| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Avira meldet TR/Rootkit.Gen in C:windows/system32/drivers....was ist zu tun?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
10.07.2014, 19:37
| #1 |
 |  Avira meldet TR/Rootkit.Gen in C:windows/system32/drivers....was ist zu tun? Hallo...ich bin ein ziemlicher Computerlaie und hoffe bei Euch auf Hilfe! Avira meldet oben genannten Trojaner, sagt aber, er kann nicht gelöscht oder in quarantäne geschoben werden. habe mir trojan remover runtergeladen, der findet ihn auch, macht dann aber nichts mit ihm (vielleicht auch, weil ich in englisch nicht alles verstehe). bei weiteren recherchen bin ich jetzt auf eure seite gestoßen mit hoffnung auf hilfe...denke auch, es macht wenig sinn, auf eigene faust ohne sinn und verstand weiter zu machen! habe nur die befürchtung, dass ich all dem hier auch nicht immer gleich folgen kann...ich hoffe auf geduld und verständnis  gruß rieeek ach so, symptome habe ich weiter keine bemerkt, außer, dass der pc (schon länger) unglaublich langsam ist...ist aber auch ein älteres modell |
|
10.07.2014, 19:43
| #2 |
| /// the machine /// TB-Ausbilder    | Avira meldet TR/Rootkit.Gen in C:windows/system32/drivers....was ist zu tun? HI,
__________________Logfile von Avira?
__________________ |
|
10.07.2014, 20:01
| #3 |
| | Avira meldet TR/Rootkit.Gen in C:windows/system32/drivers....was ist zu tun? da gehts schon los.....habe echt keine ahnung und ich bin hier parallel am lesen, was ich zu tun habe und hoffe, ich habe das/den/die logfile gefunden...und hänge es an
__________________ |
|
10.07.2014, 20:09
| #4 |
| | Avira meldet TR/Rootkit.Gen in C:windows/system32/drivers....was ist zu tun? lese gerade, ich soll es nicht anhängen?! dann also hier (avira): Exportierte Ereignisse: 10.07.2014 18:39 [System-Scanner] Malware gefunden Die Datei 'C:\WINDOWS\system32\drivers\b80de4165e1b28a.sys' enthielt einen Virus oder unerwünschtes Programm 'TR/Rootkit.Gen' [trojan]. Durchgeführte Aktion(en): Beim Versuch eine Sicherungskopie der Datei anzulegen ist ein Fehler aufgetreten und die Datei wurde nicht gelöscht. Fehlernummer: 26004. Die Quelldatei konnte nicht gefunden werden. Es wird versucht die Aktion mit Hilfe der ARK Library durchzuführen. Der Zugriff auf die Rootkit Suche wurde verweigert. Für die abschliessende Reparatur wird ein Neustart des Computers eingeleitet. Die Datei konnte nicht zum Löschen nach dem Neustart markiert werden. Mögliche Ursache: Zugriff verweigert . Für die abschliessende Reparatur wird ein Neustart des Computers eingeleitet. beim trojan remover finde ich bisher so einen bericht gar nicht |
|
11.07.2014, 13:46
| #5 |
| /// the machine /// TB-Ausbilder | Avira meldet TR/Rootkit.Gen in C:windows/system32/drivers....was ist zu tun? hi, Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
11.07.2014, 14:45
| #6 |
| | Avira meldet TR/Rootkit.Gen in C:windows/system32/drivers....was ist zu tun?Code:
ATTFilter 15:36:57.0718 0x0b64 TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
15:37:00.0125 0x0b64 ============================================================
15:37:00.0125 0x0b64 Current date / time: 2014/07/11 15:37:00.0125
15:37:00.0125 0x0b64 SystemInfo:
15:37:00.0125 0x0b64
15:37:00.0125 0x0b64 OS Version: 5.1.2600 ServicePack: 3.0
15:37:00.0125 0x0b64 Product type: Workstation
15:37:00.0125 0x0b64 ComputerName: RIKES-PC
15:37:00.0125 0x0b64 UserName: Admin
15:37:00.0125 0x0b64 Windows directory: C:\WINDOWS
15:37:00.0125 0x0b64 System windows directory: C:\WINDOWS
15:37:00.0125 0x0b64 Processor architecture: Intel x86
15:37:00.0125 0x0b64 Number of processors: 1
15:37:00.0125 0x0b64 Page size: 0x1000
15:37:00.0125 0x0b64 Boot type: Normal boot
15:37:00.0125 0x0b64 ============================================================
15:37:02.0984 0x0b64 KLMD registered as C:\WINDOWS\system32\drivers\83103550.sys
15:37:06.0609 0x0b64 System UUID: {85D39F71-11F0-8F1F-9754-FB6C4A969AB8}
15:37:07.0000 0x0b64 !crdlk
15:37:07.0046 0x0b64 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 ( 149.05 Gb ), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'A'
15:37:07.0046 0x0b64 ============================================================
15:37:07.0046 0x0b64 \Device\Harddisk0\DR0:
15:37:07.0046 0x0b64 MBR partitions:
15:37:07.0046 0x0b64 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A14BC1
15:37:07.0046 0x0b64 ============================================================
15:37:07.0109 0x0b64 C: <-> \Device\Harddisk0\DR0\Partition1
15:37:07.0109 0x0b64 ============================================================
15:37:07.0109 0x0b64 Initialize success
15:37:07.0109 0x0b64 ============================================================
15:37:52.0812 0x0338 ============================================================
15:37:52.0812 0x0338 Scan started
15:37:52.0812 0x0338 Mode: Manual; SigCheck; TDLFS;
15:37:52.0812 0x0338 ============================================================
15:37:52.0812 0x0338 KSN ping started
15:38:06.0171 0x0338 KSN ping finished: true
15:38:07.0046 0x0338 ================ Scan system memory ========================
15:38:07.0046 0x0338 System memory - ok
15:38:07.0046 0x0338 ================ Scan services =============================
15:38:07.0156 0x0338 Abiosdsk - ok
15:38:07.0171 0x0338 abp480n5 - ok
15:38:07.0218 0x0338 [ AC407F1A62C3A300B4F2B5A9F1D55B2C, 31F5FC61B37E22100B3A52A590295A7E827FFC581FA9960C64B9032452AAECED ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
15:38:08.0187 0x0338 ACPI - ok
15:38:08.0328 0x0338 [ 9E1CA3160DAFB159CA14F83B1E317F75, 13B3E897B0E819BF734449416D9EC6EBCAC89538EC69BF48C068593B82D57004 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
15:38:08.0437 0x0338 ACPIEC - ok
15:38:08.0546 0x0338 [ A6B6AB9502B63F43A9A56AE6AFB22078, DD1F0BA3D8F3333F52A71EAE3719A001F6EF844D647FFABF0E4C56C6C764ACA7 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
15:38:08.0578 0x0338 AdobeFlashPlayerUpdateSvc - ok
15:38:08.0593 0x0338 adpu160m - ok
15:38:08.0640 0x0338 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
15:38:08.0765 0x0338 aec - ok
15:38:08.0812 0x0338 AfaService - ok
15:38:08.0859 0x0338 [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys
15:38:08.0953 0x0338 AFD - ok
15:38:08.0968 0x0338 Aha154x - ok
15:38:08.0984 0x0338 aic78u2 - ok
15:38:09.0000 0x0338 aic78xx - ok
15:38:09.0062 0x0338 [ BA88534A3CEB6161E7432438B9EA4F54, 223ACEB51548220155FD80594294B9AF6942757D2573E621325DBD4679DDB56C ] ALCXSENS C:\WINDOWS\system32\drivers\ALCXSENS.SYS
15:38:09.0171 0x0338 ALCXSENS - ok
15:38:09.0250 0x0338 [ 6725434F5EB0A975B7716D68566E5D86, 5B2DA95119CDA7E1CAD5DF57A486F0B106224230EFC12C7B6189DD677D501954 ] ALCXWDM C:\WINDOWS\system32\drivers\ALCXWDM.SYS
15:38:09.0375 0x0338 ALCXWDM - ok
15:38:09.0453 0x0338 [ 738D80CC01D7BC7584BE917B7F544394, DCC17AAEF5CDDF52FAAC3CC6904EF421CD595F66318A2370BEE261D5C3A8E340 ] Alerter C:\WINDOWS\system32\alrsvc.dll
15:38:09.0562 0x0338 Alerter - ok
15:38:09.0609 0x0338 [ 190CD73D4984F94D823F9444980513E5, 93A32C2495CCA094F768BA707C74DA5C00B8A88A9236DD1A297439A7C2E6C6FA ] ALG C:\WINDOWS\System32\alg.exe
15:38:09.0734 0x0338 ALG - ok
15:38:09.0750 0x0338 AliIde - ok
15:38:09.0828 0x0338 [ 033448D435E65C4BD72E70521FD05C76, A5462C22D5461F1BA06E81CD7E1ECE5409092DE53A8E4D3E78D089B65CB474D4 ] AmdPPM C:\WINDOWS\system32\DRIVERS\AmdPPM.sys
15:38:09.0890 0x0338 AmdPPM - ok
15:38:09.0890 0x0338 amsint - ok
15:38:10.0046 0x0338 [ 4C14746BCBF9985BDBF1CD1BEED96DF8, 8EF50FBD98C9AFD85F5D08692E7AEC21812B70074AA0DC6DCDFDBC2FFE34A75D ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe
15:38:10.0062 0x0338 AntiVirSchedulerService - ok
15:38:10.0156 0x0338 [ 4C14746BCBF9985BDBF1CD1BEED96DF8, 8EF50FBD98C9AFD85F5D08692E7AEC21812B70074AA0DC6DCDFDBC2FFE34A75D ] AntiVirService C:\Programme\Avira\AntiVir Desktop\avguard.exe
15:38:10.0187 0x0338 AntiVirService - ok
15:38:10.0250 0x0338 [ D45960BE52C3C610D361977057F98C54, 9186589B502F46B47672CFB8EBD558D51B0F3CBFE4E0DDBA625A4265236518CE ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
15:38:10.0437 0x0338 AppMgmt - ok
15:38:10.0453 0x0338 asc - ok
15:38:10.0468 0x0338 asc3350p - ok
15:38:10.0484 0x0338 asc3550 - ok
15:38:10.0578 0x0338 [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
15:38:10.0593 0x0338 aspnet_state - ok
15:38:10.0640 0x0338 [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
15:38:10.0750 0x0338 AsyncMac - ok
15:38:10.0796 0x0338 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
15:38:10.0921 0x0338 atapi - ok
15:38:10.0937 0x0338 Atdisk - ok
15:38:11.0046 0x0338 [ 471087B5E1E01CC82604E81EA14781D8, DA6AAFE65232AF3DA3D0D5F399730A1117B0DBBCB6AA2A9BD0D1ADA22A1198B8 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
15:38:11.0109 0x0338 Ati HotKey Poller - detected UnsignedFile.Multi.Generic ( 1 )
15:38:13.0968 0x0338 Detect skipped due to KSN trusted
15:38:13.0968 0x0338 Ati HotKey Poller - ok
15:38:14.0046 0x0338 [ B979BA0120B6DB757196A8E2E873FE3C, 4F4CCD1D07485A53CA3ECEB10E029102BBE9946A15C7B67840E64D352808A0CA ] ATI Smart C:\WINDOWS\system32\ati2sgag.exe
15:38:14.0109 0x0338 ATI Smart - detected UnsignedFile.Multi.Generic ( 1 )
15:38:16.0437 0x0338 Detect skipped due to KSN trusted
15:38:16.0437 0x0338 ATI Smart - ok
15:38:16.0640 0x0338 [ C0B86ECB324E50F6BBD529F9D5C6B24B, 6B6E58CBDE1010FF13740DA91482E8A40D7B31CD808C16B524BE012C0EADB0D1 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
15:38:16.0859 0x0338 ati2mtag - detected UnsignedFile.Multi.Generic ( 1 )
15:38:19.0359 0x0338 Detect skipped due to KSN trusted
15:38:19.0359 0x0338 ati2mtag - ok
15:38:19.0437 0x0338 [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
15:38:19.0546 0x0338 Atmarpc - ok
15:38:19.0609 0x0338 [ 58ED0D5452DF7BE732193E7999C6B9A4, 254E2ECF592DDA2E3E6CA9F6F3E77926E2265586A7937BA95199ED47BCDE69A3 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
15:38:19.0734 0x0338 AudioSrv - ok
15:38:19.0796 0x0338 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
15:38:19.0937 0x0338 audstub - ok
15:38:20.0000 0x0338 [ B0A63DD71CB0CB597D8BD5C364E73F7C, 572B31F3FC962F50110D42A08CDD0614323E18C213575710CEEFA35EE7CAE8C5 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
15:38:20.0031 0x0338 avgntflt - ok
15:38:20.0093 0x0338 [ 05AF7CBF0BDA1571BBADC36703EB9CA4, 3925AD58053769D317D3CF0DDDF7371B010F2F4C839CF7B44F327AE9D0AB5442 ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
15:38:20.0109 0x0338 avipbb - ok
15:38:20.0187 0x0338 [ D8C712305F73CD34D1B344810E522728, 49A474FF6CA44E8427D7A8290B47395125B0148AF384CF2B3B1FA495A4718CBA ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
15:38:20.0187 0x0338 avkmgr - ok
15:38:20.0203 0x0338 Suspicious service (NoAccess): b80de4165e1b28a
15:38:20.0250 0x0338 [ 967BD40B5544CBF2D3F163407DF44A93, 4FB33BFBB1C1C3812AAD7ED06AF84C2B9E854B03BB20E2060D621DA42D0AA0FE ] b80de4165e1b28a C:\WINDOWS\System32\Drivers\b80de4165e1b28a.sys
15:38:20.0250 0x0338 Suspicious file ( NoAccess ): C:\WINDOWS\System32\Drivers\b80de4165e1b28a.sys. md5: 967BD40B5544CBF2D3F163407DF44A93, sha256: 4FB33BFBB1C1C3812AAD7ED06AF84C2B9E854B03BB20E2060D621DA42D0AA0FE
15:38:20.0281 0x0338 b80de4165e1b28a - detected Rootkit.Win32.Necurs.gen ( 0 )
15:38:22.0765 0x0338 b80de4165e1b28a ( Rootkit.Win32.Necurs.gen ) - infected
15:38:22.0781 0x0338 Force sending object to P2P due to detect: b80de4165e1b28a
15:38:25.0187 0x0338 Object send P2P result: true
15:38:27.0640 0x0338 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
15:38:27.0781 0x0338 Beep - ok
15:38:27.0875 0x0338 [ D6F603772A789BB3228F310D650B8BD1, A539025C70FD998A9B8703DE05CAE5E99BC721D8852EA561EBC2DD20CB371D2E ] BITS C:\WINDOWS\system32\qmgr.dll
15:38:27.0984 0x0338 BITS - ok
15:38:28.0031 0x0338 [ B71549F23736ADF83A571061C47777FD, A1D0320736EE777030A543DCA086367EB5A5B6F95088B9C22D8E09326C3A39A9 ] Browser C:\WINDOWS\System32\browser.dll
15:38:28.0093 0x0338 Browser - ok
15:38:28.0156 0x0338 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
15:38:28.0296 0x0338 cbidf2k - ok
15:38:28.0343 0x0338 [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
15:38:28.0453 0x0338 CCDECODE - ok
15:38:28.0468 0x0338 cd20xrnt - ok
15:38:28.0531 0x0338 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
15:38:28.0687 0x0338 Cdaudio - ok
15:38:28.0734 0x0338 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
15:38:28.0843 0x0338 Cdfs - ok
15:38:28.0921 0x0338 [ 4B0A100EAF5C49EF3CCA8C641431EACC, 88D9C066FFB863910EE1863CE63D38846ACA2DF72D6B5FDFCE0F3379A6DA5EF9 ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
15:38:28.0984 0x0338 Cdrom - ok
15:38:29.0000 0x0338 Changer - ok
15:38:29.0046 0x0338 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E, ACB458E8A11AA2143734A5A0281973D95158E6402A6453F98F9832D1E19B01F9 ] CiSvc C:\WINDOWS\system32\cisvc.exe
15:38:29.0171 0x0338 CiSvc - ok
15:38:29.0218 0x0338 [ 778A30ED3C134EB7E406AFC407E9997D, 3E6AD115AB2596EB001BC21AEADDBC75F27C42DB90C986B7AD17743CE631234E ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
15:38:29.0328 0x0338 ClipSrv - ok
15:38:29.0406 0x0338 [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:38:29.0421 0x0338 clr_optimization_v2.0.50727_32 - ok
15:38:29.0453 0x0338 CmdIde - ok
15:38:29.0468 0x0338 COMSysApp - ok
15:38:29.0500 0x0338 Cpqarray - ok
15:38:29.0562 0x0338 [ 611F824E5C703A5A899F84C5F1699E4D, 9EFA5612FE58E9974E4CC13D39D91D7B5DEA3ED66BEFBED3AAE6D2800FD8162A ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
15:38:29.0687 0x0338 CryptSvc - ok
15:38:29.0703 0x0338 dac2w2k - ok
15:38:29.0734 0x0338 dac960nt - ok
15:38:29.0828 0x0338 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
15:38:29.0906 0x0338 DcomLaunch - ok
15:38:29.0984 0x0338 [ 6216FD7FD227DE454238A702B218CEC7, 5699FDD253754AE274B8624A41CBE778D74383E95D5167785A48A51AAD67FC70 ] dgderdrv C:\WINDOWS\system32\drivers\dgderdrv.sys
15:38:30.0000 0x0338 dgderdrv - ok
15:38:30.0078 0x0338 [ B575C523F537F24D66D31F8877E6BCAB, E2EA9A4DA052D60E7C79A07DF16CD33D5ECB53CB3C6135EDDE8403B951032C38 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
15:38:30.0093 0x0338 dg_ssudbus - ok
15:38:30.0140 0x0338 [ C29A1C9B75BA38FA37F8C44405DEC360, 7476D8BC4380CDE56764B2034AF3741DA4ED00F315E41C9A02B5EAD04374F241 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
15:38:30.0250 0x0338 Dhcp - ok
15:38:30.0281 0x0338 [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
15:38:30.0421 0x0338 Disk - ok
15:38:30.0437 0x0338 dmadmin - ok
15:38:30.0531 0x0338 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA, 89B0AEE5BE01B9FE4FF2989FF16DB6121721ACDFCE6D9655C0ACD321D8C308BE ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
15:38:30.0703 0x0338 dmboot - ok
