| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Hilfe! Malware/Backdoor gefunden & Outlook stürzt nach Start abWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
09.02.2014, 18:00
| #1 |
| |  Hilfe! Malware/Backdoor gefunden & Outlook stürzt nach Start ab Hallo und schönen guten Tag, Eure Seite macht einen Klasse Eindruck, habe schon öfter interessante Tipps gefunden, freue mich, dass es sowas wie Euch gibt!  Folgendes Problem besteht: Bei jedem Start von Outlook stürzt es neuerdings ab. Deinstallieren und erneutes Installieren half nicht. Nun habe ich AntiMalewareBytes durchlaufen lassen und bin mir unsicher wie ich weiter verfahren sollte, um das Problem an der Wurzel zu packen und nicht nur oberflächlich Abhilfe zu schaffen. Auf dem Rechner ist Kaspersky Internet Security in der aktuellsten Version installiert (wurde auf Grund Lizenzverlängerung am 22.Januar neu installiert, daher keine älteren Logs vorhanden) Folgende Logs liegen vor (in Reihenfolge der Erstellung, älteste zuerst): Kaspersky IS 2014: Code:
ATTFilter ojanisches Programm (1)
Trojan-Dropper.Win32.Agent.jkcd Gelöscht 22.01.2014 16:34:16 C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Temp\32.tmp// data0001
Typ: Unbekannt (1)
32.tmp Gelöscht 22.01.2014 16:34:15 C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Temp\ 32.tmp
Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2014.02.09.01 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 TanzZeit :: ACER-62802DF1A0 [Administrator] 09.02.2014 08:48:13 MBAM-log-2014-02-09 (14-55-45).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM | P2P Deaktivierte Suchlaufeinstellungen: Durchsuchte Objekte: 427044 Laufzeit: 1 Stunde(n), 4 Minute(n), 11 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 4 HKCR\iminent (PUP.Optional.Iminent.A) -> Keine Aktion durchgeführt. HKCR\AppID\Iminent.WebBooster.InternetExplorer.DLL (PUP.Optional.Iminent.A) -> Keine Aktion durchgeführt. HKCU\SOFTWARE\SMARTBAR (PUP.Optional.SnapDo.A) -> Keine Aktion durchgeführt. HKLM\Software\Iminent (PUP.Optional.Iminent.A) -> Keine Aktion durchgeführt. Infizierte Registrierungswerte: 1 HKCU\Software\Smartbar|publisher (PUP.Optional.SnapDo.A) -> Daten: SnapdoSoftonicYB -> Keine Aktion durchgeführt. Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 2 C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Temp\bootstrapper.exe (PUP.Optional.Iminent.A) -> Keine Aktion durchgeführt. C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Temp\OCS\Downloads\fc14996dfa99adfc7baae624196888c5\635e5489064fe0b451850a9c746595d2\TinyPicSetup.exe (Backdoor.Agent.FPA) -> Keine Aktion durchgeführt. (Ende) FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 09-02-2014 Ran by TanzZeit (administrator) on ACER-62802DF1A0 on 09-02-2014 15:00:54 Running from C:\Dokumente und Einstellungen\TanzZeit\Eigene Dateien\Downloads Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: German Standard Internet Explorer Version 8 Boot Mode: Normal ==================== Processes (Whitelisted) ================= () C:\Programme\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe (Kaspersky Lab ZAO) C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Oracle Corporation) C:\Programme\Java\jre7\bin\jqs.exe (Hewlett-Packard Company) C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe (Intel Corporation) C:\Programme\Intel\AMT\LMS.exe () C:\Programme\CyberLink\Shared Files\RichVideo.exe (Intel Corporation) C:\Programme\Gemeinsame Dateien\Intel\Privacy Icon\UNS\UNS.exe (AVG Secure Search) C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\17.0.1\ToolbarUpdater.exe () C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\17.0.1\loggingserver.exe (Intel Corporation) C:\Programme\Intel\Intel Matrix Storage Manager\IAANTMon.exe () C:\Programme\AVG Secure Search\vprot.exe (Oracle Corporation) C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Kaspersky Lab ZAO) C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Spotify Ltd) C:\Dokumente und Einstellungen\TanzZeit\Anwendungsdaten\Spotify\Data\SpotifyWebHelper.exe (Skype Technologies S.A.) C:\Programme\Skype\Phone\Skype.exe (Dropbox, Inc.) C:\Dokumente und Einstellungen\TanzZeit\Anwendungsdaten\Dropbox\bin\Dropbox.exe (Oracle Corporation) C:\Programme\Gemeinsame Dateien\Java\Java Update\jucheck.exe (Malwarebytes Corporation) C:\Programme\Malwarebytes' Anti-Malware\mbam.exe (TeamViewer GmbH) C:\Programme\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer GmbH) C:\Programme\TeamViewer\Version9\TeamViewer.exe (TeamViewer GmbH) C:\Programme\TeamViewer\Version9\tv_w32.exe (Google Inc.) C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [vProt] - C:\Programme\AVG Secure Search\vprot.exe [2404376 2013-09-30] () HKLM\...\Run: [SunJavaUpdateSched] - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM\...\Run: [APSDaemon] - C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM\...\Run: [QuickTime Task] - C:\Programme\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.) HKLM\...\Run: [AVP] - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2014-01-22] (Kaspersky Lab ZAO) HKLM\...\RunOnce: [ Malwarebytes Anti-Malware ] - C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation) Winlogon\Notify\klogon: C:\WINDOWS\system32\klogon.dll (Kaspersky Lab ZAO) HKU\S-1-5-21-3576300238-2120361324-1700292190-1008\...\Run: [Google Update] - C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe [116648 2013-01-14] (Google Inc.) HKU\S-1-5-21-3576300238-2120361324-1700292190-1008\...\Run: [Spotify Web Helper] - C:\Dokumente und Einstellungen\TanzZeit\Anwendungsdaten\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-16] (Spotify Ltd) HKU\S-1-5-21-3576300238-2120361324-1700292190-1008\...\Run: [Skype] - C:\Programme\Skype\Phone\Skype.exe [20681584 2013-07-25] (Skype Technologies S.A.) HKU\S-1-5-21-3576300238-2120361324-1700292190-1008\...\MountPoints2: {ecdf0dfd-9158-11e3-82cd-0025115cacdd} - E:\LaunchU3.exe -a Lsa: [Authentication Packages] msv1_0 wvauth Startup: C:\Dokumente und Einstellungen\TanzZeit\Startmenü\Programme\Autostart\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Dokumente und Einstellungen\TanzZeit\Anwendungsdaten\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms} HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=0&o=xpp&d=0211&m=veriton_m670g HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com/search?q={searchTerms} SearchScopes: HKLM - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.bing.com/search?q={searchTerms} SearchScopes: HKLM - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.bing.com/search?q={searchTerms} SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.bing.com/search?q={searchTerms} SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.bing.com/search?q={searchTerms} SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Programme\AVG Secure Search\17.0.0.9\AVG Secure Search_toolbar.dll (AVG Secure Search) BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) BHO: Yontoo - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Programme\Yontoo\YontooIEClient.dll (Yontoo LLC) Toolbar: HKLM - No Name - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No File Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File Toolbar: HKLM - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Programme\AVG Secure Search\17.0.0.9\AVG Secure Search_toolbar.dll (AVG Secure Search) Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies) Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Programme\Gemeinsame Dateien\AVG Secure Search\ViProtocolInstaller\17.0.1\ViProtocol.dll (AVG Secure Search) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Dokumente und Einstellungen\TanzZeit\Anwendungsdaten\Mozilla\Firefox\Profiles\l8xle910.default FF user.js: detected! => C:\Dokumente und Einstellungen\TanzZeit\Anwendungsdaten\Mozilla\Firefox\Profiles\l8xle910.default\user.js FF NewTab: about:blank FF SearchEngineOrder.user_pref("browser.search.order.1", "");: user_pref("browser.search.order.1", ""); FF SelectedSearchEngine: Google FF Homepage: hxxp://www.google.de/ncr FF Keyword.URL: hxxp://www.google.com/search?rls=org.mozilla:en-US:official&client=firefox-a&q= FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll () FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Programme\Gemeinsame Dateien\AVG Secure Search\SiteSafetyInstaller\17.0.1\\npsitesafety.dll (AVG Technologies) FF Plugin: @java.com/DTPlugin,version=10.40.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.40.2 - C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 - C:\Programme\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 - C:\Programme\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.) FF SearchPlugin: C:\Dokumente und Einstellungen\TanzZeit\Anwendungsdaten\Mozilla\Firefox\Profiles\l8xle910.default\searchplugins\browsemngr.xml FF SearchPlugin: C:\Programme\mozilla firefox\searchplugins\avg-secure-search.xml FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\avg-secure-search.xml FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: TubeSaver-1 - C:\Dokumente und Einstellungen\TanzZeit\Anwendungsdaten\Mozilla\Firefox\Profiles\l8xle910.default\Extensions\951bb5c8-a6ed-4af6-a53c-1d3eec03d6dd@b61ef5da-5b52-4500-a9b4-273eca044964.com [2013-11-13] FF Extension: Yontoo - C:\Dokumente und Einstellungen\TanzZeit\Anwendungsdaten\Mozilla\Firefox\Profiles\l8xle910.default\Extensions\plugin@yontoo.com.xpi [2013-03-12] FF Extension: Anti-Banner - C:\Programme\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak [2014-01-09] FF Extension: Modul zur Link-Untersuchung - C:\Programme\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak [2014-01-09] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [] FF HKLM\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru FF HKLM\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru FF HKLM\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru FF HKLM\...\Firefox\Extensions: [webbooster@iminent.com] - C:\Programme\Iminent\webbooster@iminent.com FF HKLM\...\Firefox\Extensions: [avg@toolbar] - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVG Secure Search\FireFoxExt\17.0.0.9 FF Extension: AVG Security Toolbar - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVG Secure Search\FireFoxExt\17.0.0.9 [2013-09-30] FF HKLM\...\Firefox\Extensions: - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com FF Extension: Kaspersky URL Advisor - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2014-01-22] FF HKLM\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com FF Extension: Virtual Keyboard - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2014-01-22] FF HKLM\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com FF Extension: Content Blocker - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2014-01-22] FF HKLM\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com FF Extension: Anti-Banner - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2014-01-22] FF HKLM\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com FF Extension: Safe Money - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2014-01-22] Chrome: ======= CHR HomePage: hxxp://www.google.com CHR Plugin: (Shockwave Flash) - C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\32.0.1700.107\pdf.dll () CHR Plugin: (Application Manager) - C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\spext.dll No File CHR Plugin: (Adobe Acrobat) - C:\Programme\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Programme\QuickTime\plugins\npqtplugin.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Programme\QuickTime\plugins\npqtplugin2.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Programme\QuickTime\plugins\npqtplugin3.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Programme\QuickTime\plugins\npqtplugin4.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Programme\QuickTime\plugins\npqtplugin5.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Programme\QuickTime\plugins\npqtplugin6.dll No File CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Programme\QuickTime\plugins\npqtplugin7.dll No File CHR Plugin: (Microsoft® DRM) - C:\Programme\Windows Media Player\npdrmv2.dll (Microsoft Corporation) CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Programme\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.)) CHR Plugin: (Microsoft® DRM) - C:\Programme\Windows Media Player\npwmsdrm.dll (Microsoft Corporation) CHR Plugin: (AVG SiteSafety plugin) - C:\Programme\Gemeinsame Dateien\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll (AVG Technologies) CHR Plugin: (Google Earth Plugin) - C:\Programme\Google\Google Earth\plugin\npgeplugin.dll No File CHR Plugin: (Google Update) - C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll No File CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) CHR Extension: (Google Docs) - C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-01-14] CHR Extension: (Google Drive) - C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-01-14] CHR Extension: (YouTube) - C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-14] CHR Extension: (Google-Suche) - C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-14] CHR Extension: (Modul zur Link-Untersuchung) - C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-01-23] CHR Extension: (Sicherer Zahlungsverkehr) - C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2014-01-23] CHR Extension: (Virtuelle Tastatur) - C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2014-01-23] CHR Extension: (AVG Secure Search) - C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2013-05-21] CHR Extension: (Google Wallet) - C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23] CHR Extension: (Google Mail) - C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-14] CHR Extension: (Anti-Banner) - C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2014-01-23] CHR HKLM\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\urladvisor.crx [2012-08-18] CHR HKLM\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\online_banking_chrome.crx [2012-08-18] CHR HKLM\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\content_blocker_chrome.crx [2012-08-18] CHR HKLM\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\virtkbd.crx [2012-08-18] CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVG Secure Search\ChromeExt\17.0.0.9\avg.crx [2013-09-30] CHR HKLM\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\DOKUME~1\TanzZeit\LOKALE~1\Temp\YontooLayers.crx [2012-10-11] CHR HKLM\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx [2012-08-18] ========================== Services (Whitelisted) ================= R2 AVP; C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2014-01-22] (Kaspersky Lab ZAO) S3 GoogleDesktopManager-080708-050100; C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe [24064 2011-02-23] (Google) S2 gupdate; C:\Programme\Google\Update\GoogleUpdate.exe [136176 2012-10-11] (Google Inc.) S3 gupdatem; C:\Programme\Google\Update\GoogleUpdate.exe [136176 2012-10-11] (Google Inc.) R2 IAANTMON; C:\Programme\Intel\Intel Matrix Storage Manager\IAANTMon.exe [354840 2008-07-20] (Intel Corporation) S3 IDriverT; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) R2 JavaQuickStarterService; C:\Programme\Java\jre7\bin\jqs.exe [182696 2013-09-19] (Oracle Corporation) R2 LightScribeService; C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe [61440 2007-01-17] (Hewlett-Packard Company) R2 LMS; C:\Programme\Intel\AMT\LMS.exe [174616 2008-07-25] (Intel Corporation) S3 MozillaMaintenance; C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe [119408 2014-01-09] (Mozilla Foundation) S3 odserv; C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE [441136 2006-10-26] (Microsoft Corporation) S3 ose; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [145184 2006-10-26] (Microsoft Corporation) R2 RichVideo; C:\Programme\CyberLink\Shared Files\RichVideo.exe [171040 2007-01-08] () S3 SecureStorageService; C:\Programme\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe [488448 2007-10-29] (Wave Systems Corp.) S2 SkypeUpdate; C:\Programme\Skype\Updater\Updater.exe [162672 2013-07-25] (Skype Technologies) S3 SQLWriter; C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe [87840 2006-04-14] (Microsoft Corporation) R2 tcsd_win32.exe; C:\Programme\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [1249280 2008-03-10] () R2 TeamViewer9; C:\Programme\TeamViewer\Version9\TeamViewer_Service.exe [4915040 2014-02-05] (TeamViewer GmbH) R2 UNS; C:\Programme\Gemeinsame Dateien\Intel\Privacy Icon\UNS\UNS.exe [2054680 2008-07-25] (Intel Corporation) R2 vToolbarUpdater17.0.1; C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\17.0.1\ToolbarUpdater.exe [1734680 2013-09-30] (AVG Secure Search) R2 Wave UCSPlus; C:\WINDOWS\system32\dllhost.exe [5120 2008-04-15] (Microsoft Corporation) S3 WaveEnrollmentService; C:\Programme\Wave Systems Corp\Authentication Manager\WaveEnrollmentService.exe [192512 2008-05-02] (Wave Systems Corp.) S3 WMPNetworkSvc; C:\Programme\Windows Media Player\WMPNetwk.exe [920576 2006-10-24] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [37664 2013-09-30] (AVG Technologies) R3 e1kexpress; C:\WINDOWS\System32\DRIVERS\e1k5132.sys [144480 2008-06-05] (Intel Corporation) R0 KL1; C:\WINDOWS\System32\DRIVERS\kl1.sys [135776 2014-01-22] (Kaspersky Lab ZAO) R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [593504 2014-01-22] (Kaspersky Lab ZAO) R3 klim5; C:\WINDOWS\System32\DRIVERS\klim5.sys [35672 2012-06-27] (Kaspersky Lab ZAO) R3 klkbdflt; C:\WINDOWS\System32\DRIVERS\klkbdflt.sys [24160 2014-01-22] (Kaspersky Lab ZAO) R3 klmouflt; C:\WINDOWS\System32\DRIVERS\klmouflt.sys [24672 2014-01-22] (Kaspersky Lab ZAO) R1 kltdi; C:\WINDOWS\System32\DRIVERS\kltdi.sys [44000 2014-01-22] (Kaspersky Lab ZAO) R1 kneps; C:\WINDOWS\System32\DRIVERS\kneps.sys [145040 2014-01-22] (Kaspersky Lab ZAO) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\mbamswissarmy.sys [40776 2014-02-09] (Malwarebytes Corporation) S3 NAL; C:\WINDOWS\system32\Drivers\iqvw32.sys [30816 2008-05-23] (Intel Corporation ) R3 tpm; C:\WINDOWS\System32\DRIVERS\tpm.sys [13824 2008-06-20] (Intel Corporation) R0 UBHelper; C:\WINDOWS\system32\Drivers\UBHelper.sys [13952 2006-08-28] () R2 WavxDMgr; C:\WINDOWS\System32\DRIVERS\WavxDMgr.sys [164792 2008-07-19] (Wave Systems Corp.) S2 eLock2BurnerLockDriver; \??\C:\WINDOWS\system32\eLock2BurnerLockDriver.sys [X] S2 eLock2FSCTLDriver; \??\C:\WINDOWS\system32\eLock2FSCTLDriver.sys [X] S4 IntelIde; No ImagePath U5 klflt; C:\Windows\System32\Drivers\klflt.sys [74336 2014-01-22] (Kaspersky Lab ZAO) S3 psdfilter; \??\C:\WINDOWS\system32\Drivers\psdfilter.sys [X] S3 psdvdisk; \??\C:\WINDOWS\system32\Drivers\psdvdisk.sys [X] U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-15] (Microsoft Corporation) U1 WS2IFSL; ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-02-09 15:00 - 2014-02-09 15:00 - 00000000 ____D () C:\FRST 2014-02-09 08:43 - 2014-02-09 08:43 - 00000791 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\TeamViewer 9.lnk 2014-02-09 08:43 - 2014-02-09 08:43 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\TeamViewer 8 2014-02-09 08:42 - 2014-02-09 08:43 - 00040776 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2014-02-09 08:42 - 2014-02-09 08:42 - 00000760 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk 2014-02-09 08:09 - 2014-02-09 08:39 - 00000000 ____D () C:\Dokumente und Einstellungen\TanzZeit\Anwendungsdaten\U3 2014-02-04 10:29 - 2014-02-04 10:29 - 00000000 ____D () C:\Programme\Microsoft Visual Studio 2014-01-31 08:46 - 2014-01-31 08:46 - 00000000 ____D () C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\McAfee 2014-01-29 11:23 - 2014-01-29 11:25 - 00000000 ____D () C:\Dokumente und Einstellungen\TanzZeit\Desktop\Mein Projekt 2014-01-22 11:36 - 2014-01-22 11:36 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Kaspersky Internet Security 2013 2014-01-22 11:31 - 2014-01-22 16:12 - 00074336 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klflt.sys 2014-01-16 22:03 - 2014-01-16 22:03 - 00005659 _____ () C:\WINDOWS\KB2914368.log 2014-01-16 22:03 - 2014-01-16 22:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2914368$ 2014-01-10 16:25 - 2014-01-10 16:25 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NtiDvdCopy 2014-01-10 16:21 - 2013-02-08 10:14 - 195779508 _____ () C:\Dokumente und Einstellungen\TanzZeit\Desktop\2013-02-08 10.14.32.mp4 ==================== One Month Modified Files and Folders ======= 2014-07-28 15:38 - 2011-02-23 16:01 - 00000424 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{D74B1C07-CFA8-485D-AABD-998DFEB0D07B}.job 2014-02-09 15:00 - 2014-02-09 15:00 - 00000000 ____D () C:\FRST 2014-02-09 14:33 - 2011-02-23 14:31 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kaspersky Lab 2014-02-09 14:32 - 2012-10-11 10:52 - 00001094 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-02-09 14:32 - 2012-10-11 10:52 - 00001090 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-02-09 14:17 - 2013-01-14 14:41 - 00001222 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3576300238-2120361324-1700292190-1008UA.job 2014-02-09 14:16 - 2013-09-30 09:33 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-02-09 10:17 - 2013-01-14 14:41 - 00001170 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3576300238-2120361324-1700292190-1008Core.job 2014-02-09 08:50 - 2008-09-24 03:41 - 00091144 _____ () C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT 2014-02-09 08:43 - 2014-02-09 08:43 - 00000791 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\TeamViewer 9.lnk 2014-02-09 08:43 - 2014-02-09 08:43 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\TeamViewer 8 2014-02-09 08:43 - 2014-02-09 08:42 - 00040776 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2014-02-09 08:43 - 2008-09-24 03:54 - 00000000 ___RD () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme 2014-02-09 08:42 - 2014-02-09 08:42 - 00000760 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk 2014-02-09 08:42 - 2013-10-11 16:12 - 00000000 ____D () C:\Programme\Malwarebytes' Anti-Malware 2014-02-09 08:42 - 2013-10-11 16:12 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware 2014-02-09 08:42 - 2013-10-08 09:08 - 00000000 ____D () C:\Programme\TeamViewer 2014-02-09 08:41 - 2008-09-24 03:54 - 00000000 ___RD () C:\Programme 2014-02-09 08:41 - 2008-09-24 03:49 - 00000000 ___RD () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart 2014-02-09 08:39 - 2014-02-09 08:09 - 00000000 ____D () C:\Dokumente und Einstellungen\TanzZeit\Anwendungsdaten\U3 2014-02-09 08:10 - 2008-09-24 04:00 - 01335484 _____ () C:\WINDOWS\WindowsUpdate.log 2014-02-09 08:09 - 2013-03-28 14:25 - 00247166 _____ () C:\WINDOWS\setupapi.log 2014-02-09 08:09 - 2012-08-08 12:27 - 00000000 ___RD () C:\Dokumente und Einstellungen\TanzZeit\Eigene Dateien\Dropbox 2014-02-09 08:09 - 2012-08-08 12:25 - 00000000 ____D () C:\Dokumente und Einstellungen\TanzZeit\Anwendungsdaten\Dropbox 2014-02-09 08:08 - 2013-06-03 11:02 - 00000350 _____ () C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job 2014-02-09 08:08 - 2008-09-24 04:05 - 00000157 _____ () C:\WINDOWS\wiadebug.log 2014-02-09 08:08 - 2008-09-24 04:05 - 00000050 _____ () C:\WINDOWS\wiaservc.log 2014-02-09 08:08 - 2008-09-24 04:00 - 00001158 _____ () C:\WINDOWS\system32\wpa.dbl 2014-02-09 08:08 - 2008-09-24 04:00 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-02-09 08:08 - 2008-09-24 03:59 - 00000000 ____D () C:\WINDOWS\Registration 2014-02-09 08:08 - 2008-09-24 03:58 - 00000000 ____D () C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\NTRU Cryptosystems 2014-02-08 09:19 - 2008-09-24 04:00 - 00032608 _____ () C:\WINDOWS\SchedLgU.Txt 2014-02-08 08:59 - 2008-09-24 03:08 - 00233348 _____ () C:\WINDOWS\setupact.log 2014-02-07 14:28 - 2011-02-23 14:08 - 00000190 ___SH () C:\Dokumente und Einstellungen\TanzZeit\ntuser.ini 2014-02-07 14:28 - 2011-02-23 14:08 - 00000000 ____D () C:\Dokumente und Einstellungen\TanzZeit 2014-02-07 14:28 - 2008-09-24 03:46 - 00196608 _____ () C:\WINDOWS\system32\config\ODiag.evt 2014-02-07 13:43 - 2011-03-02 18:08 - 00000000 ____D () C:\Dokumente und Einstellungen\TanzZeit\Anwendungsdaten\vlc 2014-02-07 10:16 - 2012-11-09 11:52 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2014-02-07 10:16 - 2011-07-05 09:34 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2014-02-05 09:20 - 2013-05-06 09:37 - 00000000 ____D () C:\Dokumente und Einstellungen\TanzZeit\Anwendungsdaten\Spotify 2014-02-05 08:02 - 2013-05-06 09:38 - 00000000 ____D () C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Spotify 2014-02-04 10:34 - 2008-09-24 03:47 - 00335464 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2014-02-04 10:29 - 2014-02-04 10:29 - 00000000 ____D () C:\Programme\Microsoft Visual Studio 2014-02-04 10:29 - 2008-09-24 03:45 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft Help 2014-02-04 10:29 - 2008-09-24 03:44 - 00000000 ____D () C:\Programme\Gemeinsame Dateien\Microsoft Shared 2014-02-04 10:29 - 2008-09-24 03:43 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Office 2014-02-04 10:28 - 2008-09-24 03:44 - 00000582 _____ () C:\WINDOWS\win.ini 2014-02-04 10:28 - 2008-09-24 03:43 - 00000000 ____D () C:\Programme\Microsoft Office 2014-02-04 10:25 - 2011-02-23 14:08 - 00000000 ___RD () C:\Dokumente und Einstellungen\TanzZeit\Startmenü\Programme 2014-02-04 10:18 - 2008-09-24 03:53 - 00000000 ____D () C:\Programme\Google 2014-01-31 08:46 - 2014-01-31 08:46 - 00000000 ____D () C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\McAfee 2014-01-31 08:25 - 2013-09-06 09:35 - 00000000 ____D () C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\CUSTPDF Writer 2014-01-31 08:17 - 2011-02-23 14:08 - 00000000 ____D () C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Adobe 2014-01-31 08:15 - 2011-02-23 14:12 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\McAfee 2014-01-29 14:26 - 2013-10-10 10:29 - 00000000 ____D () C:\Dokumente und Einstellungen\TanzZeit\Desktop\Club Oval 2014-01-29 14:17 - 2011-02-24 15:25 - 00000000 ____D () C:\Netzwerk 2014-01-29 13:21 - 2013-10-28 11:17 - 00000000 ____D () C:\Dokumente und Einstellungen\TanzZeit\Desktop\Dance for your rights 2014-01-29 11:25 - 2014-01-29 11:23 - 00000000 ____D () C:\Dokumente und Einstellungen\TanzZeit\Desktop\Mein Projekt 2014-01-25 17:35 - 2012-01-23 12:10 - 00000276 _____ () C:\WINDOWS\Tasks\AppleSoftwareUpdate.job 2014-01-22 16:12 - 2014-01-22 11:31 - 00074336 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klflt.sys 2014-01-22 16:12 - 2012-08-13 16:49 - 00145040 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\kneps.sys 2014-01-22 16:12 - 2012-06-19 17:28 - 00135776 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\kl1.sys 2014-01-22 16:12 - 2012-06-08 11:38 - 00044000 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\kltdi.sys 2014-01-22 16:12 - 2012-05-25 19:38 - 00024160 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klkbdflt.sys 2014-01-22 16:12 - 2011-02-23 14:31 - 00593504 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klif.sys 2014-01-22 16:12 - 2009-11-02 19:27 - 00024672 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klmouflt.sys 2014-01-22 11:36 - 2014-01-22 11:36 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Kaspersky Internet Security 2013 2014-01-22 11:36 - 2011-02-23 14:31 - 00000000 ____D () C:\Programme\Kaspersky Lab 2014-01-16 22:06 - 2013-08-14 16:10 - 00000000 ____D () C:\WINDOWS\system32\MRT 2014-01-16 22:03 - 2014-01-16 22:03 - 00005659 _____ () C:\WINDOWS\KB2914368.log 2014-01-16 22:03 - 2014-01-16 22:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2914368$ 2014-01-16 22:03 - 2011-02-23 15:49 - 83425928 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2014-01-16 22:03 - 2008-09-24 04:00 - 01818134 _____ () C:\WINDOWS\iis6.log 2014-01-16 22:03 - 2008-09-24 04:00 - 00760614 _____ () C:\WINDOWS\tsoc.log 2014-01-16 22:03 - 2008-09-24 03:37 - 01664979 _____ () C:\WINDOWS\FaxSetup.log 2014-01-16 22:03 - 2008-09-24 03:37 - 00801004 _____ () C:\WINDOWS\ocgen.log 2014-01-16 22:03 - 2008-09-24 03:37 - 00558962 _____ () C:\WINDOWS\comsetup.log 2014-01-16 22:03 - 2008-09-24 03:37 - 00509964 _____ () C:\WINDOWS\msmqinst.log 2014-01-16 22:03 - 2008-09-24 03:37 - 00336283 _____ () C:\WINDOWS\ntdtcsetup.log 2014-01-16 22:03 - 2008-09-24 03:37 - 00289720 _____ () C:\WINDOWS\netfxocm.log 2014-01-16 22:03 - 2008-09-24 03:37 - 00117581 _____ () C:\WINDOWS\MedCtrOC.log 2014-01-16 22:03 - 2008-09-24 03:37 - 00091427 _____ () C:\WINDOWS\ocmsn.log 2014-01-16 22:03 - 2008-09-24 03:37 - 00083593 _____ () C:\WINDOWS\tabletoc.log 2014-01-16 22:03 - 2008-09-24 03:37 - 00082787 _____ () C:\WINDOWS\msgsocm.log 2014-01-16 22:03 - 2008-09-24 03:37 - 00001374 _____ () C:\WINDOWS\imsins.log 2014-01-10 16:25 - 2014-01-10 16:25 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NtiDvdCopy 2014-01-10 16:17 - 2012-08-08 12:25 - 00000000 ____D () C:\Dokumente und Einstellungen\TanzZeit\Startmenü\Programme\Dropbox 2014-01-10 16:17 - 2011-02-23 14:08 - 00000000 ___RD () C:\Dokumente und Einstellungen\TanzZeit\Startmenü\Programme\Autostart 2014-01-10 09:23 - 2013-01-14 14:51 - 00000000 ____D () C:\Programme\Mozilla Maintenance Service Some content of TEMP: ==================== C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Temp\7za.exe C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Temp\AdobeUpdater12345.exe C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Temp\avguidx.dll C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Temp\bootstrapper.exe C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Temp\CommonInstaller.exe C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Temp\conduitinstaller_econa.exe C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Temp\dotNetFx40_Client_setup.exe C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Temp\FP_PL_PFS_INSTALLER.exe C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Temp\Installer.exe C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Temp\MachineIdCreator.exe C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Temp\oi_{65921E05-63D5-42D9-9853-97AB9173127E}.exe C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Temp\PhotoScape_V3.6.2.exe C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Temp\sqlite3.exe C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Temp\ToolbarInstaller.exe C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Temp\vlc-2.0.8-win32.exe C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Temp\YontooIEClient.dll C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Temp\YontooSetup-Silent.exe ==================== Bamital & volsnap Check ================= C:\WINDOWS\explorer.exe [2008-04-15 04:00] - [2008-04-15 04:00] - 1036800 ____A (Microsoft Corporation) 418045a93cd87a352098ab7dabe1b53e C:\WINDOWS\system32\winlogon.exe [2008-04-15 04:00] - [2008-04-15 04:00] - 0513024 ____A (Microsoft Corporation) f09a527b422e25c478e38caa0e44417a C:\WINDOWS\system32\svchost.exe [2008-04-15 04:00] - [2008-04-15 04:00] - 0014336 ____A (Microsoft Corporation) 4fbc75b74479c7a6f829e0ca19df3366 C:\WINDOWS\system32\services.exe [2008-04-15 04:00] - [2009-02-09 12:21] - 0111104 ____A (Microsoft Corporation) a3edbe9053889fb24ab22492472b39dc C:\WINDOWS\system32\User32.dll [2008-04-15 04:00] - [2008-04-15 04:00] - 0580096 ____A (Microsoft Corporation) b0050cc5340e3a0760dd8b417ff7aebd C:\WINDOWS\system32\userinit.exe [2008-04-15 04:00] - [2008-04-15 04:00] - 0026624 ____A (Microsoft Corporation) 788f95312e26389d596c0fa55834e106 C:\WINDOWS\system32\rpcss.dll [2008-04-15 04:00] - [2009-02-09 11:51] - 0401408 ____A (Microsoft Corporation) 3127afbf2c1ed0ab14a1bbb7aaecb85b ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected. C:\WINDOWS\system32\Drivers\volsnap.sys [2008-04-15 04:00] - [2008-04-15 04:00] - 0053760 ____A (Microsoft Corporation) a5a712f4e880874a477af790b5186e1d ==================== End Of Log ============================ FRST additional: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 09-02-2014
