|
2 minutiger Angriff von drei Viren/Trojanern Avira Free Antivirus meldet mir aller 2 min den Zugriff von drei Viren/Trojanern. einmal: - TR/Sirefef.AG.9 - TR/Sirefef.A.78 - TR/ATRAPS.Genz' hab schon ein gleiches problem hier gelesen und tdsskiller angewendet, dabei wurde mir diese Datei von dem programm gespeichert.: 15:21:40.0406 3300 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42 15:21:40.0593 3300 ============================================================ 15:21:40.0593 3300 Current date / time: 2013/05/09 15:21:40.0593 15:21:40.0593 3300 SystemInfo: 15:21:40.0593 3300 15:21:40.0593 3300 OS Version: 5.1.2600 ServicePack: 3.0 15:21:40.0593 3300 Product type: Workstation 15:21:40.0593 3300 ComputerName: ROLF 15:21:40.0593 3300 UserName: Rolf 15:21:40.0593 3300 Windows directory: C:\WINDOWS 15:21:40.0593 3300 System windows directory: C:\WINDOWS 15:21:40.0593 3300 Processor architecture: Intel x86 15:21:40.0593 3300 Number of processors: 2 15:21:40.0593 3300 Page size: 0x1000 15:21:40.0593 3300 Boot type: Normal boot 15:21:40.0593 3300 ============================================================ 15:21:42.0265 3300 Drive \Device\Harddisk0\DR0 - Size: 0x7470AFDE00 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054 15:21:42.0281 3300 Drive \Device\Harddisk1\DR1 - Size: 0x25432CDE00 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054 15:21:42.0312 3300 ============================================================ 15:21:42.0312 3300 \Device\Harddisk0\DR0: 15:21:42.0312 3300 MBR partitions: 15:21:42.0312 3300 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02 15:21:42.0312 3300 \Device\Harddisk1\DR1: 15:21:42.0312 3300 MBR partitions: 15:21:42.0312 3300 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A14BC1 15:21:42.0312 3300 ============================================================ 15:21:42.0328 3300 C: <-> \Device\Harddisk1\DR1\Partition1 15:21:42.0359 3300 F: <-> \Device\Harddisk0\DR0\Partition1 15:21:42.0359 3300 ============================================================ 15:21:42.0359 3300 Initialize success 15:21:42.0359 3300 ============================================================ 15:21:46.0515 2956 ============================================================ 15:21:46.0515 2956 Scan started 15:21:46.0515 2956 Mode: Manual; 15:21:46.0515 2956 ============================================================ 15:21:47.0593 2956 ================ Scan system memory ======================== 15:21:47.0593 2956 System memory - ok 15:21:47.0593 2956 ================ Scan services ============================= 15:21:47.0703 2956 Abiosdsk - ok 15:21:47.0703 2956 abp480n5 - ok 15:21:47.0750 2956 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys 15:21:47.0750 2956 ACPI - ok 15:21:47.0781 2956 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys 15:21:47.0781 2956 ACPIEC - ok 15:21:47.0843 2956 [ 479901C99FA62D1C3261B7ACB1228DAD ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe 15:21:47.0859 2956 AdobeFlashPlayerUpdateSvc - ok 15:21:47.0859 2956 adpu160m - ok 15:21:47.0890 2956 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys 15:21:47.0906 2956 aec - ok 15:21:47.0937 2956 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys 15:21:47.0937 2956 AFD - ok 15:21:47.0937 2956 Aha154x - ok 15:21:47.0937 2956 aic78u2 - ok 15:21:47.0937 2956 aic78xx - ok 15:21:47.0953 2956 aie3z0c0 - ok 15:21:47.0968 2956 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll 15:21:47.0984 2956 Alerter - ok 15:21:48.0000 2956 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe 15:21:48.0000 2956 ALG - ok 15:21:48.0000 2956 AliIde - ok 15:21:48.0031 2956 [ 22AD3EC1F0486C863D70CDD50B97761B ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys 15:21:48.0031 2956 AmdK8 - ok 15:21:48.0031 2956 amsint - ok 15:21:48.0125 2956 Amsmpu4p - ok 15:21:48.0218 2956 [ D9A92E6DD41C5ADC045AE485026AA40C ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe 15:21:48.0234 2956 AntiVirSchedulerService - ok 15:21:48.0250 2956 [ 66A7A38F7C439153B758548375EB9E5E ] AntiVirService C:\Programme\Avira\AntiVir Desktop\avguard.exe 15:21:48.0265 2956 AntiVirService - ok 15:21:48.0296 2956 [ 9EDAE2D1CA368E8D01BEE8BFBC9488E4 ] AntiVirWebService C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE 15:21:48.0296 2956 AntiVirWebService - ok 15:21:48.0296 2956 AppMgmt - ok 15:21:48.0328 2956 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys 15:21:48.0328 2956 Arp1394 - ok 15:21:48.0328 2956 asc - ok 15:21:48.0328 2956 asc3350p - ok 15:21:48.0343 2956 asc3550 - ok 15:21:48.0375 2956 [ 54AB078660E536DA72B21A27F56B035B ] Aspi32 C:\WINDOWS\system32\drivers\aspi32.sys 15:21:48.0375 2956 Aspi32 - ok 15:21:48.0468 2956 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe 15:21:48.0500 2956 aspnet_state - ok 15:21:48.0515 2956 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys 15:21:48.0515 2956 AsyncMac - ok 15:21:48.0562 2956 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys 15:21:48.0562 2956 atapi - ok 15:21:48.0562 2956 Atdisk - ok 15:21:48.0609 2956 [ E46D344412D1ABC60C58E95C73BCDC70 ] atksgt C:\WINDOWS\system32\DRIVERS\atksgt.sys 15:21:48.0625 2956 atksgt - ok 15:21:48.0671 2956 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys 15:21:48.0687 2956 Atmarpc - ok 15:21:48.0718 2956 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll 15:21:48.0734 2956 AudioSrv - ok 15:21:48.0750 2956 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys 15:21:48.0765 2956 audstub - ok 15:21:48.0828 2956 [ 87425709A251386064C99B684BF96F72 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys 15:21:48.0828 2956 avgntflt - ok 15:21:48.0953 2956 [ D50FBA68163BC498F2C136E0E5BA8E2F ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys 15:21:48.0953 2956 avipbb - ok 15:21:48.0984 2956 [ CB8741CD7B126499FED40C9B197F6AC5 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys 15:21:48.0984 2956 avkmgr - ok 15:21:49.0000 2956 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys 15:21:49.0000 2956 Beep - ok 15:21:49.0046 2956 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll 15:21:49.0062 2956 BITS - ok 15:21:49.0093 2956 [ B71549F23736ADF83A571061C47777FD ] Browser C:\WINDOWS\System32\browser.dll 15:21:49.0093 2956 Browser - ok 15:21:49.0109 2956 [ 04E1C782CF14B7282EBC633B0FD3ED16 ] Cardex C:\WINDOWS\system32\drivers\TBPANEL.SYS 15:21:49.0109 2956 Cardex - ok 15:21:49.0140 2956 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys 15:21:49.0140 2956 cbidf2k - ok 15:21:49.0140 2956 cd20xrnt - ok 15:21:49.0156 2956 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys 15:21:49.0156 2956 Cdaudio - ok 15:21:49.0187 2956 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys 15:21:49.0187 2956 Cdfs - ok 15:21:49.0218 2956 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys 15:21:49.0234 2956 Cdrom - ok 15:21:49.0234 2956 Changer - ok 15:21:49.0625 2956 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe 15:21:49.0625 2956 CiSvc - ok 15:21:49.0625 2956 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe 15:21:49.0640 2956 ClipSrv - ok 15:21:49.0656 2956 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 15:21:49.0703 2956 clr_optimization_v2.0.50727_32 - ok 15:21:49.0796 2956 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 15:21:49.0796 2956 clr_optimization_v4.0.30319_32 - ok 15:21:49.0796 2956 CmdIde - ok 15:21:49.0796 2956 COMSysApp - ok 15:21:49.0812 2956 Cpqarray - ok 15:21:49.0812 2956 cpuz135 - ok 15:21:49.0843 2956 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll 15:21:49.0843 2956 CryptSvc - ok 15:21:49.0843 2956 dac2w2k - ok 15:21:49.0859 2956 dac960nt - ok 15:21:50.0000 2956 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 15:21:50.0000 2956 DcomLaunch - ok 15:21:50.0031 2956 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll 15:21:50.0046 2956 Dhcp - ok 15:21:50.0062 2956 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys 15:21:50.0062 2956 Disk - ok 15:21:50.0062 2956 dmadmin - ok 15:21:50.0125 2956 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys 15:21:50.0140 2956 dmboot - ok 15:21:50.0171 2956 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys 15:21:50.0171 2956 dmio - ok 15:21:50.0203 2956 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys 15:21:50.0203 2956 dmload - ok 15:21:50.0203 2956 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll 15:21:50.0218 2956 dmserver - ok 15:21:50.0234 2956 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys 15:21:50.0250 2956 DMusic - ok 15:21:50.0265 2956 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 15:21:50.0281 2956 Dnscache - ok 15:21:50.0312 2956 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll 15:21:50.0328 2956 Dot3svc - ok 15:21:50.0328 2956 dpti2o - ok 15:21:50.0328 2956 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys 15:21:50.0343 2956 drmkaud - ok 15:21:50.0390 2956 [ 3430A3D6A97C0E827DB0930FEE017499 ] DTSRVC C:\Programme\Gemeinsame Dateien\Portrait Displays\Shared\DTSRVC.exe 15:21:50.0390 2956 DTSRVC - ok 15:21:50.0390 2956 EagleNT - ok 15:21:50.0406 2956 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll 15:21:50.0421 2956 EapHost - ok 15:21:50.0437 2956 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll 15:21:50.0453 2956 ERSvc - ok 15:21:50.0468 2956 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe 15:21:50.0468 2956 Eventlog - ok 15:21:50.0500 2956 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\system32\es.dll 15:21:50.0515 2956 EventSystem - ok 15:21:50.0546 2956 Fabs - ok 15:21:50.0562 2956 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys 15:21:50.0578 2956 Fastfat - ok 15:21:50.0609 2956 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll 15:21:50.0609 2956 FastUserSwitchingCompatibility - ok 15:21:50.0625 2956 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys 15:21:50.0640 2956 Fdc - ok 15:21:50.0640 2956 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys 15:21:50.0656 2956 Fips - ok 15:21:50.0718 2956 [ 5BD96D8C5411ACE71A7EAACAF0EF2903 ] FirebirdServerMAGIXInstance C:\Programme\Gemeinsame