15:38:30.0734 0x0338 [ 53720AB12B48719D00E327DA470A619A, 800264866A6267C9000A85D00095D57908D059D737E5F28C9C4049B884C46228 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
15:38:30.0875 0x0338 dmio - ok
15:38:30.0906 0x0338 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
15:38:31.0046 0x0338 dmload - ok
15:38:31.0093 0x0338 [ 25C83FFBBA13B554EB6D59A9B2E2EE78, 9FBD655ED3E9163AE11EC207F283E387EFBA5A23108EC790BAE4846B35E66F16 ] dmserver C:\WINDOWS\System32\dmserver.dll
15:38:31.0234 0x0338 dmserver - ok
15:38:31.0296 0x0338 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
15:38:31.0437 0x0338 DMusic - ok
15:38:31.0515 0x0338 [ 407F3227AC618FD1CA54B335B083DE07, 96B8E734648FE9A4EBA59C096C8779BD1A11A93A6303AFD438A406C8122D36C6 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
15:38:31.0562 0x0338 Dnscache - ok
15:38:31.0656 0x0338 [ 676E36C4FF5BCEA1900F44182B9723E6, 740CF18BD40E00FEA26CF0E6340C5D18F7D0B4390055FAEEC258B3AA790C4AE9 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
15:38:31.0765 0x0338 Dot3svc - ok
15:38:31.0796 0x0338 dpti2o - ok
15:38:31.0828 0x0338 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
15:38:31.0921 0x0338 drmkaud - ok
15:38:31.0968 0x0338 [ 4E4F2FDDAB0A0736D7671134DCCE91FB, 8E2C57D1A006856C47CBDD5765A9DD317DB205B26DA8BFC70555A506257A1CD9 ] EapHost C:\WINDOWS\System32\eapsvc.dll
15:38:32.0078 0x0338 EapHost - ok
15:38:32.0125 0x0338 [ 877C18558D70587AA7823A1A308AC96B, 6B336A62112988D855513F45153F73F8470C41A448E9B7438B4A8EC1813AABF1 ] ERSvc C:\WINDOWS\System32\ersvc.dll
15:38:32.0250 0x0338 ERSvc - ok
15:38:32.0312 0x0338 [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] Eventlog C:\WINDOWS\system32\services.exe
15:38:32.0359 0x0338 Eventlog - ok
15:38:32.0390 0x0338 [ AF4F6B5739D18CA7972AB53E091CBC74, A399E2CC026730D3A429727AAB48093B9F1E5DD8EB6336519C7F16182FDB3905 ] EventSystem C:\WINDOWS\system32\es.dll
15:38:32.0468 0x0338 EventSystem - ok
15:38:32.0500 0x0338 [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
15:38:32.0593 0x0338 Fastfat - ok
15:38:32.0640 0x0338 [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
15:38:32.0718 0x0338 FastUserSwitchingCompatibility - ok
15:38:32.0781 0x0338 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
15:38:32.0875 0x0338 Fdc - ok
15:38:32.0906 0x0338 [ E7072827D0B5F9BD99D6961571A38973, 6B34FC5A57FB25EE52DBB3D5A1FCD664EF4906418315A69DEFAA99DB3971F78A ] FET5X86V C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys
15:38:32.0968 0x0338 FET5X86V - ok
15:38:33.0031 0x0338 [ E9648254056BCE81A85380C0C3647DC4, AE58F498BD1C33360FE3BB9EA22C13EA562206B68E7946B587CB5A6DF94586A1 ] FETNDIS C:\WINDOWS\system32\DRIVERS\fetnd5.sys
15:38:33.0156 0x0338 FETNDIS - ok
15:38:33.0187 0x0338 [ B0678A548587C5F1967B0D70BACAD6C1, 7E49910212ED87313F926E4800EA8D34809C287A686CA69B82B79C1A6451F88C ] Fips C:\WINDOWS\system32\drivers\Fips.sys
15:38:33.0312 0x0338 Fips - ok
15:38:33.0343 0x0338 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
15:38:33.0453 0x0338 Flpydisk - ok
15:38:33.0515 0x0338 [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
15:38:33.0640 0x0338 FltMgr - ok
15:38:33.0734 0x0338 [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
15:38:33.0750 0x0338 FontCache3.0.0.0 - ok
15:38:33.0796 0x0338 [ B07663A810E861EEBFD0EAC7E82CA62D, 9FC5CDE0A0C3D15050056325AACD65B13C4C45ED0DA199ABFB93A691285A3821 ] FsUsbExDisk C:\WINDOWS\system32\FsUsbExDisk.SYS
15:38:33.0828 0x0338 FsUsbExDisk - detected UnsignedFile.Multi.Generic ( 1 )
15:38:36.0156 0x0338 Detect skipped due to KSN trusted
15:38:36.0156 0x0338 FsUsbExDisk - ok
15:38:36.0203 0x0338 [ F96C429788350DB4BA6771C3034DFD88, 07DD60F281224D5CDA14FD4F42BF6992EBDD44FD8888A7D5053E2130A47D3CDC ] FsUsbExService C:\WINDOWS\system32\FsUsbExService.Exe
15:38:36.0234 0x0338 FsUsbExService - detected UnsignedFile.Multi.Generic ( 1 )
15:38:38.0718 0x0338 Detect skipped due to KSN trusted
15:38:38.0718 0x0338 FsUsbExService - ok
15:38:38.0750 0x0338 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:38:38.0843 0x0338 Fs_Rec - ok
15:38:38.0906 0x0338 [ 8F1955CE42E1484714B542F341647778, 8EB3F99625F409D3032561E8AB44BEFBFBFBA4EC873C2151C92A5CAAF7F2AA55 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
15:38:39.0062 0x0338 Ftdisk - ok
15:38:39.0078 0x0338 [ 3A74C423CF6BCCA6982715878F450A3B, A98D6D377B48D05BE3927F6E93D0DE7741E115C43125C0E0DE6EEFE023DE73BC ] gagp30kx C:\WINDOWS\system32\DRIVERS\gagp30kx.sys
15:38:39.0203 0x0338 gagp30kx - ok
15:38:39.0250 0x0338 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
15:38:39.0390 0x0338 Gpc - ok
15:38:39.0500 0x0338 [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate C:\Programme\Google\Update\GoogleUpdate.exe
15:38:39.0515 0x0338 gupdate - ok
15:38:39.0531 0x0338 [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe
15:38:39.0546 0x0338 gupdatem - ok
15:38:39.0609 0x0338 [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
15:38:39.0625 0x0338 gusvc - ok
15:38:39.0703 0x0338 [ CB66BF85BF599BEFD6C6A57C2E20357F, 55D3A0F9279FF316766F42548FCB61C452942B08A37590C4892DF110BE4E53C6 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
15:38:39.0828 0x0338 helpsvc - ok
15:38:39.0875 0x0338 [ B35DA85E60C0103F2E4104532DA2F12B, E13C9F73DF7713554CB614B36123D75014F5121AA1FC9069733E61758751CBE4 ] HidServ C:\WINDOWS\System32\hidserv.dll
15:38:40.0000 0x0338 HidServ - ok
15:38:40.0062 0x0338 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
15:38:40.0156 0x0338 HidUsb - ok
15:38:40.0250 0x0338 [ ED29F14101523A6E0E808107405D452C, B8FA987637787BEECC2EB06D36293DAC355523392B49A8C5A9491EEE961917E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
15:38:40.0343 0x0338 hkmsvc - ok
15:38:40.0359 0x0338 hpn - ok
15:38:40.0406 0x0338 [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
15:38:40.0468 0x0338 HTTP - ok
15:38:40.0515 0x0338 [ 9E4ADB854CEBCFB81A4B36718FEECD16, 677AB64460775686F8366D6BF35D420A2486C3F07338A00A7C2788A5142B9F08 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
15:38:40.0640 0x0338 HTTPFilter - ok
15:38:40.0656 0x0338 i2omgmt - ok
15:38:40.0687 0x0338 i2omp - ok
15:38:40.0703 0x0338 [ E283B97CFBEB86C1D86BAED5F7846A92, 7664F791D08C80DF1E52B34BE69F073AA645610C4BD975F498254807602374AB ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
15:38:40.0828 0x0338 i8042prt - ok
15:38:40.0937 0x0338 [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:38:40.0984 0x0338 idsvc - ok
15:38:41.0031 0x0338 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
15:38:41.0140 0x0338 Imapi - ok
15:38:41.0203 0x0338 [ D4B413AA210C21E46AEDD2BA5B68D38E, 2309622867AA8FC832A729FA78F48742D4BD6CA0DAFBFB9DDB0772D671E1ED75 ] ImapiService C:\WINDOWS\system32\imapi.exe
15:38:41.0296 0x0338 ImapiService - ok
15:38:41.0328 0x0338 ini910u - ok
15:38:41.0359 0x0338 IntelIde - ok
15:38:41.0421 0x0338 [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
15:38:41.0515 0x0338 Ip6Fw - ok
15:38:41.0562 0x0338 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:38:41.0703 0x0338 IpFilterDriver - ok
15:38:41.0734 0x0338 [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
15:38:41.0843 0x0338 IpInIp - ok
15:38:42.0265 0x0338 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
15:38:42.0406 0x0338 IpNat - ok
15:38:42.0468 0x0338 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
15:38:42.0625 0x0338 IPSec - ok
15:38:42.0640 0x0338 [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
15:38:42.0750 0x0338 IRENUM - ok
15:38:42.0812 0x0338 [ 6DFB88F64135C525433E87648BDA30DE, 8233EEFBEF36AAA152F2C55D23D7118F0DE40C9C22EB5D9793405A4770889540 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
15:38:42.0953 0x0338 isapnp - ok
15:38:43.0093 0x0338 [ 5739F2821D49975CEDE6BF0153D0CF01, DF45BD1A9F6DDB893C99F28C3730C50C61A612C4297A4B00D857533FC0973CD9 ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe
15:38:43.0109 0x0338 JavaQuickStarterService - ok
15:38:43.0140 0x0338 [ 1704D8C4C8807B889E43C649B478A452, E854C90CD301F42BE2520CEDAD35E49DF2D43606CF4EEED861B74882118D04D1 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
15:38:43.0234 0x0338 Kbdclass - ok
15:38:43.0265 0x0338 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
15:38:43.0406 0x0338 kmixer - ok
15:38:43.0453 0x0338 [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
15:38:43.0546 0x0338 KSecDD - ok
15:38:43.0609 0x0338 [ 2BBDCB79900990F0716DFCB714E72DE7, 6283789201164A9254632D9A3C8A54FE697717D5F8D5A37804D924DC2B70C8E3 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
15:38:43.0656 0x0338 lanmanserver - ok
15:38:43.0718 0x0338 [ 1869B14B06B44B44AF70548E1EA3303F, 4D63B4DAF580C86F86837C7D1753E2105B4C52E26D4CA0CAAFE83755EFF7AFBE ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
15:38:43.0781 0x0338 lanmanworkstation - ok
15:38:43.0796 0x0338 lbrtfdc - ok
15:38:43.0859 0x0338 [ 636714B7D43C8D0C80449123FD266920, F06F6C7DC49B26EFCAC3570C67BA9BD934F62C6F382DA4DD2AB302C7B970F414 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
15:38:43.0968 0x0338 LmHosts - ok
15:38:44.0015 0x0338 [ B7550A7107281D170CE85524B1488C98, A3854B16A65436BEF6BEDE918B43B3BE8F00D303660DB5831DD376271DC43239 ] Messenger C:\WINDOWS\System32\msgsvc.dll
15:38:44.0109 0x0338 Messenger - ok
15:38:44.0203 0x0338 [ 4F169F43F932739F093AE4E659FFF26A, 3DA408033DF3C8BAB59CBADD281EEADAF2ADDCA28FA57027932F9D79B6051B3E ] MHIKEY10 C:\WINDOWS\system32\Drivers\MHIKEY10.sys
15:38:44.0250 0x0338 MHIKEY10 - ok
15:38:44.0281 0x0338 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
15:38:44.0421 0x0338 mnmdd - ok
15:38:44.0484 0x0338 [ C2F1D365FD96791B037EE504868065D3, 87BD87E08FD00D115524B049F1A3A719AB86557D68968E7090CD0F271F985CAF ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
15:38:44.0656 0x0338 mnmsrvc - ok
15:38:44.0703 0x0338 [ 6FB74EBD4EC57A6F1781DE3852CC3362, 0454509D9A31E0202C08AE17294E2682F227D177A3C73B303E4C8332757AFCA1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
15:38:44.0828 0x0338 Modem - ok
15:38:44.0859 0x0338 [ B24CE8005DEAB254C0251E15CB71D802, 6804A8ABDAD5EC846E7F8077D1EE9BA45D6226ACFF42C70BE3DE7C8980EF9EC4 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
15:38:45.0000 0x0338 Mouclass - ok
15:38:45.0062 0x0338 [ 66A6F73C74E1791464160A7065CE711A, 3C570FA1E8EF976B83759220FE95BAC9D7D48D607F91B113EDE4790D34ACBD46 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
15:38:45.0281 0x0338 mouhid - ok
15:38:45.0343 0x0338 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
15:38:45.0453 0x0338 MountMgr - ok
15:38:45.0468 0x0338 mraid35x - ok
15:38:45.0515 0x0338 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
15:38:45.0640 0x0338 MRxDAV - ok
15:38:45.0703 0x0338 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:38:45.0812 0x0338 MRxSmb - ok
15:38:45.0859 0x0338 [ 35A031AF38C55F92D28AA03EE9F12CC9, 97245D204C886EE8DCCC2DEAC80A0E358A7E0C1982F77389DA50DCF091FC9DDC ] MSDTC C:\WINDOWS\system32\msdtc.exe
15:38:46.0015 0x0338 MSDTC - ok
15:38:46.0031 0x0338 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
15:38:46.0156 0x0338 Msfs - ok
15:38:46.0171 0x0338 MSIServer - ok
15:38:46.0218 0x0338 [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:38:46.0328 0x0338 MSKSSRV - ok
15:38:46.0343 0x0338 [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:38:46.0484 0x0338 MSPCLOCK - ok
15:38:46.0515 0x0338 [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
15:38:46.0625 0x0338 MSPQM - ok
15:38:46.0671 0x0338 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
15:38:46.0781 0x0338 mssmbios - ok
15:38:46.0828 0x0338 [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
15:38:46.0937 0x0338 MSTEE - ok
15:38:47.0000 0x0338 [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
15:38:47.0031 0x0338 Mup - ok
15:38:47.0046 0x0338 [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
15:38:47.0156 0x0338 NABTSFEC - ok
15:38:47.0250 0x0338 [ 46BB15AE2AC7D025D6D2567B876817BD, 102A101B96D1078C98FA0F871C801A9A8538E20E5686AB0C7680B2F6C92B3165 ] napagent C:\WINDOWS\System32\qagentrt.dll
15:38:47.0343 0x0338 napagent - ok
15:38:47.0406 0x0338 [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
15:38:47.0515 0x0338 NDIS - ok
15:38:47.0531 0x0338 [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
15:38:47.0625 0x0338 NdisIP - ok
15:38:47.0640 0x0338 [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:38:47.0687 0x0338 NdisTapi - ok
15:38:47.0718 0x0338 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:38:47.0828 0x0338 Ndisuio - ok
15:38:47.0859 0x0338 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:38:47.0968 0x0338 NdisWan - ok
15:38:48.0046 0x0338 [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
15:38:48.0125 0x0338 NDProxy - ok
15:38:48.0156 0x0338 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
15:38:48.0250 0x0338 NetBIOS - ok
15:38:48.0281 0x0338 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
15:38:48.0390 0x0338 NetBT - ok
15:38:48.0468 0x0338 [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDE C:\WINDOWS\system32\netdde.exe
15:38:48.0578 0x0338 NetDDE - ok
15:38:48.0609 0x0338 [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
15:38:48.0718 0x0338 NetDDEdsdm - ok
15:38:48.0750 0x0338 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] Netlogon C:\WINDOWS\system32\lsass.exe
15:38:48.0843 0x0338 Netlogon - ok
15:38:48.0890 0x0338 [ E6D88F1F6745BF00B57E7855A2AB696C, 12A5EDD853600FF5EBF91E127077745AE1E61E66DBC1D4D4306570F171AF4A39 ] Netman C:\WINDOWS\System32\netman.dll
15:38:49.0015 0x0338 Netman - ok
15:38:49.0093 0x0338 [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:38:49.0109 0x0338 NetTcpPortSharing - ok
15:38:49.0171 0x0338 [ F1B67B6B0751AE0E6E964B02821206A3, 3D5A7593ABDEE2047C5738671C85DC8B95A4ECF58D5D7B04EEE13A689839A540 ] Nla C:\WINDOWS\System32\mswsock.dll
15:38:49.0218 0x0338 Nla - ok
15:38:49.0265 0x0338 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
15:38:49.0343 0x0338 Npfs - ok
15:38:49.0406 0x0338 [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
15:38:49.0562 0x0338 Ntfs - ok
15:38:49.0578 0x0338 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
15:38:49.0687 0x0338 NtLmSsp - ok
15:38:49.0750 0x0338 [ 56AF4064996FA5BAC9C449B1514B4770, 154602EFEC22728503D4ABA025DF711B0F2CFC983F5E3BF25F2A4BCD1AE250EC ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
15:38:49.0859 0x0338 NtmsSvc - ok
15:38:49.0890 0x0338 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
15:38:50.0015 0x0338 Null - ok
15:38:50.0078 0x0338 [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
15:38:50.0187 0x0338 NwlnkFlt - ok
15:38:50.0203 0x0338 [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
15:38:50.0312 0x0338 NwlnkFwd - ok
15:38:50.0359 0x0338 [ F84785660305B9B903FB3BCA8BA29837, BDBDE61076800415D98759077E9E039C80B55DBE68E31F8BF44A909C6C3D3276 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