Ran by TanzZeit at 2014-02-09 15:01:24
Running from C:\Dokumente und Einstellungen\TanzZeit\Eigene Dateien\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Kaspersky Internet Security (Disabled - Up to date) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security (Disabled) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
==================== Installed Programs ======================
2007 Microsoft Office Suite Service Pack 1 (SP1) (Version: - Microsoft) Hidden
Adobe Flash Player 12 Plugin (Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Flash Player ActiveX (Version: 9.0.124.0 - Adobe Systems Incorporated)
Adobe Reader 8.3.1 - Deutsch (Version: 8.3.1 - Adobe Systems Incorporated)
Apple Application Support (Version: 2.3.4 - Apple Inc.)
Apple Software Update (Version: 2.1.3.127 - Apple Inc.)
AuthenTec Fingerprint Sensor Minimum Install (Version: 7.9.0.0 - AuthenTec) Hidden
AVG Security Toolbar (Version: 17.0.0.9 - AVG Technologies)
Babylon toolbar (Version: - BabylonToolbar) <==== ATTENTION
biolsp patch (Version: 01.00.02.0005 - Wave Systems Corp) Hidden
Brother HL-4050CDN (Version: 1.00 - Brother)
CdCoverCreator 2.5.3 (Version: 2.5.3 - thyanté Software)
commercial (Version: 1.0.0 - Default Company Name)
Document Manager Lite (Version: 06.06.00.081 - Ihr Firmenname) Hidden
Dropbox (HKCU Version: 2.4.11 - Dropbox, Inc.)
EMBASSY Security Center Lite (Version: 03.06.01.000 - Ihr Firmenname) Hidden
EMBASSY Security Setup (Version: 03.06.02.003 - Ihr Firmenname) Hidden
Embassy Trust Suite - Acer Edition (Version: 06.02.03.006 - Wave Systems Corp)
ESC Home Page Plugin (Version: 03.01.00.018 - Ihr Firmenname) Hidden
ETS Upgrade (Version: 02.00.00.020 - Wave Systems Corp) Hidden
Google Chrome (HKCU Version: 32.0.1700.107 - Google Inc.)
Google Desktop (Version: 5.7.0808.07150 - Google)
Google Update Helper (Version: 1.3.22.3 - Google Inc.) Hidden
Hotfix für Windows Media Player 11 (KB939683) (Version: - Microsoft Corporation)
Hotfix für Windows XP (KB2443685) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB2570791) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB2633952) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB2756822) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB2779562) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB952287) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB961118) (Version: 1 - Microsoft Corporation)
HP Deskjet 2050 J510 series - Grundlegende Software für das Gerät (Version: 22.0.334.0 - Hewlett-Packard Co.)
HP Deskjet 2050 J510 series Hilfe (Version: 140.0.61.61 - Hewlett Packard)
HP Photo Creations (Version: 1.0.0.3341 - HP Photo Creations Powered by RocketLife)
HP Update (Version: 5.002.005.003 - Hewlett-Packard)
Iminent (Version: 6.14.22.0 - Iminent) Hidden <==== ATTENTION
Intel(R) Graphics Media Accelerator Driver (Version: - Intel Corporation)
Intel(R) Management Engine Interface (Version: - Intel Corporation)
Intel(R) Network Connections 13.1.33.0 (Version: 13.1.33.0 - Intel)
Intel® Active-Management-Technologie (Version: - Intel Corporation)
Intel® Matrix Storage Manager (Version: - Intel Corporation)
Intel® Trusted Platform Module (Version: - Intel Corporation)
IrfanView (remove only) (Version: 4.28 - Irfan Skiljan)
Java 7 Update 40 (Version: 7.0.400 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Kalender-Excel-8.9 (Version: 8.9 - MSDatec)
Kaspersky Internet Security 2013 (Version: 13.0.1.4190 - Kaspersky Lab)
Kaspersky Internet Security 2013 (Version: 13.0.1.4190 - Kaspersky Lab) Hidden
Kyocera Product Library (Version: 2.0.0713 - Kyocera Mita Corporation)
LightScribe 1.4.142.1 (Version: 1.4.142.1 - hxxp://www.lightscribe.com) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300 - Malwarebytes Corporation)
McAfee Security Scan Plus (Version: 3.8.130.10 - McAfee, Inc.)
Microsoft .NET Framework 1.1 (Version: - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 German Language Pack (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 1.1 Security Update (KB2698023) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1 - Microsoft Corporation)
Microsoft Internationalized Domain Names Mitigation APIs (Version: - Microsoft Corporation) Hidden
Microsoft National Language Support Downlevel APIs (Version: - Microsoft Corporation) Hidden
Microsoft Office 2003 Web Components (Version: 11.0.8003.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Outlook 2007 (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Outlook 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6213.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6213.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6213.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6213.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Small Business Connectivity Components (Version: 2.0.7024.0 - Microsoft Corporation)
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Software Update for Web Folders (German) 12 (Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft SQL Server Native Client (Version: 9.00.2047.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (Version: 9.00.2047.00 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (Version: - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 26.0 (x86 de) (Version: 26.0 - Mozilla)
Mozilla Maintenance Service (Version: 26.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 6.0 Parser (Version: 6.00.3883.15 - Microsoft Corporation)
NTI Backup NOW! 4.7 (Version: 1.00.0000 - NewTech Infosystems)
NTI Backup NOW! 4.7 (Version: 1.00.0000 - NewTech Infosystems) Hidden
NTI CD & DVD-Maker (Version: 7 - NewTech Infosystems)
NTI CD & DVD-Maker (Version: 7 - NewTech Infosystems) Hidden
NTRU TCG Software Stack (Version: 2.1.27 - NTRU Cryptosystems) Hidden
PDF Creator (Version: - )
PowerDVD (Version: 7.0.2802a - CyberLink Corporation)
Private Information Manager (Version: 06.01.01.001 - Ihr Firmenname) Hidden
QuickTime (Version: 7.74.80.86 - Apple Inc.)
Realtek High Definition Audio Driver (Version: 5.10.0.5648 - Realtek Semiconductor Corp.)
Secure Update (Version: 05.04.00.010 - Ihr Firmenname) Hidden
Security Wizards (Version: 01.04.00.014 - Ihr Firmenname) Hidden
Sicherheitsupdate für Microsoft Windows (KB2564958) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2482017) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2497640) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2510531) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2530548) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2544521) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2559049) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2586448) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2618444) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2647516) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2675157) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2699988) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2722913) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2744842) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2761465) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2792100) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2797052) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2799329) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2809289) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2817183) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2829530) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2838727) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2846071) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2847204) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2862772) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2870699) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2879017) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2888505) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2898785) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB971961) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB981332) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB2378111) (Version: - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Media Player (KB2834904) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB2834904-v2) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB952069) (Version: - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Media Player (KB954155) (Version: - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Media Player (KB973540) (Version: - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Media Player (KB975558) (Version: - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Media Player (KB978695) (Version: - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Media Player 11 (KB954154) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2079403) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2115168) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2121546) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2229593) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2259922) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2296011) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2347290) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2360937) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2387149) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2393802) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2412687) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2419632) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2423089) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2440591) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2443105) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2476490) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2476687) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2478960) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2478971) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2479628) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2479943) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2481109) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2483185) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2485376) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2485663) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2491683) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2503658) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2503665) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2506212) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2506223) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2507618) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2507938) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2508272) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2508429) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2509553) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2511455) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2524375) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2535512) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2536276) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2536276-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2544893) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2544893-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2555917) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2562937) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2566454) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2567053) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2567680) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2570222) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2570947) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2584146) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2585542) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2592799) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2598479) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2603381) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2618451) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2619339) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2620712) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2621440) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2624667) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2631813) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2633171) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2639417) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2641653) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2646524) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2647518) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2653956) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2655992) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2659262) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2660465) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2661637) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2676562) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2685939) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2686509) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2691442) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2695962) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2698365) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2705219) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2707511) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2709162) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2712808) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2718523) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2719985) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2723135) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2724197) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2727528) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2731847) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2753842) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2753842-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2757638) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2758857) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2761226) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2770660) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2778344) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2779030) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2780091) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2799494) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2802968) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2807986) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2808735) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2813170) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2813345) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2820197) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2820917) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2829361) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2834886) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2839229) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2845187) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2847311) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2849470) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2850851) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2850869) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2859537) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2862152) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2862330) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2862335) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2864063) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2868038) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2868626) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2876217) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2876315) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2876331) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2883150) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2892075) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2893294) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2893984) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2898715) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2900986) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2914368) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB923561) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB941569) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB946648) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB950762) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB950974) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB951376-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB951748) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB952004) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB952954) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB954459) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956572) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956744) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956802) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956803) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956844) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB958644) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB958869) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB959426) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB960803) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB960859) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB961501) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB969059) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB970430) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB971657) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB972270) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973507) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973869) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973904) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974112) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974318) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974392) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974571) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975025) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975467) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975560) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975562) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975713) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB977816) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB977914) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978338) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978542) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978601) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978706) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979309) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979482) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979687) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB980195) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB980232) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB980436) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB981322) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB981997) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB982132) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB982214) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB982665) (Version: 1 - Microsoft Corporation)
Skype™ 6.7 (Version: 6.7.102 - Skype Technologies S.A.)
Spotify (HKCU Version: 0.9.7.16.g4b197456 - Spotify AB)
TeamViewer 9 (Version: 9.0.25942 - TeamViewer)
tsp patch (Version: 01.00.00.0000 - Wave Systems Corp) Hidden
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (Version: 9.00.2047.00 - Microsoft Corporation)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1 - Microsoft Corporation)
Update für Windows Internet Explorer 8 (KB2447568) (Version: 1 - Microsoft Corporation)
Update für Windows Internet Explorer 8 (KB976662) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2141007) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2345886) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2467659) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2541763) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2607712) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2616676) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2641690) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update für Windows XP (KB2718704) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2736233) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2749655) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2863058) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2904266) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB951978) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB955759) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB967715) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB968389) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB971029) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB971737) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB973687) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB973815) (Version: 1 - Microsoft Corporation)
upekmsi (Version: 03.00.00.0000 - Wave Systems Corp) Hidden
VLC media player 2.0.8 (Version: 2.0.8 - VideoLAN)
Wave Infrastructure Installer (Version: 05.00.01.0185 - Wave Systems Corp) Hidden
Wave Support Software (Version: 05.07.01.003 - Ihr Firmenname) Hidden
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (Version: - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 7 (Version: 20070813.185237 - Microsoft Corporation) Hidden
Windows Internet Explorer 8 (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format 11 runtime (Version: - )
Windows Media Format 11 runtime (Version: - Microsoft Corporation) Hidden
Windows Media Player 11 (Version: - )
Windows Media Player 11 (Version: - Microsoft Corporation) Hidden
WinRAR 4.11 (32-Bit) (Version: 4.11.0 - win.rar GmbH)
WinZip 15.0 (Version: 15.0.9411 - WinZip Computing, S.L. )
XML Paper Specification Shared Components Pack 1.0 (Version: - Microsoft Corporation) Hidden
==================== Restore Points =========================
12-11-2013 07:58:24 Systemprüfpunkt
13-11-2013 08:34:05 Systemprüfpunkt
14-11-2013 08:43:32 Systemprüfpunkt
14-11-2013 20:33:42 Software Distribution Service 3.0
18-11-2013 11:27:01 Systemprüfpunkt
19-11-2013 14:33:56 Systemprüfpunkt
20-11-2013 15:31:00 Systemprüfpunkt
21-11-2013 15:43:26 Systemprüfpunkt
22-11-2013 16:18:03 Systemprüfpunkt
25-11-2013 08:32:16 Systemprüfpunkt
26-11-2013 11:35:27 Systemprüfpunkt
27-11-2013 12:10:01 Systemprüfpunkt
28-11-2013 12:26:00 Systemprüfpunkt
29-11-2013 13:23:58 Systemprüfpunkt
02-12-2013 12:29:59 Systemprüfpunkt
03-12-2013 12:36:36 Systemprüfpunkt
04-12-2013 13:31:41 Systemprüfpunkt
05-12-2013 13:49:53 Systemprüfpunkt
06-12-2013 14:07:26 Systemprüfpunkt
09-12-2013 11:02:44 Systemprüfpunkt
10-12-2013 11:48:55 Systemprüfpunkt
11-12-2013 14:09:04 Systemprüfpunkt
12-12-2013 14:20:54 Systemprüfpunkt
12-12-2013 18:33:10 Software Distribution Service 3.0
13-12-2013 16:06:15 Software Distribution Service 3.0
16-12-2013 12:53:01 Systemprüfpunkt
17-12-2013 13:17:59 Systemprüfpunkt
18-12-2013 14:44:52 Systemprüfpunkt
19-12-2013 15:00:41 Systemprüfpunkt
06-01-2014 13:35:58 Systemprüfpunkt
08-01-2014 09:16:14 Systemprüfpunkt
09-01-2014 10:29:25 Systemprüfpunkt
10-01-2014 16:37:01 Systemprüfpunkt
13-01-2014 12:40:56 Systemprüfpunkt
14-01-2014 14:40:28 Systemprüfpunkt
16-01-2014 13:24:20 Systemprüfpunkt
16-01-2014 21:03:09 Software Distribution Service 3.0
12-01-2014 12:17:33 Systemprüfpunkt
20-01-2014 15:21:45 Systemprüfpunkt
22-01-2014 09:49:05 Systemprüfpunkt
22-01-2014 10:31:25 First Restore Point
22-01-2014 15:15:17 First Restore Point
22-01-2014 15:16:20 First Restore Point
22-01-2014 15:17:18 First Restore Point
23-01-2014 15:31:05 Systemprüfpunkt
24-01-2014 16:08:12 Systemprüfpunkt
25-01-2014 16:35:55 Systemprüfpunkt
27-01-2014 15:51:37 Systemprüfpunkt
29-01-2014 11:20:56 Systemprüfpunkt
30-01-2014 14:36:15 Systemprüfpunkt
03-02-2014 10:01:12 Systemprüfpunkt
04-02-2014 09:18:45 Entfernt Google Earth.
04-02-2014 09:19:55 Removed Microsoft Office Outlook 2007
04-02-2014 09:28:18 Installed Microsoft Office Outlook 2007
07-02-2014 09:46:21 Systemprüfpunkt
09-02-2014 07:25:17 Systemprüfpunkt
==================== Hosts content: ==========================
2008-04-15 04:00 - 2008-04-15 04:00 - 00000820 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Programme\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\WINDOWS\TEMP\{4329D931-DDF2-4456-B3F0-332323B02D8C}.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Programme\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Programme\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3576300238-2120361324-1700292190-1008Core.job => C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3576300238-2120361324-1700292190-1008UA.job => C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{D74B1C07-CFA8-485D-AABD-998DFEB0D07B}.job => C:\WINDOWS\system32\msfeedssync.exe
==================== Loaded Modules (whitelisted) =============
2012-10-11 10:17 - 2011-10-04 21:42 - 00086016 _____ () C:\WINDOWS\system32\custmon32i.dll
2008-06-04 06:53 - 2008-06-04 06:53 - 00026624 _____ () C:\WINDOWS\system32\sst3cl3.dll
2012-08-17 21:39 - 2014-01-22 15:51 - 01310136 _____ () C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\kpcengine.2.2.dll
2007-01-08 15:39 - 2007-01-08 15:39 - 00171040 ____N () C:\Programme\CyberLink\Shared Files\RichVideo.exe
2013-09-30 09:33 - 2013-09-30 09:32 - 00159768 _____ () C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\17.0.1\loggingserver.exe
2013-09-30 09:33 - 2013-09-30 09:32 - 00519704 _____ () C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\17.0.1\log4cplusU.dll
2008-05-10 15:20 - 2008-05-10 15:20 - 00155648 _____ () C:\Programme\Wave Systems Corp\Services Manager\DocMgr\bin\ContextMenuItem.dll
2008-05-10 15:19 - 2008-05-10 15:19 - 00262144 _____ () C:\WINDOWS\system32\wxvault.dll
2012-10-10 10:14 - 2013-09-30 09:32 - 02404376 _____ () C:\Programme\AVG Secure Search\vprot.exe
2013-09-30 09:33 - 2013-09-30 09:32 - 00142360 _____ () C:\Programme\Gemeinsame Dateien\AVG Secure Search\SiteSafetyInstaller\17.0.1\SiteSafety.dll
2012-08-17 21:38 - 2012-08-17 21:38 - 00479160 _____ () C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll
2008-04-15 04:00 - 2008-04-15 04:00 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2013-10-19 00:55 - 2013-10-19 00:55 - 25100288 _____ () C:\Dokumente und Einstellungen\TanzZeit\Anwendungsdaten\Dropbox\bin\libcef.dll
2014-02-04 10:19 - 2014-02-02 00:42 - 04055368 _____ () C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\32.0.1700.107\pdf.dll
2014-02-04 10:19 - 2014-02-02 00:42 - 00399688 _____ () C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll
2014-02-04 10:19 - 2014-02-02 00:41 - 01634632 _____ () C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\32.0.1700.107\ffmpegsumo.dll
2014-02-04 10:19 - 2014-02-02 00:42 - 13616456 _____ () C:\Dokumente und Einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Dokumente und Einstellungen\TanzZeit\Desktop\2013-02-08 10.14.32.mp4:com.dropbox.attributes
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
Name: Microsoft PS/2-Maus
Description: Microsoft PS/2-Maus
Class Guid: {4D36E96F-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/25/2013 09:12:29 AM) (Source: COM+) (User: )
Description: Transaktionen, die zur Unterstützung von Transaktionskomponenten erforderlich sind, konnten von der Laufzeitumgebung nicht initialisiert werden. Stellen Sie sicher, dass MS DTC ausgeführt wird.(DtcGetTransactionManagerEx(): hr = 0x8004d027)
Error: (11/25/2013 09:12:29 AM) (Source: MSDTC Client) (User: )
Description: Fehler beim Initialisieren der benötigten Namensobjekte. Fehler: d:\comxp_sp3\com\com1x\dtc\dtc\msdtcprx\src\dtcinit.cpp:215, Pid: 3036
No Callstack,
CmdLine: C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
Error: (11/22/2013 02:14:51 PM) (Source: COM+) (User: )
Description: Transaktionen, die zur Unterstützung von Transaktionskomponenten erforderlich sind, konnten von der Laufzeitumgebung nicht initialisiert werden. Stellen Sie sicher, dass MS DTC ausgeführt wird.(DtcGetTransactionManagerEx(): hr = 0x8004d027)
Error: (11/22/2013 02:14:51 PM) (Source: MSDTC Client) (User: )
Description: Fehler beim Initialisieren der benötigten Namensobjekte. Fehler: d:\comxp_sp3\com\com1x\dtc\dtc\msdtcprx\src\dtcinit.cpp:215, Pid: 3124
No Callstack,
CmdLine: C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
Error: (11/21/2013 11:46:12 PM) (Source: Microsoft Office 12) (User: )
Description: Faulting application outlook.exe, version 12.0.4518.1014, stamp 4542840f, faulting module unknown, version 0.0.0.0, stamp 00000000, debug? 0, fault address 0x47020ed4.
