Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Windows XP: Email Zip Attachment und danach Dateien verschlüsselt

Windows XP: Email Zip Attachment und danach Dateien verschlüsselt


Log-Analyse und Auswertung: Windows XP: Email Zip Attachment und danach Dateien verschlüsselt

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 01.10.2014, 09:32   #1
doogie
 
Windows XP: Email Zip Attachment und danach Dateien verschlüsselt - Standard

TDSS-Killer Log


15:46:47.0937 0x0454 TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
15:46:50.0906 0x0454 ============================================================
15:46:50.0906 0x0454 Current date / time: 2014/09/30 15:46:50.0906
15:46:50.0906 0x0454 SystemInfo:
15:46:50.0906 0x0454
15:46:50.0906 0x0454 OS Version: 5.1.2600 ServicePack: 3.0
15:46:50.0906 0x0454 Product type: Workstation
15:46:50.0906 0x0454 ComputerName: CONNY-FIX
15:46:50.0906 0x0454 UserName: Administrator
15:46:50.0906 0x0454 Windows directory: C:\WINDOWS
15:46:50.0906 0x0454 System windows directory: C:\WINDOWS
15:46:50.0906 0x0454 Processor architecture: Intel x86
15:46:50.0906 0x0454 Number of processors: 2
15:46:50.0906 0x0454 Page size: 0x1000
15:46:50.0906 0x0454 Boot type: Safe boot with network
15:46:50.0906 0x0454 ============================================================
15:46:54.0390 0x0454 KLMD registered as C:\WINDOWS\system32\drivers\30517125.sys
15:46:54.0562 0x0454 System UUID: {C403FDB5-0C17-A5F8-EABD-A346EBFC52C5}
15:46:54.0921 0x0454 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
15:46:54.0921 0x0454 Drive \Device\Harddisk1\DR2 - Size: 0x3B980000 ( 0.93 Gb ), SectorSize: 0x200, Cylinders: 0x79, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:46:54.0921 0x0454 ============================================================
15:46:54.0921 0x0454 \Device\Harddisk0\DR0:
15:46:54.0921 0x0454 MBR partitions:
15:46:54.0921 0x0454 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A380D41
15:46:54.0921 0x0454 \Device\Harddisk1\DR2:
15:46:54.0921 0x0454 MBR partitions:
15:46:54.0921 0x0454 \Device\Harddisk1\DR2\Partition1: MBR, Type 0x6, StartLBA 0x80, BlocksNum 0x1DCB80
15:46:54.0921 0x0454 ============================================================
15:46:54.0968 0x0454 C: <-> \Device\Harddisk0\DR0\Partition1
15:46:54.0984 0x0454 ============================================================
15:46:54.0984 0x0454 Initialize success
15:46:54.0984 0x0454 ============================================================
15:46:57.0203 0x04b8 ============================================================
15:46:57.0203 0x04b8 Scan started
15:46:57.0203 0x04b8 Mode: Manual;
15:46:57.0203 0x04b8 ============================================================
15:46:57.0203 0x04b8 KSN ping started
15:46:57.0250 0x04b8 KSN ping finished: false
15:46:57.0656 0x04b8 ================ Scan system memory ========================
15:46:57.0656 0x04b8 System memory - ok
15:46:57.0656 0x04b8 ================ Scan services =============================
15:46:57.0796 0x04b8 Abiosdsk - ok
15:46:57.0812 0x04b8 abp480n5 - ok
15:46:57.0875 0x04b8 [ AC407F1A62C3A300B4F2B5A9F1D55B2C, 31F5FC61B37E22100B3A52A590295A7E827FFC581FA9960C64B9032452AAECED ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
15:46:57.0875 0x04b8 ACPI - ok
15:46:58.0046 0x04b8 [ 9E1CA3160DAFB159CA14F83B1E317F75, 13B3E897B0E819BF734449416D9EC6EBCAC89538EC69BF48C068593B82D57004 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
15:46:58.0046 0x04b8 ACPIEC - ok
15:46:58.0140 0x04b8 [ A283108E14F3970432C21AF4C0CB1BCE, 1D3219EF916D54232838870EDE557296AACB714B456ED0AAE0DE3CE3822F4643 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
15:46:58.0171 0x04b8 AdobeFlashPlayerUpdateSvc - ok
15:46:58.0171 0x04b8 adpu160m - ok
15:46:58.0265 0x04b8 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
15:46:58.0265 0x04b8 aec - ok
15:46:58.0312 0x04b8 [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys
15:46:58.0312 0x04b8 AFD - ok
15:46:58.0328 0x04b8 Aha154x - ok
15:46:58.0359 0x04b8 aic78u2 - ok
15:46:58.0375 0x04b8 aic78xx - ok
15:46:58.0421 0x04b8 [ 738D80CC01D7BC7584BE917B7F544394, DCC17AAEF5CDDF52FAAC3CC6904EF421CD595F66318A2370BEE261D5C3A8E340 ] Alerter C:\WINDOWS\system32\alrsvc.dll
15:46:58.0421 0x04b8 Alerter - ok
15:46:58.0437 0x04b8 [ 190CD73D4984F94D823F9444980513E5, 93A32C2495CCA094F768BA707C74DA5C00B8A88A9236DD1A297439A7C2E6C6FA ] ALG C:\WINDOWS\System32\alg.exe
15:46:58.0437 0x04b8 ALG - ok
15:46:58.0453 0x04b8 AliIde - ok
15:46:58.0468 0x04b8 amsint - ok
15:46:58.0593 0x04b8 [ 4D282B9C5BB05DF92C9F3977DFB9F916, E6D49ED0D5FA26F2936FC97A0F1DFA38D1066AAF2EEFCE2931AF21B2CBE54CAD ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe
15:46:58.0656 0x04b8 AntiVirSchedulerService - ok
15:46:58.0687 0x04b8 [ 65AF41A7A2C5B6693E1B4164E7632C3E, BA1DC45D7BB5307BD418D2BDFDBD1DD593439245A0A3F65FE6287F6F5198B999 ] AntiVirService C:\Programme\Avira\AntiVir Desktop\avguard.exe
15:46:58.0703 0x04b8 AntiVirService - ok
15:46:58.0796 0x04b8 [ 3D15C6EDBF84D792ACEBD2289546DBAF, 8E9199028CF4599CE362836CAD4DEC1E033F10335377280A4268E14D0201B1EB ] AntiVirWebService C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE
15:46:58.0843 0x04b8 AntiVirWebService - ok
15:46:58.0921 0x04b8 [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:46:58.0937 0x04b8 Apple Mobile Device - ok
15:46:59.0015 0x04b8 [ D45960BE52C3C610D361977057F98C54, 9186589B502F46B47672CFB8EBD558D51B0F3CBFE4E0DDBA625A4265236518CE ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
15:46:59.0015 0x04b8 AppMgmt - ok
15:46:59.0031 0x04b8 asc - ok
15:46:59.0046 0x04b8 asc3350p - ok
15:46:59.0078 0x04b8 asc3550 - ok
15:46:59.0203 0x04b8 [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
15:46:59.0234 0x04b8 aspnet_state - ok
15:46:59.0265 0x04b8 [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
15:46:59.0265 0x04b8 AsyncMac - ok
15:46:59.0296 0x04b8 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
15:46:59.0296 0x04b8 atapi - ok
15:46:59.0312 0x04b8 Atdisk - ok
15:46:59.0375 0x04b8 [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
15:46:59.0375 0x04b8 Atmarpc - ok
15:46:59.0437 0x04b8 [ 58ED0D5452DF7BE732193E7999C6B9A4, 254E2ECF592DDA2E3E6CA9F6F3E77926E2265586A7937BA95199ED47BCDE69A3 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