15:38:50.0468 0x0338 Parport - ok
15:38:50.0500 0x0338 [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
15:38:50.0593 0x0338 PartMgr - ok
15:38:50.0625 0x0338 [ C2BF987829099A3EAA2CA6A0A90ECB4F, 1DF21EA8E43875CFEECD869407429F82FB449707CFB845718499468E699BAAAA ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
15:38:50.0750 0x0338 ParVdm - ok
15:38:50.0765 0x0338 [ 387E8DEDC343AA2D1EFBC30580273ACD, 5F3E642BDB759777E570ED5B22AC7E93CDCD362708F281657AD7BAB44EDEC802 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
15:38:50.0859 0x0338 PCI - ok
15:38:50.0875 0x0338 PCIDump - ok
15:38:50.0890 0x0338 [ 59BA86D9A61CBCF4DF8E598C331F5B82, 822D11C5CE77BFD7B2F25350CCBF92B0B9388EEA6D86ED220B768C720976D839 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
15:38:51.0015 0x0338 PCIIde - ok
15:38:51.0031 0x0338 [ A2A966B77D61847D61A3051DF87C8C97, 6CED7CA26DC62B0AAFC83A2E07336DAD25954491201BB8E06103971F3F0B8B51 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
15:38:51.0140 0x0338 Pcmcia - ok
15:38:51.0156 0x0338 PDCOMP - ok
15:38:51.0171 0x0338 PDFRAME - ok
15:38:51.0187 0x0338 PDRELI - ok
15:38:51.0203 0x0338 PDRFRAME - ok
15:38:51.0218 0x0338 perc2 - ok
15:38:51.0234 0x0338 perc2hib - ok
15:38:51.0312 0x0338 [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] PlugPlay C:\WINDOWS\system32\services.exe
15:38:51.0328 0x0338 PlugPlay - ok
15:38:51.0421 0x0338 [ B597C2C966B447E011B4AE1B4D053677, F5749A45AA96DD8567789B3EAE38137A414371A9977D1317742141DCEDEB31C3 ] PMBDeviceInfoProvider C:\Programme\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
15:38:51.0453 0x0338 PMBDeviceInfoProvider - ok
15:38:51.0484 0x0338 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
15:38:51.0578 0x0338 PolicyAgent - ok
15:38:51.0593 0x0338 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
15:38:51.0718 0x0338 PptpMiniport - ok
15:38:51.0781 0x0338 [ 2CB55427C58679F49AD600FCCBA76360, 2B5242E9637FCB6A7C16F720C9D8D440AA88B61FB5F108B295A208886C01C4D1 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
15:38:51.0890 0x0338 Processor - ok
15:38:51.0906 0x0338 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
15:38:52.0000 0x0338 ProtectedStorage - ok
15:38:52.0031 0x0338 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
15:38:52.0125 0x0338 PSched - ok
15:38:52.0156 0x0338 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
15:38:52.0281 0x0338 Ptilink - ok
15:38:52.0296 0x0338 ql1080 - ok
15:38:52.0312 0x0338 Ql10wnt - ok
15:38:52.0328 0x0338 ql12160 - ok
15:38:52.0343 0x0338 ql1240 - ok
15:38:52.0359 0x0338 ql1280 - ok
15:38:52.0390 0x0338 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:38:52.0515 0x0338 RasAcd - ok
15:38:52.0578 0x0338 [ F5BA6CACCDB66C8F048E867563203246, AFEAD8FC02313F7EBC8F9F39E7ED2868852B480BE3902FA7BD0AFD81492AB243 ] RasAuto C:\WINDOWS\System32\rasauto.dll
15:38:52.0703 0x0338 RasAuto - ok
15:38:52.0750 0x0338 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
15:38:52.0843 0x0338 Rasl2tp - ok
15:38:52.0906 0x0338 [ F9A7B66EA345726EDB5862A46B1ECCD5, 5D35429D394D36A1692A7E219BA1A85CD8096FEAE0F90BFE036A63118FEDBF57 ] RasMan C:\WINDOWS\System32\rasmans.dll
15:38:53.0031 0x0338 RasMan - ok
15:38:53.0046 0x0338 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:38:53.0140 0x0338 RasPppoe - ok
15:38:53.0171 0x0338 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
15:38:53.0312 0x0338 Raspti - ok
15:38:53.0375 0x0338 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:38:53.0500 0x0338 Rdbss - ok
15:38:53.0515 0x0338 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
15:38:53.0609 0x0338 RDPCDD - ok
15:38:53.0671 0x0338 [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
15:38:53.0781 0x0338 rdpdr - ok
15:38:53.0859 0x0338 [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
15:38:53.0906 0x0338 RDPWD - ok
15:38:53.0937 0x0338 [ 263AF18AF0F3DB99F574C95F284CCEC9, 2BFA9952E97EFEB386FC56EC2C125080CD12DAC078DBE43C395CB4D9F22165D3 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
15:38:54.0062 0x0338 RDSessMgr - ok
15:38:54.0093 0x0338 [ ED761D453856F795A7FE056E42C36365, EF026585B33415D8FCE94A9F27D7A4396C7C35C88E06A4CF0FEA702401E8597A ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
15:38:54.0234 0x0338 redbook - ok
15:38:54.0312 0x0338 [ 0E97EC96D6942CEEC2D188CC2EB69A01, D4253B4420BEF19451A55AB91E4834482181A31A31134F6E2AFE05C8E20C81A5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
15:38:54.0437 0x0338 RemoteAccess - ok
15:38:54.0500 0x0338 [ E4CD1F3D84E1C2CA0B8CF7501E201593, 649CC0B04F94D407EB6B4C7FDE2C6E4D2B1531307BC67C5775E44D66EF2E4F8A ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
15:38:54.0625 0x0338 RemoteRegistry - ok
15:38:54.0656 0x0338 [ 2A02E21867497DF20B8FC95631395169, D89E2D17ED4E1C727847C0E92D2DF68AEB70BF0B956BD2FE024ED70A961759D2 ] RpcLocator C:\WINDOWS\system32\locator.exe
15:38:54.0765 0x0338 RpcLocator - ok
15:38:54.0828 0x0338 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] RpcSs C:\WINDOWS\system32\rpcss.dll
15:38:54.0890 0x0338 RpcSs - ok
15:38:54.0968 0x0338 [ 4BDD71B4B521521499DFD14735C4F398, 7B1498D3C67E56D05B58B7DA319ECB0117C37963AABB0E59B42831C087469DA1 ] RSVP C:\WINDOWS\system32\rsvp.exe
15:38:55.0078 0x0338 RSVP - ok
15:38:55.0125 0x0338 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] SamSs C:\WINDOWS\system32\lsass.exe
15:38:55.0218 0x0338 SamSs - ok
15:38:55.0265 0x0338 [ DCEC079FAD95D36C8DD5CB6D779DFE32, F8546552D939A225853A0CE4913701A93738DF02C999D16E141E9A828814BBC6 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
15:38:55.0390 0x0338 SCardSvr - ok
15:38:55.0453 0x0338 [ A050194A44D7FA8D7186ED2F4E8367AE, BCDF56D5A2F9E202DC67E7FE4BCC617BCC0BDFF2D221A621020068B17B2855BB ] Schedule C:\WINDOWS\system32\schedsvc.dll
15:38:55.0578 0x0338 Schedule - ok
15:38:55.0640 0x0338 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
15:38:55.0718 0x0338 Secdrv - ok
15:38:55.0765 0x0338 [ BEE4CFD1D48C23B44CF4B974B0B79B2B, DF3B02D713F8A4602BE75F004074D5DF79AFF2D58FF37110B2A6AC29F680758B ] seclogon C:\WINDOWS\System32\seclogon.dll
15:38:55.0875 0x0338 seclogon - ok
15:38:55.0921 0x0338 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3, 95D83F054A6610328D56E56CD948A6618C590231853E56FC20E7557DB61384A4 ] SENS C:\WINDOWS\system32\sens.dll
15:38:56.0000 0x0338 SENS - ok
15:38:56.0031 0x0338 [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] Serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
15:38:56.0156 0x0338 Serenum - ok
15:38:56.0187 0x0338 [ CF24EB4F0412C82BCD1F4F35A025E31D, B74CB094126F5C23F601C34D53B2DF5BE3E5918230AC9DCFCFFA8E66B3A0FA25 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
15:38:56.0312 0x0338 Serial - ok
15:38:56.0359 0x0338 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
15:38:56.0484 0x0338 Sfloppy - ok
15:38:56.0562 0x0338 [ CAD058D5F8B889A87CA3EB3CF624DCEF, A7CDCF44261D1F4D820927253EA8EBB63714B7BAFF8B08DE073507D9A7EEA5BB ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
15:38:56.0703 0x0338 SharedAccess - ok
15:38:56.0734 0x0338 [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
15:38:56.0781 0x0338 ShellHWDetection - ok
15:38:56.0796 0x0338 Simbad - ok
15:38:56.0843 0x0338 [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
15:38:56.0953 0x0338 SLIP - ok
15:38:56.0968 0x0338 Sparrow - ok
15:38:57.0031 0x0338 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
15:38:57.0156 0x0338 splitter - ok
15:38:57.0218 0x0338 [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe
15:38:57.0265 0x0338 Spooler - ok
15:38:57.0312 0x0338 [ 50FA898F8C032796D3B1B9951BB5A90F, 1C86273EC19EB96D6DB9CE6670C00683B77C99C42CC2F7E75BC50872B93446B1 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
15:38:57.0437 0x0338 sr - ok
15:38:57.0484 0x0338 [ FE77A85495065F3AD59C5C65B6C54182, EB4BAF992F961B2FD5D24BFCB6BCB2142BC32933139A818835FEAB190E4283BB ] srservice C:\WINDOWS\system32\srsvc.dll
15:38:57.0593 0x0338 srservice - ok
15:38:57.0656 0x0338 [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
15:38:57.0718 0x0338 Srv - ok
15:38:57.0796 0x0338 [ BB6EDB0257860083193CC1581AC7D485, DE2A6AA57C48D4FACF155C2FD876D5F3238A9107F8313FB3D0BF7CE34B0ED559 ] ssadbus C:\WINDOWS\system32\DRIVERS\ssadbus.sys
15:38:57.0812 0x0338 ssadbus - ok
15:38:57.0843 0x0338 [ 5BCB68F7B62159C07789D3F405750623, 5363AC26FDD7114BB23F09F79541A691FF6E140C4B802F5AE284BCE5F623D5E0 ] ssadmdfl C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys
15:38:57.0843 0x0338 ssadmdfl - ok
15:38:57.0906 0x0338 [ 1588A89F9CD9E68DE9FCC9F60FDB5C08, E2E547A0AC10DAA55029500052D89A7FB124FFBE7742F16AD41B857890AED50F ] ssadmdm C:\WINDOWS\system32\DRIVERS\ssadmdm.sys
15:38:57.0921 0x0338 ssadmdm - ok
15:38:57.0968 0x0338 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500, 2971D7D45D6942D310D47DBD19B9680D2D29527E79B86133C72217FD29259465 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
15:38:58.0078 0x0338 SSDPSRV - ok
15:38:58.0140 0x0338 [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
15:38:58.0156 0x0338 ssmdrv - ok
15:38:58.0218 0x0338 [ CA22092117F4F8BA3700B4BF9962444A, 2E82F06E700179FE2C743506FEFD0D45E1CECCD97C0E4C574159EB3A9B8D101F ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
15:38:58.0234 0x0338 ssudmdm - ok
15:38:58.0312 0x0338 [ 5E5ABE2971367184CE83A19765FF64A3, 552CC8AFE7F7F5658F573D77087032CB463C454EDB8FF45947B1F4B936EA4CF2 ] ssudserd C:\WINDOWS\system32\DRIVERS\ssudserd.sys
15:38:58.0343 0x0338 ssudserd - ok
15:38:58.0421 0x0338 [ BC2C5985611C5356B24AEB370953DED9, 15CBAB8166827DC098E2B16AB6F49A1441A4CB52AF3588F0AD964CAB596DFE10 ] stisvc C:\WINDOWS\system32\wiaservc.dll
15:38:58.0562 0x0338 stisvc - ok
15:38:58.0609 0x0338 [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
15:38:58.0718 0x0338 streamip - ok
15:38:58.0750 0x0338 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
15:38:58.0875 0x0338 swenum - ok
15:38:58.0921 0x0338 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
15:38:59.0046 0x0338 swmidi - ok
15:38:59.0046 0x0338 SwPrv - ok
15:38:59.0093 0x0338 symc810 - ok
15:38:59.0109 0x0338 symc8xx - ok
15:38:59.0125 0x0338 sym_hi - ok
15:38:59.0140 0x0338 sym_u3 - ok
15:38:59.0171 0x0338 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
15:38:59.0265 0x0338 sysaudio - ok
15:38:59.0328 0x0338 [ 2903FFFA2523926D6219428040DCE6B9, 4F13181931B0499F6C3F08138054DBCD1F84CB9806999A9172B80DE79D446F62 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
15:38:59.0453 0x0338 SysmonLog - ok
15:38:59.0500 0x0338 [ 05903CAC4B98908D55EA5774775B382E, AC3666CBD894D737874A5998DC7F46A0A51A7B23B1835FC735B9AD503A2191CC ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
15:38:59.0640 0x0338 TapiSrv - ok
15:38:59.0687 0x0338 [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:38:59.0734 0x0338 Tcpip - ok
15:38:59.0765 0x0338 [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
15:38:59.0875 0x0338 TDPIPE - ok
15:38:59.0890 0x0338 [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
15:38:59.0984 0x0338 TDTCP - ok
15:39:00.0015 0x0338 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
15:39:00.0140 0x0338 TermDD - ok
15:39:00.0218 0x0338 [ B7DE02C863D8F5A005A7BF375375A6A4, 6DE05A7B28CA5A78D58536347FC47F15883EEDBEF487CEA0117CC280FC582DCC ] TermService C:\WINDOWS\System32\termsrv.dll
15:39:00.0328 0x0338 TermService - ok
15:39:00.0375 0x0338 [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] Themes C:\WINDOWS\System32\shsvcs.dll
15:39:00.0390 0x0338 Themes - ok
15:39:00.0437 0x0338 [ 03681A1CE77F51586903869A5AB1DEAB, E2EC0A481412166B654682C2F3D953E96E757466135CBD2D813B967EDB13C721 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
15:39:00.0531 0x0338 TlntSvr - ok
15:39:00.0656 0x0338 [ E4FAD21646088D79F8889B6531396ACF, D0C8F0E3293D423245FD2233F283A1FE2463E15F8B9F4ED6AC96C2164EC51F75 ] TomTomHOMEService C:\Programme\TomTom HOME 2\TomTomHOMEService.exe
15:39:00.0671 0x0338 TomTomHOMEService - ok
15:39:00.0687 0x0338 TosIde - ok
15:39:00.0734 0x0338 [ 626504572B175867F30F3215C04B3E2F, 47E87CE9BC666D5CB5953C5D497DC00A7CC28F8EC0A064B3E47700279C5C4B91 ] TrkWks C:\WINDOWS\system32\trkwks.dll
15:39:00.0843 0x0338 TrkWks - ok
15:39:00.0890 0x0338 [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
15:39:00.0968 0x0338 Udfs - ok
15:39:00.0984 0x0338 ultra - ok
15:39:01.0031 0x0338 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
15:39:01.0187 0x0338 Update - ok
15:39:01.0234 0x0338 [ 1DFD8975D8C89214B98D9387C1125B49, 0B6B268487C8E45E9B86BF4A0A9DB669E0E45D600DE3C82B63F9986CA9E01082 ] upnphost C:\WINDOWS\System32\upnphost.dll
15:39:01.0359 0x0338 upnphost - ok
15:39:01.0406 0x0338 [ 9B11E6118958E63E1FEF129466E2BDA7, 97168BCE3F4A9BB9E6500F05E34851FB957B219C598944FADC28AC0011C0503B ] UPS C:\WINDOWS\System32\ups.exe
15:39:01.0515 0x0338 UPS - ok
15:39:01.0609 0x0338 [ 65898A183FBF1D1F7759D5CCB364DCD4, 85E823123FDB4CA5F8255064E22A444627999055EC3419DFD001371893F36AB9 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
15:39:01.0671 0x0338 usbaudio - ok
15:39:01.0718 0x0338 [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
15:39:01.0781 0x0338 usbccgp - ok
15:39:01.0812 0x0338 [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
15:39:01.0828 0x0338 usbehci - ok
15:39:01.0875 0x0338 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
15:39:02.0000 0x0338 usbhub - ok
15:39:02.0046 0x0338 [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
15:39:02.0171 0x0338 usbprint - ok
15:39:02.0250 0x0338 [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
15:39:02.0343 0x0338 USBSTOR - ok
15:39:02.0359 0x0338 [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
15:39:02.0484 0x0338 usbuhci - ok
15:39:02.0546 0x0338 [ 813236B1183CFCF289E367BD5DE6E29E, 167FE18A96F330AEEC1A4C419770C15EFEB536D43838285E51E7A62E95DF4674 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
15:39:02.0562 0x0338 usbvideo - ok
15:39:02.0593 0x0338 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
15:39:02.0718 0x0338 VgaSave - ok
15:39:02.0750 0x0338 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E, FC7FFD53FCC0F81587EFF26A43C141D25C43DBC68311520CE2BCDD739CA58CA9 ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
15:39:02.0859 0x0338 ViaIde - ok
15:39:02.0890 0x0338 [ A5A712F4E880874A477AF790B5186E1D, FE885ED04C3EAFC379787F836738A2769E43D07CF52DD917D90C38E001957A5E ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
15:39:03.0031 0x0338 VolSnap - ok
15:39:03.0093 0x0338 [ 68F106273BE29E7B7EF8266977268E78, 1488AB7A654EBC94C73E1D494067189ACB95BC233980110CAC4C0297CDC4115A ] VSS C:\WINDOWS\System32\vssvc.exe
15:39:03.0218 0x0338 VSS - ok
15:39:03.0281 0x0338 [ 7B353059E665F8B7AD2BBEAEF597CF45, 84A4311F18A4B8DCB364741DEA7D18E2363F19564B2EF25214965DC729527068 ] W32Time C:\WINDOWS\system32\w32time.dll
15:39:03.0406 0x0338 W32Time - ok