Error: (11/21/2013 09:28:15 AM) (Source: COM+) (User: )
Description: Transaktionen, die zur Unterstützung von Transaktionskomponenten erforderlich sind, konnten von der Laufzeitumgebung nicht initialisiert werden. Stellen Sie sicher, dass MS DTC ausgeführt wird.(DtcGetTransactionManagerEx(): hr = 0x8004d027)
Error: (11/21/2013 09:28:15 AM) (Source: MSDTC Client) (User: )
Description: Fehler beim Initialisieren der benötigten Namensobjekte. Fehler: d:\comxp_sp3\com\com1x\dtc\dtc\msdtcprx\src\dtcinit.cpp:215, Pid: 3552
No Callstack,
CmdLine: C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
Error: (11/20/2013 09:26:43 AM) (Source: COM+) (User: )
Description: Transaktionen, die zur Unterstützung von Transaktionskomponenten erforderlich sind, konnten von der Laufzeitumgebung nicht initialisiert werden. Stellen Sie sicher, dass MS DTC ausgeführt wird.(DtcGetTransactionManagerEx(): hr = 0x8004d027)
Error: (11/20/2013 09:26:43 AM) (Source: MSDTC Client) (User: )
Description: Fehler beim Initialisieren der benötigten Namensobjekte. Fehler: d:\comxp_sp3\com\com1x\dtc\dtc\msdtcprx\src\dtcinit.cpp:215, Pid: 2960
No Callstack,
CmdLine: C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
Error: (11/19/2013 03:17:14 PM) (Source: COM+) (User: )
Description: Transaktionen, die zur Unterstützung von Transaktionskomponenten erforderlich sind, konnten von der Laufzeitumgebung nicht initialisiert werden. Stellen Sie sicher, dass MS DTC ausgeführt wird.(DtcGetTransactionManagerEx(): hr = 0x8004d027)
System errors:
=============
Error: (11/04/2013 09:28:10 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "eLock2FSCTLDriver" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (11/04/2013 09:28:10 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "eLock2BurnerLockDriver" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (11/03/2013 11:40:37 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "eLock2FSCTLDriver" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (11/03/2013 11:40:37 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "eLock2BurnerLockDriver" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (11/01/2013 09:34:24 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "eLock2FSCTLDriver" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (11/01/2013 09:34:24 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "eLock2BurnerLockDriver" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (10/31/2013 11:19:43 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "eLock2FSCTLDriver" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (10/31/2013 11:19:43 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "eLock2BurnerLockDriver" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (10/31/2013 11:57:39 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "eLock2FSCTLDriver" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (10/31/2013 11:57:39 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "eLock2BurnerLockDriver" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Microsoft Office Sessions:
=========================
Error: (02/07/2014 02:25:37 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 5 seconds with 0 seconds of active time. This session ended with a crash.
Error: (02/07/2014 02:25:13 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 23 seconds with 0 seconds of active time. This session ended with a crash.
Error: (02/07/2014 01:24:40 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 18 seconds with 0 seconds of active time. This session ended with a crash.
Error: (02/04/2014 05:18:45 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 48 seconds with 0 seconds of active time. This session ended with a crash.
Error: (02/04/2014 02:38:25 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 46 seconds with 0 seconds of active time. This session ended with a crash.
Error: (02/04/2014 02:37:35 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 51 seconds with 0 seconds of active time. This session ended with a crash.
Error: (02/04/2014 01:30:47 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 37 seconds with 0 seconds of active time. This session ended with a crash.
Error: (02/04/2014 01:30:07 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 37 seconds with 0 seconds of active time. This session ended with a crash.
Error: (02/04/2014 01:29:27 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 65 seconds with 0 seconds of active time. This session ended with a crash.
Error: (02/04/2014 01:13:05 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 20 seconds with 0 seconds of active time. This session ended with a crash.
==================== Memory info ===========================
Percentage of memory in use: 45%
Total physical RAM: 3021.06 MB
Available physical RAM: 1631.98 MB
Total Pagefile: 4901.38 MB
Available Pagefile: 3545.85 MB
Total Virtual: 2047.88 MB
Available Virtual: 1922.13 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:298.09 GB) (Free:169.67 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive n: (Acer) (Network) (Total:298.09 GB) (Free:169.67 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298 GB) (Disk ID: B83C7B69)
Partition 1: (Active) - (Size=298 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-02-09 17:33:45
Windows 5.1.2600 Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 Intel___ rev.1.0. 298,09GB
Running: Gmer-19357.exe; Driver: C:\DOKUME~1\TanzZeit\LOKALE~1\Temp\pwporaod.sys
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
Disk \Device\Harddisk0\DR0 malicious Win32:MBRoot code @ sector 625136713 !
---- EOF - GMER 2.1 ----
 |
|
09.02.2014, 18:10
| #2 |
| /// the machine /// TB-Ausbilder    | Hilfe! Malware/Backdoor gefunden & Outlook stürzt nach Start ab hi,
__________________Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
09.02.2014, 18:25
| #3 |
| | Hilfe! Malware/Backdoor gefunden & Outlook stürzt nach Start ab Moin Schrauber,
__________________und danke für die flinke Antwort. Anweisung befolgt, Log siehe weiter unten. Vorab: Nach dem starten von TDSSKiller wurde aufgefordert eine aktuellere Version runterzuladen, wurde gemacht. Bei den Optionen des TDSSKiller war bei mir noch ein weiterer Punkt aufgeführt als in Eurer Anleitung: "Use KSN to scan objects", siehe Anhang. Ich hab den aktiviert gelassen, dies als Info. TDSSKiller: Code:
ATTFilter 18:13:39.0343 0x165c TDSS rootkit removing tool 3.0.0.22 Feb 3 2014 16:45:35
18:13:50.0484 0x165c ============================================================
18:13:50.0484 0x165c Current date / time: 2014/02/09 18:13:50.0484
18:13:50.0484 0x165c SystemInfo:
18:13:50.0484 0x165c
18:13:50.0484 0x165c OS Version: 5.1.2600 ServicePack: 3.0
18:13:50.0484 0x165c Product type: Workstation
18:13:50.0484 0x165c ComputerName: ACER-62802DF1A0
18:13:50.0484 0x165c UserName: TanzZeit
18:13:50.0484 0x165c Windows directory: C:\WINDOWS
18:13:50.0484 0x165c System windows directory: C:\WINDOWS
18:13:50.0484 0x165c Processor architecture: Intel x86
18:13:50.0484 0x165c Number of processors: 2
18:13:50.0484 0x165c Page size: 0x1000
18:13:50.0484 0x165c Boot type: Normal boot
18:13:50.0484 0x165c ============================================================
18:13:55.0156 0x165c KLMD registered as C:\WINDOWS\system32\drivers\54469495.sys
18:13:55.0375 0x165c System UUID: {93E65690-67EB-868B-50E0-6184CC58553B}
18:13:55.0875 0x165c Drive \Device\Harddisk0\DR0 - Size: 0x4A85B00000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:13:55.0890 0x165c Drive \Device\Harddisk1\DR2 - Size: 0x3BB3FFE00 (14.93 Gb), SectorSize: 0x200, Cylinders: 0x79C, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:13:55.0890 0x165c ============================================================
18:13:55.0890 0x165c \Device\Harddisk0\DR0:
18:13:55.0890 0x165c MBR partitions:
18:13:55.0890 0x165c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2542D407
18:13:55.0890 0x165c \Device\Harddisk1\DR2:
18:13:55.0890 0x165c GPT partitions:
18:13:55.0890 0x165c \Device\Harddisk1\DR2\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {970BC5AE-5058-41F6-A1FC-52AA01740B54}, Name: primary, StartLBA 0x800, BlocksNum 0xAB8FFF
18:13:55.0890 0x165c \Device\Harddisk1\DR2\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {0E7984D1-4758-4E4B-909B-85AC9E2A9FC5}, Name: primary, StartLBA 0xAB97FF, BlocksNum 0x300000
18:13:55.0890 0x165c \Device\Harddisk1\DR2\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {40B96404-516E-4864-BBF1-D6E2B1D8119F}, Name: primary, StartLBA 0xDB97FF, BlocksNum 0x1000000
18:13:55.0890 0x165c \Device\Harddisk1\DR2\Partition4: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {B99B4EEC-4F8D-4D3A-81E4-828E08E8D2E0}, Name: primary, StartLBA 0x1DB97FF, BlocksNum 0x20000
18:13:55.0890 0x165c MBR partitions:
18:13:55.0890 0x165c ============================================================
18:13:55.0953 0x165c C: <-> \Device\Harddisk0\DR0\Partition1
18:13:55.0953 0x165c ============================================================
18:13:55.0953 0x165c Initialize success
18:13:55.0953 0x165c ============================================================
18:15:50.0843 0x105c ============================================================
18:15:50.0843 0x105c Scan started
18:15:50.0843 0x105c Mode: Manual; SigCheck; TDLFS;
18:15:50.0843 0x105c ============================================================
18:15:50.0843 0x105c KSN ping started
18:16:05.0218 0x105c KSN ping finished: true
18:16:05.0421 0x105c ================ Scan system memory ========================
18:16:05.0421 0x105c System memory - ok
18:16:05.0421 0x105c ================ Scan services =============================
18:16:05.0687 0x105c Abiosdsk - ok
18:16:05.0687 0x105c abp480n5 - ok
18:16:05.0734 0x105c [ AC407F1A62C3A300B4F2B5A9F1D55B2C, 31F5FC61B37E22100B3A52A590295A7E827FFC581FA9960C64B9032452AAECED ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
18:16:07.0187 0x105c ACPI - ok
18:16:07.0281 0x105c [ 9E1CA3160DAFB159CA14F83B1E317F75, 13B3E897B0E819BF734449416D9EC6EBCAC89538EC69BF48C068593B82D57004 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
18:16:07.0375 0x105c ACPIEC - ok
18:16:07.0453 0x105c [ C8C6C0D659734FDBF63F6F421A5416BC, 11C452D77D0A8A5E430D0D0C9949797FFC03D2E3DADB8FBB9B63EDA868AFF83C ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:16:07.0468 0x105c AdobeFlashPlayerUpdateSvc - ok
18:16:07.0468 0x105c adpu160m - ok
18:16:07.0515 0x105c [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
18:16:07.0609 0x105c aec - ok
18:16:07.0656 0x105c [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys
18:16:07.0765 0x105c AFD - ok
18:16:07.0765 0x105c Aha154x - ok
18:16:07.0765 0x105c aic78u2 - ok
18:16:07.0765 0x105c aic78xx - ok
18:16:07.0828 0x105c [ 738D80CC01D7BC7584BE917B7F544394, DCC17AAEF5CDDF52FAAC3CC6904EF421CD595F66318A2370BEE261D5C3A8E340 ] Alerter C:\WINDOWS\system32\alrsvc.dll
18:16:07.0921 0x105c Alerter - ok
18:16:07.0953 0x105c [ 190CD73D4984F94D823F9444980513E5, 93A32C2495CCA094F768BA707C74DA5C00B8A88A9236DD1A297439A7C2E6C6FA ] ALG C:\WINDOWS\System32\alg.exe
18:16:08.0062 0x105c ALG - ok
18:16:08.0062 0x105c AliIde - ok
18:16:08.0062 0x105c amsint - ok
18:16:08.0093 0x105c [ D45960BE52C3C610D361977057F98C54, 9186589B502F46B47672CFB8EBD558D51B0F3CBFE4E0DDBA625A4265236518CE ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
18:16:08.0156 0x105c AppMgmt - ok
18:16:08.0156 0x105c asc - ok
18:16:08.0156 0x105c asc3350p - ok
18:16:08.0171 0x105c asc3550 - ok
18:16:08.0281 0x105c [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
18:16:08.0296 0x105c aspnet_state - ok
18:16:08.0312 0x105c [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:16:08.0390 0x105c AsyncMac - ok
18:16:08.0406 0x105c [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
18:16:08.0484 0x105c atapi - ok
18:16:08.0484 0x105c Atdisk - ok
18:16:08.0515 0x105c [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
18:16:08.0578 0x105c Atmarpc - ok
18:16:08.0625 0x105c [ 58ED0D5452DF7BE732193E7999C6B9A4, 254E2ECF592DDA2E3E6CA9F6F3E77926E2265586A7937BA95199ED47BCDE69A3 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
18:16:08.0703 0x105c AudioSrv - ok
18:16:08.0734 0x105c [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
18:16:08.0812 0x105c audstub - ok
18:16:08.0843 0x105c [ 15ACA2AD17ACECA4814F249783E63AD3, AB8E74A5B8FC2FD04BA2B495610A8BE76408E9362A447D7069D5AAB8F3512F33 ] avgtp C:\WINDOWS\system32\drivers\avgtpx86.sys
18:16:08.0859 0x105c avgtp - ok
18:16:08.0953 0x105c AVP - ok
18:16:08.0968 0x105c [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
18:16:09.0031 0x105c Beep - ok
18:16:09.0093 0x105c [ D6F603772A789BB3228F310D650B8BD1, A539025C70FD998A9B8703DE05CAE5E99BC721D8852EA561EBC2DD20CB371D2E ] BITS C:\WINDOWS\system32\qmgr.dll
18:16:09.0203 0x105c BITS - ok
18:16:09.0250 0x105c [ B71549F23736ADF83A571061C47777FD, A1D0320736EE777030A543DCA086367EB5A5B6F95088B9C22D8E09326C3A39A9 ] Browser C:\WINDOWS\System32\browser.dll
18:16:09.0328 0x105c Browser - ok
18:16:09.0375 0x105c [ 2FE6D5BE0629F706197B30C0AA05DE30, 528ED3AA8129FDD6C8EF698E5ECE9BB93C0249CF0200115F13B36410A353F353 ] BrPar C:\WINDOWS\System32\drivers\BrPar.sys
18:16:09.0406 0x105c BrPar - detected UnsignedFile.Multi.Generic ( 1 )
18:16:11.0828 0x105c Detect skipped due to KSN trusted
18:16:11.0828 0x105c BrPar - ok
18:16:11.0843 0x105c [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
18:16:11.0906 0x105c cbidf2k - ok
18:16:11.0906 0x105c cd20xrnt - ok
18:16:11.0921 0x105c [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
18:16:11.0984 0x105c Cdaudio - ok
18:16:12.0015 0x105c [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
18:16:12.0078 0x105c Cdfs - ok
18:16:12.0093 0x105c [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
18:16:12.0187 0x105c Cdrom - ok
18:16:12.0187 0x105c Changer - ok
18:16:12.0203 0x105c [ 28E3040D1F1CA2008CD6B29DFEBC9A5E, ACB458E8A11AA2143734A5A0281973D95158E6402A6453F98F9832D1E19B01F9 ] CiSvc C:\WINDOWS\system32\cisvc.exe
18:16:12.0281 0x105c CiSvc - ok
18:16:12.0296 0x105c [ 778A30ED3C134EB7E406AFC407E9997D, 3E6AD115AB2596EB001BC21AEADDBC75F27C42DB90C986B7AD17743CE631234E ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
18:16:12.0375 0x105c ClipSrv - ok
18:16:12.0421 0x105c [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:16:12.0437 0x105c clr_optimization_v2.0.50727_32 - ok
18:16:12.0531 0x105c [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:16:12.0546 0x105c clr_optimization_v4.0.30319_32 - ok
18:16:12.0546 0x105c CmdIde - ok
18:16:12.0562 0x105c COMSysApp - ok
18:16:12.0562 0x105c Cpqarray - ok
18:16:12.0609 0x105c [ 611F824E5C703A5A899F84C5F1699E4D, 9EFA5612FE58E9974E4CC13D39D91D7B5DEA3ED66BEFBED3AAE6D2800FD8162A ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
18:16:12.0703 0x105c CryptSvc - ok
18:16:12.0703 0x105c dac2w2k - ok
18:16:12.0718 0x105c dac960nt - ok
18:16:12.0812 0x105c [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
18:16:12.0859 0x105c DcomLaunch - ok
18:16:12.0906 0x105c [ C29A1C9B75BA38FA37F8C44405DEC360, 7476D8BC4380CDE56764B2034AF3741DA4ED00F315E41C9A02B5EAD04374F241 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
18:16:13.0015 0x105c Dhcp - ok
18:16:13.0046 0x105c [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
18:16:13.0125 0x105c Disk - ok
18:16:13.0125 0x105c dmadmin - ok
18:16:13.0156 0x105c [ 0DCFC8395A99FECBB1EF771CEC7FE4EA, 89B0AEE5BE01B9FE4FF2989FF16DB6121721ACDFCE6D9655C0ACD321D8C308BE ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
18:16:13.0296 0x105c dmboot - ok
18:16:13.0328 0x105c [ 53720AB12B48719D00E327DA470A619A, 800264866A6267C9000A85D00095D57908D059D737E5F28C9C4049B884C46228 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
18:16:13.0406 0x105c dmio - ok
18:16:13.0406 0x105c [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
18:16:13.0500 0x105c dmload - ok
18:16:13.0500 0x105c [ 25C83FFBBA13B554EB6D59A9B2E2EE78, 9FBD655ED3E9163AE11EC207F283E387EFBA5A23108EC790BAE4846B35E66F16 ] dmserver C:\WINDOWS\System32\dmserver.dll
18:16:13.0562 0x105c dmserver - ok
18:16:13.0593 0x105c [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
18:16:13.0671 0x105c DMusic - ok
18:16:13.0718 0x105c [ 407F3227AC618FD1CA54B335B083DE07, 96B8E734648FE9A4EBA59C096C8779BD1A11A93A6303AFD438A406C8122D36C6 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
18:16:13.0750 0x105c Dnscache - ok
18:16:13.0781 0x105c [ 676E36C4FF5BCEA1900F44182B9723E6, 740CF18BD40E00FEA26CF0E6340C5D18F7D0B4390055FAEEC258B3AA790C4AE9 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
18:16:13.0859 0x105c Dot3svc - ok
18:16:13.0875 0x105c dpti2o - ok
18:16:13.0906 0x105c [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
18:16:13.0968 0x105c drmkaud - ok
18:16:14.0000 0x105c [ D60759140694150360BBEFD9CAB7C920, EDD0630640842BA55B3537C14CD79B5A6A34C40EAD1B0159992F1750A8313455 ] e1kexpress C:\WINDOWS\system32\DRIVERS\e1k5132.sys
18:16:14.0015 0x105c e1kexpress - ok
18:16:14.0046 0x105c [ 4E4F2FDDAB0A0736D7671134DCCE91FB, 8E2C57D1A006856C47CBDD5765A9DD317DB205B26DA8BFC70555A506257A1CD9 ] EapHost C:\WINDOWS\System32\eapsvc.dll
18:16:14.0109 0x105c EapHost - ok
18:16:14.0109 0x105c eLock2BurnerLockDriver - ok
18:16:14.0109 0x105c eLock2FSCTLDriver - ok
18:16:14.0140 0x105c [ 877C18558D70587AA7823A1A308AC96B, 6B336A62112988D855513F45153F73F8470C41A448E9B7438B4A8EC1813AABF1 ] ERSvc C:\WINDOWS\System32\ersvc.dll
18:16:14.0218 0x105c ERSvc - ok
18:16:14.0265 0x105c [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] Eventlog C:\WINDOWS\system32\services.exe
18:16:14.0281 0x105c Eventlog - ok
18:16:14.0296 0x105c [ AF4F6B5739D18CA7972AB53E091CBC74, A399E2CC026730D3A429727AAB48093B9F1E5DD8EB6336519C7F16182FDB3905 ] EventSystem C:\WINDOWS\system32\es.dll
18:16:14.0343 0x105c EventSystem - ok
18:16:14.0375 0x105c [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
18:16:14.0468 0x105c Fastfat - ok
18:16:14.0500 0x105c [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
18:16:14.0546 0x105c FastUserSwitchingCompatibility - ok
18:16:14.0593 0x105c [ 08B8B302AF0D1B3B8543429BBAC8F21F, F3370FE5C4BECB16F0668E6605792EF8096FE06A79D8234E3D6E1B584F2D4E5A ] Fax C:\WINDOWS\system32\fxssvc.exe
18:16:14.0671 0x105c Fax - ok
18:16:14.0703 0x105c [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
18:16:14.0765 0x105c Fdc - ok
18:16:14.0796 0x105c [ B0678A548587C5F1967B0D70BACAD6C1, 7E49910212ED87313F926E4800EA8D34809C287A686CA69B82B79C1A6451F88C ] Fips C:\WINDOWS\system32\drivers\Fips.sys
18:16:14.0859 0x105c Fips - ok
18:16:14.0890 0x105c [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
18:16:14.0984 0x105c Flpydisk - ok
18:16:15.0015 0x105c [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
18:16:15.0078 0x105c FltMgr - ok
18:16:15.0140 0x105c [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
18:16:15.0156 0x105c FontCache3.0.0.0 - ok
18:16:15.0187 0x105c [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:16:15.0296 0x105c Fs_Rec - ok
18:16:15.0312 0x105c [ 8F1955CE42E1484714B542F341647778, 8EB3F99625F409D3032561E8AB44BEFBFBFBA4EC873C2151C92A5CAAF7F2AA55 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
18:16:15.0390 0x105c Ftdisk - ok
18:16:15.0515 0x105c [ 2101F77D1E6E1B7CDB01E5958FCB36BD, D2D368D6B8486C25562B7BA751C5CF2E28AE17F892647778413E6C92528E4B71 ] GoogleDesktopManager-080708-050100 C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe
18:16:15.0531 0x105c GoogleDesktopManager-080708-050100 - detected UnsignedFile.Multi.Generic ( 1 )
18:16:17.0937 0x105c Detect skipped due to KSN trusted
18:16:17.0937 0x105c GoogleDesktopManager-080708-050100 - ok
18:16:17.0984 0x105c [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
18:16:18.0062 0x105c Gpc - ok