15:46:59.0437 0x04b8 AudioSrv - ok
15:46:59.0484 0x04b8 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
15:46:59.0484 0x04b8 audstub - ok
15:46:59.0531 0x04b8 [ B8C10FF9369394EB84993F331810CF29, 84D674EF4FB73FD9D1539DFCC52361C2FBAFD5A2DEF1FFF4F1F416721AA80F85 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
15:46:59.0531 0x04b8 avgntflt - ok
15:46:59.0562 0x04b8 [ 4189E5AB2CAD6F395D87DAAE73EB090F, 8A98667451F0A9E81204BC9DD34B7BDA147FB867F0969361ED6F9C0CD422E49C ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
15:46:59.0562 0x04b8 avipbb - ok
15:46:59.0609 0x04b8 [ D8C712305F73CD34D1B344810E522728, 49A474FF6CA44E8427D7A8290B47395125B0148AF384CF2B3B1FA495A4718CBA ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
15:46:59.0609 0x04b8 avkmgr - ok
15:46:59.0671 0x04b8 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
15:46:59.0671 0x04b8 Beep - ok
15:46:59.0734 0x04b8 [ D6F603772A789BB3228F310D650B8BD1, A539025C70FD998A9B8703DE05CAE5E99BC721D8852EA561EBC2DD20CB371D2E ] BITS C:\WINDOWS\system32\qmgr.dll
15:46:59.0750 0x04b8 BITS - ok
15:46:59.0843 0x04b8 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Programme\Bonjour\mDNSResponder.exe
15:46:59.0859 0x04b8 Bonjour Service - ok
15:46:59.0921 0x04b8 [ B71549F23736ADF83A571061C47777FD, A1D0320736EE777030A543DCA086367EB5A5B6F95088B9C22D8E09326C3A39A9 ] Browser C:\WINDOWS\System32\browser.dll
15:46:59.0921 0x04b8 Browser - ok
15:46:59.0953 0x04b8 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
15:46:59.0953 0x04b8 cbidf2k - ok
15:47:00.0015 0x04b8 [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
15:47:00.0015 0x04b8 CCDECODE - ok
15:47:00.0031 0x04b8 cd20xrnt - ok
15:47:00.0062 0x04b8 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
15:47:00.0062 0x04b8 Cdaudio - ok
15:47:00.0125 0x04b8 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
15:47:00.0125 0x04b8 Cdfs - ok
15:47:00.0140 0x04b8 [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
15:47:00.0140 0x04b8 Cdrom - ok
15:47:00.0156 0x04b8 Changer - ok
15:47:00.0218 0x04b8 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E, ACB458E8A11AA2143734A5A0281973D95158E6402A6453F98F9832D1E19B01F9 ] CiSvc C:\WINDOWS\system32\cisvc.exe
15:47:00.0218 0x04b8 CiSvc - ok
15:47:00.0265 0x04b8 [ 778A30ED3C134EB7E406AFC407E9997D, 3E6AD115AB2596EB001BC21AEADDBC75F27C42DB90C986B7AD17743CE631234E ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
15:47:00.0265 0x04b8 ClipSrv - ok
15:47:00.0312 0x04b8 [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:47:00.0437 0x04b8 clr_optimization_v2.0.50727_32 - ok
15:47:00.0453 0x04b8 CmdIde - ok
15:47:00.0468 0x04b8 COMSysApp - ok
15:47:00.0515 0x04b8 Cpqarray - ok
15:47:00.0578 0x04b8 [ 611F824E5C703A5A899F84C5F1699E4D, 9EFA5612FE58E9974E4CC13D39D91D7B5DEA3ED66BEFBED3AAE6D2800FD8162A ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
15:47:00.0578 0x04b8 CryptSvc - ok
15:47:00.0593 0x04b8 dac2w2k - ok
15:47:00.0609 0x04b8 dac960nt - ok
15:47:00.0671 0x04b8 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
15:47:00.0703 0x04b8 DcomLaunch - ok
15:47:00.0750 0x04b8 [ C29A1C9B75BA38FA37F8C44405DEC360, 7476D8BC4380CDE56764B2034AF3741DA4ED00F315E41C9A02B5EAD04374F241 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
15:47:00.0750 0x04b8 Dhcp - ok
15:47:00.0812 0x04b8 [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
15:47:00.0812 0x04b8 Disk - ok
15:47:00.0828 0x04b8 dmadmin - ok
15:47:00.0890 0x04b8 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA, 89B0AEE5BE01B9FE4FF2989FF16DB6121721ACDFCE6D9655C0ACD321D8C308BE ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
15:47:00.0921 0x04b8 dmboot - ok
15:47:00.0937 0x04b8 [ 53720AB12B48719D00E327DA470A619A, 800264866A6267C9000A85D00095D57908D059D737E5F28C9C4049B884C46228 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
15:47:00.0937 0x04b8 dmio - ok
15:47:00.0984 0x04b8 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
15:47:00.0984 0x04b8 dmload - ok
15:47:01.0031 0x04b8 [ 25C83FFBBA13B554EB6D59A9B2E2EE78, 9FBD655ED3E9163AE11EC207F283E387EFBA5A23108EC790BAE4846B35E66F16 ] dmserver C:\WINDOWS\System32\dmserver.dll
15:47:01.0031 0x04b8 dmserver - ok
15:47:01.0046 0x04b8 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
15:47:01.0046 0x04b8 DMusic - ok
15:47:01.0078 0x04b8 [ 407F3227AC618FD1CA54B335B083DE07, 96B8E734648FE9A4EBA59C096C8779BD1A11A93A6303AFD438A406C8122D36C6 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
15:47:01.0078 0x04b8 Dnscache - ok
15:47:01.0140 0x04b8 [ 676E36C4FF5BCEA1900F44182B9723E6, 740CF18BD40E00FEA26CF0E6340C5D18F7D0B4390055FAEEC258B3AA790C4AE9 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
15:47:01.0156 0x04b8 Dot3svc - ok
15:47:01.0156 0x04b8 dpti2o - ok
15:47:01.0187 0x04b8 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
15:47:01.0187 0x04b8 drmkaud - ok
15:47:01.0250 0x04b8 [ 4E4F2FDDAB0A0736D7671134DCCE91FB, 8E2C57D1A006856C47CBDD5765A9DD317DB205B26DA8BFC70555A506257A1CD9 ] EapHost C:\WINDOWS\System32\eapsvc.dll
15:47:01.0250 0x04b8 EapHost - ok
15:47:01.0296 0x04b8 [ 877C18558D70587AA7823A1A308AC96B, 6B336A62112988D855513F45153F73F8470C41A448E9B7438B4A8EC1813AABF1 ] ERSvc C:\WINDOWS\System32\ersvc.dll
15:47:01.0296 0x04b8 ERSvc - ok
15:47:01.0359 0x04b8 [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] Eventlog C:\WINDOWS\system32\services.exe
15:47:01.0359 0x04b8 Eventlog - ok
15:47:01.0421 0x04b8 [ AF4F6B5739D18CA7972AB53E091CBC74, A399E2CC026730D3A429727AAB48093B9F1E5DD8EB6336519C7F16182FDB3905 ] EventSystem C:\WINDOWS\system32\es.dll
15:47:01.0421 0x04b8 EventSystem - ok
15:47:01.0453 0x04b8 [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
15:47:01.0453 0x04b8 Fastfat - ok
15:47:01.0500 0x04b8 [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
15:47:01.0515 0x04b8 FastUserSwitchingCompatibility - ok
15:47:01.0531 0x04b8 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
15:47:01.0531 0x04b8 Fdc - ok
15:47:01.0546 0x04b8 [ B0678A548587C5F1967B0D70BACAD6C1, 7E49910212ED87313F926E4800EA8D34809C287A686CA69B82B79C1A6451F88C ] Fips C:\WINDOWS\system32\drivers\Fips.sys
15:47:01.0546 0x04b8 Fips - ok
15:47:01.0562 0x04b8 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