15:39:03.0437 0x0338 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:39:03.0562 0x0338 Wanarp - ok
15:39:03.0609 0x0338 WDICA - ok
15:39:03.0656 0x0338 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
15:39:03.0781 0x0338 wdmaud - ok
15:39:03.0812 0x0338 [ 81727C9873E3905A2FFC1EBD07265002, 6AC2383A1DCBB7FA3DB90FBB874C8E1819F5B7492717FF41E303EFC7BF72F93E ] WebClient C:\WINDOWS\System32\webclnt.dll
15:39:03.0921 0x0338 WebClient - ok
15:39:04.0031 0x0338 [ 6F3F3973D97714CC5F906A19FE883729, 7817118BE94D0F6FAE0F9CE48AD70FFE0AEF886CCE09C666768FAB61047F992F ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
15:39:04.0125 0x0338 winmgmt - ok
15:39:04.0203 0x0338 [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
15:39:04.0250 0x0338 WmdmPmSN - ok
15:39:04.0343 0x0338 [ FFA4D901D46D07A5BAB2D8307FBB51A6, 53C6D04D111EDF774C7F7EEB8D032B372E6244774D56B1B34CF1236027EC9450 ] Wmi C:\WINDOWS\System32\advapi32.dll
15:39:04.0390 0x0338 Wmi - ok
15:39:04.0437 0x0338 [ 93908111BA57A6E60EC2FA2DE202105C, F395F25F18D15C6B9FEDB45FD31E10295FFE5517E2BC86ACAC11904EA0664BE2 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
15:39:04.0578 0x0338 WmiApSrv - ok
15:39:04.0687 0x0338 [ BF05650BB7DF5E9EBDD25974E22403BB, AF173D89B768CFC7AB03DFADD4F049CAC40AC59A0C9208AF5AB92CB368983077 ] WMPNetworkSvc C:\Programme\Windows Media Player\WMPNetwk.exe
15:39:04.0765 0x0338 WMPNetworkSvc - ok
15:39:04.0828 0x0338 [ CF4DEF1BF66F06964DC0D91844239104, CC1D9CECE2056D29A9651D51BB57C3F4F9BF9E90A4808CF7496C683C874FBD51 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
15:39:04.0843 0x0338 WpdUsb - ok
15:39:04.0906 0x0338 [ 300B3E84FAF1A5C1F791C159BA28035D, 0194856BDF94C1F274AF70AD558290ACDACDDEA331BD66FEB8E167ABD1E36786 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
15:39:05.0031 0x0338 wscsvc - ok
15:39:05.0062 0x0338 [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
15:39:05.0171 0x0338 WSTCODEC - ok
15:39:05.0234 0x0338 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085, A1DB8909FA73337DB613D01824945485186654364A4DF129B8CB913CF87D1D2E ] wuauserv C:\WINDOWS\system32\wuauserv.dll
15:39:05.0328 0x0338 wuauserv - ok
15:39:05.0406 0x0338 [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
15:39:05.0468 0x0338 WudfPf - ok
15:39:05.0484 0x0338 [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
15:39:05.0531 0x0338 WudfRd - ok
15:39:05.0578 0x0338 [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
15:39:05.0609 0x0338 WudfSvc - ok
15:39:05.0703 0x0338 [ C4F109C005F6725162D2D12CA751E4A7, AC996B44338328BDD4442FE48406F286A64526F0EC77BE00A19FA7FDB0407CFE ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
15:39:05.0828 0x0338 WZCSVC - ok
15:39:05.0890 0x0338 [ 0ADA34871A2E1CD2CAAFED1237A47750, 45BEF8649078BD74C1A347B5F2D3A1958E5A7DCD6C6BA8A2E0CAD277A929C64E ] xmlprov C:\WINDOWS\System32\xmlprov.dll
15:39:06.0000 0x0338 xmlprov - ok
15:39:06.0062 0x0338 ================ Scan global ===============================
15:39:06.0125 0x0338 [ 2C60091CA5F67C3032EAB3B30390C27F, 9E205C8E67F4B61FCFA2A82AA1968D522C3B6410D7075BE813F7F1564D61632E ] C:\WINDOWS\system32\basesrv.dll
15:39:06.0171 0x0338 [ E62178BC21EAC63A3B9A2DBD46C1B505, CAA5480CC4DAA37758F0CF445F865FD6F4630080B044EF2E606C2F62DAA4061A ] C:\WINDOWS\system32\winsrv.dll
15:39:06.0187 0x0338 [ E62178BC21EAC63A3B9A2DBD46C1B505, CAA5480CC4DAA37758F0CF445F865FD6F4630080B044EF2E606C2F62DAA4061A ] C:\WINDOWS\system32\winsrv.dll
15:39:06.0218 0x0338 [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] C:\WINDOWS\system32\services.exe
15:39:06.0218 0x0338 [ Global ] - ok
15:39:06.0218 0x0338 ================ Scan MBR ==================================
15:39:06.0234 0x0338 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
15:39:06.0500 0x0338 \Device\Harddisk0\DR0 - ok
15:39:06.0500 0x0338 ================ Scan VBR ==================================
15:39:06.0500 0x0338 [ 09B2FA7841DCE1327267A3EF70C68BBF ] \Device\Harddisk0\DR0\Partition1
15:39:06.0500 0x0338 \Device\Harddisk0\DR0\Partition1 - ok
15:39:06.0500 0x0338 ================ Scan generic autorun ======================
15:39:06.0531 0x0338 [ 77ABDF73D9D90144A4E1F3A030EA042F, CBDC5AE80359C6842CB26824715D50989B351845130508A5B52902B30C0BFD17 ] C:\WINDOWS\SOUNDMAN.EXE
15:39:06.0593 0x0338 SoundMan - ok
15:39:06.0703 0x0338 [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe
15:39:06.0750 0x0338 Adobe ARM - ok
15:39:06.0875 0x0338 [ 42A856A908650C695C7E0E6F9D56295A, 93349775B2D740D30B0A1093C1B577935C1C913B36D41A70AC2ADB947C25A2C3 ] C:\Programme\Sony\PlayMemories Home\PMBVolumeWatcher.exe
15:39:06.0921 0x0338 PMBVolumeWatcher - ok
15:39:07.0000 0x0338 [ FDB2FB392B20797AF3F4ED9D7699938E, 6814A1AE133DD95BF1D189B4BE89B5463939067C9C7E14DC70828481300EC086 ] C:\Programme\Samsung\Kies\KiesTrayAgent.exe
15:39:07.0015 0x0338 KiesTrayAgent - ok
15:39:07.0062 0x0338 [ D63797E8E7781EE1500A810CB6194FA6, 5C96DA00B98F0776E6174EBB7D4D6DB634838E130D8581E11811831D2C57B119 ] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
15:39:07.0078 0x0338 SunJavaUpdateSched - ok
15:39:07.0109 0x0338 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE
15:39:07.0234 0x0338 CTFMON.EXE - ok
15:39:07.0234 0x0338 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE
15:39:07.0328 0x0338 CTFMON.EXE - ok
15:39:07.0328 0x0338 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\ctfmon.exe
15:39:07.0421 0x0338 CTFMON.EXE - ok
15:39:07.0421 0x0338 Waiting for KSN requests completion. In queue: 181
15:39:08.0421 0x0338 Waiting for KSN requests completion. In queue: 181
15:39:09.0421 0x0338 Waiting for KSN requests completion. In queue: 181
15:39:10.0421 0x0338 Waiting for KSN requests completion. In queue: 181
15:39:11.0421 0x0338 Waiting for KSN requests completion. In queue: 181
15:39:12.0421 0x0338 Waiting for KSN requests completion. In queue: 181
15:39:13.0421 0x0338 Waiting for KSN requests completion. In queue: 181
15:39:14.0421 0x0338 Waiting for KSN requests completion. In queue: 181
15:39:15.0421 0x0338 Waiting for KSN requests completion. In queue: 181
15:39:16.0421 0x0338 Waiting for KSN requests completion. In queue: 181
15:39:17.0421 0x0338 Waiting for KSN requests completion. In queue: 181
15:39:18.0421 0x0338 Waiting for KSN requests completion. In queue: 181
15:39:19.0421 0x0338 Waiting for KSN requests completion. In queue: 181
15:39:20.0421 0x0338 Waiting for KSN requests completion. In queue: 181
15:39:21.0421 0x0338 Waiting for KSN requests completion. In queue: 181
15:39:22.0437 0x0338 AV detected via SS1: Avira Desktop, 14.0.5.320, disabled, updated
15:39:22.0437 0x0338 Win FW state via NFM: enabled
15:39:24.0781 0x0338 ============================================================
15:39:24.0781 0x0338 Scan finished
15:39:24.0781 0x0338 ============================================================
15:39:24.0781 0x096c Detected object count: 1
15:39:24.0781 0x096c Actual detected object count: 1
15:39:29.0359 0x096c b80de4165e1b28a ( Rootkit.Win32.Necurs.gen ) - skipped by user
15:39:29.0359 0x096c b80de4165e1b28a ( Rootkit.Win32.Necurs.gen ) - User select action: Skip
15:39:33.0562 0x0f2c Deinitialize success
|
|
12.07.2014, 07:46
| #7 |
| /// the machine /// TB-Ausbilder | Avira meldet TR/Rootkit.Gen in C:windows/system32/drivers....was ist zu tun? Starte TDSSkiller.exe mit Doppelklick. Vista und Win7 User mit Rechtsklick "als Administrator starten"
Als Beispiel: C:\TDSSKiller.<version_date_time>log.txt Poste den Inhalt bitte hier in deinen Thread.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
12.07.2014, 14:54
| #8 |
| | Avira meldet TR/Rootkit.Gen in C:windows/system32/drivers....was ist zu tun? jetzt habe ich 2 gefunden...einen langen und einen kurzen... Code:
ATTFilter 15:42:21.0015 0x0ce8 TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
15:42:25.0171 0x0ce8 ============================================================
15:42:25.0171 0x0ce8 Current date / time: 2014/07/12 15:42:25.0171
15:42:25.0171 0x0ce8 SystemInfo:
15:42:25.0171 0x0ce8
15:42:25.0171 0x0ce8 OS Version: 5.1.2600 ServicePack: 3.0
15:42:25.0171 0x0ce8 Product type: Workstation
15:42:25.0171 0x0ce8 ComputerName: RIKES-PC
15:42:25.0171 0x0ce8 UserName: Admin
15:42:25.0171 0x0ce8 Windows directory: C:\WINDOWS
15:42:25.0171 0x0ce8 System windows directory: C:\WINDOWS
15:42:25.0171 0x0ce8 Processor architecture: Intel x86
15:42:25.0171 0x0ce8 Number of processors: 1
15:42:25.0171 0x0ce8 Page size: 0x1000
15:42:25.0171 0x0ce8 Boot type: Normal boot
15:42:25.0171 0x0ce8 ============================================================
15:42:29.0468 0x0ce8 KLMD registered as C:\WINDOWS\system32\drivers\22162767.sys
15:42:34.0890 0x0ce8 System UUID: {85D39F71-11F0-8F1F-9754-FB6C4A969AB8}
15:42:35.0312 0x0ce8 !crdlk
15:42:35.0312 0x0ce8 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 ( 149.05 Gb ), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'A'
15:42:35.0312 0x0ce8 ============================================================
15:42:35.0312 0x0ce8 \Device\Harddisk0\DR0:
15:42:35.0312 0x0ce8 MBR partitions:
15:42:35.0312 0x0ce8 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A14BC1
15:42:35.0312 0x0ce8 ============================================================
15:42:35.0359 0x0ce8 C: <-> \Device\Harddisk0\DR0\Partition1
15:42:35.0359 0x0ce8 ============================================================
15:42:35.0359 0x0ce8 Initialize success
15:42:35.0359 0x0ce8 ============================================================
15:43:21.0562 0x05e0 ============================================================
15:43:21.0562 0x05e0 Scan started
15:43:21.0562 0x05e0 Mode: Manual; SigCheck; TDLFS;
15:43:21.0562 0x05e0 ============================================================
15:43:21.0562 0x05e0 KSN ping started
15:43:24.0015 0x05e0 KSN ping finished: true
15:43:25.0328 0x05e0 ================ Scan system memory ========================
15:43:25.0328 0x05e0 System memory - ok
15:43:25.0328 0x05e0 ================ Scan services =============================
15:43:25.0468 0x05e0 Abiosdsk - ok
15:43:25.0484 0x05e0 abp480n5 - ok
15:43:25.0531 0x05e0 [ AC407F1A62C3A300B4F2B5A9F1D55B2C, 31F5FC61B37E22100B3A52A590295A7E827FFC581FA9960C64B9032452AAECED ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
15:43:27.0000 0x05e0 ACPI - ok
15:43:27.0140 0x05e0 [ 9E1CA3160DAFB159CA14F83B1E317F75, 13B3E897B0E819BF734449416D9EC6EBCAC89538EC69BF48C068593B82D57004 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
15:43:27.0296 0x05e0 ACPIEC - ok
15:43:27.0406 0x05e0 [ A6B6AB9502B63F43A9A56AE6AFB22078, DD1F0BA3D8F3333F52A71EAE3719A001F6EF844D647FFABF0E4C56C6C764ACA7 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
15:43:27.0437 0x05e0 AdobeFlashPlayerUpdateSvc - ok
15:43:27.0453 0x05e0 adpu160m - ok
15:43:27.0500 0x05e0 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
15:43:27.0656 0x05e0 aec - ok
15:43:27.0734 0x05e0 AfaService - ok
15:43:27.0781 0x05e0 [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys
15:43:27.0843 0x05e0 AFD - ok
15:43:27.0859 0x05e0 Aha154x - ok
15:43:27.0875 0x05e0 aic78u2 - ok
15:43:27.0890 0x05e0 aic78xx - ok
15:43:27.0953 0x05e0 [ BA88534A3CEB6161E7432438B9EA4F54, 223ACEB51548220155FD80594294B9AF6942757D2573E621325DBD4679DDB56C ] ALCXSENS C:\WINDOWS\system32\drivers\ALCXSENS.SYS
15:43:28.0062 0x05e0 ALCXSENS - ok
15:43:28.0125 0x05e0 [ 6725434F5EB0A975B7716D68566E5D86, 5B2DA95119CDA7E1CAD5DF57A486F0B106224230EFC12C7B6189DD677D501954 ] ALCXWDM C:\WINDOWS\system32\drivers\ALCXWDM.SYS
15:43:28.0234 0x05e0 ALCXWDM - ok
15:43:28.0312 0x05e0 [ 738D80CC01D7BC7584BE917B7F544394, DCC17AAEF5CDDF52FAAC3CC6904EF421CD595F66318A2370BEE261D5C3A8E340 ] Alerter C:\WINDOWS\system32\alrsvc.dll
15:43:28.0421 0x05e0 Alerter - ok
15:43:28.0453 0x05e0 [ 190CD73D4984F94D823F9444980513E5, 93A32C2495CCA094F768BA707C74DA5C00B8A88A9236DD1A297439A7C2E6C6FA ] ALG C:\WINDOWS\System32\alg.exe
15:43:28.0578 0x05e0 ALG - ok
15:43:28.0609 0x05e0 AliIde - ok
15:43:28.0687 0x05e0 [ 033448D435E65C4BD72E70521FD05C76, A5462C22D5461F1BA06E81CD7E1ECE5409092DE53A8E4D3E78D089B65CB474D4 ] AmdPPM C:\WINDOWS\system32\DRIVERS\AmdPPM.sys
15:43:28.0750 0x05e0 AmdPPM - ok
15:43:28.0765 0x05e0 amsint - ok
15:43:28.0937 0x05e0 [ 4C14746BCBF9985BDBF1CD1BEED96DF8, 8EF50FBD98C9AFD85F5D08692E7AEC21812B70074AA0DC6DCDFDBC2FFE34A75D ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe
15:43:29.0031 0x05e0 AntiVirSchedulerService - ok
15:43:29.0125 0x05e0 [ 4C14746BCBF9985BDBF1CD1BEED96DF8, 8EF50FBD98C9AFD85F5D08692E7AEC21812B70074AA0DC6DCDFDBC2FFE34A75D ] AntiVirService C:\Programme\Avira\AntiVir Desktop\avguard.exe
15:43:29.0156 0x05e0 AntiVirService - ok
15:43:29.0234 0x05e0 [ D45960BE52C3C610D361977057F98C54, 9186589B502F46B47672CFB8EBD558D51B0F3CBFE4E0DDBA625A4265236518CE ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
15:43:29.0390 0x05e0 AppMgmt - ok
15:43:29.0406 0x05e0 asc - ok
15:43:29.0421 0x05e0 asc3350p - ok
15:43:29.0437 0x05e0 asc3550 - ok
15:43:29.0531 0x05e0 [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
15:43:29.0546 0x05e0 aspnet_state - ok
15:43:29.0625 0x05e0 [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
15:43:29.0734 0x05e0 AsyncMac - ok
15:43:29.0750 0x05e0 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
15:43:29.0890 0x05e0 atapi - ok
15:43:29.0906 0x05e0 Atdisk - ok
15:43:30.0000 0x05e0 [ 471087B5E1E01CC82604E81EA14781D8, DA6AAFE65232AF3DA3D0D5F399730A1117B0DBBCB6AA2A9BD0D1ADA22A1198B8 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
15:43:30.0093 0x05e0 Ati HotKey Poller - detected UnsignedFile.Multi.Generic ( 1 )
15:43:32.0515 0x05e0 Detect skipped due to KSN trusted
15:43:32.0515 0x05e0 Ati HotKey Poller - ok
15:43:32.0578 0x05e0 [ B979BA0120B6DB757196A8E2E873FE3C, 4F4CCD1D07485A53CA3ECEB10E029102BBE9946A15C7B67840E64D352808A0CA ] ATI Smart C:\WINDOWS\system32\ati2sgag.exe
15:43:32.0671 0x05e0 ATI Smart - detected UnsignedFile.Multi.Generic ( 1 )
15:43:35.0000 0x05e0 Detect skipped due to KSN trusted
15:43:35.0000 0x05e0 ATI Smart - ok
15:43:35.0203 0x05e0 [ C0B86ECB324E50F6BBD529F9D5C6B24B, 6B6E58CBDE1010FF13740DA91482E8A40D7B31CD808C16B524BE012C0EADB0D1 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
15:43:35.0421 0x05e0 ati2mtag - detected UnsignedFile.Multi.Generic ( 1 )
15:43:37.0828 0x05e0 Detect skipped due to KSN trusted
15:43:37.0828 0x05e0 ati2mtag - ok
15:43:38.0078 0x05e0 [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
15:43:38.0234 0x05e0 Atmarpc - ok
15:43:38.0656 0x05e0 [ 58ED0D5452DF7BE732193E7999C6B9A4, 254E2ECF592DDA2E3E6CA9F6F3E77926E2265586A7937BA95199ED47BCDE69A3 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
15:43:38.0781 0x05e0 AudioSrv - ok
15:43:38.0921 0x05e0 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