18:16:18.0109 0x105c [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate C:\Programme\Google\Update\GoogleUpdate.exe
18:16:18.0125 0x105c gupdate - ok
18:16:18.0140 0x105c [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe
18:16:18.0156 0x105c gupdatem - ok
18:16:18.0171 0x105c [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
18:16:18.0265 0x105c HDAudBus - ok
18:16:18.0281 0x105c [ E4A123AD734A3731D29EBD3A01B3E535, 39B2B3EA68974C75007BEAA73AD95C937673A8896A1510DC5ED1F4878EF9F65E ] HECI C:\WINDOWS\system32\DRIVERS\HECI.sys
18:16:18.0328 0x105c HECI - ok
18:16:18.0375 0x105c [ CB66BF85BF599BEFD6C6A57C2E20357F, 55D3A0F9279FF316766F42548FCB61C452942B08A37590C4892DF110BE4E53C6 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
18:16:18.0468 0x105c helpsvc - ok
18:16:18.0484 0x105c [ B35DA85E60C0103F2E4104532DA2F12B, E13C9F73DF7713554CB614B36123D75014F5121AA1FC9069733E61758751CBE4 ] HidServ C:\WINDOWS\System32\hidserv.dll
18:16:18.0546 0x105c HidServ - ok
18:16:18.0578 0x105c [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
18:16:18.0656 0x105c hidusb - ok
18:16:18.0687 0x105c [ ED29F14101523A6E0E808107405D452C, B8FA987637787BEECC2EB06D36293DAC355523392B49A8C5A9491EEE961917E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
18:16:18.0750 0x105c hkmsvc - ok
18:16:18.0750 0x105c hpn - ok
18:16:18.0843 0x105c [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
18:16:18.0890 0x105c HTTP - ok
18:16:18.0921 0x105c [ 9E4ADB854CEBCFB81A4B36718FEECD16, 677AB64460775686F8366D6BF35D420A2486C3F07338A00A7C2788A5142B9F08 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
18:16:19.0000 0x105c HTTPFilter - ok
18:16:19.0015 0x105c i2omgmt - ok
18:16:19.0015 0x105c i2omp - ok
18:16:19.0031 0x105c [ E283B97CFBEB86C1D86BAED5F7846A92, 7664F791D08C80DF1E52B34BE69F073AA645610C4BD975F498254807602374AB ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
18:16:19.0125 0x105c i8042prt - ok
18:16:19.0250 0x105c [ 3E42C4691AAD4B1E8D0466F9CBF05CBE, 8F53A86B97A25CE92D6A3EB9720F86308252C5B7A4BC62218FF8788229B132B8 ] IAANTMON C:\Programme\Intel\Intel Matrix Storage Manager\IAANTMon.exe
18:16:19.0265 0x105c IAANTMON - ok
18:16:19.0515 0x105c [ 1312E0141A7BD409AFADD52FA565927E, A25B81AFA771CD2E46261CF954329383340BCCBB780CCD5A0C86B1B41A51152B ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
18:16:19.0859 0x105c ialm - ok
18:16:19.0937 0x105c [ 707C1692214B1C290271067197F075F6, 7D0DB754604AABC4AA09AB8BA94326B1A1C2A76F3C2C2C7D6FA14F964BE68A51 ] iaStor C:\WINDOWS\system32\drivers\iaStor.sys
18:16:19.0953 0x105c iaStor - ok
18:16:20.0000 0x105c [ DAF66902F08796F9C694901660E5A64A, F4A4764DED05980426BAB54AAF040BC27A39C80315F5161E8D0B4C7F694BD8E6 ] IDriverT C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe
18:16:20.0015 0x105c IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
18:16:22.0437 0x105c Detect skipped due to KSN trusted
18:16:22.0437 0x105c IDriverT - ok
18:16:22.0500 0x105c [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:16:22.0593 0x105c idsvc - ok
18:16:22.0609 0x105c [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
18:16:22.0687 0x105c Imapi - ok
18:16:22.0781 0x105c [ D4B413AA210C21E46AEDD2BA5B68D38E, 2309622867AA8FC832A729FA78F48742D4BD6CA0DAFBFB9DDB0772D671E1ED75 ] ImapiService C:\WINDOWS\system32\imapi.exe
18:16:22.0906 0x105c ImapiService - ok
18:16:22.0906 0x105c ini910u - ok
18:16:23.0093 0x105c [ 06AE6FA81E2AB6C4DF6ED1B2E7E95B4D, DD6092CDC45869937C7A7FFFC5AE05FC7ED03A61034C37A8A4F3EED1A8B53A93 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
18:16:23.0312 0x105c IntcAzAudAddService - ok
18:16:23.0343 0x105c [ 64C301D73DB18EBDC8680CA82D82AF2D, 1C0619E006E441EA588E0F0986CD85B7CDDD99CA59B4EB8E709A9C09CA4FF7C8 ] IntcHdmiAddService C:\WINDOWS\system32\drivers\IntcHdmi.sys
18:16:23.0390 0x105c IntcHdmiAddService - ok
18:16:23.0390 0x105c IntelIde - ok
18:16:23.0421 0x105c [ 4C7D2750158ED6E7AD642D97BFFAE351, C05E4799752F090DCB632F07F62ADE38D31534621064D269AD535CA0BDFED448 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
18:16:23.0484 0x105c intelppm - ok
18:16:23.0515 0x105c [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
18:16:23.0578 0x105c Ip6Fw - ok
18:16:23.0593 0x105c [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:16:23.0656 0x105c IpFilterDriver - ok
18:16:23.0687 0x105c [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
18:16:23.0750 0x105c IpInIp - ok
18:16:23.0843 0x105c [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
18:16:23.0937 0x105c IpNat - ok
18:16:23.0968 0x105c [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
18:16:24.0046 0x105c IPSec - ok
18:16:24.0062 0x105c [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
18:16:24.0140 0x105c IRENUM - ok
18:16:24.0171 0x105c [ 6DFB88F64135C525433E87648BDA30DE, 8233EEFBEF36AAA152F2C55D23D7118F0DE40C9C22EB5D9793405A4770889540 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
18:16:24.0250 0x105c isapnp - ok
18:16:24.0359 0x105c [ A5937B2A94424CF1B13A4AD503AF6B2E, E96CE4E526E053FB410987BD444627BC7B26FCE48DC0A61916ADD0A69EFA6941 ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe
18:16:24.0375 0x105c JavaQuickStarterService - ok
18:16:24.0375 0x105c [ 1704D8C4C8807B889E43C649B478A452, E854C90CD301F42BE2520CEDAD35E49DF2D43606CF4EEED861B74882118D04D1 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
18:16:24.0468 0x105c Kbdclass - ok
18:16:24.0484 0x105c [ B6D6C117D771C98130497265F26D1882, E79CC4EA5C088F988BA61F80764F9CAD9B78BC56A7E17DD54622C75483BC5DF4 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
18:16:24.0562 0x105c kbdhid - ok
18:16:24.0609 0x105c [ 871C226234A48C24DFE7478F36C0050C, 657CAB49387E0E40311D4DEC93D9860B2DAC2C05F223698CFA2F9BB50B5F3022 ] KL1 C:\WINDOWS\system32\DRIVERS\kl1.sys
18:16:24.0625 0x105c KL1 - ok
18:16:24.0687 0x105c [ 2ECDD644A261423EF0F3424434DBAD0E, 113BA917EFBED5D78C0F411FD43EC6B2DC065A73B7BB7B22E81481CFC67C2A40 ] KLIF C:\WINDOWS\system32\DRIVERS\klif.sys
18:16:24.0718 0x105c KLIF - ok
18:16:24.0781 0x105c [ 05E5504E5E06F75F18BBEA7291601FE2, 6A874BA7ACC57F817C9FA48D8320A1914BF197DBA288FC5C302AE26B447CE68B ] klim5 C:\WINDOWS\system32\DRIVERS\klim5.sys
18:16:24.0781 0x105c klim5 - ok
18:16:24.0812 0x105c [ E46C091AE3B8CEDD234DA57020870A0A, 8929707859ED3860B17EFB0551CA4E5F69580A095B1A9C0AF10C6CF98858730C ] klkbdflt C:\WINDOWS\system32\DRIVERS\klkbdflt.sys
18:16:24.0828 0x105c klkbdflt - ok
18:16:24.0843 0x105c [ 480E19A71C6EDE70B7536E96B223CE1F, B9C5E76F68B2DAB0DC9F6DB080D3E785D18AA86ADB2AB0F497B68A58222CF59C ] klmouflt C:\WINDOWS\system32\DRIVERS\klmouflt.sys
18:16:24.0859 0x105c klmouflt - ok
18:16:24.0875 0x105c [ 8FD802F86D4AB3FB329B8E51517BFF2A, 321750DC0C664FE5580C855D7B70AC74753DDD881F0C4482A2B4505BB2D88345 ] kltdi C:\WINDOWS\system32\DRIVERS\kltdi.sys
18:16:24.0890 0x105c kltdi - ok
18:16:24.0953 0x105c [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
18:16:25.0031 0x105c kmixer - ok
18:16:25.0062 0x105c [ 8F932DF10408BCABA2FCF6163C843F8E, 26BB4E2A2562CF6C687EC9F61C7B3C80992C1D57C47BBAEA8ED2AB6643A91C0E ] kneps C:\WINDOWS\system32\DRIVERS\kneps.sys
18:16:25.0078 0x105c kneps - ok
18:16:25.0093 0x105c [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
18:16:25.0140 0x105c KSecDD - ok
18:16:25.0187 0x105c [ 2BBDCB79900990F0716DFCB714E72DE7, 6283789201164A9254632D9A3C8A54FE697717D5F8D5A37804D924DC2B70C8E3 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
18:16:25.0250 0x105c LanmanServer - ok
18:16:25.0296 0x105c [ 1869B14B06B44B44AF70548E1EA3303F, 4D63B4DAF580C86F86837C7D1753E2105B4C52E26D4CA0CAAFE83755EFF7AFBE ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
18:16:25.0343 0x105c lanmanworkstation - ok
18:16:25.0343 0x105c lbrtfdc - ok
18:16:25.0390 0x105c [ 793FF718477345CD5D232C50BED1E452, 1D39CF9F10742C79FF99B9B4E0361EAEA63B4FC545C58B54B55537D18C802941 ] LightScribeService C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
18:16:25.0421 0x105c LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
18:16:27.0828 0x105c Detect skipped due to KSN trusted
18:16:27.0828 0x105c LightScribeService - ok
18:16:27.0890 0x105c [ 636714B7D43C8D0C80449123FD266920, F06F6C7DC49B26EFCAC3570C67BA9BD934F62C6F382DA4DD2AB302C7B970F414 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
18:16:27.0968 0x105c LmHosts - ok
18:16:28.0000 0x105c [ CA8E887D035ED9C8AD1032A7AFDD8CD6, 74F8DD3ECC5A8B82C5420EB9644A610EF8FA20FFFC0517C9B29EF6798FD4B240 ] LMS C:\Programme\Intel\AMT\LMS.exe
18:16:28.0031 0x105c LMS - ok
18:16:28.0078 0x105c [ B7550A7107281D170CE85524B1488C98, A3854B16A65436BEF6BEDE918B43B3BE8F00D303660DB5831DD376271DC43239 ] Messenger C:\WINDOWS\System32\msgsvc.dll
18:16:28.0140 0x105c Messenger - ok
18:16:28.0187 0x105c [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
18:16:28.0250 0x105c mnmdd - ok
18:16:28.0281 0x105c [ C2F1D365FD96791B037EE504868065D3, 87BD87E08FD00D115524B049F1A3A719AB86557D68968E7090CD0F271F985CAF ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
18:16:28.0375 0x105c mnmsrvc - ok
18:16:28.0375 0x105c [ 6FB74EBD4EC57A6F1781DE3852CC3362, 0454509D9A31E0202C08AE17294E2682F227D177A3C73B303E4C8332757AFCA1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
18:16:28.0437 0x105c Modem - ok
18:16:28.0468 0x105c [ B24CE8005DEAB254C0251E15CB71D802, 6804A8ABDAD5EC846E7F8077D1EE9BA45D6226ACFF42C70BE3DE7C8980EF9EC4 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
18:16:28.0531 0x105c Mouclass - ok
18:16:28.0546 0x105c [ 66A6F73C74E1791464160A7065CE711A, 3C570FA1E8EF976B83759220FE95BAC9D7D48D607F91B113EDE4790D34ACBD46 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
18:16:28.0625 0x105c mouhid - ok
18:16:28.0687 0x105c [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
18:16:28.0750 0x105c MountMgr - ok
18:16:28.0906 0x105c [ 3B9398E0146855B1DC0E3D9769C80F01, DF69DB5CA30A5577648635C27DD468AF98515D07DF379B3FFDCC6B40744EDE66 ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
18:16:28.0921 0x105c MozillaMaintenance - ok
18:16:28.0921 0x105c mraid35x - ok
18:16:28.0953 0x105c [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
18:16:29.0031 0x105c MRxDAV - ok
18:16:29.0062 0x105c [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:16:29.0156 0x105c MRxSmb - ok
18:16:29.0187 0x105c [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
18:16:29.0265 0x105c Msfs - ok
18:16:29.0281 0x105c MSIServer - ok
18:16:29.0296 0x105c [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:16:29.0375 0x105c MSKSSRV - ok
18:16:29.0390 0x105c [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:16:29.0468 0x105c MSPCLOCK - ok
18:16:29.0484 0x105c [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
18:16:29.0562 0x105c MSPQM - ok
18:16:29.0578 0x105c [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
18:16:29.0640 0x105c mssmbios - ok
18:16:29.0703 0x105c [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
18:16:29.0765 0x105c Mup - ok
18:16:29.0796 0x105c [ 03CA886BA148B6B9996BE1368DDC3FC0, 0EA78CB430FBF8EF4C9F3D1EADF2B057939081B1367BC6610E918FA3C6D8920C ] NAL C:\WINDOWS\system32\Drivers\iqvw32.sys
18:16:29.0796 0x105c NAL - ok
18:16:29.0875 0x105c [ 46BB15AE2AC7D025D6D2567B876817BD, 102A101B96D1078C98FA0F871C801A9A8538E20E5686AB0C7680B2F6C92B3165 ] napagent C:\WINDOWS\System32\qagentrt.dll
18:16:29.0984 0x105c napagent - ok
18:16:30.0031 0x105c [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
18:16:30.0093 0x105c NDIS - ok
18:16:30.0156 0x105c [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:16:30.0218 0x105c NdisTapi - ok
18:16:30.0281 0x105c [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:16:30.0359 0x105c Ndisuio - ok
18:16:30.0375 0x105c [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:16:30.0437 0x105c NdisWan - ok
18:16:30.0468 0x105c [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
18:16:30.0546 0x105c NDProxy - ok
18:16:30.0562 0x105c [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
18:16:30.0640 0x105c NetBIOS - ok
18:16:30.0703 0x105c [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
18:16:30.0796 0x105c NetBT - ok
18:16:30.0843 0x105c [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDE C:\WINDOWS\system32\netdde.exe
18:16:30.0921 0x105c NetDDE - ok
18:16:30.0921 0x105c [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
18:16:30.0984 0x105c NetDDEdsdm - ok
18:16:31.0031 0x105c [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] Netlogon C:\WINDOWS\system32\lsass.exe
18:16:31.0109 0x105c Netlogon - ok
18:16:31.0187 0x105c [ E6D88F1F6745BF00B57E7855A2AB696C, 12A5EDD853600FF5EBF91E127077745AE1E61E66DBC1D4D4306570F171AF4A39 ] Netman C:\WINDOWS\System32\netman.dll
18:16:31.0296 0x105c Netman - ok
18:16:31.0312 0x105c [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:16:31.0328 0x105c NetTcpPortSharing - ok
18:16:31.0375 0x105c [ F1B67B6B0751AE0E6E964B02821206A3, 3D5A7593ABDEE2047C5738671C85DC8B95A4ECF58D5D7B04EEE13A689839A540 ] Nla C:\WINDOWS\System32\mswsock.dll
18:16:31.0421 0x105c Nla - ok
18:16:31.0453 0x105c [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
18:16:31.0515 0x105c Npfs - ok
18:16:31.0531 0x105c [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
18:16:31.0640 0x105c Ntfs - ok
18:16:31.0671 0x105c [ 7F1C1F78D709C4A54CBB46EDE7E0B48D, 52135D41983A9E9E1DCA250A63017076AE22AA06D77CCF2E5EF41154F958584A ] NTIDrvr C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys
18:16:31.0687 0x105c NTIDrvr - detected UnsignedFile.Multi.Generic ( 1 )
18:16:34.0109 0x105c Detect skipped due to KSN trusted
18:16:34.0109 0x105c NTIDrvr - ok
18:16:34.0109 0x105c [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
18:16:34.0171 0x105c NtLmSsp - ok
18:16:34.0203 0x105c [ 56AF4064996FA5BAC9C449B1514B4770, 154602EFEC22728503D4ABA025DF711B0F2CFC983F5E3BF25F2A4BCD1AE250EC ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
18:16:34.0281 0x105c NtmsSvc - ok
18:16:34.0312 0x105c [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
18:16:34.0375 0x105c Null - ok
18:16:34.0390 0x105c [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
18:16:34.0468 0x105c NwlnkFlt - ok
18:16:34.0484 0x105c [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
18:16:34.0546 0x105c NwlnkFwd - ok
18:16:34.0703 0x105c [ 84DE1DD996B48B05ACE31AD015FA108A, 4B9D1E4EF83ECED6C77F23D9879C124534F7053D7423E3A2D0F67A4A720CEA94 ] odserv C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE
18:16:34.0734 0x105c odserv - ok
18:16:34.0796 0x105c [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
18:16:34.0828 0x105c ose - ok
18:16:34.0875 0x105c [ F84785660305B9B903FB3BCA8BA29837, BDBDE61076800415D98759077E9E039C80B55DBE68E31F8BF44A909C6C3D3276 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
18:16:34.0968 0x105c Parport - ok
18:16:35.0000 0x105c [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
18:16:35.0078 0x105c PartMgr - ok
18:16:35.0109 0x105c [ C2BF987829099A3EAA2CA6A0A90ECB4F, 1DF21EA8E43875CFEECD869407429F82FB449707CFB845718499468E699BAAAA ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
18:16:35.0187 0x105c ParVdm - ok
18:16:35.0203 0x105c [ 387E8DEDC343AA2D1EFBC30580273ACD, 5F3E642BDB759777E570ED5B22AC7E93CDCD362708F281657AD7BAB44EDEC802 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
18:16:35.0312 0x105c PCI - ok
18:16:35.0312 0x105c PCIDump - ok
18:16:35.0312 0x105c [ 59BA86D9A61CBCF4DF8E598C331F5B82, 822D11C5CE77BFD7B2F25350CCBF92B0B9388EEA6D86ED220B768C720976D839 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
18:16:35.0390 0x105c PCIIde - ok
18:16:35.0406 0x105c [ A2A966B77D61847D61A3051DF87C8C97, 6CED7CA26DC62B0AAFC83A2E07336DAD25954491201BB8E06103971F3F0B8B51 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
18:16:35.0500 0x105c Pcmcia - ok
18:16:35.0500 0x105c PDCOMP - ok
18:16:35.0500 0x105c PDFRAME - ok
18:16:35.0500 0x105c PDRELI - ok
18:16:35.0500 0x105c PDRFRAME - ok
18:16:35.0515 0x105c perc2 - ok
18:16:35.0515 0x105c perc2hib - ok
18:16:35.0546 0x105c [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] PlugPlay C:\WINDOWS\system32\services.exe
18:16:35.0562 0x105c PlugPlay - ok
18:16:35.0578 0x105c [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
18:16:35.0640 0x105c PolicyAgent - ok
18:16:35.0671 0x105c [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:16:35.0734 0x105c PptpMiniport - ok
18:16:35.0750 0x105c [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
18:16:35.0812 0x105c ProtectedStorage - ok
18:16:35.0812 0x105c [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
18:16:35.0875 0x105c PSched - ok
18:16:35.0875 0x105c psdfilter - ok
18:16:35.0875 0x105c psdvdisk - ok
18:16:35.0875 0x105c [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
18:16:35.0968 0x105c Ptilink - ok
18:16:35.0968 0x105c ql1080 - ok
18:16:35.0968 0x105c Ql10wnt - ok
18:16:35.0968 0x105c ql12160 - ok
18:16:35.0968 0x105c ql1240 - ok
18:16:35.0968 0x105c ql1280 - ok
18:16:36.0000 0x105c [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:16:36.0078 0x105c RasAcd - ok
18:16:36.0093 0x105c [ F5BA6CACCDB66C8F048E867563203246, AFEAD8FC02313F7EBC8F9F39E7ED2868852B480BE3902FA7BD0AFD81492AB243 ] RasAuto C:\WINDOWS\System32\rasauto.dll
18:16:36.0171 0x105c RasAuto - ok
18:16:36.0187 0x105c [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:16:36.0265 0x105c Rasl2tp - ok
18:16:36.0296 0x105c [ F9A7B66EA345726EDB5862A46B1ECCD5, 5D35429D394D36A1692A7E219BA1A85CD8096FEAE0F90BFE036A63118FEDBF57 ] RasMan C:\WINDOWS\System32\rasmans.dll
18:16:36.0375 0x105c RasMan - ok
18:16:36.0406 0x105c [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:16:36.0468 0x105c RasPppoe - ok
18:16:36.0468 0x105c [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
18:16:36.0531 0x105c Raspti - ok
18:16:36.0546 0x105c [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:16:36.0640 0x105c Rdbss - ok
18:16:36.0656 0x105c [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
18:16:36.0718 0x105c RDPCDD - ok
18:16:36.0750 0x105c [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
18:16:36.0812 0x105c rdpdr - ok
18:16:36.0859 0x105c [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
18:16:36.0906 0x105c RDPWD - ok
18:16:36.0937 0x105c [ 263AF18AF0F3DB99F574C95F284CCEC9, 2BFA9952E97EFEB386FC56EC2C125080CD12DAC078DBE43C395CB4D9F22165D3 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
18:16:37.0031 0x105c RDSessMgr - ok
18:16:37.0062 0x105c [ ED761D453856F795A7FE056E42C36365, EF026585B33415D8FCE94A9F27D7A4396C7C35C88E06A4CF0FEA702401E8597A ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
18:16:37.0125 0x105c redbook - ok
18:16:37.0156 0x105c [ 0E97EC96D6942CEEC2D188CC2EB69A01, D4253B4420BEF19451A55AB91E4834482181A31A31134F6E2AFE05C8E20C81A5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
18:16:37.0218 0x105c RemoteAccess - ok
18:16:37.0250 0x105c [ E4CD1F3D84E1C2CA0B8CF7501E201593, 649CC0B04F94D407EB6B4C7FDE2C6E4D2B1531307BC67C5775E44D66EF2E4F8A ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
18:16:37.0359 0x105c RemoteRegistry - ok
18:16:37.0406 0x105c [ 2AF094B1CE4725E4551F38FDA2348637, 80CB4987B3C3A66CC233738653A878A93783C1513C4898E0A475EB2101845DD4 ] RichVideo C:\Programme\CyberLink\Shared Files\RichVideo.exe
18:16:37.0421 0x105c RichVideo - detected UnsignedFile.Multi.Generic ( 1 )
18:16:39.0828 0x105c Detect skipped due to KSN trusted
18:16:39.0828 0x105c RichVideo - ok
18:16:39.0875 0x105c [ 2A02E21867497DF20B8FC95631395169, D89E2D17ED4E1C727847C0E92D2DF68AEB70BF0B956BD2FE024ED70A961759D2 ] RpcLocator C:\WINDOWS\system32\locator.exe
18:16:39.0953 0x105c RpcLocator - ok
18:16:40.0000 0x105c [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] RpcSs C:\WINDOWS\system32\rpcss.dll
18:16:40.0031 0x105c RpcSs - ok
18:16:40.0093 0x105c [ 4BDD71B4B521521499DFD14735C4F398, 7B1498D3C67E56D05B58B7DA319ECB0117C37963AABB0E59B42831C087469DA1 ] RSVP C:\WINDOWS\system32\rsvp.exe