15:47:01.0562 0x04b8 Flpydisk - ok
15:47:01.0625 0x04b8 [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
15:47:01.0625 0x04b8 FltMgr - ok
15:47:01.0718 0x04b8 [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
15:47:01.0734 0x04b8 FontCache3.0.0.0 - ok
15:47:01.0734 0x04b8 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:47:01.0734 0x04b8 Fs_Rec - ok
15:47:01.0765 0x04b8 [ 8F1955CE42E1484714B542F341647778, 8EB3F99625F409D3032561E8AB44BEFBFBFBA4EC873C2151C92A5CAAF7F2AA55 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
15:47:01.0765 0x04b8 Ftdisk - ok
15:47:01.0828 0x04b8 [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
15:47:01.0828 0x04b8 GEARAspiWDM - ok
15:47:01.0859 0x04b8 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
15:47:01.0859 0x04b8 Gpc - ok
15:47:01.0890 0x04b8 [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
15:47:01.0890 0x04b8 HDAudBus - ok
15:47:01.0984 0x04b8 [ CB66BF85BF599BEFD6C6A57C2E20357F, 55D3A0F9279FF316766F42548FCB61C452942B08A37590C4892DF110BE4E53C6 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
15:47:01.0984 0x04b8 helpsvc - ok
15:47:02.0031 0x04b8 [ B35DA85E60C0103F2E4104532DA2F12B, E13C9F73DF7713554CB614B36123D75014F5121AA1FC9069733E61758751CBE4 ] HidServ C:\WINDOWS\System32\hidserv.dll
15:47:02.0031 0x04b8 HidServ - ok
15:47:02.0062 0x04b8 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
15:47:02.0062 0x04b8 HidUsb - ok
15:47:02.0109 0x04b8 [ ED29F14101523A6E0E808107405D452C, B8FA987637787BEECC2EB06D36293DAC355523392B49A8C5A9491EEE961917E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
15:47:02.0109 0x04b8 hkmsvc - ok
15:47:02.0203 0x04b8 [ C5F00D15AA15CB7F55A027FF75E44BB7, A266FA9B4333CE35C74BD0F9920CC475545F9A597300F3738F7FE4AB7475321E ] HP Port Resolver C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
15:47:02.0218 0x04b8 HP Port Resolver - ok
15:47:02.0234 0x04b8 [ C5A288E4CEEF5A26D105117BAA3763AB, 65CC97191B36C3333C8E28F60451ED5D6C9E90582E650EF916B625BD793F7FAC ] HP Status Server C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
15:47:02.0234 0x04b8 HP Status Server - ok
15:47:02.0250 0x04b8 hpn - ok
15:47:02.0312 0x04b8 [ 30CA91E657CEDE2F95359D6EF186F650, 6BBAFBE50E7819695A79586A086A9952B737E174BA2C63C1F180D97EC4AABA4B ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
15:47:02.0312 0x04b8 HPZid412 - ok
15:47:02.0328 0x04b8 [ EFD31AFA752AA7C7BBB57BCBE2B01C78, AC671CEE9F8DD9FE6C51069212AEB1736BB914361D4185D1E87068D244BF2B7A ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
15:47:02.0328 0x04b8 HPZipr12 - ok
15:47:02.0390 0x04b8 [ ABCB05CCDBF03000354B9553820E39F8, 6361B5A57CDE23AC5E987ACECF3BEE7AD51134C6E5BF4F833E512C9BC4B86877 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
15:47:02.0390 0x04b8 HPZius12 - ok
15:47:02.0453 0x04b8 [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
15:47:02.0453 0x04b8 HTTP - ok
15:47:02.0500 0x04b8 [ 9E4ADB854CEBCFB81A4B36718FEECD16, 677AB64460775686F8366D6BF35D420A2486C3F07338A00A7C2788A5142B9F08 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
15:47:02.0515 0x04b8 HTTPFilter - ok
15:47:02.0515 0x04b8 i2omgmt - ok
15:47:02.0546 0x04b8 i2omp - ok
15:47:02.0578 0x04b8 [ E283B97CFBEB86C1D86BAED5F7846A92, 7664F791D08C80DF1E52B34BE69F073AA645610C4BD975F498254807602374AB ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
15:47:02.0578 0x04b8 i8042prt - ok
15:47:02.0671 0x04b8 [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:47:02.0703 0x04b8 idsvc - ok
15:47:02.0750 0x04b8 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
15:47:02.0750 0x04b8 Imapi - ok
15:47:02.0781 0x04b8 [ D4B413AA210C21E46AEDD2BA5B68D38E, 2309622867AA8FC832A729FA78F48742D4BD6CA0DAFBFB9DDB0772D671E1ED75 ] ImapiService C:\WINDOWS\system32\imapi.exe
15:47:02.0796 0x04b8 ImapiService - ok
15:47:02.0812 0x04b8 ini910u - ok
15:47:03.0031 0x04b8 [ 19D3781892A3794672CD1962F3D8D3B8, 6AB0D83DC030514B9B312B81A7A53D722600B923FE4B0FA09CE817F97FA347D9 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
15:47:03.0171 0x04b8 IntcAzAudAddService - ok
15:47:03.0203 0x04b8 IntelIde - ok
15:47:03.0265 0x04b8 [ 4C7D2750158ED6E7AD642D97BFFAE351, C05E4799752F090DCB632F07F62ADE38D31534621064D269AD535CA0BDFED448 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
15:47:03.0265 0x04b8 intelppm - ok
15:47:03.0296 0x04b8 [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
15:47:03.0296 0x04b8 Ip6Fw - ok
15:47:03.0328 0x04b8 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:47:03.0328 0x04b8 IpFilterDriver - ok
15:47:03.0359 0x04b8 [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
15:47:03.0359 0x04b8 IpInIp - ok
15:47:03.0406 0x04b8 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
15:47:03.0406 0x04b8 IpNat - ok
15:47:03.0531 0x04b8 [ 10F97E4666133FF3E66EE7F31551536E, 9BB1BE505EC0195A4740C214FD9DA744A5D98B9114E7517ABB575F752ED59EEE ] iPod Service C:\Programme\iPod\bin\iPodService.exe
15:47:03.0546 0x04b8 iPod Service - ok
15:47:03.0609 0x04b8 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
15:47:03.0609 0x04b8 IPSec - ok
15:47:03.0640 0x04b8 [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
15:47:03.0640 0x04b8 IRENUM - ok
15:47:03.0640 0x04b8 iSafeNetFilter - ok
15:47:03.0703 0x04b8 [ 6DFB88F64135C525433E87648BDA30DE, 8233EEFBEF36AAA152F2C55D23D7118F0DE40C9C22EB5D9793405A4770889540 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
15:47:03.0703 0x04b8 isapnp - ok
15:47:03.0812 0x04b8 [ 80A79264302910C7C24BA7E44267EFEF, 6080C233478350C8E07515D20D2D60C3758C4A65432B04E8C8B816248621A3EF ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe
15:47:03.0828 0x04b8 JavaQuickStarterService - ok
15:47:03.0843 0x04b8 [ 1704D8C4C8807B889E43C649B478A452, E854C90CD301F42BE2520CEDAD35E49DF2D43606CF4EEED861B74882118D04D1 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
15:47:03.0843 0x04b8 Kbdclass - ok
15:47:03.0875 0x04b8 [ B6D6C117D771C98130497265F26D1882, E79CC4EA5C088F988BA61F80764F9CAD9B78BC56A7E17DD54622C75483BC5DF4 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
15:47:03.0875 0x04b8 kbdhid - ok
15:47:03.0890 0x04b8 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
15:47:03.0906 0x04b8 kmixer - ok
15:47:03.0921 0x04b8 [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