15:43:39.0625 0x05e0 audstub - ok
15:43:39.0937 0x05e0 [ B0A63DD71CB0CB597D8BD5C364E73F7C, 572B31F3FC962F50110D42A08CDD0614323E18C213575710CEEFA35EE7CAE8C5 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
15:43:39.0984 0x05e0 avgntflt - ok
15:43:40.0031 0x05e0 [ 05AF7CBF0BDA1571BBADC36703EB9CA4, 3925AD58053769D317D3CF0DDDF7371B010F2F4C839CF7B44F327AE9D0AB5442 ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
15:43:40.0046 0x05e0 avipbb - ok
15:43:40.0109 0x05e0 [ D8C712305F73CD34D1B344810E522728, 49A474FF6CA44E8427D7A8290B47395125B0148AF384CF2B3B1FA495A4718CBA ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
15:43:40.0125 0x05e0 avkmgr - ok
15:43:40.0140 0x05e0 Suspicious service (NoAccess): b80de4165e1b28a
15:43:40.0203 0x05e0 [ 967BD40B5544CBF2D3F163407DF44A93, 4FB33BFBB1C1C3812AAD7ED06AF84C2B9E854B03BB20E2060D621DA42D0AA0FE ] b80de4165e1b28a C:\WINDOWS\System32\Drivers\b80de4165e1b28a.sys
15:43:40.0203 0x05e0 Suspicious file ( NoAccess ): C:\WINDOWS\System32\Drivers\b80de4165e1b28a.sys. md5: 967BD40B5544CBF2D3F163407DF44A93, sha256: 4FB33BFBB1C1C3812AAD7ED06AF84C2B9E854B03BB20E2060D621DA42D0AA0FE
15:43:40.0250 0x05e0 b80de4165e1b28a - detected Rootkit.Win32.Necurs.gen ( 0 )
15:43:42.0875 0x05e0 b80de4165e1b28a ( Rootkit.Win32.Necurs.gen ) - infected
15:43:42.0875 0x05e0 Force sending object to P2P due to detect: b80de4165e1b28a
15:43:45.0296 0x05e0 Object send P2P result: true
15:43:47.0968 0x05e0 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
15:43:48.0140 0x05e0 Beep - ok
15:43:48.0359 0x05e0 [ D6F603772A789BB3228F310D650B8BD1, A539025C70FD998A9B8703DE05CAE5E99BC721D8852EA561EBC2DD20CB371D2E ] BITS C:\WINDOWS\system32\qmgr.dll
15:43:48.0640 0x05e0 BITS - ok
15:43:48.0843 0x05e0 [ B71549F23736ADF83A571061C47777FD, A1D0320736EE777030A543DCA086367EB5A5B6F95088B9C22D8E09326C3A39A9 ] Browser C:\WINDOWS\System32\browser.dll
15:43:48.0968 0x05e0 Browser - ok
15:43:49.0109 0x05e0 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
15:43:49.0281 0x05e0 cbidf2k - ok
15:43:49.0453 0x05e0 [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
15:43:49.0593 0x05e0 CCDECODE - ok
15:43:49.0703 0x05e0 cd20xrnt - ok
15:43:49.0906 0x05e0 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
15:43:50.0062 0x05e0 Cdaudio - ok
15:43:50.0187 0x05e0 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
15:43:50.0328 0x05e0 Cdfs - ok
15:43:50.0468 0x05e0 [ 4B0A100EAF5C49EF3CCA8C641431EACC, 88D9C066FFB863910EE1863CE63D38846ACA2DF72D6B5FDFCE0F3379A6DA5EF9 ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
15:43:50.0562 0x05e0 Cdrom - ok
15:43:50.0703 0x05e0 Changer - ok
15:43:50.0875 0x05e0 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E, ACB458E8A11AA2143734A5A0281973D95158E6402A6453F98F9832D1E19B01F9 ] CiSvc C:\WINDOWS\system32\cisvc.exe
15:43:51.0031 0x05e0 CiSvc - ok
15:43:51.0203 0x05e0 [ 778A30ED3C134EB7E406AFC407E9997D, 3E6AD115AB2596EB001BC21AEADDBC75F27C42DB90C986B7AD17743CE631234E ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
15:43:51.0328 0x05e0 ClipSrv - ok
15:43:51.0484 0x05e0 [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:43:51.0531 0x05e0 clr_optimization_v2.0.50727_32 - ok
15:43:51.0609 0x05e0 CmdIde - ok
15:43:51.0734 0x05e0 COMSysApp - ok
15:43:52.0031 0x05e0 Cpqarray - ok
15:43:52.0250 0x05e0 [ 611F824E5C703A5A899F84C5F1699E4D, 9EFA5612FE58E9974E4CC13D39D91D7B5DEA3ED66BEFBED3AAE6D2800FD8162A ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
15:43:52.0421 0x05e0 CryptSvc - ok
15:43:52.0500 0x05e0 dac2w2k - ok
15:43:52.0609 0x05e0 dac960nt - ok
15:43:52.0796 0x05e0 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
15:43:53.0046 0x05e0 DcomLaunch - ok
15:43:53.0296 0x05e0 [ 6216FD7FD227DE454238A702B218CEC7, 5699FDD253754AE274B8624A41CBE778D74383E95D5167785A48A51AAD67FC70 ] dgderdrv C:\WINDOWS\system32\drivers\dgderdrv.sys
15:43:53.0343 0x05e0 dgderdrv - ok
15:43:53.0531 0x05e0 [ B575C523F537F24D66D31F8877E6BCAB, E2EA9A4DA052D60E7C79A07DF16CD33D5ECB53CB3C6135EDDE8403B951032C38 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
15:43:53.0578 0x05e0 dg_ssudbus - ok
15:43:53.0859 0x05e0 [ C29A1C9B75BA38FA37F8C44405DEC360, 7476D8BC4380CDE56764B2034AF3741DA4ED00F315E41C9A02B5EAD04374F241 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
15:43:54.0015 0x05e0 Dhcp - ok
15:43:54.0046 0x05e0 [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
15:43:54.0171 0x05e0 Disk - ok
15:43:54.0218 0x05e0 dmadmin - ok
15:43:54.0343 0x05e0 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA, 89B0AEE5BE01B9FE4FF2989FF16DB6121721ACDFCE6D9655C0ACD321D8C308BE ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
15:43:54.0671 0x05e0 dmboot - ok
15:43:54.0718 0x05e0 [ 53720AB12B48719D00E327DA470A619A, 800264866A6267C9000A85D00095D57908D059D737E5F28C9C4049B884C46228 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
15:43:54.0937 0x05e0 dmio - ok
15:43:55.0312 0x05e0 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
15:43:55.0593 0x05e0 dmload - ok
15:43:56.0218 0x05e0 [ 25C83FFBBA13B554EB6D59A9B2E2EE78, 9FBD655ED3E9163AE11EC207F283E387EFBA5A23108EC790BAE4846B35E66F16 ] dmserver C:\WINDOWS\System32\dmserver.dll
15:43:56.0375 0x05e0 dmserver - ok
15:43:56.0734 0x05e0 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
15:43:56.0859 0x05e0 DMusic - ok
15:43:57.0140 0x05e0 [ 407F3227AC618FD1CA54B335B083DE07, 96B8E734648FE9A4EBA59C096C8779BD1A11A93A6303AFD438A406C8122D36C6 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
15:43:57.0203 0x05e0 Dnscache - ok
15:43:57.0578 0x05e0 [ 676E36C4FF5BCEA1900F44182B9723E6, 740CF18BD40E00FEA26CF0E6340C5D18F7D0B4390055FAEEC258B3AA790C4AE9 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
15:43:57.0921 0x05e0 Dot3svc - ok
15:43:58.0171 0x05e0 dpti2o - ok
15:43:58.0484 0x05e0 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
15:43:58.0593 0x05e0 drmkaud - ok
15:43:58.0906 0x05e0 [ 4E4F2FDDAB0A0736D7671134DCCE91FB, 8E2C57D1A006856C47CBDD5765A9DD317DB205B26DA8BFC70555A506257A1CD9 ] EapHost C:\WINDOWS\System32\eapsvc.dll
15:43:59.0109 0x05e0 EapHost - ok
15:43:59.0812 0x05e0 [ 877C18558D70587AA7823A1A308AC96B, 6B336A62112988D855513F45153F73F8470C41A448E9B7438B4A8EC1813AABF1 ] ERSvc C:\WINDOWS\System32\ersvc.dll
15:43:59.0953 0x05e0 ERSvc - ok
15:44:00.0140 0x05e0 [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] Eventlog C:\WINDOWS\system32\services.exe
15:44:00.0203 0x05e0 Eventlog - ok
15:44:00.0453 0x05e0 [ AF4F6B5739D18CA7972AB53E091CBC74, A399E2CC026730D3A429727AAB48093B9F1E5DD8EB6336519C7F16182FDB3905 ] EventSystem C:\WINDOWS\system32\es.dll
15:44:00.0812 0x05e0 EventSystem - ok
15:44:01.0765 0x05e0 [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
15:44:01.0968 0x05e0 Fastfat - ok
15:44:02.0609 0x05e0 [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
15:44:02.0750 0x05e0 FastUserSwitchingCompatibility - ok
15:44:03.0343 0x05e0 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
15:44:03.0500 0x05e0 Fdc - ok
15:44:04.0312 0x05e0 [ E7072827D0B5F9BD99D6961571A38973, 6B34FC5A57FB25EE52DBB3D5A1FCD664EF4906418315A69DEFAA99DB3971F78A ] FET5X86V C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys
15:44:04.0421 0x05e0 FET5X86V - ok
15:44:04.0781 0x05e0 [ E9648254056BCE81A85380C0C3647DC4, AE58F498BD1C33360FE3BB9EA22C13EA562206B68E7946B587CB5A6DF94586A1 ] FETNDIS C:\WINDOWS\system32\DRIVERS\fetnd5.sys
15:44:04.0937 0x05e0 FETNDIS - ok
15:44:05.0187 0x05e0 [ B0678A548587C5F1967B0D70BACAD6C1, 7E49910212ED87313F926E4800EA8D34809C287A686CA69B82B79C1A6451F88C ] Fips C:\WINDOWS\system32\drivers\Fips.sys
15:44:05.0328 0x05e0 Fips - ok
15:44:05.0578 0x05e0 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
15:44:05.0718 0x05e0 Flpydisk - ok
15:44:06.0046 0x05e0 [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
15:44:06.0187 0x05e0 FltMgr - ok
15:44:06.0531 0x05e0 [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
15:44:06.0546 0x05e0 FontCache3.0.0.0 - ok
15:44:06.0937 0x05e0 [ B07663A810E861EEBFD0EAC7E82CA62D, 9FC5CDE0A0C3D15050056325AACD65B13C4C45ED0DA199ABFB93A691285A3821 ] FsUsbExDisk C:\WINDOWS\system32\FsUsbExDisk.SYS
15:44:06.0984 0x05e0 FsUsbExDisk - detected UnsignedFile.Multi.Generic ( 1 )
15:44:09.0375 0x05e0 Detect skipped due to KSN trusted
15:44:09.0375 0x05e0 FsUsbExDisk - ok
15:44:09.0468 0x05e0 [ F96C429788350DB4BA6771C3034DFD88, 07DD60F281224D5CDA14FD4F42BF6992EBDD44FD8888A7D5053E2130A47D3CDC ] FsUsbExService C:\WINDOWS\system32\FsUsbExService.Exe
15:44:09.0500 0x05e0 FsUsbExService - detected UnsignedFile.Multi.Generic ( 1 )
15:44:19.0500 0x05e0 FsUsbExService ( UnsignedFile.Multi.Generic ) - warning
15:44:24.0109 0x05e0 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:44:24.0296 0x05e0 Fs_Rec - ok
15:44:24.0625 0x05e0 [ 8F1955CE42E1484714B542F341647778, 8EB3F99625F409D3032561E8AB44BEFBFBFBA4EC873C2151C92A5CAAF7F2AA55 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
15:44:24.0843 0x05e0 Ftdisk - ok
15:44:25.0156 0x05e0 [ 3A74C423CF6BCCA6982715878F450A3B, A98D6D377B48D05BE3927F6E93D0DE7741E115C43125C0E0DE6EEFE023DE73BC ] gagp30kx C:\WINDOWS\system32\DRIVERS\gagp30kx.sys
15:44:25.0312 0x05e0 gagp30kx - ok
15:44:25.0578 0x05e0 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
15:44:25.0718 0x05e0 Gpc - ok
15:44:26.0437 0x05e0 [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate C:\Programme\Google\Update\GoogleUpdate.exe
15:44:26.0468 0x05e0 gupdate - ok
15:44:26.0906 0x05e0 [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe
15:44:26.0921 0x05e0 gupdatem - ok
15:44:27.0296 0x05e0 [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
15:44:27.0312 0x05e0 gusvc - ok
15:44:27.0625 0x05e0 [ CB66BF85BF599BEFD6C6A57C2E20357F, 55D3A0F9279FF316766F42548FCB61C452942B08A37590C4892DF110BE4E53C6 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
15:44:27.0781 0x05e0 helpsvc - ok
15:44:27.0906 0x05e0 [ B35DA85E60C0103F2E4104532DA2F12B, E13C9F73DF7713554CB614B36123D75014F5121AA1FC9069733E61758751CBE4 ] HidServ C:\WINDOWS\System32\hidserv.dll
15:44:28.0046 0x05e0 HidServ - ok
15:44:28.0156 0x05e0 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
15:44:28.0328 0x05e0 HidUsb - ok
15:44:28.0406 0x05e0 [ ED29F14101523A6E0E808107405D452C, B8FA987637787BEECC2EB06D36293DAC355523392B49A8C5A9491EEE961917E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
15:44:28.0515 0x05e0 hkmsvc - ok
15:44:28.0546 0x05e0 hpn - ok
15:44:28.0609 0x05e0 [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
15:44:28.0703 0x05e0 HTTP - ok
15:44:28.0765 0x05e0 [ 9E4ADB854CEBCFB81A4B36718FEECD16, 677AB64460775686F8366D6BF35D420A2486C3F07338A00A7C2788A5142B9F08 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
15:44:28.0875 0x05e0 HTTPFilter - ok
15:44:28.0890 0x05e0 i2omgmt - ok
15:44:28.0906 0x05e0 i2omp - ok
15:44:28.0937 0x05e0 [ E283B97CFBEB86C1D86BAED5F7846A92, 7664F791D08C80DF1E52B34BE69F073AA645610C4BD975F498254807602374AB ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
15:44:29.0062 0x05e0 i8042prt - ok
15:44:29.0171 0x05e0 [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:44:29.0296 0x05e0 idsvc - ok
15:44:29.0328 0x05e0 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
15:44:29.0468 0x05e0 Imapi - ok
15:44:29.0531 0x05e0 [ D4B413AA210C21E46AEDD2BA5B68D38E, 2309622867AA8FC832A729FA78F48742D4BD6CA0DAFBFB9DDB0772D671E1ED75 ] ImapiService C:\WINDOWS\system32\imapi.exe
15:44:29.0656 0x05e0 ImapiService - ok
15:44:29.0687 0x05e0 ini910u - ok
15:44:29.0703 0x05e0 IntelIde - ok
15:44:29.0765 0x05e0 [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
15:44:29.0859 0x05e0 Ip6Fw - ok
15:44:29.0890 0x05e0 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:44:30.0015 0x05e0 IpFilterDriver - ok
15:44:30.0031 0x05e0 [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
15:44:30.0156 0x05e0 IpInIp - ok
15:44:30.0187 0x05e0 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
15:44:30.0312 0x05e0 IpNat - ok
15:44:30.0359 0x05e0 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
15:44:30.0453 0x05e0 IPSec - ok
15:44:30.0468 0x05e0 [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
15:44:30.0593 0x05e0 IRENUM - ok
15:44:30.0656 0x05e0 [ 6DFB88F64135C525433E87648BDA30DE, 8233EEFBEF36AAA152F2C55D23D7118F0DE40C9C22EB5D9793405A4770889540 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
15:44:30.0750 0x05e0 isapnp - ok
15:44:30.0921 0x05e0 [ 5739F2821D49975CEDE6BF0153D0CF01, DF45BD1A9F6DDB893C99F28C3730C50C61A612C4297A4B00D857533FC0973CD9 ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe
15:44:30.0937 0x05e0 JavaQuickStarterService - ok
15:44:30.0968 0x05e0 [ 1704D8C4C8807B889E43C649B478A452, E854C90CD301F42BE2520CEDAD35E49DF2D43606CF4EEED861B74882118D04D1 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
15:44:31.0062 0x05e0 Kbdclass - ok
15:44:31.0093 0x05e0 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
15:44:31.0218 0x05e0 kmixer - ok
15:44:31.0265 0x05e0 [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
15:44:31.0390 0x05e0 KSecDD - ok
15:44:31.0437 0x05e0 [ 2BBDCB79900990F0716DFCB714E72DE7, 6283789201164A9254632D9A3C8A54FE697717D5F8D5A37804D924DC2B70C8E3 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
15:44:31.0484 0x05e0 lanmanserver - ok
15:44:31.0562 0x05e0 [ 1869B14B06B44B44AF70548E1EA3303F, 4D63B4DAF580C86F86837C7D1753E2105B4C52E26D4CA0CAAFE83755EFF7AFBE ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
15:44:31.0625 0x05e0 lanmanworkstation - ok
15:44:31.0640 0x05e0 lbrtfdc - ok
15:44:31.0734 0x05e0 [ 636714B7D43C8D0C80449123FD266920, F06F6C7DC49B26EFCAC3570C67BA9BD934F62C6F382DA4DD2AB302C7B970F414 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
15:44:31.0843 0x05e0 LmHosts - ok
15:44:31.0890 0x05e0 [ B7550A7107281D170CE85524B1488C98, A3854B16A65436BEF6BEDE918B43B3BE8F00D303660DB5831DD376271DC43239 ] Messenger C:\WINDOWS\System32\msgsvc.dll
15:44:31.0984 0x05e0 Messenger - ok
15:44:32.0062 0x05e0 [ 4F169F43F932739F093AE4E659FFF26A, 3DA408033DF3C8BAB59CBADD281EEADAF2ADDCA28FA57027932F9D79B6051B3E ] MHIKEY10 C:\WINDOWS\system32\Drivers\MHIKEY10.sys
15:44:32.0109 0x05e0 MHIKEY10 - ok
15:44:32.0140 0x05e0 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
15:44:32.0281 0x05e0 mnmdd - ok
15:44:32.0343 0x05e0 [ C2F1D365FD96791B037EE504868065D3, 87BD87E08FD00D115524B049F1A3A719AB86557D68968E7090CD0F271F985CAF ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
15:44:32.0437 0x05e0 mnmsrvc - ok
15:44:32.0453 0x05e0 [ 6FB74EBD4EC57A6F1781DE3852CC3362, 0454509D9A31E0202C08AE17294E2682F227D177A3C73B303E4C8332757AFCA1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
15:44:32.0593 0x05e0 Modem - ok
15:44:32.0640 0x05e0 [ B24CE8005DEAB254C0251E15CB71D802, 6804A8ABDAD5EC846E7F8077D1EE9BA45D6226ACFF42C70BE3DE7C8980EF9EC4 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