18:16:40.0171 0x105c RSVP - ok
18:16:40.0203 0x105c [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] SamSs C:\WINDOWS\system32\lsass.exe
18:16:40.0265 0x105c SamSs - ok
18:16:40.0281 0x105c [ DCEC079FAD95D36C8DD5CB6D779DFE32, F8546552D939A225853A0CE4913701A93738DF02C999D16E141E9A828814BBC6 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
18:16:40.0359 0x105c SCardSvr - ok
18:16:40.0390 0x105c [ A050194A44D7FA8D7186ED2F4E8367AE, BCDF56D5A2F9E202DC67E7FE4BCC617BCC0BDFF2D221A621020068B17B2855BB ] Schedule C:\WINDOWS\system32\schedsvc.dll
18:16:40.0484 0x105c Schedule - ok
18:16:40.0515 0x105c [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
18:16:40.0578 0x105c Secdrv - ok
18:16:40.0625 0x105c [ BEE4CFD1D48C23B44CF4B974B0B79B2B, DF3B02D713F8A4602BE75F004074D5DF79AFF2D58FF37110B2A6AC29F680758B ] seclogon C:\WINDOWS\System32\seclogon.dll
18:16:40.0687 0x105c seclogon - ok
18:16:40.0796 0x105c [ FB8D34963EE4D7F8C061DFFC593F0EE1, 32EA16F7BAE52BE000263CD9D3A8CAFF392055CEE57D9732C1CEF86E2D24EA92 ] SecureStorageService C:\Programme\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe
18:16:40.0828 0x105c SecureStorageService - detected UnsignedFile.Multi.Generic ( 1 )
18:16:43.0234 0x105c Detect skipped due to KSN trusted
18:16:43.0234 0x105c SecureStorageService - ok
18:16:43.0265 0x105c [ 2AAC9B6ED9EDDFFB721D6452E34D67E3, 95D83F054A6610328D56E56CD948A6618C590231853E56FC20E7557DB61384A4 ] SENS C:\WINDOWS\system32\sens.dll
18:16:43.0343 0x105c SENS - ok
18:16:43.0375 0x105c [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
18:16:43.0453 0x105c serenum - ok
18:16:43.0484 0x105c [ CF24EB4F0412C82BCD1F4F35A025E31D, B74CB094126F5C23F601C34D53B2DF5BE3E5918230AC9DCFCFFA8E66B3A0FA25 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
18:16:43.0562 0x105c Serial - ok
18:16:43.0593 0x105c [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
18:16:43.0687 0x105c Sfloppy - ok
18:16:43.0765 0x105c [ CAD058D5F8B889A87CA3EB3CF624DCEF, A7CDCF44261D1F4D820927253EA8EBB63714B7BAFF8B08DE073507D9A7EEA5BB ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
18:16:43.0843 0x105c SharedAccess - ok
18:16:43.0890 0x105c [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
18:16:43.0906 0x105c ShellHWDetection - ok
18:16:43.0906 0x105c Simbad - ok
18:16:43.0937 0x105c [ 004179B6C039D39B71FBE3D07C5DFE79, 4B4FCD4F33D81AF6A787DD0F1DED84874961D3488A8E2B0BF1D4D1A9EFDD25BC ] SkypeUpdate C:\Programme\Skype\Updater\Updater.exe
18:16:43.0953 0x105c SkypeUpdate - ok
18:16:43.0953 0x105c Sparrow - ok
18:16:44.0000 0x105c [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
18:16:44.0078 0x105c splitter - ok
18:16:44.0109 0x105c [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe
18:16:44.0187 0x105c Spooler - ok
18:16:44.0234 0x105c [ 9263C8898732E2B890F7E954E7729AB7, DEBFD81E702893427972A6565A9AAA54A09B9F7F30CA9391011C6F7FB758A3F4 ] SQLWriter C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe
18:16:44.0250 0x105c SQLWriter - ok
18:16:44.0281 0x105c [ 50FA898F8C032796D3B1B9951BB5A90F, 1C86273EC19EB96D6DB9CE6670C00683B77C99C42CC2F7E75BC50872B93446B1 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
18:16:44.0375 0x105c sr - ok
18:16:44.0390 0x105c [ FE77A85495065F3AD59C5C65B6C54182, EB4BAF992F961B2FD5D24BFCB6BCB2142BC32933139A818835FEAB190E4283BB ] srservice C:\WINDOWS\system32\srsvc.dll
18:16:44.0468 0x105c srservice - ok
18:16:44.0500 0x105c [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
18:16:44.0562 0x105c Srv - ok
18:16:44.0578 0x105c [ 4DF5B05DFAEC29E13E1ED6F6EE12C500, 2971D7D45D6942D310D47DBD19B9680D2D29527E79B86133C72217FD29259465 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
18:16:44.0656 0x105c SSDPSRV - ok
18:16:44.0703 0x105c [ BC2C5985611C5356B24AEB370953DED9, 15CBAB8166827DC098E2B16AB6F49A1441A4CB52AF3588F0AD964CAB596DFE10 ] stisvc C:\WINDOWS\system32\wiaservc.dll
18:16:44.0765 0x105c stisvc - ok
18:16:44.0812 0x105c [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
18:16:44.0875 0x105c swenum - ok
18:16:44.0921 0x105c [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
18:16:45.0000 0x105c swmidi - ok
18:16:45.0000 0x105c SwPrv - ok
18:16:45.0015 0x105c symc810 - ok
18:16:45.0015 0x105c symc8xx - ok
18:16:45.0015 0x105c sym_hi - ok
18:16:45.0015 0x105c sym_u3 - ok
18:16:45.0046 0x105c [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
18:16:45.0125 0x105c sysaudio - ok
18:16:45.0156 0x105c [ 2903FFFA2523926D6219428040DCE6B9, 4F13181931B0499F6C3F08138054DBCD1F84CB9806999A9172B80DE79D446F62 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
18:16:45.0234 0x105c SysmonLog - ok
18:16:45.0296 0x105c [ 05903CAC4B98908D55EA5774775B382E, AC3666CBD894D737874A5998DC7F46A0A51A7B23B1835FC735B9AD503A2191CC ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
18:16:45.0390 0x105c TapiSrv - ok
18:16:45.0437 0x105c [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:16:45.0484 0x105c Tcpip - ok
18:16:45.0593 0x105c [ BA9202E263A6FC1FFD7889FEA186A2C4, 8085E1F5144F8E54EDBA283E3BACCFDC2D560B9BFBCC5C2BD0143E1A17646DAA ] tcsd_win32.exe C:\Programme\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
18:16:45.0703 0x105c tcsd_win32.exe - detected UnsignedFile.Multi.Generic ( 1 )
18:16:48.0125 0x105c Detect skipped due to KSN trusted
18:16:48.0125 0x105c tcsd_win32.exe - ok
18:16:48.0140 0x105c [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
18:16:48.0203 0x105c TDPIPE - ok
18:16:48.0218 0x105c [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
18:16:48.0296 0x105c TDTCP - ok
18:16:48.0593 0x105c [ C32E6295D7D024B2302EFF1A7FEFD720, A9E5C78FD8765367863FFCA4954E52EEC77BE4956A6910CD09BBBF9D5BC96D4E ] TeamViewer9 C:\Programme\TeamViewer\Version9\TeamViewer_Service.exe
18:16:48.0765 0x105c TeamViewer9 - ok
18:16:48.0796 0x105c [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
18:16:48.0875 0x105c TermDD - ok
18:16:48.0906 0x105c [ B7DE02C863D8F5A005A7BF375375A6A4, 6DE05A7B28CA5A78D58536347FC47F15883EEDBEF487CEA0117CC280FC582DCC ] TermService C:\WINDOWS\System32\termsrv.dll
18:16:48.0984 0x105c TermService - ok
18:16:49.0015 0x105c [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] Themes C:\WINDOWS\System32\shsvcs.dll
18:16:49.0031 0x105c Themes - ok
18:16:49.0062 0x105c [ 03681A1CE77F51586903869A5AB1DEAB, E2EC0A481412166B654682C2F3D953E96E757466135CBD2D813B967EDB13C721 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
18:16:49.0140 0x105c TlntSvr - ok
18:16:49.0140 0x105c TosIde - ok
18:16:49.0171 0x105c [ 298572A7E0D5A63A90E134BB34CCACEB, 4B368C9DC7DC3F64884DA11F3F2E82C908EE909A35B3292D0AAE0DE98DB34D70 ] tpm C:\WINDOWS\system32\DRIVERS\tpm.sys
18:16:49.0203 0x105c tpm - detected UnsignedFile.Multi.Generic ( 1 )
18:16:51.0625 0x105c Detect skipped due to KSN trusted
18:16:51.0625 0x105c tpm - ok
18:16:51.0656 0x105c [ 626504572B175867F30F3215C04B3E2F, 47E87CE9BC666D5CB5953C5D497DC00A7CC28F8EC0A064B3E47700279C5C4B91 ] TrkWks C:\WINDOWS\system32\trkwks.dll
18:16:51.0750 0x105c TrkWks - ok
18:16:51.0796 0x105c [ E0C67BE430C6DE490D6CCAECFA071F9E, 831858F9A07122FBE513FC56D79F39F973FC9BA757D509C113AA975DE8A70EE5 ] UBHelper C:\WINDOWS\system32\drivers\UBHelper.sys
18:16:51.0796 0x105c UBHelper - detected UnsignedFile.Multi.Generic ( 1 )
18:16:54.0218 0x105c Detect skipped due to KSN trusted
18:16:54.0218 0x105c UBHelper - ok
18:16:54.0234 0x105c [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
18:16:54.0312 0x105c Udfs - ok
18:16:54.0312 0x105c ultra - ok
18:16:54.0421 0x105c [ 22C01FC9E65070514FEDC846D51B2E53, 9329CBB1E6950DF0C9CC5E385636E99D797257A21823961F8FA408ECBEAD2297 ] UNS C:\Programme\Gemeinsame Dateien\Intel\Privacy Icon\UNS\UNS.exe
18:16:54.0546 0x105c UNS - ok
18:16:54.0593 0x105c [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
18:16:54.0671 0x105c Update - ok
18:16:54.0703 0x105c [ 1DFD8975D8C89214B98D9387C1125B49, 0B6B268487C8E45E9B86BF4A0A9DB669E0E45D600DE3C82B63F9986CA9E01082 ] upnphost C:\WINDOWS\System32\upnphost.dll
18:16:54.0781 0x105c upnphost - ok
18:16:54.0812 0x105c [ 9B11E6118958E63E1FEF129466E2BDA7, 97168BCE3F4A9BB9E6500F05E34851FB957B219C598944FADC28AC0011C0503B ] UPS C:\WINDOWS\System32\ups.exe
18:16:54.0890 0x105c UPS - ok
18:16:54.0921 0x105c [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
18:16:54.0984 0x105c usbccgp - ok
18:16:55.0000 0x105c [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
18:16:55.0015 0x105c usbehci - ok
18:16:55.0031 0x105c [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
18:16:55.0125 0x105c usbhub - ok
18:16:55.0156 0x105c [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
18:16:55.0234 0x105c usbprint - ok
18:16:55.0265 0x105c [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
18:16:55.0296 0x105c usbscan - ok
18:16:55.0328 0x105c [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
18:16:55.0406 0x105c USBSTOR - ok
18:16:55.0421 0x105c [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
18:16:55.0515 0x105c usbuhci - ok
18:16:55.0562 0x105c [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
18:16:55.0625 0x105c VgaSave - ok
18:16:55.0625 0x105c ViaIde - ok
18:16:55.0640 0x105c [ A5A712F4E880874A477AF790B5186E1D, FE885ED04C3EAFC379787F836738A2769E43D07CF52DD917D90C38E001957A5E ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
18:16:55.0703 0x105c VolSnap - ok
18:16:55.0765 0x105c [ 68F106273BE29E7B7EF8266977268E78, 1488AB7A654EBC94C73E1D494067189ACB95BC233980110CAC4C0297CDC4115A ] VSS C:\WINDOWS\System32\vssvc.exe
18:16:55.0843 0x105c VSS - ok
18:16:56.0031 0x105c [ 3456619FC9CF2941084809B5D9E955BB, AF1CF7C4C35AC75E55CC4F2C23525B99E989202B3212B6590F4E003C874A2B03 ] vToolbarUpdater17.0.1 C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\17.0.1\ToolbarUpdater.exe
18:16:56.0203 0x105c vToolbarUpdater17.0.1 - ok
18:16:56.0281 0x105c [ 7B353059E665F8B7AD2BBEAEF597CF45, 84A4311F18A4B8DCB364741DEA7D18E2363F19564B2EF25214965DC729527068 ] W32Time C:\WINDOWS\system32\w32time.dll
18:16:56.0343 0x105c W32Time - ok
18:16:56.0343 0x105c [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:16:56.0437 0x105c Wanarp - ok
18:16:56.0437 0x105c Wave UCSPlus - ok
18:16:56.0468 0x105c [ 2C88100C5691C1E283E283553BEE2729, D84FD669F758F73AA26B1A6962AA4347A10A8CC0638FEE5F30FDAACD2FE09F92 ] WaveEnrollmentService C:\Programme\Wave Systems Corp\Authentication Manager\WaveEnrollmentService.exe
18:16:56.0484 0x105c WaveEnrollmentService - detected UnsignedFile.Multi.Generic ( 1 )
18:16:58.0906 0x105c Detect skipped due to KSN trusted
18:16:58.0906 0x105c WaveEnrollmentService - ok
18:16:58.0953 0x105c [ 8D08539A4B17A0CFEF623CCB7AFB70D3, 2CADF8AA856F5B98D4F1262839507C1D4A2A5972C1A5FF099D77D6492D6F0F3B ] WavxDMgr C:\WINDOWS\system32\DRIVERS\WavxDMgr.sys
18:16:58.0968 0x105c WavxDMgr - ok
18:16:58.0968 0x105c WDICA - ok
18:16:58.0984 0x105c [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
18:16:59.0062 0x105c wdmaud - ok
18:16:59.0093 0x105c [ 81727C9873E3905A2FFC1EBD07265002, 6AC2383A1DCBB7FA3DB90FBB874C8E1819F5B7492717FF41E303EFC7BF72F93E ] WebClient C:\WINDOWS\System32\webclnt.dll
18:16:59.0187 0x105c WebClient - ok
18:16:59.0296 0x105c [ 6F3F3973D97714CC5F906A19FE883729, 7817118BE94D0F6FAE0F9CE48AD70FFE0AEF886CCE09C666768FAB61047F992F ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
18:16:59.0390 0x105c winmgmt - ok
18:16:59.0421 0x105c [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
18:16:59.0468 0x105c WmdmPmSN - ok
18:16:59.0515 0x105c [ FFA4D901D46D07A5BAB2D8307FBB51A6, 53C6D04D111EDF774C7F7EEB8D032B372E6244774D56B1B34CF1236027EC9450 ] Wmi C:\WINDOWS\System32\advapi32.dll
18:16:59.0593 0x105c Wmi - ok
18:16:59.0609 0x105c [ C42584FD66CE9E17403AEBCA199F7BDB, E3F2E1066F36AE5D33D4482239B2E556BE0C137923C9A120DFB36EC82F2E77B0 ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
18:16:59.0671 0x105c WmiAcpi - ok
18:16:59.0718 0x105c [ 93908111BA57A6E60EC2FA2DE202105C, F395F25F18D15C6B9FEDB45FD31E10295FFE5517E2BC86ACAC11904EA0664BE2 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
18:16:59.0828 0x105c WmiApSrv - ok
18:16:59.0921 0x105c [ BF05650BB7DF5E9EBDD25974E22403BB, AF173D89B768CFC7AB03DFADD4F049CAC40AC59A0C9208AF5AB92CB368983077 ] WMPNetworkSvc C:\Programme\Windows Media Player\WMPNetwk.exe
18:16:59.0984 0x105c WMPNetworkSvc - ok
18:17:00.0015 0x105c [ CF4DEF1BF66F06964DC0D91844239104, CC1D9CECE2056D29A9651D51BB57C3F4F9BF9E90A4808CF7496C683C874FBD51 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
18:17:00.0031 0x105c WpdUsb - ok
18:17:00.0109 0x105c [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
18:17:00.0187 0x105c WPFFontCache_v0400 - ok
18:17:00.0234 0x105c [ 300B3E84FAF1A5C1F791C159BA28035D, 0194856BDF94C1F274AF70AD558290ACDACDDEA331BD66FEB8E167ABD1E36786 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
18:17:00.0343 0x105c wscsvc - ok
18:17:00.0390 0x105c [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085, A1DB8909FA73337DB613D01824945485186654364A4DF129B8CB913CF87D1D2E ] wuauserv C:\WINDOWS\system32\wuauserv.dll
18:17:00.0468 0x105c wuauserv - ok
18:17:00.0515 0x105c [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
18:17:00.0546 0x105c WudfPf - ok
18:17:00.0562 0x105c [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
18:17:00.0578 0x105c WudfRd - ok
18:17:00.0593 0x105c [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
18:17:00.0640 0x105c WudfSvc - ok
18:17:00.0671 0x105c [ C4F109C005F6725162D2D12CA751E4A7, AC996B44338328BDD4442FE48406F286A64526F0EC77BE00A19FA7FDB0407CFE ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
18:17:00.0781 0x105c WZCSVC - ok
18:17:00.0828 0x105c [ 0ADA34871A2E1CD2CAAFED1237A47750, 45BEF8649078BD74C1A347B5F2D3A1958E5A7DCD6C6BA8A2E0CAD277A929C64E ] xmlprov C:\WINDOWS\System32\xmlprov.dll
18:17:00.0906 0x105c xmlprov - ok
18:17:00.0906 0x105c ================ Scan global ===============================
18:17:00.0953 0x105c [ 2C60091CA5F67C3032EAB3B30390C27F, 9E205C8E67F4B61FCFA2A82AA1968D522C3B6410D7075BE813F7F1564D61632E ] C:\WINDOWS\system32\basesrv.dll
18:17:01.0015 0x105c [ E62178BC21EAC63A3B9A2DBD46C1B505, CAA5480CC4DAA37758F0CF445F865FD6F4630080B044EF2E606C2F62DAA4061A ] C:\WINDOWS\system32\winsrv.dll
18:17:01.0031 0x105c [ E62178BC21EAC63A3B9A2DBD46C1B505, CAA5480CC4DAA37758F0CF445F865FD6F4630080B044EF2E606C2F62DAA4061A ] C:\WINDOWS\system32\winsrv.dll
18:17:01.0046 0x105c [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] C:\WINDOWS\system32\services.exe
18:17:01.0046 0x105c [ Global ] - ok
18:17:01.0046 0x105c ================ Scan MBR ==================================
18:17:01.0078 0x105c [ BEEDF9B7F43A72A91456F7131AFC11B2 ] \Device\Harddisk0\DR0
18:17:01.0421 0x105c \Device\Harddisk0\DR0 - ok
18:17:01.0421 0x105c [ F120205471A79E72E8C3F099A8E368F1 ] \Device\Harddisk1\DR2
18:17:01.0515 0x105c \Device\Harddisk1\DR2 - ok
18:17:01.0515 0x105c ================ Scan VBR ==================================
18:17:01.0515 0x105c [ 8103BEF32C9DB3714583420008773047 ] \Device\Harddisk0\DR0\Partition1
18:17:01.0515 0x105c \Device\Harddisk0\DR0\Partition1 - ok
18:17:01.0515 0x105c [ 772A88EB299E7F89D235268EF1C56F09 ] \Device\Harddisk1\DR2\Partition1
18:17:01.0515 0x105c \Device\Harddisk1\DR2\Partition1 - ok
18:17:01.0531 0x105c [ 1D2A7E4F6D5A05CD187EAFA47FAE5A54 ] \Device\Harddisk1\DR2\Partition2
18:17:01.0531 0x105c \Device\Harddisk1\DR2\Partition2 - ok
18:17:01.0531 0x105c [ F1F36C44F68957970569C1A4D1079D50 ] \Device\Harddisk1\DR2\Partition3
18:17:01.0531 0x105c \Device\Harddisk1\DR2\Partition3 - ok
18:17:01.0531 0x105c [ 367FF8BE969D86CE7B800022CB293DA3 ] \Device\Harddisk1\DR2\Partition4
18:17:01.0531 0x105c \Device\Harddisk1\DR2\Partition4 - ok
18:17:01.0531 0x105c Waiting for KSN requests completion. In queue: 37
18:17:02.0531 0x105c Waiting for KSN requests completion. In queue: 37
18:17:03.0531 0x105c Waiting for KSN requests completion. In queue: 37
18:17:04.0578 0x105c AV detected via SS1: Kaspersky Internet Security, 13.0.1.4190, enabled, updated
18:17:04.0578 0x105c FW detected via SS1: Kaspersky Internet Security, 13.0.1.4190, enabled
18:17:18.0921 0x105c ============================================================
18:17:18.0921 0x105c Scan finished
18:17:18.0921 0x105c ============================================================
18:17:18.0937 0x1058 Detected object count: 0
18:17:18.0937 0x1058 Actual detected object count: 0
|
|
09.02.2014, 18:38
| #4 |
| | Hilfe! Malware/Backdoor gefunden & Outlook stürzt nach Start ab Hab einen weiteren Scan durchführen lassen, ohne diese (für mich) ominöse Option. Nun findet er einiges: Hier sind die Logs von beiden Scans enthalten (sorry teil des ersten Logs musste ich löschen, weil Post zu lang): Code:
ATTFilter 18:13:39.0343 0x165c TDSS rootkit removing tool 3.0.0.22 Feb 3 2014 16:45:35
18:13:50.0484 0x165c ============================================================
18:13:50.0484 0x165c Current date / time: 2014/02/09 18:13:50.0484
18:13:50.0484 0x165c SystemInfo:
18:13:50.0484 0x165c
18:13:50.0484 0x165c OS Version: 5.1.2600 ServicePack: 3.0
18:13:50.0484 0x165c Product type: Workstation
18:13:50.0484 0x165c ComputerName: ACER-62802DF1A0
18:13:50.0484 0x165c UserName: TanzZeit
18:13:50.0484 0x165c Windows directory: C:\WINDOWS
18:13:50.0484 0x165c System windows directory: C:\WINDOWS
18:13:50.0484 0x165c Processor architecture: Intel x86
18:13:50.0484 0x165c Number of processors: 2
18:13:50.0484 0x165c Page size: 0x1000
18:13:50.0484 0x165c Boot type: Normal boot
18:13:50.0484 0x165c ============================================================
18:13:55.0156 0x165c KLMD registered as C:\WINDOWS\system32\drivers\54469495.sys
18:13:55.0375 0x165c System UUID: {93E65690-67EB-868B-50E0-6184CC58553B}
18:13:55.0875 0x165c Drive \Device\Harddisk0\DR0 - Size: 0x4A85B00000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:13:55.0890 0x165c Drive \Device\Harddisk1\DR2 - Size: 0x3BB3FFE00 (14.93 Gb), SectorSize: 0x200, Cylinders: 0x79C, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:13:55.0890 0x165c ============================================================
18:13:55.0890 0x165c \Device\Harddisk0\DR0:
18:13:55.0890 0x165c MBR partitions:
18:13:55.0890 0x165c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2542D407
18:13:55.0890 0x165c \Device\Harddisk1\DR2:
18:13:55.0890 0x165c GPT partitions:
18:13:55.0890 0x165c \Device\Harddisk1\DR2\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {970BC5AE-5058-41F6-A1FC-52AA01740B54}, Name: primary, StartLBA 0x800, BlocksNum 0xAB8FFF
18:13:55.0890 0x165c \Device\Harddisk1\DR2\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {0E7984D1-4758-4E4B-909B-85AC9E2A9FC5}, Name: primary, StartLBA 0xAB97FF, BlocksNum 0x300000
18:13:55.0890 0x165c \Device\Harddisk1\DR2\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {40B96404-516E-4864-BBF1-D6E2B1D8119F}, Name: primary, StartLBA 0xDB97FF, BlocksNum 0x1000000
18:13:55.0890 0x165c \Device\Harddisk1\DR2\Partition4: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {B99B4EEC-4F8D-4D3A-81E4-828E08E8D2E0}, Name: primary, StartLBA 0x1DB97FF, BlocksNum 0x20000
18:13:55.0890 0x165c MBR partitions:
18:13:55.0890 0x165c ============================================================
18:13:55.0953 0x165c C: <-> \Device\Harddisk0\DR0\Partition1
18:13:55.0953 0x165c ============================================================
18:13:55.0953 0x165c Initialize success
18:13:55.0953 0x165c ============================================================
18:15:50.0843 0x105c ============================================================
18:15:50.0843 0x105c Scan started
18:15:50.0843 0x105c Mode: Manual; SigCheck; TDLFS;
18:15:50.0843 0x105c ============================================================
...
!!!hier wurde einiges gelöscht!!!
...