15:47:03.0921 0x04b8 KSecDD - ok
15:47:03.0953 0x04b8 [ 0C6E346CDE730CF1356DD69AD6E9BC42, 75FD3E138D18FD602E38E446AA8CD29E8D60A8B64C863E59DA5EC08B717F16CA ] L8042Kbd C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys
15:47:03.0953 0x04b8 L8042Kbd - ok
15:47:04.0000 0x04b8 [ 8A5993705ADD14352C9A279FA8338334, D1EA18B82DED503B81214A797F4B074D62B73E0C19579B4A7122CE6FBD005C34 ] L8042mou C:\WINDOWS\system32\DRIVERS\L8042mou.Sys
15:47:04.0000 0x04b8 L8042mou - ok
15:47:04.0062 0x04b8 [ 2BBDCB79900990F0716DFCB714E72DE7, 6283789201164A9254632D9A3C8A54FE697717D5F8D5A37804D924DC2B70C8E3 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
15:47:04.0062 0x04b8 lanmanserver - ok
15:47:04.0078 0x04b8 [ 1869B14B06B44B44AF70548E1EA3303F, 4D63B4DAF580C86F86837C7D1753E2105B4C52E26D4CA0CAAFE83755EFF7AFBE ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
15:47:04.0078 0x04b8 lanmanworkstation - ok
15:47:04.0109 0x04b8 [ 9FFD1CF2A782F2560E78EEC4B8B8689E, 99FE2D10E4F9796B274FF285CDC51EFD1F613AB4B14A5D8FFD0081B668900A35 ] LBeepKE C:\WINDOWS\system32\Drivers\LBeepKE.sys
15:47:04.0109 0x04b8 LBeepKE - ok
15:47:04.0125 0x04b8 lbrtfdc - ok
15:47:04.0203 0x04b8 [ 3AF6B73A3AD1FC37C5933441F66CEB91, F83C709C53DF482D123B2F6EEFE65FB1EBFED8C9F29C29C5500702076745C2DA ] LBTServ C:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTServ.exe
15:47:04.0203 0x04b8 LBTServ - ok
15:47:04.0265 0x04b8 [ 7F9C7B28CF1C859E1C42619EEA946DC8, 098082174C549D67B4B2259702018989A39A8641339EE7CB1E7651F9F508A4B9 ] LHidFilt C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
15:47:04.0265 0x04b8 LHidFilt - ok
15:47:04.0328 0x04b8 [ 636714B7D43C8D0C80449123FD266920, F06F6C7DC49B26EFCAC3570C67BA9BD934F62C6F382DA4DD2AB302C7B970F414 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
15:47:04.0328 0x04b8 LmHosts - ok
15:47:04.0359 0x04b8 [ AB33792A87285344F43B5CE23421BAB0, 79E327764350A6F3F0E25F3295D0C70620EFD5252C0C765446210B67C62568FF ] LMouFilt C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
15:47:04.0359 0x04b8 LMouFilt - ok
15:47:04.0375 0x04b8 [ 9837E55673818ECD8FEBB47F7F77521A, 75DD22E1CB38BBE796EC6918D03E8106B05B977A53FACEB2AFEB8D4D222F383B ] LMouKE C:\WINDOWS\system32\DRIVERS\LMouKE.Sys
15:47:04.0375 0x04b8 LMouKE - ok
15:47:04.0421 0x04b8 [ 77030525CD86A93F1AF34FA9B96D33CE, 6EF46B127B0BD0C10E9FAB24EE3D53483124C97BD5BDD322C217BB9255715A0E ] LUsbFilt C:\WINDOWS\system32\Drivers\LUsbFilt.Sys
15:47:04.0421 0x04b8 LUsbFilt - ok
15:47:04.0468 0x04b8 [ B7550A7107281D170CE85524B1488C98, A3854B16A65436BEF6BEDE918B43B3BE8F00D303660DB5831DD376271DC43239 ] Messenger C:\WINDOWS\System32\msgsvc.dll
15:47:04.0468 0x04b8 Messenger - ok
15:47:04.0515 0x04b8 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
15:47:04.0515 0x04b8 mnmdd - ok
15:47:04.0562 0x04b8 [ C2F1D365FD96791B037EE504868065D3, 87BD87E08FD00D115524B049F1A3A719AB86557D68968E7090CD0F271F985CAF ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
15:47:04.0578 0x04b8 mnmsrvc - ok
15:47:04.0609 0x04b8 [ 6FB74EBD4EC57A6F1781DE3852CC3362, 0454509D9A31E0202C08AE17294E2682F227D177A3C73B303E4C8332757AFCA1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
15:47:04.0609 0x04b8 Modem - ok
15:47:04.0656 0x04b8 [ B24CE8005DEAB254C0251E15CB71D802, 6804A8ABDAD5EC846E7F8077D1EE9BA45D6226ACFF42C70BE3DE7C8980EF9EC4 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
15:47:04.0656 0x04b8 Mouclass - ok
15:47:04.0656 0x04b8 [ 66A6F73C74E1791464160A7065CE711A, 3C570FA1E8EF976B83759220FE95BAC9D7D48D607F91B113EDE4790D34ACBD46 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
15:47:04.0656 0x04b8 mouhid - ok
15:47:04.0703 0x04b8 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
15:47:04.0703 0x04b8 MountMgr - ok
15:47:04.0734 0x04b8 MozillaMaintenance - ok
15:47:04.0750 0x04b8 mraid35x - ok
15:47:04.0781 0x04b8 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
15:47:04.0781 0x04b8 MRxDAV - ok
15:47:04.0828 0x04b8 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:47:04.0859 0x04b8 MRxSmb - ok
15:47:04.0921 0x04b8 [ 35A031AF38C55F92D28AA03EE9F12CC9, 97245D204C886EE8DCCC2DEAC80A0E358A7E0C1982F77389DA50DCF091FC9DDC ] MSDTC C:\WINDOWS\system32\msdtc.exe
15:47:04.0921 0x04b8 MSDTC - ok
15:47:04.0937 0x04b8 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
15:47:04.0937 0x04b8 Msfs - ok
15:47:04.0968 0x04b8 MSIServer - ok
15:47:05.0015 0x04b8 [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:47:05.0015 0x04b8 MSKSSRV - ok
15:47:05.0078 0x04b8 [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:47:05.0078 0x04b8 MSPCLOCK - ok
15:47:05.0109 0x04b8 [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
15:47:05.0109 0x04b8 MSPQM - ok
15:47:05.0171 0x04b8 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
15:47:05.0171 0x04b8 mssmbios - ok
15:47:05.0203 0x04b8 [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
15:47:05.0203 0x04b8 MSTEE - ok
15:47:05.0234 0x04b8 [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
15:47:05.0234 0x04b8 Mup - ok
15:47:05.0265 0x04b8 [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
15:47:05.0265 0x04b8 NABTSFEC - ok
15:47:05.0343 0x04b8 [ 46BB15AE2AC7D025D6D2567B876817BD, 102A101B96D1078C98FA0F871C801A9A8538E20E5686AB0C7680B2F6C92B3165 ] napagent C:\WINDOWS\System32\qagentrt.dll
15:47:05.0343 0x04b8 napagent - ok
15:47:05.0375 0x04b8 [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
15:47:05.0390 0x04b8 NDIS - ok
15:47:05.0406 0x04b8 [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
15:47:05.0406 0x04b8 NdisIP - ok
15:47:05.0453 0x04b8 [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:47:05.0453 0x04b8 NdisTapi - ok
15:47:05.0468 0x04b8 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:47:05.0468 0x04b8 Ndisuio - ok
15:47:05.0484 0x04b8 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:47:05.0484 0x04b8 NdisWan - ok
15:47:05.0546 0x04b8 [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
15:47:05.0546 0x04b8 NDProxy - ok
15:47:05.0562 0x04b8 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
15:47:05.0562 0x04b8 NetBIOS - ok
15:47:05.0593 0x04b8 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
15:47:05.0593 0x04b8 NetBT - ok
15:47:05.0640 0x04b8 [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDE C:\WINDOWS\system32\netdde.exe