15:44:32.0750 0x05e0 Mouclass - ok
15:44:32.0812 0x05e0 [ 66A6F73C74E1791464160A7065CE711A, 3C570FA1E8EF976B83759220FE95BAC9D7D48D607F91B113EDE4790D34ACBD46 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
15:44:32.0953 0x05e0 mouhid - ok
15:44:33.0000 0x05e0 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
15:44:33.0125 0x05e0 MountMgr - ok
15:44:33.0140 0x05e0 mraid35x - ok
15:44:33.0156 0x05e0 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
15:44:33.0281 0x05e0 MRxDAV - ok
15:44:33.0359 0x05e0 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:44:33.0406 0x05e0 MRxSmb - ok
15:44:33.0437 0x05e0 [ 35A031AF38C55F92D28AA03EE9F12CC9, 97245D204C886EE8DCCC2DEAC80A0E358A7E0C1982F77389DA50DCF091FC9DDC ] MSDTC C:\WINDOWS\system32\msdtc.exe
15:44:33.0562 0x05e0 MSDTC - ok
15:44:33.0578 0x05e0 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
15:44:33.0703 0x05e0 Msfs - ok
15:44:33.0734 0x05e0 MSIServer - ok
15:44:33.0765 0x05e0 [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:44:33.0890 0x05e0 MSKSSRV - ok
15:44:33.0906 0x05e0 [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:44:34.0031 0x05e0 MSPCLOCK - ok
15:44:34.0046 0x05e0 [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
15:44:34.0171 0x05e0 MSPQM - ok
15:44:34.0218 0x05e0 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
15:44:34.0296 0x05e0 mssmbios - ok
15:44:34.0343 0x05e0 [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
15:44:34.0453 0x05e0 MSTEE - ok
15:44:34.0515 0x05e0 [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
15:44:34.0562 0x05e0 Mup - ok
15:44:34.0593 0x05e0 [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
15:44:34.0687 0x05e0 NABTSFEC - ok
15:44:34.0781 0x05e0 [ 46BB15AE2AC7D025D6D2567B876817BD, 102A101B96D1078C98FA0F871C801A9A8538E20E5686AB0C7680B2F6C92B3165 ] napagent C:\WINDOWS\System32\qagentrt.dll
15:44:34.0890 0x05e0 napagent - ok
15:44:34.0968 0x05e0 [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
15:44:35.0093 0x05e0 NDIS - ok
15:44:35.0109 0x05e0 [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
15:44:35.0203 0x05e0 NdisIP - ok
15:44:35.0250 0x05e0 [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:44:35.0296 0x05e0 NdisTapi - ok
15:44:35.0359 0x05e0 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:44:35.0484 0x05e0 Ndisuio - ok
15:44:35.0531 0x05e0 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:44:35.0656 0x05e0 NdisWan - ok
15:44:35.0703 0x05e0 [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
15:44:35.0765 0x05e0 NDProxy - ok
15:44:35.0812 0x05e0 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
15:44:35.0906 0x05e0 NetBIOS - ok
15:44:35.0937 0x05e0 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
15:44:36.0046 0x05e0 NetBT - ok
15:44:36.0109 0x05e0 [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDE C:\WINDOWS\system32\netdde.exe
15:44:36.0250 0x05e0 NetDDE - ok
15:44:36.0265 0x05e0 [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
15:44:36.0375 0x05e0 NetDDEdsdm - ok
15:44:36.0437 0x05e0 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] Netlogon C:\WINDOWS\system32\lsass.exe
15:44:36.0546 0x05e0 Netlogon - ok
15:44:36.0609 0x05e0 [ E6D88F1F6745BF00B57E7855A2AB696C, 12A5EDD853600FF5EBF91E127077745AE1E61E66DBC1D4D4306570F171AF4A39 ] Netman C:\WINDOWS\System32\netman.dll
15:44:36.0750 0x05e0 Netman - ok
15:44:36.0828 0x05e0 [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:44:36.0859 0x05e0 NetTcpPortSharing - ok
15:44:36.0921 0x05e0 [ F1B67B6B0751AE0E6E964B02821206A3, 3D5A7593ABDEE2047C5738671C85DC8B95A4ECF58D5D7B04EEE13A689839A540 ] Nla C:\WINDOWS\System32\mswsock.dll
15:44:36.0953 0x05e0 Nla - ok
15:44:36.0968 0x05e0 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
15:44:37.0062 0x05e0 Npfs - ok
15:44:37.0109 0x05e0 [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
15:44:37.0265 0x05e0 Ntfs - ok
15:44:37.0296 0x05e0 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
15:44:37.0390 0x05e0 NtLmSsp - ok
15:44:37.0453 0x05e0 [ 56AF4064996FA5BAC9C449B1514B4770, 154602EFEC22728503D4ABA025DF711B0F2CFC983F5E3BF25F2A4BCD1AE250EC ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
15:44:37.0625 0x05e0 NtmsSvc - ok
15:44:37.0687 0x05e0 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
15:44:37.0812 0x05e0 Null - ok
15:44:37.0875 0x05e0 [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
15:44:37.0984 0x05e0 NwlnkFlt - ok
15:44:38.0000 0x05e0 [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
15:44:38.0109 0x05e0 NwlnkFwd - ok
15:44:38.0187 0x05e0 [ F84785660305B9B903FB3BCA8BA29837, BDBDE61076800415D98759077E9E039C80B55DBE68E31F8BF44A909C6C3D3276 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
15:44:38.0296 0x05e0 Parport - ok
15:44:38.0343 0x05e0 [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
15:44:38.0437 0x05e0 PartMgr - ok
15:44:38.0468 0x05e0 [ C2BF987829099A3EAA2CA6A0A90ECB4F, 1DF21EA8E43875CFEECD869407429F82FB449707CFB845718499468E699BAAAA ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
15:44:38.0593 0x05e0 ParVdm - ok
15:44:38.0609 0x05e0 [ 387E8DEDC343AA2D1EFBC30580273ACD, 5F3E642BDB759777E570ED5B22AC7E93CDCD362708F281657AD7BAB44EDEC802 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
15:44:38.0718 0x05e0 PCI - ok
15:44:38.0765 0x05e0 PCIDump - ok
15:44:38.0781 0x05e0 [ 59BA86D9A61CBCF4DF8E598C331F5B82, 822D11C5CE77BFD7B2F25350CCBF92B0B9388EEA6D86ED220B768C720976D839 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
15:44:38.0906 0x05e0 PCIIde - ok
15:44:38.0937 0x05e0 [ A2A966B77D61847D61A3051DF87C8C97, 6CED7CA26DC62B0AAFC83A2E07336DAD25954491201BB8E06103971F3F0B8B51 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
15:44:39.0046 0x05e0 Pcmcia - ok
15:44:39.0062 0x05e0 PDCOMP - ok
15:44:39.0078 0x05e0 PDFRAME - ok
15:44:39.0093 0x05e0 PDRELI - ok
15:44:39.0109 0x05e0 PDRFRAME - ok
15:44:39.0125 0x05e0 perc2 - ok
15:44:39.0140 0x05e0 perc2hib - ok
15:44:39.0203 0x05e0 [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] PlugPlay C:\WINDOWS\system32\services.exe
15:44:39.0218 0x05e0 PlugPlay - ok
15:44:39.0328 0x05e0 [ B597C2C966B447E011B4AE1B4D053677, F5749A45AA96DD8567789B3EAE38137A414371A9977D1317742141DCEDEB31C3 ] PMBDeviceInfoProvider C:\Programme\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
15:44:39.0390 0x05e0 PMBDeviceInfoProvider - ok
15:44:39.0421 0x05e0 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
15:44:39.0515 0x05e0 PolicyAgent - ok
15:44:39.0531 0x05e0 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
15:44:39.0656 0x05e0 PptpMiniport - ok
15:44:39.0687 0x05e0 [ 2CB55427C58679F49AD600FCCBA76360, 2B5242E9637FCB6A7C16F720C9D8D440AA88B61FB5F108B295A208886C01C4D1 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
15:44:39.0812 0x05e0 Processor - ok
15:44:39.0843 0x05e0 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
15:44:39.0937 0x05e0 ProtectedStorage - ok
15:44:39.0968 0x05e0 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
15:44:40.0078 0x05e0 PSched - ok
15:44:40.0109 0x05e0 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
15:44:40.0234 0x05e0 Ptilink - ok
15:44:40.0250 0x05e0 ql1080 - ok
15:44:40.0265 0x05e0 Ql10wnt - ok
15:44:40.0281 0x05e0 ql12160 - ok
15:44:40.0296 0x05e0 ql1240 - ok
15:44:40.0312 0x05e0 ql1280 - ok
15:44:40.0343 0x05e0 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:44:40.0484 0x05e0 RasAcd - ok
15:44:40.0546 0x05e0 [ F5BA6CACCDB66C8F048E867563203246, AFEAD8FC02313F7EBC8F9F39E7ED2868852B480BE3902FA7BD0AFD81492AB243 ] RasAuto C:\WINDOWS\System32\rasauto.dll
15:44:40.0656 0x05e0 RasAuto - ok
15:44:40.0703 0x05e0 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
15:44:40.0796 0x05e0 Rasl2tp - ok
15:44:40.0843 0x05e0 [ F9A7B66EA345726EDB5862A46B1ECCD5, 5D35429D394D36A1692A7E219BA1A85CD8096FEAE0F90BFE036A63118FEDBF57 ] RasMan C:\WINDOWS\System32\rasmans.dll
15:44:40.0984 0x05e0 RasMan - ok
15:44:41.0015 0x05e0 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:44:41.0140 0x05e0 RasPppoe - ok
15:44:41.0156 0x05e0 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
15:44:41.0281 0x05e0 Raspti - ok
15:44:41.0343 0x05e0 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:44:41.0468 0x05e0 Rdbss - ok
15:44:41.0484 0x05e0 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
15:44:41.0593 0x05e0 RDPCDD - ok
15:44:41.0625 0x05e0 [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
15:44:41.0765 0x05e0 rdpdr - ok
15:44:41.0828 0x05e0 [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
15:44:41.0875 0x05e0 RDPWD - ok
15:44:41.0921 0x05e0 [ 263AF18AF0F3DB99F574C95F284CCEC9, 2BFA9952E97EFEB386FC56EC2C125080CD12DAC078DBE43C395CB4D9F22165D3 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
15:44:42.0046 0x05e0 RDSessMgr - ok
15:44:42.0062 0x05e0 [ ED761D453856F795A7FE056E42C36365, EF026585B33415D8FCE94A9F27D7A4396C7C35C88E06A4CF0FEA702401E8597A ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
15:44:42.0187 0x05e0 redbook - ok
15:44:42.0265 0x05e0 [ 0E97EC96D6942CEEC2D188CC2EB69A01, D4253B4420BEF19451A55AB91E4834482181A31A31134F6E2AFE05C8E20C81A5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
15:44:42.0359 0x05e0 RemoteAccess - ok
15:44:42.0437 0x05e0 [ E4CD1F3D84E1C2CA0B8CF7501E201593, 649CC0B04F94D407EB6B4C7FDE2C6E4D2B1531307BC67C5775E44D66EF2E4F8A ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
15:44:42.0562 0x05e0 RemoteRegistry - ok
15:44:42.0593 0x05e0 [ 2A02E21867497DF20B8FC95631395169, D89E2D17ED4E1C727847C0E92D2DF68AEB70BF0B956BD2FE024ED70A961759D2 ] RpcLocator C:\WINDOWS\system32\locator.exe
15:44:42.0703 0x05e0 RpcLocator - ok
15:44:42.0781 0x05e0 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] RpcSs C:\WINDOWS\system32\rpcss.dll
15:44:42.0828 0x05e0 RpcSs - ok
15:44:42.0906 0x05e0 [ 4BDD71B4B521521499DFD14735C4F398, 7B1498D3C67E56D05B58B7DA319ECB0117C37963AABB0E59B42831C087469DA1 ] RSVP C:\WINDOWS\system32\rsvp.exe
15:44:43.0062 0x05e0 RSVP - ok
15:44:43.0109 0x05e0 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] SamSs C:\WINDOWS\system32\lsass.exe
15:44:43.0203 0x05e0 SamSs - ok
15:44:43.0250 0x05e0 [ DCEC079FAD95D36C8DD5CB6D779DFE32, F8546552D939A225853A0CE4913701A93738DF02C999D16E141E9A828814BBC6 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
15:44:43.0359 0x05e0 SCardSvr - ok
15:44:43.0406 0x05e0 [ A050194A44D7FA8D7186ED2F4E8367AE, BCDF56D5A2F9E202DC67E7FE4BCC617BCC0BDFF2D221A621020068B17B2855BB ] Schedule C:\WINDOWS\system32\schedsvc.dll
15:44:43.0531 0x05e0 Schedule - ok
15:44:43.0609 0x05e0 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
15:44:43.0703 0x05e0 Secdrv - ok
15:44:43.0750 0x05e0 [ BEE4CFD1D48C23B44CF4B974B0B79B2B, DF3B02D713F8A4602BE75F004074D5DF79AFF2D58FF37110B2A6AC29F680758B ] seclogon C:\WINDOWS\System32\seclogon.dll
15:44:43.0843 0x05e0 seclogon - ok
15:44:43.0906 0x05e0 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3, 95D83F054A6610328D56E56CD948A6618C590231853E56FC20E7557DB61384A4 ] SENS C:\WINDOWS\system32\sens.dll
15:44:44.0000 0x05e0 SENS - ok
15:44:44.0015 0x05e0 [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] Serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
15:44:44.0156 0x05e0 Serenum - ok
15:44:44.0203 0x05e0 [ CF24EB4F0412C82BCD1F4F35A025E31D, B74CB094126F5C23F601C34D53B2DF5BE3E5918230AC9DCFCFFA8E66B3A0FA25 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
15:44:44.0312 0x05e0 Serial - ok
15:44:44.0375 0x05e0 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
15:44:44.0500 0x05e0 Sfloppy - ok
15:44:44.0578 0x05e0 [ CAD058D5F8B889A87CA3EB3CF624DCEF, A7CDCF44261D1F4D820927253EA8EBB63714B7BAFF8B08DE073507D9A7EEA5BB ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
15:44:44.0687 0x05e0 SharedAccess - ok
15:44:44.0734 0x05e0 [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
15:44:44.0765 0x05e0 ShellHWDetection - ok
15:44:44.0781 0x05e0 Simbad - ok
15:44:44.0812 0x05e0 [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
15:44:44.0921 0x05e0 SLIP - ok
15:44:44.0953 0x05e0 Sparrow - ok
15:44:45.0015 0x05e0 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
15:44:45.0125 0x05e0 splitter - ok
15:44:45.0203 0x05e0 [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe
15:44:45.0234 0x05e0 Spooler - ok
15:44:45.0281 0x05e0 [ 50FA898F8C032796D3B1B9951BB5A90F, 1C86273EC19EB96D6DB9CE6670C00683B77C99C42CC2F7E75BC50872B93446B1 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
15:44:45.0406 0x05e0 sr - ok
15:44:45.0468 0x05e0 [ FE77A85495065F3AD59C5C65B6C54182, EB4BAF992F961B2FD5D24BFCB6BCB2142BC32933139A818835FEAB190E4283BB ] srservice C:\WINDOWS\system32\srsvc.dll
15:44:45.0578 0x05e0 srservice - ok
15:44:45.0625 0x05e0 [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
15:44:45.0671 0x05e0 Srv - ok
15:44:45.0750 0x05e0 [ BB6EDB0257860083193CC1581AC7D485, DE2A6AA57C48D4FACF155C2FD876D5F3238A9107F8313FB3D0BF7CE34B0ED559 ] ssadbus C:\WINDOWS\system32\DRIVERS\ssadbus.sys
15:44:45.0765 0x05e0 ssadbus - ok
15:44:45.0796 0x05e0 [ 5BCB68F7B62159C07789D3F405750623, 5363AC26FDD7114BB23F09F79541A691FF6E140C4B802F5AE284BCE5F623D5E0 ] ssadmdfl C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys
15:44:45.0796 0x05e0 ssadmdfl - ok
15:44:45.0875 0x05e0 [ 1588A89F9CD9E68DE9FCC9F60FDB5C08, E2E547A0AC10DAA55029500052D89A7FB124FFBE7742F16AD41B857890AED50F ] ssadmdm C:\WINDOWS\system32\DRIVERS\ssadmdm.sys
15:44:45.0890 0x05e0 ssadmdm - ok
15:44:45.0921 0x05e0 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500, 2971D7D45D6942D310D47DBD19B9680D2D29527E79B86133C72217FD29259465 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
15:44:46.0031 0x05e0 SSDPSRV - ok
15:44:46.0125 0x05e0 [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
15:44:46.0125 0x05e0 ssmdrv - ok
15:44:46.0187 0x05e0 [ CA22092117F4F8BA3700B4BF9962444A, 2E82F06E700179FE2C743506FEFD0D45E1CECCD97C0E4C574159EB3A9B8D101F ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
15:44:46.0203 0x05e0 ssudmdm - ok
15:44:46.0296 0x05e0 [ 5E5ABE2971367184CE83A19765FF64A3, 552CC8AFE7F7F5658F573D77087032CB463C454EDB8FF45947B1F4B936EA4CF2 ] ssudserd C:\WINDOWS\system32\DRIVERS\ssudserd.sys
15:44:46.0312 0x05e0 ssudserd - ok
15:44:46.0359 0x05e0 [ BC2C5985611C5356B24AEB370953DED9, 15CBAB8166827DC098E2B16AB6F49A1441A4CB52AF3588F0AD964CAB596DFE10 ] stisvc C:\WINDOWS\system32\wiaservc.dll
15:44:46.0500 0x05e0 stisvc - ok
15:44:46.0531 0x05e0 [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
15:44:46.0640 0x05e0 streamip - ok
15:44:46.0687 0x05e0 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
15:44:46.0796 0x05e0 swenum - ok
15:44:46.0859 0x05e0 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
15:44:46.0968 0x05e0 swmidi - ok
15:44:46.0984 0x05e0 SwPrv - ok
15:44:47.0031 0x05e0 symc810 - ok