Dateien\MAGIX Services\Database\bin\fbserver.exe 15:21:50.0734 2956 FirebirdServerMAGIXInstance - ok 15:21:50.0750 2956 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys 15:21:50.0750 2956 Flpydisk - ok 15:21:50.0781 2956 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys 15:21:50.0796 2956 FltMgr - ok 15:21:50.0859 2956 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe 15:21:50.0875 2956 FontCache3.0.0.0 - ok 15:21:50.0875 2956 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 15:21:50.0890 2956 Fs_Rec - ok 15:21:50.0890 2956 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys 15:21:50.0906 2956 Ftdisk - ok 15:21:50.0921 2956 [ 47A244F0DCFF72A7EC6DCEC111438D28 ] gdrv C:\WINDOWS\gdrv.sys 15:21:50.0921 2956 gdrv - ok 15:21:50.0937 2956 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys 15:21:50.0953 2956 Gpc - ok 15:21:50.0968 2956 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 15:21:50.0968 2956 HDAudBus - ok 15:21:51.0015 2956 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 15:21:51.0015 2956 helpsvc - ok 15:21:51.0031 2956 [ B35DA85E60C0103F2E4104532DA2F12B ] HidServ C:\WINDOWS\System32\hidserv.dll 15:21:51.0046 2956 HidServ - ok 15:21:51.0062 2956 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys 15:21:51.0078 2956 HidUsb - ok 15:21:51.0078 2956 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll 15:21:51.0093 2956 hkmsvc - ok 15:21:51.0093 2956 hpn - ok 15:21:51.0125 2956 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys 15:21:51.0125 2956 HTTP - ok 15:21:51.0156 2956 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll 15:21:51.0171 2956 HTTPFilter - ok 15:21:51.0171 2956 i2omgmt - ok 15:21:51.0171 2956 i2omp - ok 15:21:51.0203 2956 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys 15:21:51.0203 2956 i8042prt - ok 15:21:51.0265 2956 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe 15:21:51.0281 2956 IDriverT - ok 15:21:51.0328 2956 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 15:21:51.0359 2956 idsvc - ok 15:21:51.0375 2956 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys 15:21:51.0375 2956 Imapi - ok 15:21:51.0406 2956 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe 15:21:51.0406 2956 ImapiService - ok 15:21:51.0453 2956 [ B87FC7C71632240DAC8F4D20E9CE8377 ] InCDfs C:\WINDOWS\system32\drivers\InCDfs.sys 15:21:51.0468 2956 InCDfs - ok 15:21:51.0500 2956 [ 2E878405128EC98886EB9C2216AC7BD6 ] InCDPass C:\WINDOWS\system32\DRIVERS\InCDPass.sys 15:21:51.0500 2956 InCDPass - ok 15:21:51.0531 2956 [ DDF078917A42F105385D7EB6DEBB3433 ] InCDrec C:\WINDOWS\system32\drivers\InCDrec.sys 15:21:51.0546 2956 InCDrec - ok 15:21:51.0578 2956 [ 7F352360E947AD2CD4BA60DE27B1A299 ] incdrm C:\WINDOWS\system32\drivers\incdrm.sys 15:21:51.0578 2956 incdrm - ok 15:21:51.0640 2956 [ E9372A17C22FC4E5C9FD8798A97775FC ] InCDsrv C:\Programme\Ahead\InCD\InCDsrv.exe 15:21:51.0656 2956 InCDsrv - ok 15:21:51.0656 2956 ini910u - ok 15:21:51.0796 2956 [ B1A809E7FE19BECD5ACA61F0E7088C8C ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys 15:21:51.0859 2956 IntcAzAudAddService - ok 15:21:51.0859 2956 IntelIde - ok 15:21:51.0890 2956 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys 15:21:51.0890 2956 Ip6Fw - ok 15:21:51.0921 2956 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 15:21:51.0921 2956 IpFilterDriver - ok 15:21:51.0921 2956 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys 15:21:51.0921 2956 IpInIp - ok 15:21:51.0953 2956 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys 15:21:51.0953 2956 IpNat - ok 15:21:51.0984 2956 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys 15:21:51.0984 2956 IPSec - ok 15:21:52.0015 2956 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys 15:21:52.0015 2956 IRENUM - ok 15:21:52.0046 2956 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys 15:21:52.0062 2956 isapnp - ok 15:21:52.0156 2956 [ 999DB5F88C8E145CCA9D471E33227143 ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe 15:21:52.0171 2956 JavaQuickStarterService - ok 15:21:52.0187 2956 [ C1632FE31D1824A43DEA29725312E3FA ] JRAID C:\WINDOWS\system32\DRIVERS\jraid.sys 15:21:52.0187 2956 JRAID - ok 15:21:52.0203 2956 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys 15:21:52.0203 2956 Kbdclass - ok 15:21:52.0234 2956 [ B6D6C117D771C98130497265F26D1882 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys 15:21:52.0234 2956 kbdhid - ok 15:21:52.0265 2956 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys 15:21:52.0281 2956 kmixer - ok 15:21:52.0328 2956 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys 15:21:52.0328 2956 KSecDD - ok 15:21:52.0359 2956 [ 2BBDCB79900990F0716DFCB714E72DE7 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll 15:21:52.0359 2956 LanmanServer - ok 15:21:52.0390 2956 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll 15:21:52.0390 2956 lanmanworkstation - ok 15:21:52.0406 2956 lbrtfdc - ok 15:21:52.0421 2956 [ 8CCF9ED46D52AF1375875F74A91FFACF ] lirsgt C:\WINDOWS\system32\DRIVERS\lirsgt.sys 15:21:52.0437 2956 lirsgt - ok 15:21:52.0453 2956 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll 15:21:52.0468 2956 LmHosts - ok 15:21:52.0593 2956 [ C34FFE3582B34C2E7282A991C8455DFE ] MAGIX StartUp Analyze Service C:\Programme\MAGIX\PC_Check_Tuning_2012\MXSAS.exe 15:21:52.0593 2956 MAGIX StartUp Analyze Service - ok 15:21:52.0703 2956 [ DDCC236009C707761D60E5C76D639176 ] McComponentHostService C:\Programme\McAfee Security Scan\3.0.318\McCHSvc.exe 15:21:52.0718 2956 McComponentHostService - ok 15:21:52.0781 2956 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE 15:21:52.0796 2956 MDM - ok 15:21:52.0812 2956 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll 15:21:52.0812 2956 Messenger - ok 15:21:52.0843 2956 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys 15:21:52.0843 2956 mnmdd - ok 15:21:52.0875 2956 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe 15:21:52.0875 2956 mnmsrvc - ok 15:21:52.0875 2956 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys 15:21:52.0890 2956 Modem - ok 15:21:52.0906 2956 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys 15:21:52.0906 2956 Mouclass - ok 15:21:52.0937 2956 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys 15:21:52.0937 2956 mouhid - ok 15:21:52.0968 2956 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys 15:21:52.0968 2956 MountMgr - ok 15:21:53.0031 2956 [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe 15:21:53.0046 2956 MozillaMaintenance - ok 15:21:53.0046 2956 mraid35x - ok 15:21:53.0062 2956 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys 15:21:53.0078 2956 MRxDAV - ok 15:21:53.0109 2956 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 15:21:53.0109 2956 MRxSmb - ok 15:21:53.0140 2956 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\system32\msdtc.exe 15:21:53.0140 2956 MSDTC - ok 15:21:53.0156 2956 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 15:21:53.0156 2956 Msfs - ok 15:21:53.0156 2956 MSIServer - ok 15:21:53.0171 2956 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys 15:21:53.0187 2956 MSKSSRV - ok 15:21:53.0203 2956 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys 15:21:53.0203 2956 MSPCLOCK - ok 15:21:53.0218 2956 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys 15:21:53.0218 2956 MSPQM - ok 15:21:53.0234 2956 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys 15:21:53.0234 2956 mssmbios - ok 15:21:53.0250 2956 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys 15:21:53.0250 2956 Mup - ok 15:21:53.0281 2956 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll 15:21:53.0296 2956 napagent - ok 15:21:53.0328 2956 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys 15:21:53.0328 2956 NDIS - ok 15:21:53.0359 2956 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 15:21:53.0359 2956 NdisTapi - ok 15:21:53.0375 2956 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys 15:21:53.0375 2956 Ndisuio - ok 15:21:53.0421 2956 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys 15:21:53.0421 2956 NdisWan - ok 15:21:53.0484 2956 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys 15:21:53.0484 2956 NDProxy - ok 15:21:53.0515 2956 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys 15:21:53.0515 2956 NetBIOS - ok 15:21:53.0546 2956 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 15:21:53.0546 2956 NetBT - ok 15:21:53.0593 2956 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe 15:21:53.0609 2956 NetDDE - ok 15:21:53.0609 2956 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe 15:21:53.0609 2956 NetDDEdsdm - ok 15:21:53.0625 2956 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe 15:21:53.0625 2956 Netlogon - ok 15:21:53.0703 2956 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll 15:21:53.0734 2956 Netman - ok 15:21:53.0796 2956 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 15:21:53.0796 2956 NetTcpPortSharing - ok 15:21:53.0828 2956 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys 15:21:53.0828 2956 NIC1394 - ok 15:21:53.0843 2956 [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla C:\WINDOWS\System32\mswsock.dll 15:21:53.0843 2956 Nla - ok 15:21:53.0906 2956 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 15:21:53.0906 2956 Npfs - ok 15:21:53.0906 2956 npggsvc - ok 15:21:53.0968 2956 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys 15:21:54.0000 2956 Ntfs - ok 15:21:54.0015 2956 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\system32\lsass.exe 15:21:54.0015 2956 NtLmSsp - ok 15:21:54.0078 2956 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll 15:21:54.0093 2956 NtmsSvc - ok 15:21:54.0109 2956 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys 15:21:54.0109 2956 Null - ok 15:21:54.0328 2956 [ A0A12B3824889E07CB5D19C30F058E68 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys 15:21:54.0531 2956 nv - ok 15:21:54.0578 2956 [ 36E24031C29E6BB6F905CCB41FC987C0 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe 15:21:54.0593 2956 NVSvc - ok 15:21:54.0703 2956 [ EF14502139880F7C3DDCF0D7CA12F370 ] nvUpdatusService