15:47:05.0640 0x04b8 NetDDE - ok
15:47:05.0656 0x04b8 [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
15:47:05.0656 0x04b8 NetDDEdsdm - ok
15:47:05.0718 0x04b8 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] Netlogon C:\WINDOWS\system32\lsass.exe
15:47:05.0718 0x04b8 Netlogon - ok
15:47:05.0765 0x04b8 [ E6D88F1F6745BF00B57E7855A2AB696C, 12A5EDD853600FF5EBF91E127077745AE1E61E66DBC1D4D4306570F171AF4A39 ] Netman C:\WINDOWS\System32\netman.dll
15:47:05.0781 0x04b8 Netman - ok
15:47:05.0828 0x04b8 [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:47:05.0828 0x04b8 NetTcpPortSharing - ok
15:47:05.0890 0x04b8 [ F1B67B6B0751AE0E6E964B02821206A3, 3D5A7593ABDEE2047C5738671C85DC8B95A4ECF58D5D7B04EEE13A689839A540 ] Nla C:\WINDOWS\System32\mswsock.dll
15:47:05.0890 0x04b8 Nla - ok
15:47:05.0921 0x04b8 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
15:47:05.0921 0x04b8 Npfs - ok
15:47:05.0984 0x04b8 [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
15:47:06.0000 0x04b8 Ntfs - ok
15:47:06.0015 0x04b8 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
15:47:06.0015 0x04b8 NtLmSsp - ok
15:47:06.0078 0x04b8 [ 56AF4064996FA5BAC9C449B1514B4770, 154602EFEC22728503D4ABA025DF711B0F2CFC983F5E3BF25F2A4BCD1AE250EC ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
15:47:06.0109 0x04b8 NtmsSvc - ok
15:47:06.0140 0x04b8 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
15:47:06.0140 0x04b8 Null - ok
15:47:06.0421 0x04b8 [ BF506D232C5E6F2DAE80F5C11B45C60E, 0779CB45353BEBC597DD9FB11AC74B69B53996640E170B4388E87CCDAED91AEB ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
15:47:06.0656 0x04b8 nv - ok
15:47:06.0703 0x04b8 [ CE8CCE2B9F96ACA02E5DED4298A7796D, 09AECB25D8BCF16F1E041B3FF70B2C447972AA2B9B0C5159296DAF60C894C7B6 ] nvsvc C:\WINDOWS\system32\nvsvc32.exe
15:47:06.0703 0x04b8 nvsvc - ok
15:47:06.0750 0x04b8 [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
15:47:06.0750 0x04b8 NwlnkFlt - ok
15:47:06.0765 0x04b8 [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
15:47:06.0765 0x04b8 NwlnkFwd - ok
15:47:06.0812 0x04b8 [ F84785660305B9B903FB3BCA8BA29837, BDBDE61076800415D98759077E9E039C80B55DBE68E31F8BF44A909C6C3D3276 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
15:47:06.0812 0x04b8 Parport - ok
15:47:06.0843 0x04b8 [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
15:47:06.0843 0x04b8 PartMgr - ok
15:47:06.0890 0x04b8 [ C2BF987829099A3EAA2CA6A0A90ECB4F, 1DF21EA8E43875CFEECD869407429F82FB449707CFB845718499468E699BAAAA ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
15:47:06.0890 0x04b8 ParVdm - ok
15:47:06.0906 0x04b8 [ 387E8DEDC343AA2D1EFBC30580273ACD, 5F3E642BDB759777E570ED5B22AC7E93CDCD362708F281657AD7BAB44EDEC802 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
15:47:06.0906 0x04b8 PCI - ok
15:47:06.0921 0x04b8 PCIDump - ok
15:47:06.0968 0x04b8 [ 59BA86D9A61CBCF4DF8E598C331F5B82, 822D11C5CE77BFD7B2F25350CCBF92B0B9388EEA6D86ED220B768C720976D839 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
15:47:06.0968 0x04b8 PCIIde - ok
15:47:07.0000 0x04b8 [ A2A966B77D61847D61A3051DF87C8C97, 6CED7CA26DC62B0AAFC83A2E07336DAD25954491201BB8E06103971F3F0B8B51 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
15:47:07.0000 0x04b8 Pcmcia - ok
15:47:07.0015 0x04b8 PDCOMP - ok
15:47:07.0031 0x04b8 PDFRAME - ok
15:47:07.0062 0x04b8 PDRELI - ok
15:47:07.0078 0x04b8 PDRFRAME - ok
15:47:07.0093 0x04b8 perc2 - ok
15:47:07.0125 0x04b8 perc2hib - ok
15:47:07.0203 0x04b8 [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] PlugPlay C:\WINDOWS\system32\services.exe
15:47:07.0203 0x04b8 PlugPlay - ok
15:47:07.0250 0x04b8 [ D31F88C5F19EEFA366A415D6BC5F2ABC, ED998680048286454B92AF0E5917B2BC79A3ADA2632A1DB21D478B0597167F5C ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
15:47:07.0265 0x04b8 Pml Driver HPZ12 - ok
15:47:07.0265 0x04b8 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
15:47:07.0265 0x04b8 PolicyAgent - ok
15:47:07.0296 0x04b8 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
15:47:07.0296 0x04b8 PptpMiniport - ok
15:47:07.0312 0x04b8 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
15:47:07.0312 0x04b8 ProtectedStorage - ok
15:47:07.0343 0x04b8 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
15:47:07.0343 0x04b8 PSched - ok
15:47:07.0375 0x04b8 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
15:47:07.0375 0x04b8 Ptilink - ok
15:47:07.0390 0x04b8 [ 0457E25BB122B854E267CF552DCDC370, 221D226029045E0C6B154B472DC3DE7C6FCFB5927F0E47082322D9AAC0910AD8 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
15:47:07.0406 0x04b8 PxHelp20 - ok
15:47:07.0406 0x04b8 ql1080 - ok
15:47:07.0437 0x04b8 Ql10wnt - ok
15:47:07.0453 0x04b8 ql12160 - ok
15:47:07.0468 0x04b8 ql1240 - ok
15:47:07.0500 0x04b8 ql1280 - ok
15:47:07.0531 0x04b8 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:47:07.0531 0x04b8 RasAcd - ok
15:47:07.0593 0x04b8 [ F5BA6CACCDB66C8F048E867563203246, AFEAD8FC02313F7EBC8F9F39E7ED2868852B480BE3902FA7BD0AFD81492AB243 ] RasAuto C:\WINDOWS\System32\rasauto.dll
15:47:07.0593 0x04b8 RasAuto - ok
15:47:07.0671 0x04b8 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
15:47:07.0671 0x04b8 Rasl2tp - ok
15:47:07.0718 0x04b8 [ F9A7B66EA345726EDB5862A46B1ECCD5, 5D35429D394D36A1692A7E219BA1A85CD8096FEAE0F90BFE036A63118FEDBF57 ] RasMan C:\WINDOWS\System32\rasmans.dll
15:47:07.0734 0x04b8 RasMan - ok
15:47:07.0734 0x04b8 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:47:07.0750 0x04b8 RasPppoe - ok
15:47:07.0765 0x04b8 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
15:47:07.0765 0x04b8 Raspti - ok
15:47:07.0796 0x04b8 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:47:07.0796 0x04b8 Rdbss - ok
15:47:07.0828 0x04b8 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
15:47:07.0828 0x04b8 RDPCDD - ok
15:47:07.0859 0x04b8 [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
15:47:07.0859 0x04b8 rdpdr - ok
15:47:07.0937 0x04b8 [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
15:47:07.0937 0x04b8 RDPWD - ok
15:47:08.0015 0x04b8 [ 263AF18AF0F3DB99F574C95F284CCEC9, 2BFA9952E97EFEB386FC56EC2C125080CD12DAC078DBE43C395CB4D9F22165D3 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
15:47:08.0031 0x04b8 RDSessMgr - ok