15:44:47.0046 0x05e0 symc8xx - ok
15:44:47.0062 0x05e0 sym_hi - ok
15:44:47.0093 0x05e0 sym_u3 - ok
15:44:47.0109 0x05e0 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
15:44:47.0234 0x05e0 sysaudio - ok
15:44:47.0281 0x05e0 [ 2903FFFA2523926D6219428040DCE6B9, 4F13181931B0499F6C3F08138054DBCD1F84CB9806999A9172B80DE79D446F62 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
15:44:47.0406 0x05e0 SysmonLog - ok
15:44:47.0453 0x05e0 [ 05903CAC4B98908D55EA5774775B382E, AC3666CBD894D737874A5998DC7F46A0A51A7B23B1835FC735B9AD503A2191CC ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
15:44:47.0593 0x05e0 TapiSrv - ok
15:44:47.0640 0x05e0 [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:44:47.0703 0x05e0 Tcpip - ok
15:44:47.0734 0x05e0 [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
15:44:47.0843 0x05e0 TDPIPE - ok
15:44:47.0859 0x05e0 [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
15:44:47.0953 0x05e0 TDTCP - ok
15:44:47.0984 0x05e0 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
15:44:48.0109 0x05e0 TermDD - ok
15:44:48.0203 0x05e0 [ B7DE02C863D8F5A005A7BF375375A6A4, 6DE05A7B28CA5A78D58536347FC47F15883EEDBEF487CEA0117CC280FC582DCC ] TermService C:\WINDOWS\System32\termsrv.dll
15:44:48.0328 0x05e0 TermService - ok
15:44:48.0359 0x05e0 [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] Themes C:\WINDOWS\System32\shsvcs.dll
15:44:48.0375 0x05e0 Themes - ok
15:44:48.0437 0x05e0 [ 03681A1CE77F51586903869A5AB1DEAB, E2EC0A481412166B654682C2F3D953E96E757466135CBD2D813B967EDB13C721 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
15:44:48.0531 0x05e0 TlntSvr - ok
15:44:48.0656 0x05e0 [ E4FAD21646088D79F8889B6531396ACF, D0C8F0E3293D423245FD2233F283A1FE2463E15F8B9F4ED6AC96C2164EC51F75 ] TomTomHOMEService C:\Programme\TomTom HOME 2\TomTomHOMEService.exe
15:44:48.0671 0x05e0 TomTomHOMEService - ok
15:44:48.0703 0x05e0 TosIde - ok
15:44:48.0734 0x05e0 [ 626504572B175867F30F3215C04B3E2F, 47E87CE9BC666D5CB5953C5D497DC00A7CC28F8EC0A064B3E47700279C5C4B91 ] TrkWks C:\WINDOWS\system32\trkwks.dll
15:44:48.0875 0x05e0 TrkWks - ok
15:44:48.0953 0x05e0 [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
15:44:49.0046 0x05e0 Udfs - ok
15:44:49.0078 0x05e0 ultra - ok
15:44:49.0171 0x05e0 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
15:44:49.0328 0x05e0 Update - ok
15:44:49.0375 0x05e0 [ 1DFD8975D8C89214B98D9387C1125B49, 0B6B268487C8E45E9B86BF4A0A9DB669E0E45D600DE3C82B63F9986CA9E01082 ] upnphost C:\WINDOWS\System32\upnphost.dll
15:44:49.0500 0x05e0 upnphost - ok
15:44:49.0531 0x05e0 [ 9B11E6118958E63E1FEF129466E2BDA7, 97168BCE3F4A9BB9E6500F05E34851FB957B219C598944FADC28AC0011C0503B ] UPS C:\WINDOWS\System32\ups.exe
15:44:49.0656 0x05e0 UPS - ok
15:44:49.0734 0x05e0 [ 65898A183FBF1D1F7759D5CCB364DCD4, 85E823123FDB4CA5F8255064E22A444627999055EC3419DFD001371893F36AB9 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
15:44:49.0828 0x05e0 usbaudio - ok
15:44:49.0906 0x05e0 [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
15:44:49.0968 0x05e0 usbccgp - ok
15:44:50.0031 0x05e0 [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
15:44:50.0046 0x05e0 usbehci - ok
15:44:50.0125 0x05e0 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
15:44:50.0250 0x05e0 usbhub - ok
15:44:50.0296 0x05e0 [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
15:44:50.0406 0x05e0 usbprint - ok
15:44:50.0484 0x05e0 [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
15:44:50.0593 0x05e0 USBSTOR - ok
15:44:50.0640 0x05e0 [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
15:44:50.0765 0x05e0 usbuhci - ok
15:44:50.0812 0x05e0 [ 813236B1183CFCF289E367BD5DE6E29E, 167FE18A96F330AEEC1A4C419770C15EFEB536D43838285E51E7A62E95DF4674 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
15:44:50.0843 0x05e0 usbvideo - ok
15:44:50.0890 0x05e0 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
15:44:51.0015 0x05e0 VgaSave - ok
15:44:51.0062 0x05e0 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E, FC7FFD53FCC0F81587EFF26A43C141D25C43DBC68311520CE2BCDD739CA58CA9 ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
15:44:51.0187 0x05e0 ViaIde - ok
15:44:51.0203 0x05e0 [ A5A712F4E880874A477AF790B5186E1D, FE885ED04C3EAFC379787F836738A2769E43D07CF52DD917D90C38E001957A5E ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
15:44:51.0328 0x05e0 VolSnap - ok
15:44:51.0406 0x05e0 [ 68F106273BE29E7B7EF8266977268E78, 1488AB7A654EBC94C73E1D494067189ACB95BC233980110CAC4C0297CDC4115A ] VSS C:\WINDOWS\System32\vssvc.exe
15:44:51.0546 0x05e0 VSS - ok
15:44:51.0625 0x05e0 [ 7B353059E665F8B7AD2BBEAEF597CF45, 84A4311F18A4B8DCB364741DEA7D18E2363F19564B2EF25214965DC729527068 ] W32Time C:\WINDOWS\system32\w32time.dll
15:44:51.0765 0x05e0 W32Time - ok
15:44:51.0843 0x05e0 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:44:51.0953 0x05e0 Wanarp - ok
15:44:51.0968 0x05e0 WDICA - ok
15:44:52.0031 0x05e0 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
15:44:52.0156 0x05e0 wdmaud - ok
15:44:52.0218 0x05e0 [ 81727C9873E3905A2FFC1EBD07265002, 6AC2383A1DCBB7FA3DB90FBB874C8E1819F5B7492717FF41E303EFC7BF72F93E ] WebClient C:\WINDOWS\System32\webclnt.dll
15:44:52.0343 0x05e0 WebClient - ok
15:44:52.0531 0x05e0 [ 6F3F3973D97714CC5F906A19FE883729, 7817118BE94D0F6FAE0F9CE48AD70FFE0AEF886CCE09C666768FAB61047F992F ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
15:44:52.0703 0x05e0 winmgmt - ok
15:44:52.0921 0x05e0 [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
15:44:53.0062 0x05e0 WmdmPmSN - ok
15:44:53.0171 0x05e0 [ FFA4D901D46D07A5BAB2D8307FBB51A6, 53C6D04D111EDF774C7F7EEB8D032B372E6244774D56B1B34CF1236027EC9450 ] Wmi C:\WINDOWS\System32\advapi32.dll
15:44:53.0734 0x05e0 Wmi - ok
15:44:54.0343 0x05e0 [ 93908111BA57A6E60EC2FA2DE202105C, F395F25F18D15C6B9FEDB45FD31E10295FFE5517E2BC86ACAC11904EA0664BE2 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
15:44:54.0484 0x05e0 WmiApSrv - ok
15:44:54.0718 0x05e0 [ BF05650BB7DF5E9EBDD25974E22403BB, AF173D89B768CFC7AB03DFADD4F049CAC40AC59A0C9208AF5AB92CB368983077 ] WMPNetworkSvc C:\Programme\Windows Media Player\WMPNetwk.exe
15:44:54.0843 0x05e0 WMPNetworkSvc - ok
15:44:54.0937 0x05e0 [ CF4DEF1BF66F06964DC0D91844239104, CC1D9CECE2056D29A9651D51BB57C3F4F9BF9E90A4808CF7496C683C874FBD51 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
15:44:54.0953 0x05e0 WpdUsb - ok
15:44:55.0046 0x05e0 [ 300B3E84FAF1A5C1F791C159BA28035D, 0194856BDF94C1F274AF70AD558290ACDACDDEA331BD66FEB8E167ABD1E36786 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
15:44:55.0171 0x05e0 wscsvc - ok
15:44:55.0203 0x05e0 [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
15:44:55.0312 0x05e0 WSTCODEC - ok
15:44:55.0359 0x05e0 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085, A1DB8909FA73337DB613D01824945485186654364A4DF129B8CB913CF87D1D2E ] wuauserv C:\WINDOWS\system32\wuauserv.dll
15:44:55.0468 0x05e0 wuauserv - ok
15:44:55.0531 0x05e0 [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
15:44:55.0593 0x05e0 WudfPf - ok
15:44:55.0625 0x05e0 [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
15:44:55.0656 0x05e0 WudfRd - ok
15:44:55.0734 0x05e0 [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
15:44:55.0765 0x05e0 WudfSvc - ok
15:44:55.0859 0x05e0 [ C4F109C005F6725162D2D12CA751E4A7, AC996B44338328BDD4442FE48406F286A64526F0EC77BE00A19FA7FDB0407CFE ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
15:44:56.0031 0x05e0 WZCSVC - ok
15:44:56.0093 0x05e0 [ 0ADA34871A2E1CD2CAAFED1237A47750, 45BEF8649078BD74C1A347B5F2D3A1958E5A7DCD6C6BA8A2E0CAD277A929C64E ] xmlprov C:\WINDOWS\System32\xmlprov.dll
15:44:56.0218 0x05e0 xmlprov - ok
15:44:56.0265 0x05e0 ================ Scan global ===============================
15:44:56.0312 0x05e0 [ 2C60091CA5F67C3032EAB3B30390C27F, 9E205C8E67F4B61FCFA2A82AA1968D522C3B6410D7075BE813F7F1564D61632E ] C:\WINDOWS\system32\basesrv.dll
15:44:56.0359 0x05e0 [ E62178BC21EAC63A3B9A2DBD46C1B505, CAA5480CC4DAA37758F0CF445F865FD6F4630080B044EF2E606C2F62DAA4061A ] C:\WINDOWS\system32\winsrv.dll
15:44:56.0390 0x05e0 [ E62178BC21EAC63A3B9A2DBD46C1B505, CAA5480CC4DAA37758F0CF445F865FD6F4630080B044EF2E606C2F62DAA4061A ] C:\WINDOWS\system32\winsrv.dll
15:44:56.0421 0x05e0 [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] C:\WINDOWS\system32\services.exe
15:44:56.0421 0x05e0 [ Global ] - ok
15:44:56.0421 0x05e0 ================ Scan MBR ==================================
15:44:56.0437 0x05e0 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
15:44:56.0656 0x05e0 \Device\Harddisk0\DR0 - ok
15:44:56.0656 0x05e0 ================ Scan VBR ==================================
15:44:56.0671 0x05e0 [ 09B2FA7841DCE1327267A3EF70C68BBF ] \Device\Harddisk0\DR0\Partition1
15:44:56.0671 0x05e0 \Device\Harddisk0\DR0\Partition1 - ok
15:44:56.0671 0x05e0 ================ Scan generic autorun ======================
15:44:56.0718 0x05e0 [ 77ABDF73D9D90144A4E1F3A030EA042F, CBDC5AE80359C6842CB26824715D50989B351845130508A5B52902B30C0BFD17 ] C:\WINDOWS\SOUNDMAN.EXE
15:44:56.0796 0x05e0 SoundMan - ok
15:44:56.0906 0x05e0 [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe
15:44:56.0984 0x05e0 Adobe ARM - ok
15:44:57.0046 0x05e0 [ 42A856A908650C695C7E0E6F9D56295A, 93349775B2D740D30B0A1093C1B577935C1C913B36D41A70AC2ADB947C25A2C3 ] C:\Programme\Sony\PlayMemories Home\PMBVolumeWatcher.exe
15:44:57.0125 0x05e0 PMBVolumeWatcher - ok
15:44:57.0203 0x05e0 [ FDB2FB392B20797AF3F4ED9D7699938E, 6814A1AE133DD95BF1D189B4BE89B5463939067C9C7E14DC70828481300EC086 ] C:\Programme\Samsung\Kies\KiesTrayAgent.exe
15:44:57.0234 0x05e0 KiesTrayAgent - ok
15:44:57.0265 0x05e0 [ D63797E8E7781EE1500A810CB6194FA6, 5C96DA00B98F0776E6174EBB7D4D6DB634838E130D8581E11811831D2C57B119 ] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
15:44:57.0296 0x05e0 SunJavaUpdateSched - ok
15:44:57.0343 0x05e0 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE
15:44:57.0468 0x05e0 CTFMON.EXE - ok
15:44:57.0468 0x05e0 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE
15:44:57.0578 0x05e0 CTFMON.EXE - ok
15:44:57.0578 0x05e0 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\ctfmon.exe
15:44:57.0687 0x05e0 CTFMON.EXE - ok
15:44:57.0687 0x05e0 Waiting for KSN requests completion. In queue: 181
15:44:58.0687 0x05e0 Waiting for KSN requests completion. In queue: 181
15:44:59.0687 0x05e0 Waiting for KSN requests completion. In queue: 181
15:45:01.0343 0x05e0 AV detected via SS1: Avira Desktop, 14.0.5.320, disabled, updated
15:45:01.0343 0x05e0 Win FW state via NFM: enabled
15:45:03.0718 0x05e0 ============================================================
15:45:03.0718 0x05e0 Scan finished
15:45:03.0718 0x05e0 ============================================================
15:45:03.0812 0x09a0 Detected object count: 2
15:45:03.0812 0x09a0 Actual detected object count: 2
15:46:53.0718 0x09a0 C:\WINDOWS\System32\Drivers\b80de4165e1b28a.sys - copied to quarantine
15:46:53.0750 0x09a0 HKLM\SYSTEM\ControlSet001\services\b80de4165e1b28a - will be deleted on reboot
15:46:53.0781 0x09a0 HKLM\SYSTEM\ControlSet003\services\b80de4165e1b28a - will be deleted on reboot
15:46:53.0937 0x09a0 C:\WINDOWS\System32\Drivers\b80de4165e1b28a.sys - will be deleted on reboot
15:46:53.0937 0x09a0 b80de4165e1b28a ( Rootkit.Win32.Necurs.gen ) - User select action: Delete
15:46:54.0031 0x09a0 C:\WINDOWS\system32\FsUsbExService.Exe - copied to quarantine
15:46:54.0093 0x09a0 HKLM\SYSTEM\ControlSet001\services\FsUsbExService - will be deleted on reboot
15:46:54.0125 0x09a0 HKLM\SYSTEM\ControlSet003\services\FsUsbExService - will be deleted on reboot
15:46:54.0234 0x09a0 C:\WINDOWS\system32\FsUsbExService.Exe - will be deleted on reboot
15:46:54.0234 0x09a0 FsUsbExService ( UnsignedFile.Multi.Generic ) - User select action: Delete
15:46:55.0296 0x09a0 KLMD registered as C:\WINDOWS\system32\drivers\76595328.sys
15:47:02.0218 0x0ce4 Deinitialize success
Code:
ATTFilter 15:50:16.0328 0x0bd8 TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
15:50:16.0468 0x0bd8 ============================================================
15:50:16.0468 0x0bd8 Current date / time: 2014/07/12 15:50:16.0468
15:50:16.0468 0x0bd8 SystemInfo:
15:50:16.0468 0x0bd8
15:50:16.0468 0x0bd8 OS Version: 5.1.2600 ServicePack: 3.0
15:50:16.0468 0x0bd8 Product type: Workstation
15:50:16.0468 0x0bd8 ComputerName: RIKES-PC
15:50:16.0468 0x0bd8 UserName: Admin
15:50:16.0468 0x0bd8 Windows directory: C:\WINDOWS
15:50:16.0468 0x0bd8 System windows directory: C:\WINDOWS
15:50:16.0468 0x0bd8 Processor architecture: Intel x86
15:50:16.0468 0x0bd8 Number of processors: 1
15:50:16.0468 0x0bd8 Page size: 0x1000
15:50:16.0468 0x0bd8 Boot type: Normal boot
15:50:16.0468 0x0bd8 ============================================================
15:50:16.0484 0x0bd8 BG loaded
15:50:17.0515 0x0bd8 System UUID: {85D39F71-11F0-8F1F-9754-FB6C4A969AB8}
15:50:21.0265 0x0bd8 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 ( 149.05 Gb ), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000044
15:50:21.0343 0x0bd8 ============================================================
15:50:21.0343 0x0bd8 \Device\Harddisk0\DR0:
15:50:21.0343 0x0bd8 MBR partitions:
15:50:21.0343 0x0bd8 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A14BC1
15:50:21.0343 0x0bd8 ============================================================
15:50:21.0437 0x0bd8 C: <-> \Device\Harddisk0\DR0\Partition1
15:50:21.0453 0x0bd8 ============================================================
15:50:21.0453 0x0bd8 Initialize success
15:50:21.0453 0x0bd8 ============================================================
15:50:29.0000 0x0bc0 Deinitialize success
|
|
13.07.2014, 13:02
| #9 |
| /// the machine /// TB-Ausbilder | Avira meldet TR/Rootkit.Gen in C:windows/system32/drivers....was ist zu tun? hi, Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
13.07.2014, 13:37
| #10 |
| | Avira meldet TR/Rootkit.Gen in C:windows/system32/drivers....was ist zu tun? ich danke dir bisher schonmal sehr für deine hilfe!!!! combofix meckerte nicht wegen irgendwas, sollte aber so ein systemwiederherstellungsdingsbums runterladen, was ich getan habe und ich hoffe, das hier folgende ist ein code-tag  Code:
ATTFilter ComboFix 14-07-12.02 - Admin 13.07.2014 14:25:58.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.49.1031.18.2047.1602 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\Admin\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\dokumente und einstellungen\Admin\Recent\Thumbs.db
c:\dokumente und einstellungen\All Users\Anwendungsdaten\TEMP
c:\dokumente und einstellungen\All Users\Anwendungsdaten\TEMP\RAIDTest
c:\programme\Java\jre7\bin\jp2ssv.dll
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-06-13 bis 2014-07-13 ))))))))))))))))))))))))))))))
.
.