C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe 15:21:54.0734 2956 nvUpdatusService - ok 15:21:54.0765 2956 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 15:21:54.0765 2956 NwlnkFlt - ok 15:21:54.0781 2956 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 15:21:54.0781 2956 NwlnkFwd - ok 15:21:54.0796 2956 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys 15:21:54.0812 2956 ohci1394 - ok 15:21:54.0828 2956 [ F4CB9C1991314B1352DDBD8A968E4471 ] OlyCamComm C:\WINDOWS\system32\DRIVERS\OlyCamComm.sys 15:21:54.0843 2956 OlyCamComm - ok 15:21:54.0875 2956 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE 15:21:54.0875 2956 ose - ok 15:21:54.0906 2956 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys 15:21:54.0921 2956 Parport - ok 15:21:54.0921 2956 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys 15:21:54.0921 2956 PartMgr - ok 15:21:54.0953 2956 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys 15:21:54.0953 2956 ParVdm - ok 15:21:54.0953 2956 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys 15:21:54.0968 2956 PCI - ok 15:21:54.0968 2956 PCIDump - ok 15:21:54.0968 2956 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys 15:21:54.0968 2956 PCIIde - ok 15:21:55.0000 2956 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys 15:21:55.0015 2956 Pcmcia - ok 15:21:55.0015 2956 PDCOMP - ok 15:21:55.0015 2956 PDFRAME - ok 15:21:55.0031 2956 [ 5ABF7BE682488903A0268ED83E10C88B ] PdiPorts C:\WINDOWS\system32\Drivers\PdiPorts.sys 15:21:55.0046 2956 PdiPorts - ok 15:21:55.0078 2956 [ A1F1260AD7AEABA9D53724E66AA274BA ] PdiService C:\Programme\Gemeinsame Dateien\Portrait Displays\Drivers\pdisrvc.exe 15:21:55.0078 2956 PdiService - ok 15:21:55.0093 2956 PDRELI - ok 15:21:55.0093 2956 PDRFRAME - ok 15:21:55.0093 2956 perc2 - ok 15:21:55.0093 2956 perc2hib - ok 15:21:55.0156 2956 [ 444F122E68DB44C0589227781F3C8B3F ] pfc C:\WINDOWS\system32\drivers\pfc.sys 15:21:55.0156 2956 pfc - ok 15:21:55.0171 2956 [ 943F840611D33832308EC5310B616B57 ] Pivot C:\WINDOWS\system32\drivers\pivot.sys 15:21:55.0187 2956 Pivot - ok 15:21:55.0187 2956 [ 998C58295288EEDFBFE95E7F6CC94DF4 ] pivotmou C:\WINDOWS\system32\drivers\pivotmou.sys 15:21:55.0203 2956 pivotmou - ok 15:21:55.0218 2956 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe 15:21:55.0218 2956 PlugPlay - ok 15:21:55.0234 2956 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe 15:21:55.0234 2956 PolicyAgent - ok 15:21:55.0234 2956 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys 15:21:55.0250 2956 PptpMiniport - ok 15:21:55.0265 2956 [ 2CB55427C58679F49AD600FCCBA76360 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys 15:21:55.0265 2956 Processor - ok 15:21:55.0265 2956 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe 15:21:55.0265 2956 ProtectedStorage - ok 15:21:55.0281 2956 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys 15:21:55.0296 2956 PSched - ok 15:21:55.0312 2956 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys 15:21:55.0312 2956 Ptilink - ok 15:21:55.0312 2956 ql1080 - ok 15:21:55.0312 2956 Ql10wnt - ok 15:21:55.0328 2956 ql12160 - ok 15:21:55.0328 2956 ql1240 - ok 15:21:55.0328 2956 ql1280 - ok 15:21:55.0359 2956 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 15:21:55.0359 2956 RasAcd - ok 15:21:55.0375 2956 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll 15:21:55.0390 2956 RasAuto - ok 15:21:55.0406 2956 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 15:21:55.0406 2956 Rasl2tp - ok 15:21:55.0484 2956 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll 15:21:55.0484 2956 RasMan - ok 15:21:55.0515 2956 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys 15:21:55.0515 2956 RasPppoe - ok 15:21:55.0546 2956 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys 15:21:55.0546 2956 Raspti - ok 15:21:55.0593 2956 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 15:21:55.0609 2956 Rdbss - ok 15:21:55.0609 2956 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 15:21:55.0625 2956 RDPCDD - ok 15:21:55.0656 2956 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys 15:21:55.0656 2956 RDPWD - ok 15:21:55.0703 2956 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe 15:21:55.0718 2956 RDSessMgr - ok 15:21:55.0734 2956 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys 15:21:55.0750 2956 redbook - ok 15:21:55.0796 2956 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 15:21:55.0812 2956 RemoteAccess - ok 15:21:55.0828 2956 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\system32\locator.exe 15:21:55.0843 2956 RpcLocator - ok 15:21:55.0875 2956 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs C:\WINDOWS\system32\rpcss.dll 15:21:55.0875 2956 RpcSs - ok 15:21:55.0906 2956 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\system32\rsvp.exe 15:21:55.0921 2956 RSVP - ok 15:21:55.0968 2956 [ 6BB03267453ABDE9EA776BA9B5A7BAAB ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys 15:21:55.0968 2956 RTLE8023xp - ok 15:21:55.0984 2956 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe 15:21:55.0984 2956 SamSs - ok 15:21:56.0000 2956 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe 15:21:56.0015 2956 SCardSvr - ok 15:21:56.0046 2956 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll 15:21:56.0062 2956 Schedule - ok 15:21:56.0078 2956 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys 15:21:56.0078 2956 Secdrv - ok 15:21:56.0093 2956 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll 15:21:56.0093 2956 seclogon - ok 15:21:56.0109 2956 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll 15:21:56.0109 2956 SENS - ok 15:21:56.0125 2956 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys 15:21:56.0125 2956 serenum - ok 15:21:56.0140 2956 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys 15:21:56.0140 2956 Serial - ok 15:21:56.0203 2956 [ 9E7DEE11FD5A4355941A45F13C0ED59A ] sfdrv01 C:\WINDOWS\system32\drivers\sfdrv01.sys 15:21:56.0203 2956 sfdrv01 - ok 15:21:56.0250 2956 [ 4D0CE0FADCA29E7DA68CE597AC9010BD ] sfdrv01a C:\WINDOWS\system32\drivers\sfdrv01a.sys 15:21:56.0250 2956 sfdrv01a - ok 15:21:56.0250 2956 [ DAAD4C099EBF5094D32C373AC1AC0F3C ] sfhlp02 C:\WINDOWS\system32\drivers\sfhlp02.sys 15:21:56.0265 2956 sfhlp02 - ok 15:21:56.0281 2956 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys 15:21:56.0281 2956 Sfloppy - ok 15:21:56.0296 2956 [ C526AD307FF1900BC4C864F74553F762 ] sfsync04 C:\WINDOWS\system32\drivers\sfsync04.sys 15:21:56.0296 2956 sfsync04 - ok 15:21:56.0312 2956 [ D5A7E09D2C6A702809E49190D52ADC9F ] sfvfs02 C:\WINDOWS\system32\drivers\sfvfs02.sys 15:21:56.0312 2956 sfvfs02 - ok 15:21:56.0328 2956 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 15:21:56.0328 2956 ShellHWDetection - ok 15:21:56.0328 2956 Simbad - ok 15:21:56.0406 2956 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Programme\Skype\Updater\Updater.exe 15:21:56.0437 2956 SkypeUpdate - ok 15:21:56.0437 2956 Sparrow - ok 15:21:56.0468 2956 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys 15:21:56.0468 2956 splitter - ok 15:21:56.0500 2956 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe 15:21:56.0500 2956 Spooler - ok 15:21:56.0546 2956 [ CDDDEC541BC3C96F91ECB48759673505 ] sptd C:\WINDOWS\system32\Drivers\sptd.sys 15:21:56.0546 2956 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: CDDDEC541BC3C96F91ECB48759673505 15:21:56.0546 2956 sptd ( LockedFile.Multi.Generic ) - warning 15:21:56.0546 2956 sptd - detected LockedFile.Multi.Generic (1) 15:21:56.0578 2956 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys 15:21:56.0593 2956 sr - ok 15:21:56.0609 2956 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll 15:21:56.0609 2956 srservice - ok 15:21:56.0687 2956 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys 15:21:56.0687 2956 Srv - ok 15:21:56.0750 2956 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 15:21:56.0750 2956 SSDPSRV - ok 15:21:56.0796 2956 [ EF3504DD32E2EA222BE0CBC9A0895F89 ] SSHDRV76 C:\WINDOWS\system32\drivers\SSHDRV76.sys 15:21:56.0843 2956 SSHDRV76 - ok 15:21:56.0859 2956 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys 15:21:56.0859 2956 ssmdrv - ok 15:21:56.0875 2956 [ E57B778208C783D8DEBAB320C16A1B82 ] StarOpen C:\WINDOWS\system32\drivers\StarOpen.sys 15:21:56.0875 2956 StarOpen - ok 15:21:56.0906 2956 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll 15:21:56.0921 2956 stisvc - ok 15:21:56.0937 2956 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys 15:21:56.0937 2956 swenum - ok 15:21:56.0953 2956 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys 15:21:56.0968 2956 swmidi - ok 15:21:56.0968 2956 SwPrv - ok 15:21:56.0968 2956 symc810 - ok 15:21:56.0984 2956 symc8xx - ok 15:21:56.0984 2956 sym_hi - ok 15:21:56.0984 2956 sym_u3 - ok 15:21:57.0000 2956 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys 15:21:57.0015 2956 sysaudio - ok 15:21:57.0015 2956 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe 15:21:57.0031 2956 SysmonLog - ok 15:21:57.0046 2956 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 15:21:57.0062 2956 TapiSrv - ok 15:21:57.0078 2956 [ 04E1C782CF14B7282EBC633B0FD3ED16 ] TBPanel C:\WINDOWS\system32\drivers\TBPanel.sys 15:21:57.0078 2956 TBPanel - ok 15:21:57.0125 2956 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys 15:21:57.0125 2956 Tcpip - ok 15:21:57.0156 2956 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys 15:21:57.0156 2956 TDPIPE - ok 15:21:57.0171 2956 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys 15:21:57.0187 2956 TDTCP - ok 15:21:57.0203 2956 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys 15:21:57.0203 2956 TermDD - ok 15:21:57.0234 2956 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll 15:21:57.0234 2956 TermService - ok 15:21:57.0250 2956 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll 15:21:57.0250 2956 Themes - ok 15:21:57.0265 2956 TosIde - ok 15:21:57.0265 2956 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll 15:21:57.0281 2956 TrkWks - ok 15:21:57.0296 2956 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys 15:21:57.0312 2956 Udfs - ok 15:21:57.0312 2956 ultra - ok 15:21:57.0328 2956 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys 15:21:57.0343 2956 Update - ok 15:21:57.0359 2956 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll 15:21:57.0375 2956 upnphost - ok 15:21:57.0437 2956 [ 7CE0FE34FD8FB7F52D1E503B0C1E4FA9 ] UPnPService C:\Programme\Gemeinsame Dateien\MAGIX Shared\UPnPService\UPnPService.exe 15:21:57.0453 2956 UPnPService - ok 15:21:57.0468 2956 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe 15:21:57.0468 2956 UPS - ok 15:21:57.0515 2956 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys 15:21:57.0515 2956 usbccgp - ok 15:21:57.0531 2956 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys 15:21:57.0625 2956 usbehci - ok 15:21:57.0656 2956 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys 15:21:57.0671 2956 usbhub - ok 15:21:57.0703 2956 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys 15:21:57.0703 2956 usbohci - ok 15:21:57.0750 2956 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys 15:21:57.0796 2956 usbprint - ok 15:21:57.0843 2956 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys 15:21:57.0875 2956 usbscan - ok 15:21:57.0906 2956 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 15:21:57.0921 2956 usbstor - ok 15:21:57.0968 2956 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys 15:21:58.0000 2956 VgaSave - ok 15:21:58.0000 2956 ViaIde - ok 15:21:58.0015 2956 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys 15:21:58.0015 2956 VolSnap - ok 15:21:58.0062 2956 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe 15:21:58.0078 2956 VSS - ok 15:21:58.0109 2956 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll 15:21:58.0125 2956 W32Time - ok 15:21:58.0140 2956 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys 15:21:58.0156 2956 Wanarp - ok 15:21:58.0156 2956 WDICA - ok 15:21:58.0171 2956 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys 15:21:58.0171 2956 wdmaud - ok 15:21:58.0187 2956 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll 15:21:58.0203 2956 WebClient - ok 15:21:58.0265 2956 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll 15:21:58.0265 2956 winmgmt - ok 15:21:58.0296 2956 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll 15:21:58.0296 2956 WmdmPmSN - ok 15:21:58.0312 2956 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys 15:21:58.0312 2956 WmiAcpi - ok 15:21:58.0328 2956 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe 15:21:58.0343 2956 WmiApSrv - ok 15:21:58.0421 2956 [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc C:\Programme\Windows Media Player\WMPNetwk.exe 15:21:58.0468 2956 WMPNetworkSvc - ok 15:21:58.0578 2956 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe 15:21:58.0609 2956 WPFFontCache_v0400 - ok 15:21:58.0640 2956 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys 15:21:58.0671 2956 WS2IFSL - ok 15:21:58.0703 2956 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll 15:21:58.0718 2956 wuauserv - ok 15:21:58.0734 2956 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys 15:21:58.0734 2956 WudfPf - ok 15:21:58.0750 2956 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys 15:21:58.0750 2956 WudfRd - ok 15:21:58.0765 2956 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll 15:21:58.0765 2956 WudfSvc - ok 15:21:58.0812 2956 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll 15:21:58.0812 2956 WZCSVC - ok 15:21:58.0843 2956 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll 15:21:58.0843 2956 xmlprov - ok 15:21:58.0859 2956 ================ Scan global =============================== 15:21:58.0875 2956 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll 15:21:58.0906 2956 [ E62178BC21EAC63A3B9A2DBD46C1B505 ] C:\WINDOWS\system32\winsrv.dll 15:21:58.0921 2956 [ E62178BC21EAC63A3B9A2DBD46C1B505 ] C:\WINDOWS\system32\winsrv.dll 15:21:58.0937 2956 [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe 15:21:58.0937 2956 [Global] - ok 15:21:58.0937 2956 ================ Scan MBR ================================== 15:21:58.0968 2956 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0 15:21:58.0968 2956 \Device\Harddisk0\DR0 - ok 15:21:58.0984 2956 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk1\DR1 15:21:59.0140 2956 \Device\Harddisk1\DR1 - ok 15:21:59.0140 2956 ================ Scan VBR ================================== 15:21:59.0140 2956 [ 91C26E263E43A7078177E866919CCAC5 ] \Device\Harddisk0\DR0\Partition1 15:21:59.0140 2956 \Device\Harddisk0\DR0\Partition1 - ok 15:21:59.0140 2956 [ B8069D296A5ED552F62D3496A808B5B5 ] \Device\Harddisk1\DR1\Partition1 15:21:59.0140 2956 \Device\Harddisk1\DR1\Partition1 - ok 15:21:59.0140 2956 ============================================================ 15:21:59.0140 2956 Scan finished 15:21:59.0140 2956 ============================================================ 15:21:59.0156 2292 Detected object count: 1 15:21:59.0156 2292 Actual detected object count: 1 15:22:26.0328 2292 sptd ( LockedFile.Multi.Generic ) - skipped by user 15:22:26.0328 2292 sptd ( LockedFile.Multi.Generic ) - User select action: Skip 15:22:36.0171 2620 ============================================================ 15:22:36.0171 2620 Scan started 15:22:36.0171 2620 Mode: Manual; 15:22:36.0171 2620 ============================================================ 15:22:37.0375 2620 ================ Scan system memory ======================== 15:22:37.0375 2620 System memory - ok 15:22:37.0375 2620 ================ Scan services ============================= 15:22:37.0500 2620 Abiosdsk - ok 15:22:37.0500 2620 abp480n5 - ok 15:22:37.0562 2620 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys 15:22:37.0562 2620 ACPI - ok 15:22:37.0593 2620 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys 15:22:37.0593 2620 ACPIEC - ok 15:22:37.0671 2620 [ 479901C99FA62D1C3261B7ACB1228DAD ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe 15:22:37.0671 2620 AdobeFlashPlayerUpdateSvc - ok 15:22:37.0671 2620 adpu160m - ok 15:22:37.0703 2620 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys 15:22:37.0703 2620 aec - ok 15:22:37.0718 2620 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys 15:22:37.0734 2620 AFD - ok 15:22:37.0734 2620 Aha154x - ok 15:22:37.0734 2620 aic78u2 - ok 15:22:37.0734 2620 aic78xx - ok 15:22:37.0750 2620 aie3z0c0 - ok 15:22:37.0765 2620 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll 15:22:37.0765 2620 Alerter - ok 15:22:37.0796 2620 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe 15:22:37.0796 2620 ALG - ok 15:22:37.0796 2620 AliIde - ok 15:22:37.0828 2620 [ 22AD3EC1F0486C863D70CDD50B97761B ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys 15:22:37.0828 2620 AmdK8 - ok 15:22:37.0828 2620 amsint - ok 15:22:37.0906 2620 Amsmpu4p - ok 15:22:38.0015 2620 [ D9A92E6DD41C5ADC045AE485026AA40C ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe 15:22:38.0015 2620 AntiVirSchedulerService - ok 15:22:38.0046 2620 [ 66A7A38F7C439153B758548375EB9E5E ] AntiVirService C:\Programme\Avira\AntiVir Desktop\avguard.exe 15:22:38.0046 2620 AntiVirService - ok 15:22:38.0078 2620 [ 9EDAE2D1CA368E8D01BEE8BFBC9488E4 ] AntiVirWebService C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE 15:22:38.0078 2620 AntiVirWebService - ok 15:22:38.0078 2620 AppMgmt - ok 15:22:38.0109 2620 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys 15:22:38.0109 2620 Arp1394 - ok 15:22:38.0109 2620 asc - ok 15:22:38.0109 2620 asc3350p - ok 15:22:38.0125 2620 asc3550 - ok 15:22:38.0140 2620 [ 54AB078660E536DA72B21A27F56B035B ] Aspi32 C:\WINDOWS\system32\drivers\aspi32.sys 15:22:38.0140 2620 Aspi32 - ok 15:22:38.0203 2620 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe 15:22:38.0203 2620 aspnet_state - ok 15:22:38.0203 2620 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys 15:22:38.0218 2620 AsyncMac - ok 15:22:38.0250 2620 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys 15:22:38.0250 2620 atapi - ok 15:22:38.0250 2620 Atdisk - ok 15:22:38.0296 2620 [ E46D344412D1ABC60C58E95C73BCDC70 ] atksgt C:\WINDOWS\system32\DRIVERS\atksgt.sys 15:22:38.0296 2620 atksgt - ok 15:22:38.0328 2620 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys 15:22:38.0328 2620 Atmarpc - ok 15:22:38.0328 2620 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll 15:22:38.0328 2620 AudioSrv - ok 15:22:38.0359 2620 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys 15:22:38.0359 2620 audstub - ok 15:22:38.0390 2620 [ 87425709A251386064C99B684BF96F72 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys 15:22:38.0390 2620 avgntflt - ok 15:22:38.0406 2620 [ D50FBA68163BC498F2C136E0E5BA8E2F ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys 15:22:38.0406 2620 avipbb - ok 15:22:38.0437 2620 [ CB8741CD7B126499FED40C9B197F6AC5 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys 15:22:38.0437 2620 avkmgr - ok 15:22:38.0468 2620 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys 15:22:38.0468 2620 Beep - ok 15:22:38.0500 2620 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll 15:22:38.0515 2620 BITS - ok 15:22:38.0546 2620 [ B71549F23736ADF83A571061C47777FD ] Browser C:\WINDOWS\System32\browser.dll 15:22:38.0546 2620 Browser - ok 15:22:38.0562 2620 [ 04E1C782CF14B7282EBC633B0FD3ED16 ] Cardex C:\WINDOWS\system32\drivers\TBPANEL.SYS 15:22:38.0562 2620 Cardex - ok 15:22:38.0593 2620 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys 15:22:38.0593 2620 cbidf2k - ok 15:22:38.0593 2620 cd20xrnt - ok 15:22:38.0625 2620 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys 15:22:38.0625 2620 Cdaudio - ok 15:22:38.0656 2620 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys 15:22:38.0656 2620 Cdfs - ok 15:22:38.0687 2620 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys 15:22:38.0687 2620 Cdrom - ok 15:22:38.0687 2620 Changer - ok 15:22:38.0718 2620 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe 15:22:38.0734 2620 CiSvc - ok 15:22:38.0750 2620 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe 15:22:38.0750 2620 ClipSrv - ok 15:22:38.0781 2620 