harddisk0\DR0
13:59:15.0504 4464 \Device\Harddisk0\DR0 - ok
13:59:15.0520 4464 [ EAC4ED3A29002C1FED696F8B797710BA ] \Device\Harddisk1\DR4
13:59:18.0690 4464 \Device\Harddisk1\DR4 - ok
13:59:18.0690 4464 ================ Scan VBR ==================================
13:59:18.0705 4464 [ 9C11F7CA278DA432A70B8324C36740A1 ] \Device\Harddisk0\DR0\Partition1
13:59:18.0705 4464 \Device\Harddisk0\DR0\Partition1 - ok
13:59:18.0721 4464 [ 759D9D88014AA3A483E9F2CC6A026B01 ] \Device\Harddisk0\DR0\Partition2
13:59:18.0721 4464 \Device\Harddisk0\DR0\Partition2 - ok
13:59:18.0736 4464 ============================================================
13:59:18.0736 4464 Scan finished
13:59:18.0736 4464 ============================================================
13:59:18.0846 2436 Detected object count: 16
13:59:18.0846 2436 Actual detected object count: 16
14:00:02.0783 2436 ADMonitor ( UnsignedFile.Multi.Generic ) - skipped by user
14:00:02.0783 2436 ADMonitor ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:00:02.0783 2436 dtsvc ( UnsignedFile.Multi.Generic ) - skipped by user
14:00:02.0783 2436 dtsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:00:02.0783 2436 FingerprintServer ( UnsignedFile.Multi.Generic ) - skipped by user
14:00:02.0783 2436 FingerprintServer ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:00:02.0783 2436 MDM ( UnsignedFile.Multi.Generic ) - skipped by user
14:00:02.0783 2436 MDM ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:00:02.0783 2436 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
14:00:02.0783 2436 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:00:02.0799 2436 pmem ( UnsignedFile.Multi.Generic ) - skipped by user
14:00:02.0799 2436 pmem ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:00:02.0799 2436 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
14:00:02.0799 2436 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:00:02.0799 2436 Power Manager DBC Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:00:02.0799 2436 Power Manager DBC Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:00:02.0799 2436 S24EventMonitor ( UnsignedFile.Multi.Generic ) - skipped by user
14:00:02.0799 2436 S24EventMonitor ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:00:02.0799 2436 SUService ( UnsignedFile.Multi.Generic ) - skipped by user
14:00:02.0799 2436 SUService ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:00:02.0799 2436 TpKmpSVC ( UnsignedFile.Multi.Generic ) - skipped by user
14:00:02.0799 2436 TpKmpSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:00:02.0799 2436 TSMAPIP ( UnsignedFile.Multi.Generic ) - skipped by user
14:00:02.0799 2436 TSMAPIP ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:00:02.0799 2436 TVT Backup Protection Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:00:02.0799 2436 TVT Backup Protection Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:00:02.0815 2436 TVT Backup Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:00:02.0815 2436 TVT Backup Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:00:02.0815 2436 TVT Scheduler ( UnsignedFile.Multi.Generic ) - skipped by user
14:00:02.0815 2436 TVT Scheduler ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:00:02.0815 2436 TVT_UpdateMonitor ( UnsignedFile.Multi.Generic ) - skipped by user
14:00:02.0815 2436 TVT_UpdateMonitor ( UnsignedFile.Multi.Generic ) - User select action: Skip

markusg · 17.09.2012, 10:48

gibts denn probleme mit dem pc?

nobear68 · 17.09.2012, 11:38

...ne eigentl gibt es keine Probleme! Der Admin hatte ja auch nichts gefunden
Das Thema ist ja wg dem WEB Abuse Team und dem GMX Abuse Team aufgekommen....
Also ist Dir jetzt nichts auffälliges aufgefallen?
Gruss

markusg · 17.09.2012, 14:58

auf dem pc nicht, muss mir dann noch das combofix log vom andern pc ansehen.

17.09.2012, 10:48	#12
markusg /// Malware-holic	Mail von WEB.de Abuse Team...Echt oder Spam?? gibts denn probleme mit dem pc? __________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet

Mail von WEB.de Abuse Team...Echt oder Spam??

Plagegeister aller Art und deren Bekämpfung: Mail von WEB.de Abuse Team...Echt oder Spam??