15:47:08.0046 0x04b8 [ ED761D453856F795A7FE056E42C36365, EF026585B33415D8FCE94A9F27D7A4396C7C35C88E06A4CF0FEA702401E8597A ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
15:47:08.0046 0x04b8 redbook - ok
15:47:08.0078 0x04b8 [ 0E97EC96D6942CEEC2D188CC2EB69A01, D4253B4420BEF19451A55AB91E4834482181A31A31134F6E2AFE05C8E20C81A5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
15:47:08.0093 0x04b8 RemoteAccess - ok
15:47:08.0125 0x04b8 [ E4CD1F3D84E1C2CA0B8CF7501E201593, 649CC0B04F94D407EB6B4C7FDE2C6E4D2B1531307BC67C5775E44D66EF2E4F8A ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
15:47:08.0125 0x04b8 RemoteRegistry - ok
15:47:08.0171 0x04b8 [ 2A02E21867497DF20B8FC95631395169, D89E2D17ED4E1C727847C0E92D2DF68AEB70BF0B956BD2FE024ED70A961759D2 ] RpcLocator C:\WINDOWS\system32\locator.exe
15:47:08.0187 0x04b8 RpcLocator - ok
15:47:08.0234 0x04b8 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] RpcSs C:\WINDOWS\system32\rpcss.dll
15:47:08.0234 0x04b8 RpcSs - ok
15:47:08.0281 0x04b8 [ 4BDD71B4B521521499DFD14735C4F398, 7B1498D3C67E56D05B58B7DA319ECB0117C37963AABB0E59B42831C087469DA1 ] RSVP C:\WINDOWS\system32\rsvp.exe
15:47:08.0281 0x04b8 RSVP - ok
15:47:08.0328 0x04b8 [ 6E7470477D08F6E47E91016D6A1C5A5F, F0F5BFF0EDF76DF25530E585E7279C942291A35420E994E36994BBE8CC7B5895 ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
15:47:08.0328 0x04b8 RTLE8023xp - ok
15:47:08.0343 0x04b8 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] SamSs C:\WINDOWS\system32\lsass.exe
15:47:08.0343 0x04b8 SamSs - ok
15:47:08.0406 0x04b8 [ DCEC079FAD95D36C8DD5CB6D779DFE32, F8546552D939A225853A0CE4913701A93738DF02C999D16E141E9A828814BBC6 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
15:47:08.0406 0x04b8 SCardSvr - ok
15:47:08.0453 0x04b8 [ A050194A44D7FA8D7186ED2F4E8367AE, BCDF56D5A2F9E202DC67E7FE4BCC617BCC0BDFF2D221A621020068B17B2855BB ] Schedule C:\WINDOWS\system32\schedsvc.dll
15:47:08.0453 0x04b8 Schedule - ok
15:47:08.0515 0x04b8 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
15:47:08.0515 0x04b8 Secdrv - ok
15:47:08.0546 0x04b8 [ BEE4CFD1D48C23B44CF4B974B0B79B2B, DF3B02D713F8A4602BE75F004074D5DF79AFF2D58FF37110B2A6AC29F680758B ] seclogon C:\WINDOWS\System32\seclogon.dll
15:47:08.0546 0x04b8 seclogon - ok
15:47:08.0578 0x04b8 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3, 95D83F054A6610328D56E56CD948A6618C590231853E56FC20E7557DB61384A4 ] SENS C:\WINDOWS\system32\sens.dll
15:47:08.0578 0x04b8 SENS - ok
15:47:08.0609 0x04b8 [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
15:47:08.0609 0x04b8 serenum - ok
15:47:08.0625 0x04b8 [ CF24EB4F0412C82BCD1F4F35A025E31D, B74CB094126F5C23F601C34D53B2DF5BE3E5918230AC9DCFCFFA8E66B3A0FA25 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
15:47:08.0625 0x04b8 Serial - ok
15:47:08.0687 0x04b8 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
15:47:08.0687 0x04b8 Sfloppy - ok
15:47:08.0750 0x04b8 [ CAD058D5F8B889A87CA3EB3CF624DCEF, A7CDCF44261D1F4D820927253EA8EBB63714B7BAFF8B08DE073507D9A7EEA5BB ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
15:47:08.0765 0x04b8 SharedAccess - ok
15:47:08.0781 0x04b8 [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
15:47:08.0781 0x04b8 ShellHWDetection - ok
15:47:08.0796 0x04b8 Simbad - ok
15:47:09.0046 0x04b8 [ 388AE59FE75F1B959DFA0900923C61BB, 0D47F8B4B4FBE5BF041DBE75B0A14D905E9310FFA6F0160746455B38A349EA54 ] Skype C2C Service C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe
15:47:09.0140 0x04b8 Skype C2C Service - ok
15:47:09.0234 0x04b8 [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Programme\Skype\Updater\Updater.exe
15:47:09.0250 0x04b8 SkypeUpdate - ok
15:47:09.0281 0x04b8 [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
15:47:09.0281 0x04b8 SLIP - ok
15:47:09.0296 0x04b8 Sparrow - ok
15:47:09.0359 0x04b8 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
15:47:09.0359 0x04b8 splitter - ok
15:47:09.0421 0x04b8 [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe
15:47:09.0421 0x04b8 Spooler - ok
15:47:09.0437 0x04b8 [ 50FA898F8C032796D3B1B9951BB5A90F, 1C86273EC19EB96D6DB9CE6670C00683B77C99C42CC2F7E75BC50872B93446B1 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
15:47:09.0437 0x04b8 sr - ok
15:47:09.0500 0x04b8 [ FE77A85495065F3AD59C5C65B6C54182, EB4BAF992F961B2FD5D24BFCB6BCB2142BC32933139A818835FEAB190E4283BB ] srservice C:\WINDOWS\system32\srsvc.dll
15:47:09.0500 0x04b8 srservice - ok
15:47:09.0531 0x04b8 [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
15:47:09.0546 0x04b8 Srv - ok
15:47:09.0593 0x04b8 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500, 2971D7D45D6942D310D47DBD19B9680D2D29527E79B86133C72217FD29259465 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
15:47:09.0593 0x04b8 SSDPSRV - ok
15:47:09.0671 0x04b8 [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
15:47:09.0671 0x04b8 ssmdrv - ok
15:47:09.0718 0x04b8 [ BC2C5985611C5356B24AEB370953DED9, 15CBAB8166827DC098E2B16AB6F49A1441A4CB52AF3588F0AD964CAB596DFE10 ] stisvc C:\WINDOWS\system32\wiaservc.dll
15:47:09.0718 0x04b8 stisvc - ok
15:47:09.0765 0x04b8 [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
15:47:09.0765 0x04b8 streamip - ok
15:47:09.0796 0x04b8 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
15:47:09.0796 0x04b8 swenum - ok
15:47:09.0812 0x04b8 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
15:47:09.0812 0x04b8 swmidi - ok
15:47:09.0828 0x04b8 SwPrv - ok
15:47:09.0859 0x04b8 symc810 - ok
15:47:09.0875 0x04b8 symc8xx - ok
15:47:09.0906 0x04b8 sym_hi - ok
15:47:09.0921 0x04b8 sym_u3 - ok
15:47:09.0937 0x04b8 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
15:47:09.0953 0x04b8 sysaudio - ok
15:47:09.0984 0x04b8 [ 2903FFFA2523926D6219428040DCE6B9, 4F13181931B0499F6C3F08138054DBCD1F84CB9806999A9172B80DE79D446F62 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
15:47:10.0000 0x04b8 SysmonLog - ok
15:47:10.0031 0x04b8 [ 05903CAC4B98908D55EA5774775B382E, AC3666CBD894D737874A5998DC7F46A0A51A7B23B1835FC735B9AD503A2191CC ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
15:47:10.0046 0x04b8 TapiSrv - ok
15:47:10.0109 0x04b8 [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:47:10.0125 0x04b8 Tcpip - ok
15:47:10.0156 0x04b8 [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