============================================================
18:17:18.0921 0x105c Scan finished
18:17:18.0921 0x105c ============================================================
18:17:18.0937 0x1058 Detected object count: 0
18:17:18.0937 0x1058 Actual detected object count: 0
18:26:23.0750 0x16ac ============================================================
18:26:23.0750 0x16ac Scan started
18:26:23.0750 0x16ac Mode: Manual; SigCheck; TDLFS;
18:26:23.0750 0x16ac ============================================================
18:26:23.0750 0x16ac KSN ping started
18:26:37.0109 0x16ac KSN ping finished: true
18:26:37.0265 0x16ac ================ Scan system memory ========================
18:26:37.0265 0x16ac System memory - ok
18:26:37.0265 0x16ac ================ Scan services =============================
18:26:37.0593 0x16ac Abiosdsk - ok
18:26:37.0593 0x16ac abp480n5 - ok
18:26:37.0625 0x16ac [ AC407F1A62C3A300B4F2B5A9F1D55B2C, 31F5FC61B37E22100B3A52A590295A7E827FFC581FA9960C64B9032452AAECED ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
18:26:37.0843 0x16ac ACPI - ok
18:26:37.0875 0x16ac [ 9E1CA3160DAFB159CA14F83B1E317F75, 13B3E897B0E819BF734449416D9EC6EBCAC89538EC69BF48C068593B82D57004 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
18:26:37.0937 0x16ac ACPIEC - ok
18:26:37.0984 0x16ac [ C8C6C0D659734FDBF63F6F421A5416BC, 11C452D77D0A8A5E430D0D0C9949797FFC03D2E3DADB8FBB9B63EDA868AFF83C ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:26:38.0000 0x16ac AdobeFlashPlayerUpdateSvc - ok
18:26:38.0000 0x16ac adpu160m - ok
18:26:38.0046 0x16ac [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
18:26:38.0125 0x16ac aec - ok
18:26:38.0171 0x16ac [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys
18:26:38.0218 0x16ac AFD - ok
18:26:38.0218 0x16ac Aha154x - ok
18:26:38.0234 0x16ac aic78u2 - ok
18:26:38.0234 0x16ac aic78xx - ok
18:26:38.0250 0x16ac [ 738D80CC01D7BC7584BE917B7F544394, DCC17AAEF5CDDF52FAAC3CC6904EF421CD595F66318A2370BEE261D5C3A8E340 ] Alerter C:\WINDOWS\system32\alrsvc.dll
18:26:38.0328 0x16ac Alerter - ok
18:26:38.0359 0x16ac [ 190CD73D4984F94D823F9444980513E5, 93A32C2495CCA094F768BA707C74DA5C00B8A88A9236DD1A297439A7C2E6C6FA ] ALG C:\WINDOWS\System32\alg.exe
18:26:38.0437 0x16ac ALG - ok
18:26:38.0437 0x16ac AliIde - ok
18:26:38.0453 0x16ac amsint - ok
18:26:38.0468 0x16ac [ D45960BE52C3C610D361977057F98C54, 9186589B502F46B47672CFB8EBD558D51B0F3CBFE4E0DDBA625A4265236518CE ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
18:26:38.0531 0x16ac AppMgmt - ok
18:26:38.0531 0x16ac asc - ok
18:26:38.0531 0x16ac asc3350p - ok
18:26:38.0546 0x16ac asc3550 - ok
18:26:38.0671 0x16ac [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
18:26:38.0687 0x16ac aspnet_state - ok
18:26:38.0703 0x16ac [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:26:38.0765 0x16ac AsyncMac - ok
18:26:38.0796 0x16ac [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
18:26:38.0843 0x16ac atapi - ok
18:26:38.0859 0x16ac Atdisk - ok
18:26:38.0875 0x16ac [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
18:26:38.0937 0x16ac Atmarpc - ok
18:26:38.0984 0x16ac [ 58ED0D5452DF7BE732193E7999C6B9A4, 254E2ECF592DDA2E3E6CA9F6F3E77926E2265586A7937BA95199ED47BCDE69A3 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
18:26:39.0062 0x16ac AudioSrv - ok
18:26:39.0093 0x16ac [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
18:26:39.0156 0x16ac audstub - ok
18:26:39.0203 0x16ac [ 15ACA2AD17ACECA4814F249783E63AD3, AB8E74A5B8FC2FD04BA2B495610A8BE76408E9362A447D7069D5AAB8F3512F33 ] avgtp C:\WINDOWS\system32\drivers\avgtpx86.sys
18:26:39.0218 0x16ac avgtp - ok
18:26:39.0359 0x16ac AVP - ok
18:26:39.0375 0x16ac [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
18:26:39.0437 0x16ac Beep - ok
18:26:39.0484 0x16ac [ D6F603772A789BB3228F310D650B8BD1, A539025C70FD998A9B8703DE05CAE5E99BC721D8852EA561EBC2DD20CB371D2E ] BITS C:\WINDOWS\system32\qmgr.dll
18:26:39.0562 0x16ac BITS - ok
18:26:39.0609 0x16ac [ B71549F23736ADF83A571061C47777FD, A1D0320736EE777030A543DCA086367EB5A5B6F95088B9C22D8E09326C3A39A9 ] Browser C:\WINDOWS\System32\browser.dll
18:26:39.0625 0x16ac Browser - ok
18:26:39.0656 0x16ac [ 2FE6D5BE0629F706197B30C0AA05DE30, 528ED3AA8129FDD6C8EF698E5ECE9BB93C0249CF0200115F13B36410A353F353 ] BrPar C:\WINDOWS\System32\drivers\BrPar.sys
18:26:39.0687 0x16ac BrPar - detected UnsignedFile.Multi.Generic ( 1 )
18:26:39.0765 0x16ac BrPar ( UnsignedFile.Multi.Generic ) - warning
18:26:39.0765 0x16ac Force sending object to P2P due to detect: C:\WINDOWS\System32\drivers\BrPar.sys
18:26:42.0218 0x16ac Object send P2P result: true
18:26:44.0593 0x16ac [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
18:26:44.0640 0x16ac cbidf2k - ok
18:26:44.0656 0x16ac cd20xrnt - ok
18:26:44.0656 0x16ac [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
18:26:44.0718 0x16ac Cdaudio - ok
18:26:44.0750 0x16ac [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
18:26:44.0796 0x16ac Cdfs - ok
18:26:44.0828 0x16ac [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
18:26:44.0906 0x16ac Cdrom - ok
18:26:44.0906 0x16ac Changer - ok
18:26:44.0921 0x16ac [ 28E3040D1F1CA2008CD6B29DFEBC9A5E, ACB458E8A11AA2143734A5A0281973D95158E6402A6453F98F9832D1E19B01F9 ] CiSvc C:\WINDOWS\system32\cisvc.exe
18:26:44.0984 0x16ac CiSvc - ok
18:26:45.0000 0x16ac [ 778A30ED3C134EB7E406AFC407E9997D, 3E6AD115AB2596EB001BC21AEADDBC75F27C42DB90C986B7AD17743CE631234E ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
18:26:45.0078 0x16ac ClipSrv - ok
18:26:45.0109 0x16ac [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:26:45.0125 0x16ac clr_optimization_v2.0.50727_32 - ok
18:26:45.0203 0x16ac [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:26:45.0218 0x16ac clr_optimization_v4.0.30319_32 - ok
18:26:45.0218 0x16ac CmdIde - ok
18:26:45.0218 0x16ac COMSysApp - ok
18:26:45.0218 0x16ac Cpqarray - ok
18:26:45.0265 0x16ac [ 611F824E5C703A5A899F84C5F1699E4D, 9EFA5612FE58E9974E4CC13D39D91D7B5DEA3ED66BEFBED3AAE6D2800FD8162A ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
18:26:45.0328 0x16ac CryptSvc - ok
18:26:45.0343 0x16ac dac2w2k - ok
18:26:45.0343 0x16ac dac960nt - ok
18:26:45.0390 0x16ac [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
18:26:45.0453 0x16ac DcomLaunch - ok
18:26:45.0484 0x16ac [ C29A1C9B75BA38FA37F8C44405DEC360, 7476D8BC4380CDE56764B2034AF3741DA4ED00F315E41C9A02B5EAD04374F241 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
18:26:45.0562 0x16ac Dhcp - ok
18:26:45.0593 0x16ac [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
18:26:45.0671 0x16ac Disk - ok
18:26:45.0671 0x16ac dmadmin - ok
18:26:45.0718 0x16ac [ 0DCFC8395A99FECBB1EF771CEC7FE4EA, 89B0AEE5BE01B9FE4FF2989FF16DB6121721ACDFCE6D9655C0ACD321D8C308BE ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
18:26:45.0812 0x16ac dmboot - ok
18:26:45.0843 0x16ac [ 53720AB12B48719D00E327DA470A619A, 800264866A6267C9000A85D00095D57908D059D737E5F28C9C4049B884C46228 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
18:26:45.0921 0x16ac dmio - ok
18:26:45.0921 0x16ac [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
18:26:45.0984 0x16ac dmload - ok
18:26:46.0000 0x16ac [ 25C83FFBBA13B554EB6D59A9B2E2EE78, 9FBD655ED3E9163AE11EC207F283E387EFBA5A23108EC790BAE4846B35E66F16 ] dmserver C:\WINDOWS\System32\dmserver.dll
18:26:46.0062 0x16ac dmserver - ok
18:26:46.0109 0x16ac [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
18:26:46.0187 0x16ac DMusic - ok
18:26:46.0218 0x16ac [ 407F3227AC618FD1CA54B335B083DE07, 96B8E734648FE9A4EBA59C096C8779BD1A11A93A6303AFD438A406C8122D36C6 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
18:26:46.0234 0x16ac Dnscache - ok
18:26:46.0265 0x16ac [ 676E36C4FF5BCEA1900F44182B9723E6, 740CF18BD40E00FEA26CF0E6340C5D18F7D0B4390055FAEEC258B3AA790C4AE9 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
18:26:46.0328 0x16ac Dot3svc - ok
18:26:46.0328 0x16ac dpti2o - ok
18:26:46.0375 0x16ac [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
18:26:46.0453 0x16ac drmkaud - ok
18:26:46.0484 0x16ac [ D60759140694150360BBEFD9CAB7C920, EDD0630640842BA55B3537C14CD79B5A6A34C40EAD1B0159992F1750A8313455 ] e1kexpress C:\WINDOWS\system32\DRIVERS\e1k5132.sys
18:26:46.0500 0x16ac e1kexpress - ok
18:26:46.0515 0x16ac [ 4E4F2FDDAB0A0736D7671134DCCE91FB, 8E2C57D1A006856C47CBDD5765A9DD317DB205B26DA8BFC70555A506257A1CD9 ] EapHost C:\WINDOWS\System32\eapsvc.dll
18:26:46.0593 0x16ac EapHost - ok
18:26:46.0593 0x16ac eLock2BurnerLockDriver - ok
18:26:46.0593 0x16ac eLock2FSCTLDriver - ok
18:26:46.0593 0x16ac [ 877C18558D70587AA7823A1A308AC96B, 6B336A62112988D855513F45153F73F8470C41A448E9B7438B4A8EC1813AABF1 ] ERSvc C:\WINDOWS\System32\ersvc.dll
18:26:46.0656 0x16ac ERSvc - ok
18:26:46.0703 0x16ac [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] Eventlog C:\WINDOWS\system32\services.exe
18:26:46.0750 0x16ac Eventlog - ok
18:26:46.0796 0x16ac [ AF4F6B5739D18CA7972AB53E091CBC74, A399E2CC026730D3A429727AAB48093B9F1E5DD8EB6336519C7F16182FDB3905 ] EventSystem C:\WINDOWS\system32\es.dll
18:26:46.0843 0x16ac EventSystem - ok
18:26:46.0875 0x16ac [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
18:26:46.0937 0x16ac Fastfat - ok
18:26:46.0984 0x16ac [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
18:26:47.0000 0x16ac FastUserSwitchingCompatibility - ok
18:26:47.0031 0x16ac [ 08B8B302AF0D1B3B8543429BBAC8F21F, F3370FE5C4BECB16F0668E6605792EF8096FE06A79D8234E3D6E1B584F2D4E5A ] Fax C:\WINDOWS\system32\fxssvc.exe
18:26:47.0125 0x16ac Fax - ok
18:26:47.0140 0x16ac [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
18:26:47.0203 0x16ac Fdc - ok
18:26:47.0250 0x16ac [ B0678A548587C5F1967B0D70BACAD6C1, 7E49910212ED87313F926E4800EA8D34809C287A686CA69B82B79C1A6451F88C ] Fips C:\WINDOWS\system32\drivers\Fips.sys
18:26:47.0312 0x16ac Fips - ok
18:26:47.0343 0x16ac [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
18:26:47.0421 0x16ac Flpydisk - ok
18:26:47.0453 0x16ac [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
18:26:47.0515 0x16ac FltMgr - ok
18:26:47.0593 0x16ac [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
18:26:47.0609 0x16ac FontCache3.0.0.0 - ok
18:26:47.0625 0x16ac [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:26:47.0703 0x16ac Fs_Rec - ok
18:26:47.0734 0x16ac [ 8F1955CE42E1484714B542F341647778, 8EB3F99625F409D3032561E8AB44BEFBFBFBA4EC873C2151C92A5CAAF7F2AA55 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
18:26:47.0812 0x16ac Ftdisk - ok
18:26:47.0953 0x16ac [ 2101F77D1E6E1B7CDB01E5958FCB36BD, D2D368D6B8486C25562B7BA751C5CF2E28AE17F892647778413E6C92528E4B71 ] GoogleDesktopManager-080708-050100 C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe
18:26:47.0968 0x16ac GoogleDesktopManager-080708-050100 - detected UnsignedFile.Multi.Generic ( 1 )
18:26:47.0968 0x16ac GoogleDesktopManager-080708-050100 ( UnsignedFile.Multi.Generic ) - warning
18:26:50.0343 0x16ac [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
18:26:50.0421 0x16ac Gpc - ok
18:26:50.0468 0x16ac [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate C:\Programme\Google\Update\GoogleUpdate.exe
18:26:50.0484 0x16ac gupdate - ok
18:26:50.0484 0x16ac [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe
18:26:50.0500 0x16ac gupdatem - ok
18:26:50.0500 0x16ac [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
18:26:50.0593 0x16ac HDAudBus - ok
18:26:50.0625 0x16ac [ E4A123AD734A3731D29EBD3A01B3E535, 39B2B3EA68974C75007BEAA73AD95C937673A8896A1510DC5ED1F4878EF9F65E ] HECI C:\WINDOWS\system32\DRIVERS\HECI.sys
18:26:50.0656 0x16ac HECI - ok
18:26:50.0687 0x16ac [ CB66BF85BF599BEFD6C6A57C2E20357F, 55D3A0F9279FF316766F42548FCB61C452942B08A37590C4892DF110BE4E53C6 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
18:26:50.0765 0x16ac helpsvc - ok
18:26:50.0812 0x16ac [ B35DA85E60C0103F2E4104532DA2F12B, E13C9F73DF7713554CB614B36123D75014F5121AA1FC9069733E61758751CBE4 ] HidServ C:\WINDOWS\System32\hidserv.dll
18:26:50.0890 0x16ac HidServ - ok
18:26:50.0937 0x16ac [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
18:26:51.0015 0x16ac hidusb - ok
18:26:51.0046 0x16ac [ ED29F14101523A6E0E808107405D452C, B8FA987637787BEECC2EB06D36293DAC355523392B49A8C5A9491EEE961917E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
18:26:51.0109 0x16ac hkmsvc - ok
18:26:51.0109 0x16ac hpn - ok
18:26:51.0171 0x16ac [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
18:26:51.0203 0x16ac HTTP - ok
18:26:51.0250 0x16ac [ 9E4ADB854CEBCFB81A4B36718FEECD16, 677AB64460775686F8366D6BF35D420A2486C3F07338A00A7C2788A5142B9F08 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
18:26:51.0328 0x16ac HTTPFilter - ok
18:26:51.0328 0x16ac i2omgmt - ok
18:26:51.0328 0x16ac i2omp - ok
18:26:51.0359 0x16ac [ E283B97CFBEB86C1D86BAED5F7846A92, 7664F791D08C80DF1E52B34BE69F073AA645610C4BD975F498254807602374AB ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
18:26:51.0437 0x16ac i8042prt - ok
18:26:51.0531 0x16ac [ 3E42C4691AAD4B1E8D0466F9CBF05CBE, 8F53A86B97A25CE92D6A3EB9720F86308252C5B7A4BC62218FF8788229B132B8 ] IAANTMON C:\Programme\Intel\Intel Matrix Storage Manager\IAANTMon.exe
18:26:51.0562 0x16ac IAANTMON - ok
18:26:51.0843 0x16ac [ 1312E0141A7BD409AFADD52FA565927E, A25B81AFA771CD2E46261CF954329383340BCCBB780CCD5A0C86B1B41A51152B ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
18:26:52.0046 0x16ac ialm - ok
18:26:52.0093 0x16ac [ 707C1692214B1C290271067197F075F6, 7D0DB754604AABC4AA09AB8BA94326B1A1C2A76F3C2C2C7D6FA14F964BE68A51 ] iaStor C:\WINDOWS\system32\drivers\iaStor.sys
18:26:52.0109 0x16ac iaStor - ok
18:26:52.0187 0x16ac [ DAF66902F08796F9C694901660E5A64A, F4A4764DED05980426BAB54AAF040BC27A39C80315F5161E8D0B4C7F694BD8E6 ] IDriverT C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe
18:26:52.0203 0x16ac IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
18:26:52.0203 0x16ac IDriverT ( UnsignedFile.Multi.Generic ) - warning
18:26:54.0625 0x16ac [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:26:54.0671 0x16ac idsvc - ok
18:26:54.0703 0x16ac [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
18:26:54.0750 0x16ac Imapi - ok
18:26:54.0828 0x16ac [ D4B413AA210C21E46AEDD2BA5B68D38E, 2309622867AA8FC832A729FA78F48742D4BD6CA0DAFBFB9DDB0772D671E1ED75 ] ImapiService C:\WINDOWS\system32\imapi.exe
18:26:54.0937 0x16ac ImapiService - ok
18:26:54.0953 0x16ac ini910u - ok
18:26:55.0125 0x16ac [ 06AE6FA81E2AB6C4DF6ED1B2E7E95B4D, DD6092CDC45869937C7A7FFFC5AE05FC7ED03A61034C37A8A4F3EED1A8B53A93 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
18:26:55.0359 0x16ac IntcAzAudAddService - ok
18:26:55.0390 0x16ac [ 64C301D73DB18EBDC8680CA82D82AF2D, 1C0619E006E441EA588E0F0986CD85B7CDDD99CA59B4EB8E709A9C09CA4FF7C8 ] IntcHdmiAddService C:\WINDOWS\system32\drivers\IntcHdmi.sys
18:26:55.0406 0x16ac IntcHdmiAddService - ok
18:26:55.0406 0x16ac IntelIde - ok
18:26:55.0453 0x16ac [ 4C7D2750158ED6E7AD642D97BFFAE351, C05E4799752F090DCB632F07F62ADE38D31534621064D269AD535CA0BDFED448 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
18:26:55.0515 0x16ac intelppm - ok
18:26:55.0546 0x16ac [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
18:26:55.0609 0x16ac Ip6Fw - ok
18:26:55.0640 0x16ac [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:26:55.0703 0x16ac IpFilterDriver - ok
18:26:55.0718 0x16ac [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
18:26:55.0796 0x16ac IpInIp - ok
18:26:55.0859 0x16ac [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
18:26:55.0953 0x16ac IpNat - ok
18:26:55.0984 0x16ac [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
18:26:56.0062 0x16ac IPSec - ok
18:26:56.0078 0x16ac [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
18:26:56.0156 0x16ac IRENUM - ok
18:26:56.0187 0x16ac [ 6DFB88F64135C525433E87648BDA30DE, 8233EEFBEF36AAA152F2C55D23D7118F0DE40C9C22EB5D9793405A4770889540 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
18:26:56.0265 0x16ac isapnp - ok
18:26:56.0375 0x16ac [ A5937B2A94424CF1B13A4AD503AF6B2E, E96CE4E526E053FB410987BD444627BC7B26FCE48DC0A61916ADD0A69EFA6941 ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe
18:26:56.0390 0x16ac JavaQuickStarterService - ok
18:26:56.0406 0x16ac [ 1704D8C4C8807B889E43C649B478A452, E854C90CD301F42BE2520CEDAD35E49DF2D43606CF4EEED861B74882118D04D1 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
18:26:56.0484 0x16ac Kbdclass - ok
18:26:56.0515 0x16ac [ B6D6C117D771C98130497265F26D1882, E79CC4EA5C088F988BA61F80764F9CAD9B78BC56A7E17DD54622C75483BC5DF4 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
18:26:56.0593 0x16ac kbdhid - ok
18:26:56.0640 0x16ac [ 871C226234A48C24DFE7478F36C0050C, 657CAB49387E0E40311D4DEC93D9860B2DAC2C05F223698CFA2F9BB50B5F3022 ] KL1 C:\WINDOWS\system32\DRIVERS\kl1.sys
18:26:56.0656 0x16ac KL1 - ok
18:26:56.0703 0x16ac [ 2ECDD644A261423EF0F3424434DBAD0E, 113BA917EFBED5D78C0F411FD43EC6B2DC065A73B7BB7B22E81481CFC67C2A40 ] KLIF C:\WINDOWS\system32\DRIVERS\klif.sys
18:26:56.0734 0x16ac KLIF - ok
18:26:56.0796 0x16ac [ 05E5504E5E06F75F18BBEA7291601FE2, 6A874BA7ACC57F817C9FA48D8320A1914BF197DBA288FC5C302AE26B447CE68B ] klim5 C:\WINDOWS\system32\DRIVERS\klim5.sys
18:26:56.0812 0x16ac klim5 - ok
18:26:56.0828 0x16ac [ E46C091AE3B8CEDD234DA57020870A0A, 8929707859ED3860B17EFB0551CA4E5F69580A095B1A9C0AF10C6CF98858730C ] klkbdflt C:\WINDOWS\system32\DRIVERS\klkbdflt.sys
18:26:56.0828 0x16ac klkbdflt - ok
18:26:56.0843 0x16ac [ 480E19A71C6EDE70B7536E96B223CE1F, B9C5E76F68B2DAB0DC9F6DB080D3E785D18AA86ADB2AB0F497B68A58222CF59C ] klmouflt C:\WINDOWS\system32\DRIVERS\klmouflt.sys
18:26:56.0859 0x16ac klmouflt - ok
18:26:56.0875 0x16ac [ 8FD802F86D4AB3FB329B8E51517BFF2A, 321750DC0C664FE5580C855D7B70AC74753DDD881F0C4482A2B4505BB2D88345 ] kltdi C:\WINDOWS\system32\DRIVERS\kltdi.sys
18:26:56.0890 0x16ac kltdi - ok
18:26:56.0937 0x16ac [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
18:26:57.0031 0x16ac kmixer - ok
18:26:57.0046 0x16ac [ 8F932DF10408BCABA2FCF6163C843F8E, 26BB4E2A2562CF6C687EC9F61C7B3C80992C1D57C47BBAEA8ED2AB6643A91C0E ] kneps C:\WINDOWS\system32\DRIVERS\kneps.sys
18:26:57.0062 0x16ac kneps - ok
18:26:57.0109 0x16ac [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
18:26:57.0140 0x16ac KSecDD - ok
18:26:57.0187 0x16ac [ 2BBDCB79900990F0716DFCB714E72DE7, 6283789201164A9254632D9A3C8A54FE697717D5F8D5A37804D924DC2B70C8E3 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
18:26:57.0203 0x16ac LanmanServer - ok
18:26:57.0281 0x16ac [ 1869B14B06B44B44AF70548E1EA3303F, 4D63B4DAF580C86F86837C7D1753E2105B4C52E26D4CA0CAAFE83755EFF7AFBE ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
18:26:57.0312 0x16ac lanmanworkstation - ok
18:26:57.0312 0x16ac lbrtfdc - ok
18:26:57.0406 0x16ac [ 793FF718477345CD5D232C50BED1E452, 1D39CF9F10742C79FF99B9B4E0361EAEA63B4FC545C58B54B55537D18C802941 ] LightScribeService C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
18:26:57.0406 0x16ac LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
18:26:57.0406 0x16ac LightScribeService ( UnsignedFile.Multi.Generic ) - warning
18:26:59.0781 0x16ac [ 636714B7D43C8D0C80449123FD266920, F06F6C7DC49B26EFCAC3570C67BA9BD934F62C6F382DA4DD2AB302C7B970F414 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
18:26:59.0875 0x16ac LmHosts - ok
18:26:59.0875 0x16ac [ CA8E887D035ED9C8AD1032A7AFDD8CD6, 74F8DD3ECC5A8B82C5420EB9644A610EF8FA20FFFC0517C9B29EF6798FD4B240 ] LMS C:\Programme\Intel\AMT\LMS.exe
18:26:59.0890 0x16ac LMS - ok
18:26:59.0921 0x16ac [ B7550A7107281D170CE85524B1488C98, A3854B16A65436BEF6BEDE918B43B3BE8F00D303660DB5831DD376271DC43239 ] Messenger C:\WINDOWS\System32\msgsvc.dll
18:26:59.0984 0x16ac Messenger - ok
18:27:00.0031 0x16ac [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
18:27:00.0078 0x16ac mnmdd - ok
18:27:00.0125 0x16ac [ C2F1D365FD96791B037EE504868065D3, 87BD87E08FD00D115524B049F1A3A719AB86557D68968E7090CD0F271F985CAF ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
18:27:00.0187 0x16ac mnmsrvc - ok
18:27:00.0203 0x16ac [ 6FB74EBD4EC57A6F1781DE3852CC3362, 0454509D9A31E0202C08AE17294E2682F227D177A3C73B303E4C8332757AFCA1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
18:27:00.0265 0x16ac Modem - ok
18:27:00.0296 0x16ac [ B24CE8005DEAB254C0251E15CB71D802, 6804A8ABDAD5EC846E7F8077D1EE9BA45D6226ACFF42C70BE3DE7C8980EF9EC4 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
18:27:00.0343 0x16ac Mouclass - ok
18:27:00.0359 0x16ac [ 66A6F73C74E1791464160A7065CE711A, 3C570FA1E8EF976B83759220FE95BAC9D7D48D607F91B113EDE4790D34ACBD46 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
18:27:00.0453 0x16ac mouhid - ok
18:27:00.0468 0x16ac [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
18:27:00.0531 0x16ac MountMgr - ok
18:27:00.0625 0x16ac [ 3B9398E0146855B1DC0E3D9769C80F01, DF69DB5CA30A5577648635C27DD468AF98515D07DF379B3FFDCC6B40744EDE66 ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
18:27:00.0640 0x16ac MozillaMaintenance - ok
18:27:00.0640 0x16ac mraid35x - ok
18:27:00.0656 0x16ac [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
18:27:00.0734 0x16ac MRxDAV - ok
18:27:00.0750 0x16ac [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:27:00.0796 0x16ac MRxSmb - ok
18:27:00.0828 0x16ac [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
18:27:00.0890 0x16ac Msfs - ok
18:27:00.0890 0x16ac MSIServer - ok
18:27:00.0921 0x16ac [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:27:00.0968 0x16ac MSKSSRV - ok
18:27:00.0984 0x16ac [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:27:01.0046 0x16ac MSPCLOCK - ok
18:27:01.0062 0x16ac [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
18:27:01.0125 0x16ac MSPQM - ok
18:27:01.0156 0x16ac [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
18:27:01.0203 0x16ac mssmbios - ok
18:27:01.0234 0x16ac [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
18:27:01.0250 0x16ac Mup - ok
18:27:01.0265 0x16ac [ 03CA886BA148B6B9996BE1368DDC3FC0, 0EA78CB430FBF8EF4C9F3D1EADF2B057939081B1367BC6610E918FA3C6D8920C ] NAL C:\WINDOWS\system32\Drivers\iqvw32.sys
18:27:01.0265 0x16ac NAL - ok
18:27:01.0312 0x16ac [ 46BB15AE2AC7D025D6D2567B876817BD, 102A101B96D1078C98FA0F871C801A9A8538E20E5686AB0C7680B2F6C92B3165 ] napagent C:\WINDOWS\System32\qagentrt.dll
18:27:01.0390 0x16ac napagent - ok
18:27:01.0421 0x16ac [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
18:27:01.0484 0x16ac NDIS - ok
18:27:01.0531 0x16ac [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:27:01.0546 0x16ac NdisTapi - ok
18:27:01.0593 0x16ac [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:27:01.0671 0x16ac Ndisuio - ok
18:27:01.0687 0x16ac [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:27:01.0750 0x16ac NdisWan - ok
18:27:01.0750 0x16ac [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
18:27:01.0812 0x16ac NDProxy - ok
18:27:01.0859 0x16ac [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
18:27:02.0015 0x16ac NetBIOS - ok
18:27:02.0031 0x16ac [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
18:27:02.0125 0x16ac NetBT - ok
18:27:02.0156 0x16ac [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDE C:\WINDOWS\system32\netdde.exe
18:27:02.0218 0x16ac NetDDE - ok
18:27:02.0218 0x16ac [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
18:27:02.0281 0x16ac NetDDEdsdm - ok
18:27:02.0328 0x16ac [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] Netlogon C:\WINDOWS\system32\lsass.exe
18:27:02.0406 0x16ac Netlogon - ok
18:27:02.0437 0x16ac [ E6D88F1F6745BF00B57E7855A2AB696C, 12A5EDD853600FF5EBF91E127077745AE1E61E66DBC1D4D4306570F171AF4A39 ] Netman C:\WINDOWS\System32\netman.dll
18:27:02.0500 0x16ac Netman - ok
18:27:02.0546 0x16ac [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:27:02.0562 0x16ac NetTcpPortSharing - ok
18:27:02.0593 0x16ac [ F1B67B6B0751AE0E6E964B02821206A3, 3D5A7593ABDEE2047C5738671C85DC8B95A4ECF58D5D7B04EEE13A689839A540 ] Nla C:\WINDOWS\System32\mswsock.dll
18:27:02.0609 0x16ac Nla - ok
18:27:02.0656 0x16ac [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
18:27:02.0718 0x16ac Npfs - ok
18:27:02.0734 0x16ac [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
18:27:02.0843 0x16ac Ntfs - ok
18:27:02.0859 0x16ac [ 7F1C1F78D709C4A54CBB46EDE7E0B48D, 52135D41983A9E9E1DCA250A63017076AE22AA06D77CCF2E5EF41154F958584A ] NTIDrvr C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys
18:27:02.0875 0x16ac NTIDrvr - detected UnsignedFile.Multi.Generic ( 1 )
18:27:02.0875 0x16ac NTIDrvr ( UnsignedFile.Multi.Generic ) - warning
18:27:05.0234 0x16ac [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
18:27:05.0296 0x16ac NtLmSsp - ok
18:27:05.0312 0x16ac [ 56AF4064996FA5BAC9C449B1514B4770, 154602EFEC22728503D4ABA025DF711B0F2CFC983F5E3BF25F2A4BCD1AE250EC ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
18:27:05.0390 0x16ac NtmsSvc - ok
18:27:05.0406 0x16ac [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