2014-07-12 13:53 . 2014-02-26 23:28 13312 -c----w- c:\windows\system32\dllcache\xp_eos.exe
2014-07-12 13:53 . 2014-02-26 23:28 13312 ------w- c:\windows\system32\xp_eos.exe
2014-07-12 13:46 . 2014-07-12 13:46 -------- d-----w- C:\TDSSKiller_Quarantine
2014-07-10 15:16 . 2014-07-10 15:16 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Licenses
2014-07-10 15:16 . 2014-07-10 15:16 -------- d-----w- c:\dokumente und einstellungen\Admin\Anwendungsdaten\Simply Super Software
2014-07-10 15:16 . 2012-06-15 13:39 169744 ----a-w- c:\windows\system32\ztvunrar36.dll
2014-07-10 15:16 . 2012-06-15 13:35 185616 ----a-w- c:\windows\system32\ztvunrar39.dll
2014-07-10 15:16 . 2012-06-15 13:33 605968 ----a-w- c:\windows\system32\ztv7z.dll
2014-07-10 15:16 . 2012-06-15 13:33 77072 ----a-w- c:\windows\system32\ztvcabinet.dll
2014-07-10 15:16 . 2005-08-25 22:50 77312 ----a-w- c:\windows\system32\ztvunace26.dll
2014-07-10 15:16 . 2003-02-02 17:06 153088 ----a-w- c:\windows\system32\UNRAR3.dll
2014-07-10 15:16 . 2002-03-05 22:00 75264 ----a-w- c:\windows\system32\unacev2.dll
2014-07-10 15:16 . 2014-07-10 15:17 -------- d-----w- c:\programme\Trojan Remover
2014-07-10 15:16 . 2014-07-10 15:16 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Simply Super Software
2014-07-10 13:25 . 2014-07-10 13:25 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Fighters
2014-07-10 13:23 . 2014-07-10 13:23 -------- d-----w- c:\dokumente und einstellungen\Admin\Anwendungsdaten\Avira
2014-07-10 13:16 . 2014-07-02 11:06 97648 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2014-07-10 13:16 . 2014-07-10 13:16 -------- d-----w- c:\programme\Avira
2014-07-09 22:56 . 2014-07-09 22:56 414392 ----a-w- c:\windows\system32\drivers\gwqalyjs.sys
2014-07-09 18:43 . 2014-07-09 18:43 -------- d-----w- c:\dokumente und einstellungen\Admin\Anwendungsdaten\ChicaLogic
2014-07-09 18:42 . 2014-07-09 18:42 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\ChicaLogic
2014-07-09 18:42 . 2014-07-09 18:42 -------- d-----w- c:\programme\ChicaLogic
2014-07-09 18:40 . 2014-07-09 23:09 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\clp
2014-07-09 18:23 . 2014-07-09 18:23 -------- d-----w- c:\dokumente und einstellungen\Admin\Anwendungsdaten\TuneUp Software
2014-07-09 18:20 . 2014-07-09 18:37 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\MFAData
2014-07-09 18:20 . 2014-07-09 18:20 -------- d--h--w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Common Files
2014-07-09 18:20 . 2014-07-09 18:20 -------- d-----w- c:\dokumente und einstellungen\Admin\Lokale Einstellungen\Anwendungsdaten\MFAData
2014-07-09 18:04 . 2014-07-09 18:04 -------- d-----w- c:\programme\Dropbox
2014-07-09 18:02 . 2014-07-09 18:04 -------- d-----w- c:\dokumente und einstellungen\Admin\Anwendungsdaten\Dropbox
2014-07-09 17:51 . 2014-07-09 17:51 414392 ----a-w- c:\windows\system32\drivers\xvscvtva.sys
2014-07-09 17:46 . 2014-07-09 18:26 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\AVAST Software
2014-07-09 17:46 . 2014-07-09 17:46 414392 ----a-w- c:\windows\system32\drivers\lnlphlmv.sys
2014-07-09 15:50 . 2014-07-09 17:02 -------- d-----w- c:\dokumente und einstellungen\Admin\Anwendungsdaten\Nico Mak Computing
2014-07-09 14:13 . 2014-07-09 14:13 -------- d-----r- c:\dokumente und einstellungen\LocalService\Favoriten
2014-06-13 14:23 . 2014-06-13 20:00 -------- d-----w- c:\programme\Mozilla Thunderbird
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-09 17:56 . 2014-07-09 17:56 414392 ----a-w- c:\windows\system32\drivers\aswsp.sys.1404928626187
2014-07-09 13:26 . 2012-07-25 21:01 699056 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-07-09 13:26 . 2012-07-25 21:01 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-05-22 12:41 . 2014-05-22 12:42 136216 ----a-w- c:\windows\system32\drivers\avipbb.sys
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{E141F5C3-2619-4996-8AF8-AA0A9439D986}]
2012-07-11 14:39 602168 ----a-w- c:\programme\Payback\PAYBACK Toolbar\PaybackToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{9613CB43-EA4C-48b5-878D-13DFE1818EFE}"= "c:\programme\Payback\PAYBACK Toolbar\PaybackToolbar.dll" [2012-07-11 602168]
.
[HKEY_CLASSES_ROOT\clsid\{9613cb43-ea4c-48b5-878d-13dfe1818efe}]
[HKEY_CLASSES_ROOT\PaybackToolbar.PaybackToolBand.1]
[HKEY_CLASSES_ROOT\TypeLib\{158050A4-69D6-483e-B6B9-A60FE0C9E03A}]
[HKEY_CLASSES_ROOT\PaybackToolbar.PaybackToolBand]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{9613CB43-EA4C-48B5-878D-13DFE1818EFE}"= "c:\programme\Payback\PAYBACK Toolbar\PaybackToolbar.dll" [2012-07-11 602168]
.
[HKEY_CLASSES_ROOT\clsid\{9613cb43-ea4c-48b5-878d-13dfe1818efe}]
[HKEY_CLASSES_ROOT\PaybackToolbar.PaybackToolBand.1]
[HKEY_CLASSES_ROOT\TypeLib\{158050A4-69D6-483e-B6B9-A60FE0C9E03A}]
[HKEY_CLASSES_ROOT\PaybackToolbar.PaybackToolBand]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\dokumente und einstellungen\Admin\Anwendungsdaten\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\dokumente und einstellungen\Admin\Anwendungsdaten\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\dokumente und einstellungen\Admin\Anwendungsdaten\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\dokumente und einstellungen\Admin\Anwendungsdaten\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KiesPreload"="c:\programme\Samsung\Kies\Kies.exe" [2013-04-23 1561968]
"TomTomHOME.exe"="c:\programme\TomTom HOME 2\TomTomHOMERunner.exe" [2013-08-27 248208]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2012-07-20 67584]
"Adobe ARM"="c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"PMBVolumeWatcher"="c:\programme\Sony\PlayMemories Home\PMBVolumeWatcher.exe" [2012-02-15 688184]
"KiesTrayAgent"="c:\programme\Samsung\Kies\KiesTrayAgent.exe" [2013-04-23 311152]
"SunJavaUpdateSched"="c:\programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [2013-03-12 253816]
"ApnUpdater"="c:\programme\Ask.com\Updater\Updater.exe" [2014-01-31 1648056]
"USBestCR"="c:\programme\SmartCardReader\iconcs3256437.exe" [2012-03-22 7249408]
"avgnt"="c:\programme\Avira\AntiVir Desktop\avgnt.exe" [2014-07-02 750160]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programme\\TeamViewer\\Version7\\TeamViewer.exe"=
"c:\\Programme\\TeamViewer\\Version7\\TeamViewer_Service.exe"=
"c:\\WINDOWS\\system32\\muzapp.exe"=
"c:\\Dokumente und Einstellungen\\Admin\\Lokale Einstellungen\\Anwendungsdaten\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"=
"c:\\Dokumente und Einstellungen\\Admin\\Anwendungsdaten\\Dropbox\\bin\\Dropbox.exe"=
.
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [09.06.2013 10:23 37352]
R2 AntiVirSchedulerService;Avira Planer;c:\programme\Avira\AntiVir Desktop\sched.exe [10.07.2014 15:16 430160]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\programme\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [15.02.2012 21:11 459832]
R2 TomTomHOMEService;TomTomHOMEService;c:\programme\TomTom HOME 2\TomTomHOMEService.exe [27.08.2013 16:57 93072]
S2 AfaService;Afa Card Reader Service;c:\windows\system32\afasrv32.exe --> c:\windows\system32\afasrv32.exe [?]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [22.05.2013 13:17 83864]
S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [22.05.2013 13:13 20032]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [10.05.2013 13:58 36640]
S3 MHIKEY10;MHIKEY10;c:\windows\system32\drivers\MHIKEY10.sys [31.08.2013 11:37 51968]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [22.05.2013 13:16 136904]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [22.05.2013 13:16 17864]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [22.05.2013 13:16 153672]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [22.05.2013 13:17 181912]
S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.);c:\windows\system32\drivers\ssudserd.sys [22.05.2013 13:17 181912]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-06-12 18:46 1091912 ----a-w- c:\programme\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-07-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-25 13:26]
.
2014-07-13 c:\windows\Tasks\ChicaPC-Shield-Notification.job
- c:\programme\ChicaLogic\ChicaPC-Shield\Toolkit\Sync.exe [2014-07-09 18:41]
.
2014-07-13 c:\windows\Tasks\Ende des Supports für Microsoft Windows XP – Benachrichtigung – Anmeldung.job
- c:\windows\system32\xp_eos.exe [2014-07-12 23:28]
.
2014-07-13 c:\windows\Tasks\Ende des Supports für Microsoft Windows XP – Monatliche Benachrichtigung.job
- c:\windows\system32\xp_eos.exe [2014-07-12 23:28]
.
2014-07-12 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-861567501-1935655697-682003330-1003Core.job
- c:\dokumente und einstellungen\Admin\Lokale Einstellungen\Anwendungsdaten\Facebook\Update\FacebookUpdate.exe [2013-11-22 19:33]
.
2014-07-13 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-861567501-1935655697-682003330-1003UA.job
- c:\dokumente und einstellungen\Admin\Lokale Einstellungen\Anwendungsdaten\Facebook\Update\FacebookUpdate.exe [2013-11-22 19:33]
.
2014-07-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programme\Google\Update\GoogleUpdate.exe [2013-07-28 18:02]
.
2014-07-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programme\Google\Update\GoogleUpdate.exe [2013-07-28 18:02]
.
2014-07-13 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\programme\Ask.com\UpdateTask.exe [2014-01-31 10:03]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.ebay.de/
IE: {{4840E489-677C-4a08-A1B5-FFAF5196531E} - {9613CB43-EA4C-48b5-878D-13DFE1818EFE} - c:\programme\Payback\PAYBACK Toolbar\PaybackToolbar.dll
TCP: DhcpNameServer = 192.168.1.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
HKCU-Run-KiesAirMessage - c:\programme\Samsung\Kies\KiesAirMessage.exe
SafeBoot-12557041.sys
AddRemove-McAfee Security Scan - c:\programme\McAfee Security Scan\uninstall.exe
AddRemove-01_Simmental - c:\programme\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\programme\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\programme\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\programme\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-07_Schorl - c:\programme\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-09_Hsp - c:\programme\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\programme\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\programme\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-20_NXP_Driver - c:\programme\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-24_flashusbdriver - c:\programme\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\programme\Samsung\USB Drivers\25_escape\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2014-07-13 14:30
Windows 5.1.2600 Service Pack 3 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'winlogon.exe'(636)
c:\windows\system32\Ati2evxx.dll
.
Zeit der Fertigstellung: 2014-07-13 14:31:59
ComboFix-quarantined-files.txt 2014-07-13 12:31
.
Vor Suchlauf: 10 Verzeichnis(se), 20.492.890.112 Bytes frei
Nach Suchlauf: 11 Verzeichnis(se), 22.403.645.440 Bytes frei
.
WindowsXP-KB310994-SP2-Pro-BootDisk-DEU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 0B467AFC31F0603C295E6B5755124C09
72B8CE41AF0DE751C946802B3ED844B4
|
|
14.07.2014, 12:36
| #11 |
| /// the machine /// TB-Ausbilder | Avira meldet TR/Rootkit.Gen in C:windows/system32/drivers....was ist zu tun? Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
14.07.2014, 15:46
| #12 |
| | Avira meldet TR/Rootkit.Gen in C:windows/system32/drivers....was ist zu tun? Hallo, ich mache das alles heute nachmittag wenn ich nach Hause komme aber ich frage jetzt schonmal...was ist denn bzw wo finde ich ein "frisches FRST log" so, hier schonmal der inhalt der mbam.txt....hier wurde nichts gefunden Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 14.07.2014 Suchlauf-Zeit: 15:15:41 Logdatei: mbam.txt Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.07.14.04 Rootkit Datenbank: v2014.07.09.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Self-protection: Deaktiviert Betriebssystem: Windows XP Service Pack 3 CPU: x86 Dateisystem: NTFS Benutzer: Admin Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 246001 Verstrichene Zeit: 9 Min, 18 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristics: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 0 (No malicious items detected) Registrierungswerte: 0 (No malicious items detected) Registrierungsdaten: 0 (No malicious items detected) Ordner: 0 (No malicious items detected) Dateien: 0 (No malicious items detected) Physische Sektoren: 0 (No malicious items detected) (end) logdatei hier: Code:
ATTFilter # AdwCleaner v3.215 - Bericht erstellt am 14/07/2014 um 16:36:12
# Aktualisiert 09/07/2014 von Xplode
# Betriebssystem : Microsoft Windows XP Service Pack 3 (32 bits)
# Benutzername : Admin - RIKES-PC
# Gestartet von : C:\Dokumente und Einstellungen\Admin\Desktop\adwcleaner_3.215.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ask
Ordner Gelöscht : C:\Programme\Ask.com
Ordner Gelöscht : C:\WINDOWS\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Ordner Gelöscht : C:\Dokumente und Einstellungen\Admin\Lokale Einstellungen\Anwendungsdaten\AskToolbar
Ordner Gelöscht : C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\AskToolbar
Ordner Gelöscht : C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Nico Mak Computing
Datei Gelöscht : C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C17DC5CF-54FF-4E63-8AC7-94335D6DA231}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D14D0EE2-2DD1-4230-BE70-3F3AD6172C40}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{05366194-3126-4601-AC1A-DDE573E093DC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{061F450C-37B9-4330-9235-0F25D9F75B33}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22FEB0F5-0BA0-4D4B-8A66-55A21667BC31}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{26249267-15F4-4DA3-8247-C5A78E4FA918}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{39B217B4-8C69-4E45-A8DC-8CC4DAD3CF0A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3CB4CE45-8849-4638-9226-D6B615A15827}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{43AB7B5D-4C40-4103-A549-7002A116A7D5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{996ED20F-A740-47A2-A7EF-9620D422BB4E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D2B79F7D-2D7D-4420-B2A9-ECE52C7C83A0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9613CB43-EA4C-48b5-878D-13DFE1818EFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E141F5C3-2619-4996-8AF8-AA0A9439D986}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{061F450C-37B9-4330-9235-0F25D9F75B33}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{22FEB0F5-0BA0-4D4B-8A66-55A21667BC31}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2B79F7D-2D7D-4420-B2A9-ECE52C7C83A0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{1D55DAA5-04AC-4036-B0BE-DA81EE9676CD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{58CBF821-A0C7-4AE8-9430-77DD1AF38E99}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{72BCBFF7-2837-4CA0-B3B5-3DAED7F54601}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{824125FD-7732-4DA2-9277-3A7D0A0A0813}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E141F5C3-2619-4996-8AF8-AA0A9439D986}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9613CB43-EA4C-48b5-878D-13DFE1818EFE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E141F5C3-2619-4996-8AF8-AA0A9439D986}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9613CB43-EA4C-48b5-878D-13DFE1818EFE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E141F5C3-2619-4996-8AF8-AA0A9439D986}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C17DC5CF-54FF-4E63-8AC7-94335D6DA231}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D14D0EE2-2DD1-4230-BE70-3F3AD6172C40}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F994E0D9-8335-48F1-99C2-A712C21F8D5F}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{9613CB43-EA4C-48b5-878D-13DFE1818EFE}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{9613CB43-EA4C-48b5-878D-13DFE1818EFE}]
Wert Gelöscht : HKLM\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist [1]
Schlüssel Gelöscht : HKCU\Software\Ask.com
Schlüssel Gelöscht : HKCU\Software\AskToolbar
Schlüssel Gelöscht : HKCU\Software\Myfree Codec
Schlüssel Gelöscht : HKLM\Software\AskToolbar
Schlüssel Gelöscht : HKLM\Software\Myfree Codec
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
***** [ Browser ] *****
-\\ Internet Explorer v8.0.6001.18702
-\\ Google Chrome v35.0.1916.153
[ Datei : C:\Dokumente und Einstellungen\Admin\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\preferences ]
Gelöscht [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=AVR-4&o=APN10261&locale=de_DE&apn_uid=6aa7e671-a940-41ce-bf53-c4177191d673&apn_ptnrs=%5EAGS&apn_sauid=6FFDDE16-6E85-48EE-BAED-4EC7F3B6355E&apn_dtid=%5EYYYYYY%5EYY%5EDE&q={searchTerms}
*************************
AdwCleaner[R0].txt - [9689 octets] - [14/07/2014 15:32:18]
AdwCleaner[S0].txt - [9610 octets] - [14/07/2014 16:36:12]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9670 octets] ##########
|
|
14.07.2014, 18:13
| #13 |
| /// the machine /// TB-Ausbilder | Avira meldet TR/Rootkit.Gen in C:windows/system32/drivers....was ist zu tun? Bis jetzt alles gut. Am Schluss einfach FRST öffnen und nochmal scannen 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
14.07.2014, 19:21
| #14 |
| | Avira meldet TR/Rootkit.Gen in C:windows/system32/drivers....was ist zu tun? Super, danke...dann mach ich mal weiter... Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Microsoft Windows XP x86
Ran by Admin on 14.07.2014 at 19:52:51,15
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{C8794BA7-D183-4A1E-B123-648357001DD4}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Programme\myfree codec"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 14.07.2014 at 19:56:07,06
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Also FRST runterladen und scannen??? |
|
15.07.2014, 19:16
| #15 |
| /// the machine /// TB-Ausbilder | Avira meldet TR/Rootkit.Gen in C:windows/system32/drivers....was ist zu tun? Ups Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Avira meldet TR/Rootkit.Gen in C:windows/system32/drivers....was ist zu tun? |
| avira, compu, englisch, faust, folge, folgen, gelöscht, hilfe!, hoffe, hoffnung, langsam, länger, melde, meldet, nichts, quarantäne, remover, runtergeladen, seite, tr/rootkit.gen, troja, trojaner, unglaublich, weiteren, wenig |
WARNUNG an die MITLESER: 
Linear-Darstellung