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 15:22:38.0781 2620 clr_optimization_v2.0.50727_32 - ok 15:22:38.0828 2620 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 15:22:38.0828 2620 clr_optimization_v4.0.30319_32 - ok 15:22:38.0828 2620 CmdIde - ok 15:22:38.0828 2620 COMSysApp - ok 15:22:38.0843 2620 Cpqarray - ok 15:22:38.0843 2620 cpuz135 - ok 15:22:38.0859 2620 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll 15:22:38.0859 2620 CryptSvc - ok 15:22:38.0875 2620 dac2w2k - ok 15:22:38.0875 2620 dac960nt - ok 15:22:38.0906 2620 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 15:22:38.0906 2620 DcomLaunch - ok 15:22:38.0953 2620 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll 15:22:38.0953 2620 Dhcp - ok 15:22:38.0968 2620 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys 15:22:38.0968 2620 Disk - ok 15:22:38.0968 2620 dmadmin - ok 15:22:39.0031 2620 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys 15:22:39.0031 2620 dmboot - ok 15:22:39.0046 2620 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys 15:22:39.0046 2620 dmio - ok 15:22:39.0062 2620 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys 15:22:39.0062 2620 dmload - ok 15:22:39.0078 2620 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll 15:22:39.0078 2620 dmserver - ok 15:22:39.0093 2620 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys 15:22:39.0109 2620 DMusic - ok 15:22:39.0125 2620 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 15:22:39.0125 2620 Dnscache - ok 15:22:39.0171 2620 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll 15:22:39.0171 2620 Dot3svc - ok 15:22:39.0171 2620 dpti2o - ok 15:22:39.0187 2620 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys 15:22:39.0187 2620 drmkaud - ok 15:22:39.0234 2620 [ 3430A3D6A97C0E827DB0930FEE017499 ] DTSRVC C:\Programme\Gemeinsame Dateien\Portrait Displays\Shared\DTSRVC.exe 15:22:39.0234 2620 DTSRVC - ok 15:22:39.0234 2620 EagleNT - ok 15:22:39.0250 2620 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll 15:22:39.0250 2620 EapHost - ok 15:22:39.0281 2620 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll 15:22:39.0281 2620 ERSvc - ok 15:22:39.0296 2620 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe 15:22:39.0296 2620 Eventlog - ok 15:22:39.0328 2620 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\system32\es.dll 15:22:39.0343 2620 EventSystem - ok 15:22:39.0375 2620 Fabs - ok 15:22:39.0390 2620 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys 15:22:39.0390 2620 Fastfat - ok 15:22:39.0437 2620 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll 15:22:39.0437 2620 FastUserSwitchingCompatibility - ok 15:22:39.0453 2620 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys 15:22:39.0453 2620 Fdc - ok 15:22:39.0468 2620 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys 15:22:39.0468 2620 Fips - ok 15:22:39.0531 2620 [ 5BD96D8C5411ACE71A7EAACAF0EF2903 ] FirebirdServerMAGIXInstance C:\Programme\Gemeinsame Dateien\MAGIX Services\Database\bin\fbserver.exe 15:22:39.0531 2620 FirebirdServerMAGIXInstance - ok 15:22:39.0578 2620 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys 15:22:39.0578 2620 Flpydisk - ok 15:22:39.0625 2620 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys 15:22:39.0625 2620 FltMgr - ok 15:22:39.0687 2620 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe 15:22:39.0687 2620 FontCache3.0.0.0 - ok 15:22:39.0703 2620 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 15:22:39.0703 2620 Fs_Rec - ok 15:22:39.0703 2620 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys 15:22:39.0703 2620 Ftdisk - ok 15:22:39.0718 2620 [ 47A244F0DCFF72A7EC6DCEC111438D28 ] gdrv C:\WINDOWS\gdrv.sys 15:22:39.0734 2620 gdrv - ok 15:22:39.0750 2620 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys 15:22:39.0750 2620 Gpc - ok 15:22:39.0765 2620 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 15:22:39.0765 2620 HDAudBus - ok 15:22:39.0812 2620 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 15:22:39.0812 2620 helpsvc - ok 15:22:39.0843 2620 [ B35DA85E60C0103F2E4104532DA2F12B ] HidServ C:\WINDOWS\System32\hidserv.dll 15:22:39.0843 2620 HidServ - ok 15:22:39.0859 2620 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys 15:22:39.0859 2620 HidUsb - ok 15:22:39.0875 2620 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll 15:22:39.0875 2620 hkmsvc - ok 15:22:39.0875 2620 hpn - ok 15:22:39.0921 2620 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys 15:22:39.0921 2620 HTTP - ok 15:22:39.0953 2620 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll 15:22:39.0953 2620 HTTPFilter - ok 15:22:39.0953 2620 i2omgmt - ok 15:22:39.0953 2620 i2omp - ok 15:22:39.0968 2620 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys 15:22:39.0968 2620 i8042prt - ok 15:22:40.0046 2620 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe 15:22:40.0046 2620 IDriverT - ok 15:22:40.0093 2620 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 15:22:40.0109 2620 idsvc - ok 15:22:40.0109 2620 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys 15:22:40.0109 2620 Imapi - ok 15:22:40.0140 2620 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe 15:22:40.0140 2620 ImapiService - ok 15:22:40.0171 2620 [ B87FC7C71632240DAC8F4D20E9CE8377 ] InCDfs C:\WINDOWS\system32\drivers\InCDfs.sys 15:22:40.0171 2620 InCDfs - ok 15:22:40.0203 2620 [ 2E878405128EC98886EB9C2216AC7BD6 ] InCDPass C:\WINDOWS\system32\DRIVERS\InCDPass.sys 15:22:40.0203 2620 InCDPass - ok 15:22:40.0203 2620 [ DDF078917A42F105385D7EB6DEBB3433 ] InCDrec C:\WINDOWS\system32\drivers\InCDrec.sys 15:22:40.0203 2620 InCDrec - ok 15:22:40.0234 2620 [ 7F352360E947AD2CD4BA60DE27B1A299 ] incdrm C:\WINDOWS\system32\drivers\incdrm.sys 15:22:40.0234 2620 incdrm - ok 15:22:40.0281 2620 [ E9372A17C22FC4E5C9FD8798A97775FC ] InCDsrv C:\Programme\Ahead\InCD\InCDsrv.exe 15:22:40.0281 2620 InCDsrv - ok 15:22:40.0281 2620 ini910u - ok 15:22:40.0406 2620 [ B1A809E7FE19BECD5ACA61F0E7088C8C ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys 15:22:40.0437 2620 IntcAzAudAddService - ok 15:22:40.0437 2620 IntelIde - ok 15:22:40.0468 2620 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys 15:22:40.0468 2620 Ip6Fw - ok 15:22:40.0500 2620 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 15:22:40.0500 2620 IpFilterDriver - ok 15:22:40.0500 2620 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys 15:22:40.0500 2620 IpInIp - ok 15:22:40.0531 2620 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys 15:22:40.0531 2620 IpNat - ok 15:22:40.0593 2620 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys 15:22:40.0593 2620 IPSec - ok 15:22:40.0609 2620 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys 15:22:40.0609 2620 IRENUM - ok 15:22:40.0656 2620 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys 15:22:40.0656 2620 isapnp - ok 15:22:40.0781 2620 [ 999DB5F88C8E145CCA9D471E33227143 ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe 15:22:40.0781 2620 JavaQuickStarterService - ok 15:22:40.0812 2620 [ C1632FE31D1824A43DEA29725312E3FA ] JRAID C:\WINDOWS\system32\DRIVERS\jraid.sys 15:22:40.0812 2620 JRAID - ok 15:22:40.0828 2620 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys 15:22:40.0828 2620 Kbdclass - ok 15:22:40.0859 2620 [ B6D6C117D771C98130497265F26D1882 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys 15:22:40.0859 2620 kbdhid - ok 15:22:40.0890 2620 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys 15:22:40.0890 2620 kmixer - ok 15:22:40.0906 2620 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys 15:22:40.0906 2620 KSecDD - ok 15:22:40.0937 2620 [ 2BBDCB79900990F0716DFCB714E72DE7 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll 15:22:40.0937 2620 LanmanServer - ok 15:22:40.0968 2620 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll 15:22:40.0968 2620 lanmanworkstation - ok 15:22:40.0968 2620 lbrtfdc - ok 15:22:41.0000 2620 [ 8CCF9ED46D52AF1375875F74A91FFACF ] lirsgt C:\WINDOWS\system32\DRIVERS\lirsgt.sys 15:22:41.0000 2620 lirsgt - ok 15:22:41.0015 2620 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll 15:22:41.0015 2620 LmHosts - ok 15:22:41.0093 2620 [ C34FFE3582B34C2E7282A991C8455DFE ] MAGIX StartUp Analyze Service C:\Programme\MAGIX\PC_Check_Tuning_2012\MXSAS.exe 15:22:41.0093 2620 MAGIX StartUp Analyze Service - ok 15:22:41.0156 2620 [ DDCC236009C707761D60E5C76D639176 ] McComponentHostService C:\Programme\McAfee Security Scan\3.0.318\McCHSvc.exe 15:22:41.0156 2620 McComponentHostService - ok 15:22:41.0218 2620 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE 15:22:41.0218 2620 MDM - ok 15:22:41.0250 2620 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll 15:22:41.0250 2620 Messenger - ok 15:22:41.0281 2620 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys 15:22:41.0281 2620 mnmdd - ok 15:22:41.0296 2620 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe 15:22:41.0296 2620 mnmsrvc - ok 15:22:41.0312 2620 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys 15:22:41.0312 2620 Modem - ok 15:22:41.0343 2620 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys 15:22:41.0343 2620 Mouclass - ok 15:22:41.0359 2620 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys 15:22:41.0359 2620 mouhid - ok 15:22:41.0375 2620 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys 15:22:41.0375 2620 MountMgr - ok 15:22:41.0421 2620 [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe 15:22:41.0421 2620 MozillaMaintenance - ok 15:22:41.0421 2620 mraid35x - ok 15:22:41.0437 2620 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys 15:22:41.0437 2620 MRxDAV - ok 15:22:41.0468 2620 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 15:22:41.0468 2620 MRxSmb - ok 15:22:41.0515 2620 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\system32\msdtc.exe 15:22:41.0515 2620 MSDTC - ok 15:22:41.0531 2620 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 15:22:41.0531 2620 Msfs - ok 15:22:41.0531 2620 MSIServer - ok 15:22:41.0562 2620 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys 15:22:41.0562 2620 MSKSSRV - ok 