15:47:10.0156 0x04b8 TDPIPE - ok
15:47:10.0171 0x04b8 [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
15:47:10.0171 0x04b8 TDTCP - ok
15:47:10.0203 0x04b8 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
15:47:10.0203 0x04b8 TermDD - ok
15:47:10.0234 0x04b8 [ B7DE02C863D8F5A005A7BF375375A6A4, 6DE05A7B28CA5A78D58536347FC47F15883EEDBEF487CEA0117CC280FC582DCC ] TermService C:\WINDOWS\System32\termsrv.dll
15:47:10.0234 0x04b8 TermService - ok
15:47:10.0265 0x04b8 [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] Themes C:\WINDOWS\System32\shsvcs.dll
15:47:10.0265 0x04b8 Themes - ok
15:47:10.0312 0x04b8 [ 03681A1CE77F51586903869A5AB1DEAB, E2EC0A481412166B654682C2F3D953E96E757466135CBD2D813B967EDB13C721 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
15:47:10.0312 0x04b8 TlntSvr - ok
15:47:10.0328 0x04b8 TosIde - ok
15:47:10.0343 0x04b8 [ 626504572B175867F30F3215C04B3E2F, 47E87CE9BC666D5CB5953C5D497DC00A7CC28F8EC0A064B3E47700279C5C4B91 ] TrkWks C:\WINDOWS\system32\trkwks.dll
15:47:10.0359 0x04b8 TrkWks - ok
15:47:10.0421 0x04b8 [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
15:47:10.0421 0x04b8 Udfs - ok
15:47:10.0437 0x04b8 ultra - ok
15:47:10.0500 0x04b8 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
15:47:10.0515 0x04b8 Update - ok
15:47:10.0531 0x04b8 Update SecretSauce - ok
15:47:10.0578 0x04b8 [ 1DFD8975D8C89214B98D9387C1125B49, 0B6B268487C8E45E9B86BF4A0A9DB669E0E45D600DE3C82B63F9986CA9E01082 ] upnphost C:\WINDOWS\System32\upnphost.dll
15:47:10.0593 0x04b8 upnphost - ok
15:47:10.0625 0x04b8 [ 9B11E6118958E63E1FEF129466E2BDA7, 97168BCE3F4A9BB9E6500F05E34851FB957B219C598944FADC28AC0011C0503B ] UPS C:\WINDOWS\System32\ups.exe
15:47:10.0625 0x04b8 UPS - ok
15:47:10.0671 0x04b8 [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
15:47:10.0671 0x04b8 USBAAPL - ok
15:47:10.0734 0x04b8 [ 65898A183FBF1D1F7759D5CCB364DCD4, 85E823123FDB4CA5F8255064E22A444627999055EC3419DFD001371893F36AB9 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
15:47:10.0734 0x04b8 usbaudio - ok
15:47:10.0812 0x04b8 [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
15:47:10.0812 0x04b8 usbccgp - ok
15:47:10.0843 0x04b8 [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
15:47:10.0843 0x04b8 usbehci - ok
15:47:10.0890 0x04b8 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
15:47:10.0890 0x04b8 usbhub - ok
15:47:10.0921 0x04b8 [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
15:47:10.0921 0x04b8 usbprint - ok
15:47:10.0953 0x04b8 [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
15:47:10.0953 0x04b8 usbscan - ok
15:47:10.0984 0x04b8 [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
15:47:11.0000 0x04b8 USBSTOR - ok
15:47:11.0015 0x04b8 [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
15:47:11.0031 0x04b8 usbuhci - ok
15:47:11.0031 0x04b8 [ 813236B1183CFCF289E367BD5DE6E29E, 167FE18A96F330AEEC1A4C419770C15EFEB536D43838285E51E7A62E95DF4674 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
15:47:11.0046 0x04b8 usbvideo - ok
15:47:11.0078 0x04b8 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
15:47:11.0078 0x04b8 VgaSave - ok
15:47:11.0093 0x04b8 ViaIde - ok
15:47:11.0140 0x04b8 [ A5A712F4E880874A477AF790B5186E1D, FE885ED04C3EAFC379787F836738A2769E43D07CF52DD917D90C38E001957A5E ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
15:47:11.0140 0x04b8 VolSnap - ok
15:47:11.0203 0x04b8 [ 68F106273BE29E7B7EF8266977268E78, 1488AB7A654EBC94C73E1D494067189ACB95BC233980110CAC4C0297CDC4115A ] VSS C:\WINDOWS\System32\vssvc.exe
15:47:11.0203 0x04b8 VSS - ok
15:47:11.0265 0x04b8 [ 7B353059E665F8B7AD2BBEAEF597CF45, 84A4311F18A4B8DCB364741DEA7D18E2363F19564B2EF25214965DC729527068 ] W32Time C:\WINDOWS\system32\w32time.dll
15:47:11.0265 0x04b8 W32Time - ok
15:47:11.0328 0x04b8 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:47:11.0328 0x04b8 Wanarp - ok
15:47:11.0390 0x04b8 [ FD47474BD21794508AF449D9D91AF6E6, 2AD586390824F673B5DC5D86FC2423ED9252413D221E1C7EC3A760782DB6436A ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
15:47:11.0406 0x04b8 Wdf01000 - ok
15:47:11.0421 0x04b8 WDICA - ok
15:47:11.0484 0x04b8 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
15:47:11.0484 0x04b8 wdmaud - ok
15:47:11.0531 0x04b8 [ 81727C9873E3905A2FFC1EBD07265002, 6AC2383A1DCBB7FA3DB90FBB874C8E1819F5B7492717FF41E303EFC7BF72F93E ] WebClient C:\WINDOWS\System32\webclnt.dll
15:47:11.0531 0x04b8 WebClient - ok
15:47:11.0640 0x04b8 [ 6F3F3973D97714CC5F906A19FE883729, 7817118BE94D0F6FAE0F9CE48AD70FFE0AEF886CCE09C666768FAB61047F992F ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
15:47:11.0640 0x04b8 winmgmt - ok
15:47:11.0718 0x04b8 [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
15:47:11.0718 0x04b8 WmdmPmSN - ok
15:47:11.0765 0x04b8 [ FFA4D901D46D07A5BAB2D8307FBB51A6, 53C6D04D111EDF774C7F7EEB8D032B372E6244774D56B1B34CF1236027EC9450 ] Wmi C:\WINDOWS\System32\advapi32.dll
15:47:11.0781 0x04b8 Wmi - ok
15:47:11.0843 0x04b8 [ 93908111BA57A6E60EC2FA2DE202105C, F395F25F18D15C6B9FEDB45FD31E10295FFE5517E2BC86ACAC11904EA0664BE2 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
15:47:11.0843 0x04b8 WmiApSrv - ok
15:47:11.0875 0x04b8 [ CF4DEF1BF66F06964DC0D91844239104, CC1D9CECE2056D29A9651D51BB57C3F4F9BF9E90A4808CF7496C683C874FBD51 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
15:47:11.0875 0x04b8 WpdUsb - ok
15:47:11.0953 0x04b8 [ 300B3E84FAF1A5C1F791C159BA28035D, 0194856BDF94C1F274AF70AD558290ACDACDDEA331BD66FEB8E167ABD1E36786 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
15:47:11.0953 0x04b8 wscsvc - ok
15:47:11.0984 0x04b8 [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
15:47:11.0984 0x04b8 WSTCODEC - ok
15:47:12.0015 0x04b8 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085, A1DB8909FA73337DB613D01824945485186654364A4DF129B8CB913CF87D1D2E ] wuauserv C:\WINDOWS\system32\wuauserv.dll
15:47:12.0015 0x04b8 wuauserv - ok
15:47:12.0062 0x04b8 [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
15:47:12.0062 0x04b8 WudfPf - ok
15:47:12.0078 0x04b8 [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
15:47:12.0078 0x04b8 WudfRd - ok
15:47:12.0125 0x04b8 [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
15:47:12.0125 0x04b8 WudfSvc - ok