18:27:05.0484 0x16ac Null - ok
18:27:05.0500 0x16ac [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
18:27:05.0562 0x16ac NwlnkFlt - ok
18:27:05.0593 0x16ac [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
18:27:05.0687 0x16ac NwlnkFwd - ok
18:27:05.0812 0x16ac [ 84DE1DD996B48B05ACE31AD015FA108A, 4B9D1E4EF83ECED6C77F23D9879C124534F7053D7423E3A2D0F67A4A720CEA94 ] odserv C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE
18:27:05.0828 0x16ac odserv - ok
18:27:05.0875 0x16ac [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
18:27:05.0875 0x16ac ose - ok
18:27:05.0906 0x16ac [ F84785660305B9B903FB3BCA8BA29837, BDBDE61076800415D98759077E9E039C80B55DBE68E31F8BF44A909C6C3D3276 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
18:27:05.0968 0x16ac Parport - ok
18:27:06.0015 0x16ac [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
18:27:06.0078 0x16ac PartMgr - ok
18:27:06.0078 0x16ac [ C2BF987829099A3EAA2CA6A0A90ECB4F, 1DF21EA8E43875CFEECD869407429F82FB449707CFB845718499468E699BAAAA ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
18:27:06.0140 0x16ac ParVdm - ok
18:27:06.0140 0x16ac [ 387E8DEDC343AA2D1EFBC30580273ACD, 5F3E642BDB759777E570ED5B22AC7E93CDCD362708F281657AD7BAB44EDEC802 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
18:27:06.0218 0x16ac PCI - ok
18:27:06.0218 0x16ac PCIDump - ok
18:27:06.0218 0x16ac [ 59BA86D9A61CBCF4DF8E598C331F5B82, 822D11C5CE77BFD7B2F25350CCBF92B0B9388EEA6D86ED220B768C720976D839 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
18:27:06.0296 0x16ac PCIIde - ok
18:27:06.0312 0x16ac [ A2A966B77D61847D61A3051DF87C8C97, 6CED7CA26DC62B0AAFC83A2E07336DAD25954491201BB8E06103971F3F0B8B51 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
18:27:06.0375 0x16ac Pcmcia - ok
18:27:06.0375 0x16ac PDCOMP - ok
18:27:06.0390 0x16ac PDFRAME - ok
18:27:06.0390 0x16ac PDRELI - ok
18:27:06.0390 0x16ac PDRFRAME - ok
18:27:06.0390 0x16ac perc2 - ok
18:27:06.0390 0x16ac perc2hib - ok
18:27:06.0421 0x16ac [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] PlugPlay C:\WINDOWS\system32\services.exe
18:27:06.0437 0x16ac PlugPlay - ok
18:27:06.0453 0x16ac [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
18:27:06.0515 0x16ac PolicyAgent - ok
18:27:06.0531 0x16ac [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:27:06.0593 0x16ac PptpMiniport - ok
18:27:06.0593 0x16ac [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
18:27:06.0656 0x16ac ProtectedStorage - ok
18:27:06.0656 0x16ac [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
18:27:06.0718 0x16ac PSched - ok
18:27:06.0718 0x16ac psdfilter - ok
18:27:06.0718 0x16ac psdvdisk - ok
18:27:06.0734 0x16ac [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
18:27:06.0781 0x16ac Ptilink - ok
18:27:06.0796 0x16ac ql1080 - ok
18:27:06.0796 0x16ac Ql10wnt - ok
18:27:06.0796 0x16ac ql12160 - ok
18:27:06.0796 0x16ac ql1240 - ok
18:27:06.0796 0x16ac ql1280 - ok
18:27:06.0828 0x16ac [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:27:06.0875 0x16ac RasAcd - ok
18:27:06.0921 0x16ac [ F5BA6CACCDB66C8F048E867563203246, AFEAD8FC02313F7EBC8F9F39E7ED2868852B480BE3902FA7BD0AFD81492AB243 ] RasAuto C:\WINDOWS\System32\rasauto.dll
18:27:06.0984 0x16ac RasAuto - ok
18:27:06.0984 0x16ac [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:27:07.0046 0x16ac Rasl2tp - ok
18:27:07.0078 0x16ac [ F9A7B66EA345726EDB5862A46B1ECCD5, 5D35429D394D36A1692A7E219BA1A85CD8096FEAE0F90BFE036A63118FEDBF57 ] RasMan C:\WINDOWS\System32\rasmans.dll
18:27:07.0140 0x16ac RasMan - ok
18:27:07.0140 0x16ac [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:27:07.0203 0x16ac RasPppoe - ok
18:27:07.0234 0x16ac [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
18:27:07.0296 0x16ac Raspti - ok
18:27:07.0312 0x16ac [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:27:07.0375 0x16ac Rdbss - ok
18:27:07.0421 0x16ac [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
18:27:07.0500 0x16ac RDPCDD - ok
18:27:07.0500 0x16ac [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
18:27:07.0578 0x16ac rdpdr - ok
18:27:07.0625 0x16ac [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
18:27:07.0656 0x16ac RDPWD - ok
18:27:07.0687 0x16ac [ 263AF18AF0F3DB99F574C95F284CCEC9, 2BFA9952E97EFEB386FC56EC2C125080CD12DAC078DBE43C395CB4D9F22165D3 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
18:27:07.0765 0x16ac RDSessMgr - ok
18:27:07.0796 0x16ac [ ED761D453856F795A7FE056E42C36365, EF026585B33415D8FCE94A9F27D7A4396C7C35C88E06A4CF0FEA702401E8597A ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
18:27:07.0875 0x16ac redbook - ok
18:27:07.0906 0x16ac [ 0E97EC96D6942CEEC2D188CC2EB69A01, D4253B4420BEF19451A55AB91E4834482181A31A31134F6E2AFE05C8E20C81A5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
18:27:07.0968 0x16ac RemoteAccess - ok
18:27:08.0015 0x16ac [ E4CD1F3D84E1C2CA0B8CF7501E201593, 649CC0B04F94D407EB6B4C7FDE2C6E4D2B1531307BC67C5775E44D66EF2E4F8A ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
18:27:08.0093 0x16ac RemoteRegistry - ok
18:27:08.0140 0x16ac [ 2AF094B1CE4725E4551F38FDA2348637, 80CB4987B3C3A66CC233738653A878A93783C1513C4898E0A475EB2101845DD4 ] RichVideo C:\Programme\CyberLink\Shared Files\RichVideo.exe
18:27:08.0156 0x16ac RichVideo - detected UnsignedFile.Multi.Generic ( 1 )
18:27:08.0156 0x16ac RichVideo ( UnsignedFile.Multi.Generic ) - warning
18:27:10.0546 0x16ac [ 2A02E21867497DF20B8FC95631395169, D89E2D17ED4E1C727847C0E92D2DF68AEB70BF0B956BD2FE024ED70A961759D2 ] RpcLocator C:\WINDOWS\system32\locator.exe
18:27:10.0625 0x16ac RpcLocator - ok
18:27:10.0656 0x16ac [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] RpcSs C:\WINDOWS\system32\rpcss.dll
18:27:10.0687 0x16ac RpcSs - ok
18:27:10.0734 0x16ac [ 4BDD71B4B521521499DFD14735C4F398, 7B1498D3C67E56D05B58B7DA319ECB0117C37963AABB0E59B42831C087469DA1 ] RSVP C:\WINDOWS\system32\rsvp.exe
18:27:10.0796 0x16ac RSVP - ok
18:27:10.0828 0x16ac [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] SamSs C:\WINDOWS\system32\lsass.exe
18:27:10.0890 0x16ac SamSs - ok
18:27:10.0906 0x16ac [ DCEC079FAD95D36C8DD5CB6D779DFE32, F8546552D939A225853A0CE4913701A93738DF02C999D16E141E9A828814BBC6 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
18:27:10.0968 0x16ac SCardSvr - ok
18:27:11.0015 0x16ac [ A050194A44D7FA8D7186ED2F4E8367AE, BCDF56D5A2F9E202DC67E7FE4BCC617BCC0BDFF2D221A621020068B17B2855BB ] Schedule C:\WINDOWS\system32\schedsvc.dll
18:27:11.0109 0x16ac Schedule - ok
18:27:11.0125 0x16ac [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
18:27:11.0187 0x16ac Secdrv - ok
18:27:11.0234 0x16ac [ BEE4CFD1D48C23B44CF4B974B0B79B2B, DF3B02D713F8A4602BE75F004074D5DF79AFF2D58FF37110B2A6AC29F680758B ] seclogon C:\WINDOWS\System32\seclogon.dll
18:27:11.0296 0x16ac seclogon - ok
18:27:11.0390 0x16ac [ FB8D34963EE4D7F8C061DFFC593F0EE1, 32EA16F7BAE52BE000263CD9D3A8CAFF392055CEE57D9732C1CEF86E2D24EA92 ] SecureStorageService C:\Programme\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe
18:27:11.0406 0x16ac SecureStorageService - detected UnsignedFile.Multi.Generic ( 1 )
18:27:11.0406 0x16ac SecureStorageService ( UnsignedFile.Multi.Generic ) - warning
18:27:13.0750 0x16ac [ 2AAC9B6ED9EDDFFB721D6452E34D67E3, 95D83F054A6610328D56E56CD948A6618C590231853E56FC20E7557DB61384A4 ] SENS C:\WINDOWS\system32\sens.dll
18:27:13.0828 0x16ac SENS - ok
18:27:13.0859 0x16ac [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
18:27:13.0937 0x16ac serenum - ok
18:27:13.0968 0x16ac [ CF24EB4F0412C82BCD1F4F35A025E31D, B74CB094126F5C23F601C34D53B2DF5BE3E5918230AC9DCFCFFA8E66B3A0FA25 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
18:27:14.0062 0x16ac Serial - ok
18:27:14.0093 0x16ac [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
18:27:14.0156 0x16ac Sfloppy - ok
18:27:14.0234 0x16ac [ CAD058D5F8B889A87CA3EB3CF624DCEF, A7CDCF44261D1F4D820927253EA8EBB63714B7BAFF8B08DE073507D9A7EEA5BB ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
18:27:14.0343 0x16ac SharedAccess - ok
18:27:14.0390 0x16ac [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
18:27:14.0406 0x16ac ShellHWDetection - ok
18:27:14.0406 0x16ac Simbad - ok
18:27:14.0437 0x16ac [ 004179B6C039D39B71FBE3D07C5DFE79, 4B4FCD4F33D81AF6A787DD0F1DED84874961D3488A8E2B0BF1D4D1A9EFDD25BC ] SkypeUpdate C:\Programme\Skype\Updater\Updater.exe
18:27:14.0453 0x16ac SkypeUpdate - ok
18:27:14.0453 0x16ac Sparrow - ok
18:27:14.0484 0x16ac [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
18:27:14.0546 0x16ac splitter - ok
18:27:14.0609 0x16ac [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe
18:27:14.0625 0x16ac Spooler - ok
18:27:14.0671 0x16ac [ 9263C8898732E2B890F7E954E7729AB7, DEBFD81E702893427972A6565A9AAA54A09B9F7F30CA9391011C6F7FB758A3F4 ] SQLWriter C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe
18:27:14.0687 0x16ac SQLWriter - ok
18:27:14.0718 0x16ac [ 50FA898F8C032796D3B1B9951BB5A90F, 1C86273EC19EB96D6DB9CE6670C00683B77C99C42CC2F7E75BC50872B93446B1 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
18:27:14.0812 0x16ac sr - ok
18:27:14.0859 0x16ac [ FE77A85495065F3AD59C5C65B6C54182, EB4BAF992F961B2FD5D24BFCB6BCB2142BC32933139A818835FEAB190E4283BB ] srservice C:\WINDOWS\system32\srsvc.dll
18:27:14.0921 0x16ac srservice - ok
18:27:14.0937 0x16ac [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
18:27:14.0953 0x16ac Srv - ok
18:27:14.0984 0x16ac [ 4DF5B05DFAEC29E13E1ED6F6EE12C500, 2971D7D45D6942D310D47DBD19B9680D2D29527E79B86133C72217FD29259465 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
18:27:15.0062 0x16ac SSDPSRV - ok
18:27:15.0109 0x16ac [ BC2C5985611C5356B24AEB370953DED9, 15CBAB8166827DC098E2B16AB6F49A1441A4CB52AF3588F0AD964CAB596DFE10 ] stisvc C:\WINDOWS\system32\wiaservc.dll
18:27:15.0203 0x16ac stisvc - ok
18:27:15.0234 0x16ac [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
18:27:15.0296 0x16ac swenum - ok
18:27:15.0328 0x16ac [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
18:27:15.0421 0x16ac swmidi - ok
18:27:15.0421 0x16ac SwPrv - ok
18:27:15.0421 0x16ac symc810 - ok
18:27:15.0421 0x16ac symc8xx - ok
18:27:15.0437 0x16ac sym_hi - ok
18:27:15.0437 0x16ac sym_u3 - ok
18:27:15.0453 0x16ac [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
18:27:15.0531 0x16ac sysaudio - ok
18:27:15.0562 0x16ac [ 2903FFFA2523926D6219428040DCE6B9, 4F13181931B0499F6C3F08138054DBCD1F84CB9806999A9172B80DE79D446F62 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
18:27:15.0640 0x16ac SysmonLog - ok
18:27:15.0687 0x16ac [ 05903CAC4B98908D55EA5774775B382E, AC3666CBD894D737874A5998DC7F46A0A51A7B23B1835FC735B9AD503A2191CC ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
18:27:15.0781 0x16ac TapiSrv - ok
18:27:15.0828 0x16ac [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:27:15.0890 0x16ac Tcpip - ok
18:27:15.0984 0x16ac [ BA9202E263A6FC1FFD7889FEA186A2C4, 8085E1F5144F8E54EDBA283E3BACCFDC2D560B9BFBCC5C2BD0143E1A17646DAA ] tcsd_win32.exe C:\Programme\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
18:27:16.0062 0x16ac tcsd_win32.exe - detected UnsignedFile.Multi.Generic ( 1 )
18:27:16.0062 0x16ac tcsd_win32.exe ( UnsignedFile.Multi.Generic ) - warning
18:27:16.0062 0x16ac Force sending object to P2P due to detect: C:\Programme\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
18:27:18.0781 0x16ac Object send P2P result: true
18:27:21.0171 0x16ac [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
18:27:21.0234 0x16ac TDPIPE - ok
18:27:21.0250 0x16ac [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
18:27:21.0328 0x16ac TDTCP - ok
18:27:21.0671 0x16ac [ C32E6295D7D024B2302EFF1A7FEFD720, A9E5C78FD8765367863FFCA4954E52EEC77BE4956A6910CD09BBBF9D5BC96D4E ] TeamViewer9 C:\Programme\TeamViewer\Version9\TeamViewer_Service.exe
18:27:21.0828 0x16ac TeamViewer9 - ok
18:27:21.0875 0x16ac [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
18:27:21.0953 0x16ac TermDD - ok
18:27:21.0984 0x16ac [ B7DE02C863D8F5A005A7BF375375A6A4, 6DE05A7B28CA5A78D58536347FC47F15883EEDBEF487CEA0117CC280FC582DCC ] TermService C:\WINDOWS\System32\termsrv.dll
18:27:22.0078 0x16ac TermService - ok
18:27:22.0109 0x16ac [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] Themes C:\WINDOWS\System32\shsvcs.dll
18:27:22.0125 0x16ac Themes - ok
18:27:22.0156 0x16ac [ 03681A1CE77F51586903869A5AB1DEAB, E2EC0A481412166B654682C2F3D953E96E757466135CBD2D813B967EDB13C721 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
18:27:22.0234 0x16ac TlntSvr - ok
18:27:22.0234 0x16ac TosIde - ok
18:27:22.0281 0x16ac [ 298572A7E0D5A63A90E134BB34CCACEB, 4B368C9DC7DC3F64884DA11F3F2E82C908EE909A35B3292D0AAE0DE98DB34D70 ] tpm C:\WINDOWS\system32\DRIVERS\tpm.sys
18:27:22.0312 0x16ac tpm - detected UnsignedFile.Multi.Generic ( 1 )
18:27:22.0312 0x16ac tpm ( UnsignedFile.Multi.Generic ) - warning
18:27:24.0703 0x16ac [ 626504572B175867F30F3215C04B3E2F, 47E87CE9BC666D5CB5953C5D497DC00A7CC28F8EC0A064B3E47700279C5C4B91 ] TrkWks C:\WINDOWS\system32\trkwks.dll
18:27:24.0890 0x16ac TrkWks - ok
18:27:24.0921 0x16ac [ E0C67BE430C6DE490D6CCAECFA071F9E, 831858F9A07122FBE513FC56D79F39F973FC9BA757D509C113AA975DE8A70EE5 ] UBHelper C:\WINDOWS\system32\drivers\UBHelper.sys
18:27:24.0921 0x16ac UBHelper - detected UnsignedFile.Multi.Generic ( 1 )
18:27:24.0921 0x16ac UBHelper ( UnsignedFile.Multi.Generic ) - warning
18:27:27.0296 0x16ac [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
18:27:27.0359 0x16ac Udfs - ok
18:27:27.0359 0x16ac ultra - ok
18:27:27.0468 0x16ac [ 22C01FC9E65070514FEDC846D51B2E53, 9329CBB1E6950DF0C9CC5E385636E99D797257A21823961F8FA408ECBEAD2297 ] UNS C:\Programme\Gemeinsame Dateien\Intel\Privacy Icon\UNS\UNS.exe
18:27:27.0562 0x16ac UNS - ok
18:27:27.0609 0x16ac [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
18:27:27.0687 0x16ac Update - ok
18:27:27.0703 0x16ac [ 1DFD8975D8C89214B98D9387C1125B49, 0B6B268487C8E45E9B86BF4A0A9DB669E0E45D600DE3C82B63F9986CA9E01082 ] upnphost C:\WINDOWS\System32\upnphost.dll
18:27:27.0781 0x16ac upnphost - ok
18:27:27.0796 0x16ac [ 9B11E6118958E63E1FEF129466E2BDA7, 97168BCE3F4A9BB9E6500F05E34851FB957B219C598944FADC28AC0011C0503B ] UPS C:\WINDOWS\System32\ups.exe
18:27:27.0875 0x16ac UPS - ok
18:27:27.0906 0x16ac [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
18:27:27.0937 0x16ac usbccgp - ok
18:27:27.0953 0x16ac [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
18:27:27.0968 0x16ac usbehci - ok
18:27:28.0000 0x16ac [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
18:27:28.0062 0x16ac usbhub - ok
18:27:28.0093 0x16ac [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
18:27:28.0156 0x16ac usbprint - ok
18:27:28.0218 0x16ac [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
18:27:28.0218 0x16ac usbscan - ok
18:27:28.0265 0x16ac [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
18:27:28.0328 0x16ac USBSTOR - ok
18:27:28.0359 0x16ac [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
18:27:28.0453 0x16ac usbuhci - ok
18:27:28.0484 0x16ac [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
18:27:28.0578 0x16ac VgaSave - ok
18:27:28.0578 0x16ac ViaIde - ok
18:27:28.0625 0x16ac [ A5A712F4E880874A477AF790B5186E1D, FE885ED04C3EAFC379787F836738A2769E43D07CF52DD917D90C38E001957A5E ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
18:27:28.0687 0x16ac VolSnap - ok
18:27:28.0718 0x16ac [ 68F106273BE29E7B7EF8266977268E78, 1488AB7A654EBC94C73E1D494067189ACB95BC233980110CAC4C0297CDC4115A ] VSS C:\WINDOWS\System32\vssvc.exe
18:27:28.0796 0x16ac VSS - ok
18:27:29.0031 0x16ac [ 3456619FC9CF2941084809B5D9E955BB, AF1CF7C4C35AC75E55CC4F2C23525B99E989202B3212B6590F4E003C874A2B03 ] vToolbarUpdater17.0.1 C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\17.0.1\ToolbarUpdater.exe
18:27:29.0109 0x16ac vToolbarUpdater17.0.1 - ok
18:27:29.0187 0x16ac [ 7B353059E665F8B7AD2BBEAEF597CF45, 84A4311F18A4B8DCB364741DEA7D18E2363F19564B2EF25214965DC729527068 ] W32Time C:\WINDOWS\system32\w32time.dll
18:27:29.0250 0x16ac W32Time - ok
18:27:29.0281 0x16ac [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:27:29.0343 0x16ac Wanarp - ok
18:27:29.0359 0x16ac Wave UCSPlus - ok
18:27:29.0390 0x16ac [ 2C88100C5691C1E283E283553BEE2729, D84FD669F758F73AA26B1A6962AA4347A10A8CC0638FEE5F30FDAACD2FE09F92 ] WaveEnrollmentService C:\Programme\Wave Systems Corp\Authentication Manager\WaveEnrollmentService.exe
18:27:29.0406 0x16ac WaveEnrollmentService - detected UnsignedFile.Multi.Generic ( 1 )
18:27:29.0406 0x16ac WaveEnrollmentService ( UnsignedFile.Multi.Generic ) - warning
18:27:31.0781 0x16ac [ 8D08539A4B17A0CFEF623CCB7AFB70D3, 2CADF8AA856F5B98D4F1262839507C1D4A2A5972C1A5FF099D77D6492D6F0F3B ] WavxDMgr C:\WINDOWS\system32\DRIVERS\WavxDMgr.sys
18:27:31.0796 0x16ac WavxDMgr - ok
18:27:31.0796 0x16ac WDICA - ok
18:27:31.0812 0x16ac [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
18:27:31.0890 0x16ac wdmaud - ok
18:27:31.0968 0x16ac [ 81727C9873E3905A2FFC1EBD07265002, 6AC2383A1DCBB7FA3DB90FBB874C8E1819F5B7492717FF41E303EFC7BF72F93E ] WebClient C:\WINDOWS\System32\webclnt.dll
18:27:32.0031 0x16ac WebClient - ok
18:27:32.0125 0x16ac [ 6F3F3973D97714CC5F906A19FE883729, 7817118BE94D0F6FAE0F9CE48AD70FFE0AEF886CCE09C666768FAB61047F992F ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
18:27:32.0218 0x16ac winmgmt - ok
18:27:32.0281 0x16ac [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
18:27:32.0296 0x16ac WmdmPmSN - ok
18:27:32.0328 0x16ac [ FFA4D901D46D07A5BAB2D8307FBB51A6, 53C6D04D111EDF774C7F7EEB8D032B372E6244774D56B1B34CF1236027EC9450 ] Wmi C:\WINDOWS\System32\advapi32.dll
18:27:32.0359 0x16ac Wmi - ok
18:27:32.0406 0x16ac [ C42584FD66CE9E17403AEBCA199F7BDB, E3F2E1066F36AE5D33D4482239B2E556BE0C137923C9A120DFB36EC82F2E77B0 ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
18:27:32.0468 0x16ac WmiAcpi - ok
18:27:32.0609 0x16ac [ 93908111BA57A6E60EC2FA2DE202105C, F395F25F18D15C6B9FEDB45FD31E10295FFE5517E2BC86ACAC11904EA0664BE2 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
18:27:32.0687 0x16ac WmiApSrv - ok
18:27:32.0765 0x16ac [ BF05650BB7DF5E9EBDD25974E22403BB, AF173D89B768CFC7AB03DFADD4F049CAC40AC59A0C9208AF5AB92CB368983077 ] WMPNetworkSvc C:\Programme\Windows Media Player\WMPNetwk.exe
18:27:32.0828 0x16ac WMPNetworkSvc - ok
18:27:32.0859 0x16ac [ CF4DEF1BF66F06964DC0D91844239104, CC1D9CECE2056D29A9651D51BB57C3F4F9BF9E90A4808CF7496C683C874FBD51 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
18:27:32.0859 0x16ac WpdUsb - ok
18:27:32.0968 0x16ac [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
18:27:33.0000 0x16ac WPFFontCache_v0400 - ok
18:27:33.0046 0x16ac [ 300B3E84FAF1A5C1F791C159BA28035D, 0194856BDF94C1F274AF70AD558290ACDACDDEA331BD66FEB8E167ABD1E36786 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
18:27:33.0125 0x16ac wscsvc - ok
18:27:33.0171 0x16ac [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085, A1DB8909FA73337DB613D01824945485186654364A4DF129B8CB913CF87D1D2E ] wuauserv C:\WINDOWS\system32\wuauserv.dll
18:27:33.0250 0x16ac wuauserv - ok
18:27:33.0296 0x16ac [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
18:27:33.0312 0x16ac WudfPf - ok
18:27:33.0328 0x16ac [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
18:27:33.0343 0x16ac WudfRd - ok
18:27:33.0390 0x16ac [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
18:27:33.0421 0x16ac WudfSvc - ok
18:27:33.0468 0x16ac [ C4F109C005F6725162D2D12CA751E4A7, AC996B44338328BDD4442FE48406F286A64526F0EC77BE00A19FA7FDB0407CFE ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
18:27:33.0578 0x16ac WZCSVC - ok
18:27:33.0609 0x16ac [ 0ADA34871A2E1CD2CAAFED1237A47750, 45BEF8649078BD74C1A347B5F2D3A1958E5A7DCD6C6BA8A2E0CAD277A929C64E ] xmlprov C:\WINDOWS\System32\xmlprov.dll
18:27:33.0687 0x16ac xmlprov - ok
18:27:33.0687 0x16ac ================ Scan global ===============================
18:27:33.0734 0x16ac [ 2C60091CA5F67C3032EAB3B30390C27F, 9E205C8E67F4B61FCFA2A82AA1968D522C3B6410D7075BE813F7F1564D61632E ] C:\WINDOWS\system32\basesrv.dll
18:27:33.0781 0x16ac [ E62178BC21EAC63A3B9A2DBD46C1B505, CAA5480CC4DAA37758F0CF445F865FD6F4630080B044EF2E606C2F62DAA4061A ] C:\WINDOWS\system32\winsrv.dll
18:27:33.0796 0x16ac [ E62178BC21EAC63A3B9A2DBD46C1B505, CAA5480CC4DAA37758F0CF445F865FD6F4630080B044EF2E606C2F62DAA4061A ] C:\WINDOWS\system32\winsrv.dll
18:27:33.0796 0x16ac [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] C:\WINDOWS\system32\services.exe
18:27:33.0812 0x16ac [ Global ] - ok
18:27:33.0812 0x16ac ================ Scan MBR ==================================
18:27:33.0828 0x16ac [ BEEDF9B7F43A72A91456F7131AFC11B2 ] \Device\Harddisk0\DR0
18:27:34.0062 0x16ac \Device\Harddisk0\DR0 - ok
18:27:34.0062 0x16ac ================ Scan VBR ==================================
18:27:34.0078 0x16ac [ 8103BEF32C9DB3714583420008773047 ] \Device\Harddisk0\DR0\Partition1
18:27:34.0078 0x16ac \Device\Harddisk0\DR0\Partition1 - ok
18:27:34.0093 0x16ac AV detected via SS1: Kaspersky Internet Security, 13.0.1.4190, enabled, updated
18:27:34.0093 0x16ac FW detected via SS1: Kaspersky Internet Security, 13.0.1.4190, enabled
18:27:36.0437 0x16ac ============================================================
18:27:36.0437 0x16ac Scan finished
18:27:36.0437 0x16ac ============================================================
18:27:36.0453 0x16a4 Detected object count: 11
18:27:36.0453 0x16a4 Actual detected object count: 11
18:27:45.0359 0x16a4 BrPar ( UnsignedFile.Multi.Generic ) - skipped by user
18:27:45.0359 0x16a4 BrPar ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:27:45.0359 0x16a4 GoogleDesktopManager-080708-050100 ( UnsignedFile.Multi.Generic ) - skipped by user
18:27:45.0359 0x16a4 GoogleDesktopManager-080708-050100 ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:27:45.0359 0x16a4 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
18:27:45.0359 0x16a4 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:27:45.0359 0x16a4 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
18:27:45.0359 0x16a4 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:27:45.0359 0x16a4 NTIDrvr ( UnsignedFile.Multi.Generic ) - skipped by user
18:27:45.0359 0x16a4 NTIDrvr ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:27:45.0359 0x16a4 RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
18:27:45.0359 0x16a4 RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:27:45.0359 0x16a4 SecureStorageService ( UnsignedFile.Multi.Generic ) - skipped by user
18:27:45.0359 0x16a4 SecureStorageService ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:27:45.0359 0x16a4 tcsd_win32.exe ( UnsignedFile.Multi.Generic ) - skipped by user
18:27:45.0359 0x16a4 tcsd_win32.exe ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:27:45.0359 0x16a4 tpm ( UnsignedFile.Multi.Generic ) - skipped by user
18:27:45.0359 0x16a4 tpm ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:27:45.0375 0x16a4 UBHelper ( UnsignedFile.Multi.Generic ) - skipped by user
18:27:45.0375 0x16a4 UBHelper ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:27:45.0375 0x16a4 WaveEnrollmentService ( UnsignedFile.Multi.Generic ) - skipped by user
18:27:45.0375 0x16a4 WaveEnrollmentService ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:32:11.0468 0x1644 Deinitialize success
|
|
10.02.2014, 16:16
| #5 |
| /// the machine /// TB-Ausbilder | Hilfe! Malware/Backdoor gefunden & Outlook stürzt nach Start ab Passt soweit. Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
10.02.2014, 23:21
| #6 |
| | Hilfe! Malware/Backdoor gefunden & Outlook stürzt nach Start ab Moin moin Schrauber, mal wieder danke für deine Antwort.  Es ist soeben die Überlegung gereift, den PC zu ersetzen. Das Windows ist alt, der SMART-Status der Platte ist auch nicht mehr so dolle. Somit können wir das hier vermutlich abkürzen und du musst nicht unnütz deine Zeit opfern. Wie das so ist, würde ich gerne die Daten von der Platte retten, allerdings traue ich mich da nicht so recht ran, denn in einem Log stand das ein MBR infiziert ist. Wenn die Platte an einem anderen Rechner über so'nen USB HDD-Dock betrieben wird, laufe ich Gefahr mir die Infektion auf den anderen Rechner zu ziehen, oder wie sieht dat aus? Falls ja, gibt es ne andere simple Art und Weise die Daten runterzuholen? Bis denn dann... PS: Combofix meckerte erst, dass es veraltet ist und nur eingeschränkt läuft, dann wurde noch die Wiederherstellungskonsole nachinstalliert. Dazu wurde Internet wieder verbunden, Kaspersky angeworfen und vor dem Scan wieder deaktiviert. Combofix Log Code:
ATTFilter ComboFix 14-02-05.02 - TanzZeit 10.02.2014 23:24:33.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.49.1031.18.3021.2347 [GMT 1:00]
ausgeführt von:: c:\dokumente und einstellungen\TanzZeit\Eigene Dateien\Downloads\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Updated* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *Disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
.