15:22:41.0578 2620 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys 15:22:41.0578 2620 MSPCLOCK - ok 15:22:41.0578 2620 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys 15:22:41.0578 2620 MSPQM - ok 15:22:41.0609 2620 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys 15:22:41.0625 2620 mssmbios - ok 15:22:41.0625 2620 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys 15:22:41.0625 2620 Mup - ok 15:22:41.0671 2620 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll 15:22:41.0671 2620 napagent - ok 15:22:41.0703 2620 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys 15:22:41.0703 2620 NDIS - ok 15:22:41.0750 2620 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 15:22:41.0750 2620 NdisTapi - ok 15:22:41.0765 2620 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys 15:22:41.0765 2620 Ndisuio - ok 15:22:41.0796 2620 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys 15:22:41.0796 2620 NdisWan - ok 15:22:41.0812 2620 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys 15:22:41.0812 2620 NDProxy - ok 15:22:41.0843 2620 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys 15:22:41.0843 2620 NetBIOS - ok 15:22:41.0859 2620 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 15:22:41.0859 2620 NetBT - ok 15:22:41.0875 2620 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe 15:22:41.0875 2620 NetDDE - ok 15:22:41.0890 2620 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe 15:22:41.0890 2620 NetDDEdsdm - ok 15:22:41.0906 2620 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe 15:22:41.0906 2620 Netlogon - ok 15:22:41.0921 2620 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll 15:22:41.0921 2620 Netman - ok 15:22:41.0953 2620 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 15:22:41.0953 2620 NetTcpPortSharing - ok 15:22:41.0984 2620 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys 15:22:41.0984 2620 NIC1394 - ok 15:22:42.0000 2620 [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla C:\WINDOWS\System32\mswsock.dll 15:22:42.0000 2620 Nla - ok 15:22:42.0031 2620 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 15:22:42.0031 2620 Npfs - ok 15:22:42.0046 2620 npggsvc - ok 15:22:42.0062 2620 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys 15:22:42.0062 2620 Ntfs - ok 15:22:42.0062 2620 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\system32\lsass.exe 15:22:42.0062 2620 NtLmSsp - ok 15:22:42.0109 2620 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll 15:22:42.0109 2620 NtmsSvc - ok 15:22:42.0125 2620 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys 15:22:42.0125 2620 Null - ok 15:22:42.0343 2620 [ A0A12B3824889E07CB5D19C30F058E68 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys 15:22:42.0406 2620 nv - ok 15:22:42.0421 2620 [ 36E24031C29E6BB6F905CCB41FC987C0 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe 15:22:42.0437 2620 NVSvc - ok 15:22:42.0500 2620 [ EF14502139880F7C3DDCF0D7CA12F370 ] nvUpdatusService C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe 15:22:42.0515 2620 nvUpdatusService - ok 15:22:42.0546 2620 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 15:22:42.0546 2620 NwlnkFlt - ok 15:22:42.0546 2620 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 15:22:42.0546 2620 NwlnkFwd - ok 15:22:42.0578 2620 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys 15:22:42.0578 2620 ohci1394 - ok 15:22:42.0609 2620 [ F4CB9C1991314B1352DDBD8A968E4471 ] OlyCamComm C:\WINDOWS\system32\DRIVERS\OlyCamComm.sys 15:22:42.0609 2620 OlyCamComm - ok 15:22:42.0640 2620 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE 15:22:42.0640 2620 ose - ok 15:22:42.0671 2620 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys 15:22:42.0671 2620 Parport - ok 15:22:42.0671 2620 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys 15:22:42.0671 2620 PartMgr - ok 15:22:42.0703 2620 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys 15:22:42.0703 2620 ParVdm - ok 15:22:42.0718 2620 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys 15:22:42.0718 2620 PCI - ok 15:22:42.0718 2620 PCIDump - ok 15:22:42.0718 2620 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys 15:22:42.0718 2620 PCIIde - ok 15:22:42.0750 2620 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys 15:22:42.0750 2620 Pcmcia - ok 15:22:42.0750 2620 PDCOMP - ok 15:22:42.0765 2620 PDFRAME - ok 15:22:42.0781 2620 [ 5ABF7BE682488903A0268ED83E10C88B ] PdiPorts C:\WINDOWS\system32\Drivers\PdiPorts.sys 15:22:42.0781 2620 PdiPorts - ok 15:22:42.0812 2620 [ A1F1260AD7AEABA9D53724E66AA274BA ] PdiService C:\Programme\Gemeinsame Dateien\Portrait Displays\Drivers\pdisrvc.exe 15:22:42.0812 2620 PdiService - ok 15:22:42.0812 2620 PDRELI - ok 15:22:42.0828 2620 PDRFRAME - ok 15:22:42.0828 2620 perc2 - ok 15:22:42.0828 2620 perc2hib - ok 15:22:42.0875 2620 [ 444F122E68DB44C0589227781F3C8B3F ] pfc C:\WINDOWS\system32\drivers\pfc.sys 15:22:42.0875 2620 pfc - ok 15:22:42.0890 2620 [ 943F840611D33832308EC5310B616B57 ] Pivot C:\WINDOWS\system32\drivers\pivot.sys 15:22:42.0890 2620 Pivot - ok 15:22:42.0906 2620 [ 998C58295288EEDFBFE95E7F6CC94DF4 ] pivotmou C:\WINDOWS\system32\drivers\pivotmou.sys 15:22:42.0906 2620 pivotmou - ok 15:22:42.0921 2620 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe 15:22:42.0921 2620 PlugPlay - ok 15:22:42.0937 2620 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe 15:22:42.0937 2620 PolicyAgent - ok 15:22:42.0937 2620 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys 15:22:42.0937 2620 PptpMiniport - ok 15:22:42.0968 2620 [ 2CB55427C58679F49AD600FCCBA76360 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys 15:22:42.0968 2620 Processor - ok 15:22:42.0968 2620 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe 15:22:42.0968 2620 ProtectedStorage - ok 15:22:42.0984 2620 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys 15:22:42.0984 2620 PSched - ok 15:22:42.0984 2620 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys 15:22:42.0984 2620 Ptilink - ok 15:22:43.0000 2620 ql1080 - ok 15:22:43.0000 2620 Ql10wnt - ok 15:22:43.0000 2620 ql12160 - ok 15:22:43.0015 2620 ql1240 - ok 15:22:43.0015 2620 ql1280 - ok 15:22:43.0031 2620 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 15:22:43.0031 2620 RasAcd - ok 15:22:43.0078 2620 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll 15:22:43.0078 2620 RasAuto - ok 15:22:43.0078 2620 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 15:22:43.0078 2620 Rasl2tp - ok 15:22:43.0109 2620 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll 15:22:43.0109 2620 RasMan - ok 15:22:43.0125 2620 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys 15:22:43.0125 2620 RasPppoe - ok 15:22:43.0140 2620 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys 15:22:43.0140 2620 Raspti - ok 15:22:43.0171 2620 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 15:22:43.0171 2620 Rdbss - ok 15:22:43.0187 2620 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 15:22:43.0187 2620 RDPCDD - ok 15:22:43.0203 2620 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys 15:22:43.0203 2620 RDPWD - ok 15:22:43.0265 2620 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe 15:22:43.0265 2620 RDSessMgr - ok 15:22:43.0265 2620 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys 15:22:43.0265 2620 redbook - ok 15:22:43.0281 2620 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 15:22:43.0281 2620 RemoteAccess - ok 15:22:43.0312 2620 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\system32\locator.exe 15:22:43.0312 2620 RpcLocator - ok 15:22:43.0343 2620 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs C:\WINDOWS\system32\rpcss.dll 15:22:43.0343 2620 RpcSs - ok 15:22:43.0375 2620 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\system32\rsvp.exe 15:22:43.0375 2620 RSVP - ok 15:22:43.0406 2620 [ 6BB03267453ABDE9EA776BA9B5A7BAAB ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys 15:22:43.0421 2620 RTLE8023xp - ok 15:22:43.0437 2620 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe 15:22:43.0437 2620 SamSs - ok 15:22:43.0437 2620 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe 15:22:43.0437 2620 SCardSvr - ok 15:22:43.0468 2620 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll 15:22:43.0468 2620 Schedule - ok 15:22:43.0484 2620 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys 15:22:43.0500 2620 Secdrv - ok 15:22:43.0515 2620 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll 15:22:43.0515 2620 seclogon - ok 15:22:43.0531 2620 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll 15:22:43.0531 2620 SENS - ok 15:22:43.0546 2620 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys 15:22:43.0546 2620 serenum - ok 15:22:43.0562 2620 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys 15:22:43.0562 2620 Serial - ok 15:22:43.0609 2620 [ 9E7DEE11FD5A4355941A45F13C0ED59A ] sfdrv01 C:\WINDOWS\system32\drivers\sfdrv01.sys 15:22:43.0609 2620 sfdrv01 - ok 15:22:43.0609 2620 [ 4D0CE0FADCA29E7DA68CE597AC9010BD ] sfdrv01a C:\WINDOWS\system32\drivers\sfdrv01a.sys 15:22:43.0609 2620 sfdrv01a - ok 15:22:43.0625 2620 [ DAAD4C099EBF5094D32C373AC1AC0F3C ] sfhlp02 C:\WINDOWS\system32\drivers\sfhlp02.sys 15:22:43.0625 2620 sfhlp02 - ok 15:22:43.0640 2620 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys 15:22:43.0640 2620 Sfloppy - ok 15:22:43.0671 2620 [ C526AD307FF1900BC4C864F74553F762 ] sfsync04 C:\WINDOWS\system32\drivers\sfsync04.sys 15:22:43.0671 2620 sfsync04 - ok 15:22:43.0671 2620 [ D5A7E09D2C6A702809E49190D52ADC9F ] sfvfs02 C:\WINDOWS\system32\drivers\sfvfs02.sys 15:22:43.0671 2620 sfvfs02 - ok 15:22:43.0687 2620 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 15:22:43.0687 2620 ShellHWDetection - ok 15:22:43.0687 2620 Simbad - ok 15:22:43.0765 2620 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Programme\Skype\Updater\Updater.exe 15:22:43.0765 2620 SkypeUpdate - ok 15:22:43.0765 2620 Sparrow - ok 15:22:43.0796 2620 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys 15:22:43.0796 2620 splitter - ok 15:22:43.0812 2620 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe 15:22:43.0812 2620 Spooler - ok 15:22:43.0843 2620 [ CDDDEC541BC3C96F91ECB48759673505 ] sptd C:\WINDOWS\system32\Drivers\sptd.sys 15:22:43.0843 2620 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: CDDDEC541BC3C96F91ECB48759673505 15:22:43.0843 2620 sptd ( LockedFile.Multi.Generic ) - warning 15:22:43.0843 2620 sptd - detected LockedFile.Multi.Generic (1) 15:22:43.0875 2620 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys 15:22:43.0875 2620 sr - ok 15:22:43.0890 2620 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll 15:22:43.0890 2620 srservice - ok 15:22:43.0921 2620 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys 15:22:43.0921 2620 Srv - ok 15:22:43.0968 2620 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 15:22:43.0968 2620 SSDPSRV - ok 15:22:44.0000 2620 [ EF3504DD32E2EA222BE0CBC9A0895F89 ] SSHDRV76 C:\WINDOWS\system32\drivers\SSHDRV76.sys 15:22:44.0000 2620 SSHDRV76 - ok 15:22:44.0015 2620 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys 15:22:44.0015 2620 ssmdrv - ok 15:22:44.0031 2620 [ E57B778208C783D8DEBAB320C16A1B82 ] StarOpen C:\WINDOWS\system32\drivers\StarOpen.sys 15:22:44.0031 2620 StarOpen - ok 15:22:44.0062 2620 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll 15:22:44.0062 2620 stisvc - ok 15:22:44.0093 2620 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys 15:22:44.0093 2620 swenum - ok 15:22:44.0109 2620 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys 15:22:44.0109 2620 swmidi - ok 15:22:44.0109 2620 SwPrv - ok 15:22:44.0109 2620 symc810 - ok 15:22:44.0109 2620 symc8xx - ok 15:22:44.0125 2620 sym_hi - ok 15:22:44.0125 2620 sym_u3 - ok 15:22:44.0140 2620 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys 15:22:44.0140 2620 sysaudio - ok 15:22:44.0156 2620 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe 15:22:44.0171 2620 SysmonLog - ok 15:22:44.0187 2620 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 15:22:44.0203 2620 TapiSrv - ok 15:22:44.0218 2620 [ 04E1C782CF14B7282EBC633B0FD3ED16 ] TBPanel C:\WINDOWS\system32\drivers\TBPanel.sys 15:22:44.0218 2620 TBPanel - ok 15:22:44.0250 2620 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys 15:22:44.0265 2620 Tcpip - ok 15:22:44.0281 2620 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys 15:22:44.0281 2620 TDPIPE - ok 15:22:44.0296 2620 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys 15:22:44.0296 2620 TDTCP - ok 15:22:44.0343 2620 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys 15:22:44.0343 2620 TermDD - ok 15:22:44.0375 2620 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll 15:22:44.0375 2620 TermService - ok 15:22:44.0390 2620 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll 15:22:44.0390 2620 Themes - ok 15:22:44.0390 2620 TosIde - ok 15:22:44.0406 2620 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll 15:22:44.0406 2620 TrkWks - ok 15:22:44.0437 2620 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys 15:22:44.0437 2620 Udfs - ok 15:22:44.0437 2620 ultra - ok 15:22:44.0468 2620 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys 15:22:44.0468 2620 Update - ok 15:22:44.0484 2620 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll 15:22:44.0484 2620 upnphost - ok 15:22:44.0531 2620 [ 7CE0FE34FD8FB7F52D1E503B0C1E4FA9 ] UPnPService C:\Programme\Gemeinsame Dateien\MAGIX Shared\UPnPService\UPnPService.exe 15:22:44.0531 2620 UPnPService - ok 15:22:44.0562 2620 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe 15:22:44.0562 2620 UPS - ok 15:22:44.0593 2620 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys 15:22:44.0593 2620 usbccgp - ok 15:22:44.0625 2620 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys 15:22:44.0625 2620 usbehci - ok 15:22:44.0640 2620 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys 15:22:44.0640 2620 usbhub - ok 15:22:44.0656 2620 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys 15:22:44.0656 2620 usbohci - ok 15:22:44.0703 2620 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys 15:22:44.0703 2620 usbprint - ok 15:22:44.0718 2620 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys 15:22:44.0718 2620 usbscan - ok 15:22:44.0734 2620 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 15:22:44.0734 2620 usbstor - ok 15:22:44.0734 2620 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys 15:22:44.0734 2620 VgaSave - ok 15:22:44.0750 2620 ViaIde - ok 15:22:44.0765 2620 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys 15:22:44.0765 2620 VolSnap - ok 15:22:44.0812 2620 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe 15:22:44.0812 2620 VSS - ok 15:22:44.0843 2620 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll 15:22:44.0843 2620 W32Time - ok 15:22:44.0875 2620 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys 15:22:44.0875 2620 Wanarp - ok 15:22:44.0875 2620 WDICA - ok 15:22:44.0890 2620 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys 15:22:44.0890 2620 wdmaud - ok 15:22:44.0906 2620 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll 15:22:44.0906 2620 WebClient - ok 15:22:44.0968 2620 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll 15:22:44.0968 2620 winmgmt - ok 15:22:44.0984 2620 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll 15:22:44.0984 2620 WmdmPmSN - ok 15:22:45.0000 2620 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys 15:22:45.0000 2620 WmiAcpi - ok 15:22:45.0031 2620 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe 15:22:45.0031 2620 WmiApSrv - ok 15:22:45.0109 2620 [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc C:\Programme\Windows Media Player\WMPNetwk.exe 15:22:45.0109 2620 WMPNetworkSvc - ok 15:22:45.0203 2620 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe 15:22:45.0218 2620 WPFFontCache_v0400 - ok 15:22:45.0234 2620 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys 15:22:45.0234 2620 WS2IFSL - ok 15:22:45.0265 2620 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll 15:22:45.0265 2620 wuauserv - ok 15:22:45.0281 2620 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys 15:22:45.0281 2620 WudfPf - ok 15:22:45.0296 2620 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys 15:22:45.0296 2620 WudfRd - ok 15:22:45.0312 2620 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll 15:22:45.0312 2620 WudfSvc - ok 15:22:45.0343 2620 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll 15:22:45.0343 2620 WZCSVC - ok 15:22:45.0375 2620 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll 15:22:45.0375 2620 xmlprov - ok 15:22:45.0375 2620 ================ Scan global =============================== 15:22:45.0390 2620 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll 15:22:45.0437 2620 [ E62178BC21EAC63A3B9A2DBD46C1B505 ] C:\WINDOWS\system32\winsrv.dll 15:22:45.0437 2620 [ E62178BC21EAC63A3B9A2DBD46C1B505 ] C:\WINDOWS\system32\winsrv.dll 15:22:45.0453 2620 [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe 15:22:45.0453 2620 [Global] - ok 15:22:45.0453 2620 ================ Scan MBR ================================== 15:22:45.0484 2620 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0 15:22:45.0484 2620 \Device\Harddisk0\DR0 - ok 15:22:45.0500 2620 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk1\DR1 15:22:45.0765 2620 \Device\Harddisk1\DR1 - ok 15:22:45.0765 2620 ================ Scan VBR ================================== 15:22:45.0781 2620 [ 91C26E263E43A7078177E866919CCAC5 ] \Device\Harddisk0\DR0\Partition1 15:22:45.0781 2620 \Device\Harddisk0\DR0\Partition1 - ok 15:22:45.0781 2620 [ B8069D296A5ED552F62D3496A808B5B5 ] \Device\Harddisk1\DR1\Partition1 15:22:45.0781 2620 \Device\Harddisk1\DR1\Partition1 - ok 15:22:45.0781 2620 ============================================================ 15:22:45.0781 2620 Scan finished 15:22:45.0781 2620 ============================================================ 15:22:45.0781 1740 Detected object count: 1 15:22:45.0781 1740 Actual detected object count: 1 15:23:01.0093 1740 sptd ( LockedFile.Multi.Generic ) - skipped by user 15:23:01.0093 1740 sptd ( LockedFile.Multi.Generic ) - User select action: Skip 15:23:03.0593 3324 Deinitialize success Möchte gern wissen was ich als normaler PC-Nutzer gegen diese ständigen zugriff tun kann. |
Hi, Zitat:
Zitat:
Wenn du dich für erstere Variante entscheidest, dann: Schritt 1 Downloade dir bitte defogger (von jpshortstuff) auf deinen Desktop.
Schritt 2 Bitte lade dir  GMER herunter: (Dateiname zufällig)
 Tauchen Probleme auf?
Schritt 3 Lade dir bitte OTL (von Oldtimer) herunter und speichere es auf deinen Desktop.
Bitte poste in deiner nächsten Antwort:
|
Habe die Schritte 1 - 3 ausgeführt. bin jetzt schon einige Stunden im Netz und es wurden bis jetzt keine Viren/Trojaner erkannt. wenn damit das Problem gelöst ist, möchte ich mich herzlichst dafür bedanken. Hier sind noch die datein von GMER und OTL: GMER 2.1.19163 - hxxp://www.gmer.net Rootkit quick scan 2013-05-10 10:56:57 Windows 5.1.2600 Service Pack 3 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP1T1L0-e ExcelStor_Technology_J8160S rev.P22OABEA 149,05GB Running: gmer_2.1.19163.exe; Driver: C:\DOKUME~1\Rolf\LOKALE~1\Temp\pxtdrpob.sys ---- Devices - GMER 2.1 ---- Device \Driver\atapi \Device\Ide\IdePort0 89E0EA78 Device \Driver\atapi \Device\Ide\IdePort1 89E0EA78 Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-1c 89E0EA78 Device \Driver\atapi \Device\Ide\IdePort2 89E0EA78 Device \Driver\atapi \Device\Ide\IdePort3 89E0EA78 Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-e 89E0EA78 Device \Driver\atapi \Device\Ide\IdeDeviceP2T1L0-24 89E0EA78 Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-3 89E0EA78 ---- EOF - GMER 2.1 ----OTL Logfile: Code: OTL logfile created on: 10.05.2013 10:58:22 - Run 1OTL Logfile: Code: OTL Extras logfile created on: 10.05.2013 10:58:23 - Run 1 |
Hallo, diese Scans können keine Probleme lösen, die scannen nur.. ;) Wir müssen weitermachen: Schritt 1 Bei dir läuft der Teatimer von Spybot Search&Destroy. Mit laufendem TeaTimer lässt sich keine Bereinigung durchführen, da er alle gelöschten Einträge wiederherstellt.
Schritt 2 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 3 Scan mit Combofix
Schritt 4
Code: reg query "HKLM\HARDWARE\DEVICEMAP\Scsi\Scsi Port 0" /c
Bitte poste in deiner nächsten Antwort:
|
Habe die Schritte 1 - 4 durch und hier sind die dazu gehörigen Dateien.AdwCleaner Logfile: Code: # AdwCleaner v2.300 - Datei am 10/05/2013 um 15:32:22 erstelltCombofix Logfile: Code: ComboFix 13-05-10.03 - Rolf 10.05.2013 16:23:56.1.2 - x86Code: OTL logfile created on: 10.05.2013 16:41:57 - Run 2So langsam fallen mir meine letzten grauen Haare aus. |
Zitat:
Schritt 1 Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Bitte poste in deiner nächsten Antwort:
|
danke, dieser Scanne sah gut aus. Es wurden keine Objekte gefunden und jetzt noch der Abschlußbericht. Ich hoffe doch, dass ich im Eifer des Gefechts nichts übersehn hab. Malwarebytes Anti-Rootkit BETA 1.05.0.1001 Malwarebytes : Free anti-malware download Database version: v2013.05.10.09 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Rolf :: ROLF [administrator] 10.05.2013 21:39:42 mbar-log-2013-05-10 (21-39-42).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P Scan options disabled: Objects scanned: 26456 Time elapsed: 10 minute(s), 9 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) |
Das sah in der Tat gut aus. Wir machen noch eine Kontrolle und schliessen vorhandene Sicherheitslücken, damit sowas nicht wieder vorkommt. Schritt 1 Fixen mit OTL
Code: :OTL
Schritt 2 Downloade Dir bitte  Malwarebytes Anti-Malware
Schritt 3 ESET Online Scanner
Schritt 4 Downloade Dir bitte  SecurityCheck und:
Bitte poste in deiner nächsten Antwort:
|
Das war eine Mamutstrecke und doch noch was gefunden. wieviele von diesen Skannprogammen braucht man eigendlich um um alles zu finden, besser gesagt was braucht man damit sowas nicht mehr vorkommt? Noch die restlichen Dateien: All processes killed ========== OTL ========== C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\qnaybdtkaidjjbb moved successfully. Registry key HKEY_USERS\S-1-5-21-1844237615-261903793-1801674531-1004\Software\Microsoft\Internet Explorer\SearchScopes\{172A1A2C-FA5B-4CF5-B077-79F0134F3BF3}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{172A1A2C-FA5B-4CF5-B077-79F0134F3BF3}\ not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Besitzer User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: LocalService ->Temp folder emptied: 66016 bytes ->Temporary Internet Files folder emptied: 131206 bytes ->Flash cache emptied: 492 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes ->Java cache emptied: 0 bytes ->Flash cache emptied: 492 bytes User: Rolf ->Temp folder emptied: 587497 bytes ->Temporary Internet Files folder emptied: 3436458 bytes ->Java cache emptied: 23625673 bytes ->FireFox cache emptied: 65107777 bytes ->Opera cache emptied: 17836529 bytes ->Flash cache emptied: 1916065 bytes User: UpdatusUser ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes User: user %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 2352202 bytes %systemroot%\System32 .tmp files removed: 2951 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 98304 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 110,00 mb OTL by OldTimer - Version 3.2.69.0 log created on 05122013_120843 Files\Folders moved on Reboot... C:\WINDOWS\temp\Perflib_Perfdata_23c.dat moved successfully. PendingFileRenameOperations files... Registry entries deleted on Reboot... Malwarebytes Anti-Malware (Test) 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.05.12.02 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Rolf :: ROLF [Administrator] Schutz: Aktiviert 12.05.2013 12:20:46 mbam-log-2013-05-12 (12-20-46).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 241899 Laufzeit: 5 Minute(n), 33 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) ESETSmartInstaller@High as downloader log: all ok # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6920 # api_version=3.0.2 # EOSSerial=1f65d81420cdbf4cba221d71957c7bfa # engine=13811 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=false # unsafe_checked=false # antistealth_checked=true # utc_time=2013-05-12 12:56:18 # local_time=2013-05-12 02:56:18 (+0100, Westeuropäische Sommerzeit) # country="Germany" # lang=1033 # osver=5.1.2600 NT Service Pack 3 # compatibility_mode=1799 16775165 100 97 9604 233786668 2379 0 # scanned=376140 # found=1 # cleaned=0 # scan_time=8434 sh=7D3031BA07F71B7FB92C1FED6AC502925B2B8B97 ft=1 fh=c71c00111ba46dea vn="a variant of Win32/Kryptik.BAEY trojan" ac=I fn="C:\Qoobox\Quarantine\C\Dokumente und Einstellungen\Rolf\Anwendungsdaten\skype.dat.vir" Results of screen317's Security Check version 0.99.63 Windows XP Service Pack 3 x86 Internet Explorer 8 ``````````````Antivirus/Firewall Check:`````````````` Avira Free Antivirus ESET Online Scanner v3 Avira successfully updated! `````````Anti-malware/Other Utilities Check:````````` Spybot - Search & Destroy Malwarebytes Anti-Malware Version 1.75.0.1300 Java(TM) 6 Update 37 Java 7 Update 17 Java version out of Date! Adobe Flash Player 11.7.700.169 Adobe Reader 10.1.6 Adobe Reader out of Date! Mozilla Firefox (20.0.1) ````````Process Check: objlist.exe by Laurent```````` Avira Antivir avgnt.exe Avira Antivir avguard.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C:: ````````````````````End of Log`````````````````````` Habe fast noch alle Programme auf den PC, kann ich Sie löschen? Den ESET Online Scanner hab ich laut Schritt 3 bereits entfernt. Ich hätte mal gern ein Erfolgserlebnis. |
Hallo, Zitat:
Zitat:
Aber mit zu den wichtigsten Dingen gehört, dass alle Software immer auf dem neusten Stand ist! Schritt 1 Dein Java ist nicht mehr aktuell. Ältere Versionen enthalten Sicherheitslücken, die von Malware zur Infizierung per Drive-by Download missbraucht werden können. Die aktuelle Version ist Java 7 Update 21.
Überleg dir also, ob du eine Java-Installation wirklich brauchst. Falls du Java weiterhin verwenden möchtest, dann:
Schritt 2 Die Version deines Adobe PDF Readers ist veraltet, wir müssen ihn updaten:
Überprüfe dann mit diesem Plugin-Check, ob nun alle deine verwendeten Versionen aktuell sind und update sie anderenfalls. Cleanup Zum Schluss werden wir jetzt noch unsere Tools (inklusive der Quarantäne-Ordner) wegräumen, die verseuchten Systemwiederherstellungspunkte löschen und alle Einstellungen wieder herrichten. Auch diese Schritte sind noch wichtig und sollten in der angegebenen Reihenfolge ausgeführt werden.
>> OK << Wir sind durch, deine Logs sehen für mich im Moment sauber aus. :daumenhoc Ich habe dir nachfolgend ein paar Hinweise und Tipps zusammengestellt, die dazu beitragen sollen, dass du in Zukunft unsere Hilfe nicht mehr brauchen wirst. Bitte gib mir danach noch eine kurze Rückmeldung, wenn auch von deiner Seite keine Probleme oder Fragen mehr offen sind, damit ich dieses Thema als erledigt betrachten kann. Epilog: Tipps, Dos & Don'ts Aktualität von System und SoftwareDas Betriebsystem Windows muss zwingend immer auf dem neusten Stand sein. Stelle sicher, dass die automatischen Updates aktiviert sind:
Auch die installierte Software sollte immer in der aktuellsten Version vorliegen. Speziell gilt das für den Browser, Java, Flash-Player und PDF-Reader, denn bekannte Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim blossen Besuch einer präparierten Website per Drive-by Download Malware zu installieren. Das kann sogar auf normalerweise legitimen Websites geschehen, wenn es einem Angreifer gelungen ist, seinen Code in die Seite einzuschleusen, und ist deshalb relativ unberechenbar.
Sicherheits-SoftwareEine Bemerkung vorneweg: Jede Softwarelösung hat ihre Schwächen. Die gesamte Verantwortung für die Sicherheit auf Software zu übertragen und einen Rundum-Schutz zu erwarten, wäre eine gefährliche Illusion. Bei unbedachtem oder bewusst risikoreichem Verhalten wird auch das beste Programm früher oder später seinen Dienst versagen (z.B. ein Virenscanner, der eine verseuchte Datei nicht erkennt). Trotzdem ist entsprechende Software natürlich wichtig und hilft dir in Kombination mit einem gut gewarteten (up-to-date) System und durchdachtem Verhalten, deinen Rechner sauber zu halten.
Es liegt in der Natur der Sache, dass die am weitesten verbreitete Anwendungs-Software auch am häufigsten von Malware-Autoren attackiert wird. Es kann daher bereits einen kleinen Sicherheitsgewinn darstellen, wenn man alternative Software (z.B. einen alternativen PDF Reader) benutzt. Anstelle des Internet Explorers kann man beispielsweise den Mozilla Firefox einsetzen, für welchen es zwei nützliche Addons zur Empfehlung gibt:
(Un-)Sicheres Verhalten im InternetNebst unbemerkten Drive-by Installationen wird Malware aber auch oft mehr oder weniger aktiv vom Benutzer selbst installiert. Der Besuch zwielichtiger Websites kann bereits Risiken bergen. Und Downloads aus dubiosen Quellen sind immer russisches Roulette. Auch wenn der Virenscanner im Moment darin keine Bedrohung erkennt, muss das nichts bedeuten.
Oft wird auch versucht, den Benutzer mit mehr oder weniger trickreichen Methoden dazu zu bringen, eine für ihn verhängnisvolle Handlung selbst auszuführen (Überbegriff Social Engineering).
Nervige Adware (Werbung) und unnötige Toolbars werden auch meist durch den Benutzer selbst mitinstalliert.
Allgemeine HinweiseAbschliessend noch ein paar grundsätzliche Bemerkungen:
Wenn du möchtest, kannst du das Forum mit einer kleinen Spende unterstützen. Es bleibt mir nur noch, dir unbeschwertes und sicheres Surfen zu wünschen und dass wir uns hier so bald nicht wiedersehen. ;) |
Ich möchte mich noch bei den Malwareteam bedanken besonders Leo der mich persönlich betreut hat. Dank auch noch für die Tipps beim täglichen Surfen, kann nur sagen der PC ist um einiges scheller geworden. Danke, Rundolf |
Danke für die Rückmeldung. Freut mich, dass wir helfen konnten. :abklatsch: Falls du dem Forum noch Verbesserungsvorschläge, Kritik oder ein Lob mitgeben möchtest, kannst du das hier tun. Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Ich bekomme somit keine Benachrichtigung mehr über neue Antworten. Solltest du das Thema erneut brauchen, schicke mir bitte eine PM und wir machen hier weiter. Jeder andere bitte diese Anleitung lesen und einen eigenen Thread erstellen. |
| Alle Zeitangaben in WEZ +1. Es ist jetzt 22:51 Uhr. |
Copyright ©2000-2025, Trojaner-Board
Textbox. 