- REDUZIERTER FUNKTIONALITÄTSMODUS -
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\Cache
c:\windows\system32\Cache\0722854d66fa0718.fb
c:\windows\system32\Cache\0ec7aaf51fb13ef8.fb
c:\windows\system32\Cache\16b7cfba39dd8666.fb
c:\windows\system32\Cache\26c630d098e22dd5.fb
c:\windows\system32\Cache\272512937d9e61a4.fb
c:\windows\system32\Cache\287204568329e189.fb
c:\windows\system32\Cache\28bc8f716fd76a47.fb
c:\windows\system32\Cache\28c68deefc18e08c.fb
c:\windows\system32\Cache\31a0997e9a5b5eb3.fb
c:\windows\system32\Cache\3274c8c1daa7e682.fb
c:\windows\system32\Cache\32c84fe32bb74d60.fb
c:\windows\system32\Cache\3917078cb68ec657.fb
c:\windows\system32\Cache\3e6ab7d2e6386180.fb
c:\windows\system32\Cache\43b0b6cd197ff57f.fb
c:\windows\system32\Cache\590ba23ce359fd0c.fb
c:\windows\system32\Cache\610289e025a3ee9a.fb
c:\windows\system32\Cache\621d521a62cb9cad.fb
c:\windows\system32\Cache\651c5d3cdbfb8bd1.fb
c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb
c:\windows\system32\Cache\6d03dad1035885d3.fb
c:\windows\system32\Cache\95f567698be8a182.fb
c:\windows\system32\Cache\9dc6c22d3b8dcee9.fb
c:\windows\system32\Cache\a8556537add6dfc5.fb
c:\windows\system32\Cache\ad10a52aff5e038d.fb
c:\windows\system32\Cache\c1fa887b03019701.fb
c:\windows\system32\Cache\c4d28dca2e7648be.fb
c:\windows\system32\Cache\d201ef9910cd39de.fb
c:\windows\system32\Cache\d2e94710a5708128.fb
c:\windows\system32\Cache\d79b9dfe81484ec4.fb
c:\windows\system32\Cache\f998975c9cc711ee.fb
c:\windows\system32\test
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-01-10 bis 2014-02-10 ))))))))))))))))))))))))))))))
.
.
2014-02-10 09:34 . 2014-02-10 09:34 -------- d-----w- c:\programme\CrystalDiskInfo
2014-02-09 14:07 . 2014-02-09 14:07 -------- d-----w- C:\AdwCleaner
2014-02-09 14:00 . 2014-02-09 14:01 -------- d-----w- C:\FRST
2014-02-09 07:09 . 2014-02-09 16:55 -------- d-----w- c:\dokumente und einstellungen\TanzZeit\Anwendungsdaten\U3
2014-01-31 07:46 . 2014-01-31 07:46 -------- d-----w- c:\dokumente und einstellungen\LocalService\Anwendungsdaten\McAfee
2014-01-22 10:31 . 2014-01-22 15:12 74336 ----a-w- c:\windows\system32\drivers\klflt.sys
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-07 09:16 . 2012-11-09 10:52 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-02-07 09:16 . 2011-07-05 08:34 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-01-22 15:12 . 2012-08-13 15:49 145040 ----a-w- c:\windows\system32\drivers\kneps.sys
2014-01-22 15:12 . 2012-06-08 10:38 44000 ----a-w- c:\windows\system32\drivers\kltdi.sys
2014-01-22 15:12 . 2012-05-25 18:38 24160 ----a-w- c:\windows\system32\drivers\klkbdflt.sys
2014-01-22 15:12 . 2009-11-02 18:27 24672 ----a-w- c:\windows\system32\drivers\klmouflt.sys
2014-01-22 15:12 . 2012-06-19 16:28 135776 ----a-w- c:\windows\system32\drivers\kl1.sys
2013-11-27 20:21 . 2008-04-15 03:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2013-11-13 02:59 . 2008-04-15 03:00 150528 ----a-w- c:\windows\system32\imagehlp.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2013-09-30 08:32 3353624 ----a-w- c:\programme\AVG Secure Search\17.0.0.9\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\programme\AVG Secure Search\17.0.0.9\AVG Secure Search_toolbar.dll" [2013-09-30 3353624]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\dokumente und einstellungen\TanzZeit\Anwendungsdaten\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\dokumente und einstellungen\TanzZeit\Anwendungsdaten\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\dokumente und einstellungen\TanzZeit\Anwendungsdaten\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\dokumente und einstellungen\TanzZeit\Anwendungsdaten\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"="c:\dokumente und einstellungen\TanzZeit\Anwendungsdaten\Spotify\Data\SpotifyWebHelper.exe" [2014-01-16 1171968]
"Skype"="c:\programme\Skype\Phone\Skype.exe" [2013-07-25 20681584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"vProt"="c:\programme\AVG Secure Search\vprot.exe" [2013-09-30 2404376]
"SunJavaUpdateSched"="c:\programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [2013-07-02 254336]
"APSDaemon"="c:\programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"QuickTime Task"="c:\programme\QuickTime\QTTask.exe" [2013-05-01 421888]
"AVP"="c:\programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe" [2014-01-22 356128]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360]
.
c:\dokumente und einstellungen\TanzZeit\Startmenü\Programme\Autostart\
Dropbox.lnk - c:\dokumente und einstellungen\TanzZeit\Anwendungsdaten\Dropbox\bin\Dropbox.exe /systemstartup [2014-1-3 30714328]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 wvauth
.
[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^WinZip Quick Pick.lnk]
path=c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\WinZip Quick Pick.lnk
backup=c:\windows\pss\WinZip Quick Pick.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^TanzZeit^Startmenü^Programme^Autostart^Dropbox.lnk]
path=c:\dokumente und einstellungen\TanzZeit\Startmenü\Programme\Autostart\Dropbox.lnk
backup=c:\windows\pss\Dropbox.lnkStartup
.
[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^TanzZeit^Startmenü^Programme^Autostart^OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk]
path=c:\dokumente und einstellungen\TanzZeit\Startmenü\Programme\Autostart\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
backup=c:\windows\pss\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2011-03-29 19:59 937920 ----a-r- c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-08-31 01:57 40368 ----a-w- c:\programme\Adobe\Reader 8.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2008-06-19 23:20 57344 ----a-w- c:\windows\Alcmtr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2013-04-21 19:43 59720 ----a-w- c:\programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EmbassySecurityCheck]
2008-07-19 07:37 75064 ----a-w- c:\programme\Wave Systems Corp\Embassy Security Setup\EmbassySecurityCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eRecoveryService]
2007-07-11 13:07 421888 ----a-w- c:\acer\Empowering Technology\eRecovery\eRAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
2011-02-23 13:15 24064 ----a-w- c:\programme\Google\Google Desktop Search\GoogleDesktop.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2013-01-14 13:41 116648 ----atw- c:\dokumente und einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2008-10-27 04:31 178712 ----a-w- c:\windows\system32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2010-03-12 11:08 49208 ----a-w- c:\programme\HP\HP Software Update\hpwuschd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
2008-07-20 15:45 182808 ----a-w- c:\programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2008-10-27 04:31 150040 ----a-w- c:\windows\system32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMEKRMIG6.1]
2008-04-15 03:00 44032 ----a-w- c:\windows\ime\imkr6_1\imekrmig.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
2008-04-15 03:00 208952 ----a-w- c:\windows\ime\imjp8_1\imjpmig.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
2007-01-08 20:17 52256 ----a-w- c:\programme\CyberLink\PowerDVD\Language\Language.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 05:52 1695232 ------w- c:\programme\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002]
2008-04-15 03:00 59392 ----a-w- c:\windows\system32\IME\PINTLGNT\IMSCINST.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2008-10-27 04:31 150040 ----a-w- c:\windows\system32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
2008-04-15 03:00 455168 ----a-w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
2008-04-15 03:00 455168 ----a-w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\picon]
2008-07-25 00:43 773144 ----a-w- c:\programme\Gemeinsame Dateien\Intel\Privacy Icon\PrivacyIconClient.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2013-05-01 01:59 421888 ----a-w- c:\programme\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2007-01-08 20:26 68640 ------w- c:\programme\CyberLink\PowerDVD\PDVDServ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2008-06-20 23:57 16872448 ----a-w- c:\windows\RTHDCPL.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SecureUpgrade]
2008-07-19 07:37 218424 ----a-w- c:\programme\Wave Systems Corp\SecureUpgrade.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify]
2014-01-16 12:26 6118400 ----a-w- c:\dokumente und einstellungen\TanzZeit\Anwendungsdaten\Spotify\spotify.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
2014-01-16 12:26 1171968 ----a-w- c:\dokumente und einstellungen\TanzZeit\Anwendungsdaten\Spotify\Data\SpotifyWebHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt]
2013-09-30 08:32 2404376 ----a-w- c:\programme\AVG Secure Search\vprot.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WavXMgr]
2008-05-10 14:20 92160 ----a-w- c:\programme\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programme\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Dokumente und Einstellungen\\TanzZeit\\Anwendungsdaten\\Dropbox\\bin\\Dropbox.exe"=
"c:\\Dokumente und Einstellungen\\TanzZeit\\Anwendungsdaten\\Spotify\\spotify.exe"=
"c:\\Programme\\Skype\\Phone\\Skype.exe"=
"c:\\Programme\\Gemeinsame Dateien\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Programme\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Programme\\TeamViewer\\Version9\\TeamViewer.exe"=
"c:\\Programme\\TeamViewer\\Version9\\TeamViewer_Service.exe"=
.
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [10.10.2012 10:14 37664]
R1 kltdi;kltdi;c:\windows\system32\drivers\kltdi.sys [08.06.2012 11:38 44000]
R1 kneps;kneps;c:\windows\system32\drivers\kneps.sys [13.08.2012 16:49 145040]
R2 TeamViewer9;TeamViewer 9;c:\programme\TeamViewer\Version9\TeamViewer_Service.exe [09.02.2014 08:42 4915040]
R2 UNS;Intel(R) Active Management Technology User Notification Service;c:\programme\Gemeinsame Dateien\Intel\Privacy Icon\UNS\UNS.exe [25.07.2008 01:43 2054680]
R2 vToolbarUpdater17.0.1;vToolbarUpdater17.0.1;c:\programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\17.0.1\ToolbarUpdater.exe [30.09.2013 09:33 1734680]
R2 Wave UCSPlus;Wave UCSPlus;c:\windows\system32\dllhost.exe [15.04.2008 04:00 5120]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\drivers\e1k5132.sys [05.06.2008 19:58 144480]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [23.02.2011 14:09 110080]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [07.05.2010 11:06 35672]
R3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\drivers\klkbdflt.sys [25.05.2012 19:38 24160]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [02.11.2009 19:27 24672]
S2 eLock2BurnerLockDriver;eLock2BurnerLockDriver;\??\c:\windows\system32\eLock2BurnerLockDriver.sys --> c:\windows\system32\eLock2BurnerLockDriver.sys [?]
S2 eLock2FSCTLDriver;eLock2FSCTLDriver;\??\c:\windows\system32\eLock2FSCTLDriver.sys --> c:\windows\system32\eLock2FSCTLDriver.sys [?]
S2 SkypeUpdate;Skype Updater;c:\programme\Skype\Updater\Updater.exe [25.07.2013 08:10 162672]
S3 GoogleDesktopManager-080708-050100;Google Desktop Manager 5.7.808.7150;c:\programme\Google\Google Desktop Search\GoogleDesktop.exe [23.02.2011 14:14 24064]
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ecdf0dfd-9158-11e3-82cd-0025115cacdd}]
\Shell\AutoRun\command - E:\LaunchU3.exe -a
.
Inhalt des "geplante Tasks" Ordners
.
2014-02-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-30 09:16]
.
2014-01-25 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programme\Apple Software Update\SoftwareUpdate.exe [2011-06-01 16:57]
.
2014-02-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programme\Google\Update\GoogleUpdate.exe [2012-10-11 09:52]
.
2014-02-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programme\Google\Update\GoogleUpdate.exe [2012-10-11 09:52]
.
2014-02-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3576300238-2120361324-1700292190-1008Core.job
- c:\dokumente und einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe [2013-01-14 13:41]
.
2014-02-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3576300238-2120361324-1700292190-1008UA.job
- c:\dokumente und einstellungen\TanzZeit\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe [2013-01-14 13:41]
.
2014-07-28 c:\windows\Tasks\User_Feed_Synchronization-{D74B1C07-CFA8-485D-AABD-998DFEB0D07B}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 03:31]
.
.
------- Zusätzlicher Suchlauf -------
.
uInternet Connection Wizard,ShellNext = "c:\programme\Outlook Express\msimn.exe"
uSearchAssistant = hxxp://www.bing.com/search?q={searchTerms}
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\programme\Gemeinsame Dateien\AVG Secure Search\ViProtocolInstaller\17.0.1\ViProtocol.dll
FF - ProfilePath - c:\dokumente und einstellungen\TanzZeit\Anwendungsdaten\Mozilla\Firefox\Profiles\l8xle910.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/ncr
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?rls=org.mozilla:en-US:official&client=firefox-a&q=
FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_def&mntrId=b09064800000000000000025115cacdd&q=
FF - user.js: extensions.BabylonToolbar.id - b09064800000000000000025115cacdd
FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB}
FF - user.js: extensions.BabylonToolbar.instlDay - 15624
FF - user.js: extentions.y2layers.installId - ab3d0708-e39c-4c61-a6d7-7ffd1eda15f4
FF - user.js: extentions.y2layers.defaultEnableAppsList - DropDownDeals,BestVideoDownloader,EzLooker,TwitTube,TopRelatedTopics,Buzzdock,
FF - user.js: extensions.BabylonToolbar.vrsni - 1.8.0.7
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.8.0.711:17
FF - user.js: extensions.BabylonToolbar.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar.tlbrId - tb9
FF - user.js: extensions.BabylonToolbar.instlRef - sst
FF - user.js: extensions.BabylonToolbar.dfltLng - en
FF - user.js: extensions.BabylonToolbar.excTlbr - false
FF - user.js: extensions.BabylonToolbar.admin - false
FF - user.js: browser.search.defaultenginename - Google
FF - user.js: browser.search.selectedEngine - Google
FF - user.js: browser.startup.homepage - hxxp://www.google.de/ncr
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
MSConfigStartUp-eDataSecurity Loader - c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe
MSConfigStartUp-IminentMessenger - c:\programme\Iminent\Iminent.Messengers.exe
MSConfigStartUp-Optimizer Pro - c:\programme\Optimizer Pro\OptProLauncher.exe
AddRemove-BabylonToolbar - c:\programme\BabylonToolbar\BabylonToolbar\1.8.0.7\uninstall.exe
AddRemove-McAfee Security Scan - c:\programme\McAfee Security Scan\uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2014-02-10 23:25
Windows 5.1.2600 Service Pack 3 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
.
c:\dokume~1\TanzZeit\LOKALE~1\Temp\catchme.dll 53248 bytes executable
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 1
.
**************************************************************************
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'lsass.exe'(1232)
c:\windows\system32\wvauth.dll
c:\windows\system32\biolsp.dll
.
Zeit der Fertigstellung: 2014-02-10 23:26:52
ComboFix-quarantined-files.txt 2014-02-10 22:26
.
Vor Suchlauf: 18 Verzeichnis(se), 181.845.925.888 Bytes frei
Nach Suchlauf: 21 Verzeichnis(se), 187.126.140.928 Bytes frei
.
WindowsXP-KB310994-SP2-Pro-BootDisk-DEU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 28954F8A5AC84618A8CCB7015FDB5558
BEEDF9B7F43A72A91456F7131AFC11B2
Geändert von dgone (10.02.2014 um 23:39 Uhr) Grund: Log angefügt |
|
11.02.2014, 18:09
| #7 |
| /// the machine /// TB-Ausbilder | Hilfe! Malware/Backdoor gefunden & Outlook stürzt nach Start ab MBR schauen wir uns kurz an: Lade dir bitte Emsisoft MBR Master herunter und speichere es auf den Desktop.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
11.02.2014, 22:17
| #8 |
| | Hilfe! Malware/Backdoor gefunden & Outlook stürzt nach Start ab Mahlzeit, hier die Ergebnisse von Emsi MBRmaster: Code:
ATTFilter Detected Windows version: 5.1 Build 2600 Service Pack 3
Installing direct disk access driver ...
Driver connection handle: 0x00000094
1 valid drive(s) found.
Details for Disk 0 - Intel Raid 1 Volume Rev 1.0.:
Device name : \\.\PhysicalDrive0
Geometry (C/H/S) : 38913/255/63
Boot loader reputation : Unknown
Cross view comparison : Passed
Partition table integrity: Passed
Boot loader hashes
SHA-1 : 00DA077E92625BC67BBA239DB4218A4A12648922
MD5 : BEEDF9B7F43A72A91456F7131AFC11B2
Und mal wieder Danke!  |
|
12.02.2014, 18:21
| #9 |
| /// the machine /// TB-Ausbilder | Hilfe! Malware/Backdoor gefunden & Outlook stürzt nach Start ab Die Datei emsi.zip bitte mal bei www.virustotal.com scannen lassen.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
12.02.2014, 18:28
| #10 |
| | Hilfe! Malware/Backdoor gefunden & Outlook stürzt nach Start ab es scheint mir, als wenn da nix gefunden wurde...Das heißt der MBR ist sauber? Das würde allerdings einem vorigen Scan widersprechen... *kopfkratz* ...widerspricht dem Scan mit GMER Geändert von dgone (12.02.2014 um 18:30 Uhr) Grund: letzten "Satz" ergänzt |
|
13.02.2014, 21:17
| #11 |
| /// the machine /// TB-Ausbilder | Hilfe! Malware/Backdoor gefunden & Outlook stürzt nach Start ab Lösche bitte mal Combofix und lade es neu, lass es laufen. Ich glaub GMER zeigt da Schmarn an.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Hilfe! Malware/Backdoor gefunden & Outlook stürzt nach Start ab |
| administrator, adobe, adware, avg, avg security toolbar, backdoor.agent.fpa, bluescreen, desktop, dllhost.exe, ebanking, einstellungen, explorer, google, internet, kaspersky, mozilla, newtab, problem, programm, programme, pup.optional.iminent.a, pup.optional.snapdo.a, registry, scan, secure search, smartbar, software, spotify web helper, tastatur, vtoolbarupdater |
WARNUNG an die MITLESER: 
Linear-Darstellung