15:47:12.0187 0x04b8 [ C4F109C005F6725162D2D12CA751E4A7, AC996B44338328BDD4442FE48406F286A64526F0EC77BE00A19FA7FDB0407CFE ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
15:47:12.0203 0x04b8 WZCSVC - ok
15:47:12.0281 0x04b8 [ 0ADA34871A2E1CD2CAAFED1237A47750, 45BEF8649078BD74C1A347B5F2D3A1958E5A7DCD6C6BA8A2E0CAD277A929C64E ] xmlprov C:\WINDOWS\System32\xmlprov.dll
15:47:12.0281 0x04b8 xmlprov - ok
15:47:12.0296 0x04b8 ================ Scan global ===============================
15:47:12.0359 0x04b8 [ 2C60091CA5F67C3032EAB3B30390C27F, 9E205C8E67F4B61FCFA2A82AA1968D522C3B6410D7075BE813F7F1564D61632E ] C:\WINDOWS\system32\basesrv.dll
15:47:12.0375 0x04b8 [ E62178BC21EAC63A3B9A2DBD46C1B505, CAA5480CC4DAA37758F0CF445F865FD6F4630080B044EF2E606C2F62DAA4061A ] C:\WINDOWS\system32\winsrv.dll
15:47:12.0390 0x04b8 [ E62178BC21EAC63A3B9A2DBD46C1B505, CAA5480CC4DAA37758F0CF445F865FD6F4630080B044EF2E606C2F62DAA4061A ] C:\WINDOWS\system32\winsrv.dll
15:47:12.0421 0x04b8 [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] C:\WINDOWS\system32\services.exe
15:47:12.0421 0x04b8 [ Global ] - ok
15:47:12.0421 0x04b8 ================ Scan MBR ==================================
15:47:12.0468 0x04b8 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
15:47:12.0671 0x04b8 \Device\Harddisk0\DR0 - ok
15:47:12.0687 0x04b8 [ 66D0B28C8B44E531D0C19F436252ABAA ] \Device\Harddisk1\DR2
15:47:12.0703 0x04b8 \Device\Harddisk1\DR2 - ok
15:47:12.0703 0x04b8 ================ Scan VBR ==================================
15:47:12.0703 0x04b8 [ 2ABE6BF2A902B5A187E0A721CAD6C5CD ] \Device\Harddisk0\DR0\Partition1
15:47:12.0703 0x04b8 \Device\Harddisk0\DR0\Partition1 - ok
15:47:12.0734 0x04b8 [ 0F34757F9414B15589366DB3B092F25D ] \Device\Harddisk1\DR2\Partition1
15:47:12.0734 0x04b8 \Device\Harddisk1\DR2\Partition1 - ok
15:47:12.0734 0x04b8 ================ Scan generic autorun ======================
15:47:13.0281 0x04b8 [ 16C4956ECCCE1100A4D5434EDFBBEBAF, EC71CAE63A8988E6257C2B47391DFAB410F24C03E8416F6B6F40A7A2194B7F0C ] C:\WINDOWS\RTHDCPL.EXE
15:47:13.0765 0x04b8 RTHDCPL - ok
15:47:13.0796 0x04b8 [ EA31039E691C6F8F5469649526EEA5FB, 921910627814F3F237F59BBF5C97D383CF954DFF885F3A60475B9F76CD55461F ] C:\WINDOWS\ALCMTR.EXE
15:47:13.0812 0x04b8 Alcmtr - ok
15:47:13.0859 0x04b8 [ E42A642E162B0468B2C4E9D803079C7F, BD5922F06FE7BAF23AD04FF8850E773CCDEFEA9469517DEB1B9954F8A7EE51E5 ] C:\WINDOWS\KHALMNPR.EXE
15:47:13.0859 0x04b8 Kernel and Hardware Abstraction Layer - ok
15:47:14.0000 0x04b8 [ 241B07FF7F5943B9C1BF3235F49AC1E1, 0FCD47A2591F51DB57651A57B57DBFACE4D09440505B5283818099201CEE0D9C ] C:\Programme\Avira\AntiVir Desktop\avgnt.exe
15:47:14.0062 0x04b8 avgnt - ok
15:47:14.0093 0x04b8 [ 07224089294758E956FA1DBCBF51B801, 06E9D5ACC6E5C5D05513FCB0E254AA65D87FF390178944C2A8F2B1AE6F55F644 ] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe
15:47:14.0093 0x04b8 MSConfig - ok
15:47:14.0093 0x04b8 NvCplDaemon - ok
15:47:14.0156 0x04b8 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE
15:47:14.0156 0x04b8 CTFMON.EXE - ok
15:47:14.0171 0x04b8 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE
15:47:14.0171 0x04b8 CTFMON.EXE - ok
15:47:14.0187 0x04b8 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\ctfmon.exe
15:47:14.0187 0x04b8 CTFMON.EXE - ok
15:47:14.0234 0x04b8 [ F6B34CD47CAF6D68106B9F8055F35C50, AEB641391D0186C2A6C2ED97FE87EDF6D0289818FD2CBB98AAD0CDA3504B23B0 ] C:\WINDOWS\system32\rundll32.exe
15:47:14.0250 0x04b8 NextLive - ok
15:47:14.0281 0x04b8 Skype - ok
15:47:14.0296 0x04b8 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\ctfmon.exe
15:47:14.0296 0x04b8 CTFMON.EXE - ok
15:47:14.0328 0x04b8 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE
15:47:14.0328 0x04b8 CTFMON.EXE - ok
15:47:14.0390 0x04b8 AV detected via SS1: Avira Desktop, 14.0.3.336, enabled, updated
15:47:14.0406 0x04b8 Win FW state via NFM: enabled
15:47:14.0406 0x04b8 ============================================================
15:47:14.0406 0x04b8 Scan finished
15:47:14.0406 0x04b8 ============================================================
15:47:14.0437 0x05b0 Detected object count: 0
15:47:14.0437 0x05b0 Actual detected object count: 0
15:47:17.0312 0x0554 Deinitialize success

2014-09-30 16:06:10: -----------------------------------------
2014-09-30 16:06:11: Panda Ransomware Decrypt 0.0.0.35 is starting
2014-09-30 16:06:11:
2014-09-30 16:06:11: Please agree to licence...
2014-09-30 16:06:12:
2014-09-30 16:06:13:
2014-09-30 16:06:13: Looking for Hijacks...
2014-09-30 16:06:13: ... No hijacks found.
2014-09-30 16:06:13:
2014-09-30 16:06:13: Looking for user restrictions...
2014-09-30 16:06:13: ... systemprofile
2014-09-30 16:06:13: ... LocalService
2014-09-30 16:06:13: ... NetworkService
2014-09-30 16:06:13: ... *******ein Cornelia
2014-09-30 16:06:13: ... share
2014-09-30 16:06:13: ... Administrator
2014-09-30 16:06:13:
2014-09-30 16:06:13:
2014-09-30 16:06:13: Looking for Computer restrictions...
2014-09-30 16:06:13: ... No restrictions found.
2014-09-30 16:06:13:
2014-09-30 16:06:13: Welcome to Panda Ransomware Decrypt.
2014-09-30 16:06:13:
2014-09-30 16:06:13: Your first step is to select the folder with the encrypted files.
2014-09-30 16:06:13: All folders inside that folder or drive will be escanned.
2014-09-30 16:06:13:
2014-09-30 16:06:13: If we are unable to decrypt them, use advanced mode.
2014-09-30 16:06:13: To use advanced mode you will need at least the original version
2014-09-30 16:06:13: of one of the encrypted files.
2014-09-30 16:06:13:
2014-09-30 16:06:13: Once we succesfully decode some files, a key will be generated. Not all files
2014-09-30 16:06:13: may be decoded using the same key. If for example, your encrypted files reside
2014-09-30 16:06:13: in shared folders, they could have been encrypted from different computers, and
2014-09-30 16:06:13: will require the use/generation of different keys. You can try decoding a folder
2014-09-30 16:06:13: using a previously generated key by selecting the old key from the key drop down.
2014-09-30 16:06:13:
2014-09-30 16:06:13: We are ready to start. Please select your encrypted files folder and click start.
2014-09-30 16:06:58: ===========================================
2014-09-30 16:06:59: Start...
2014-09-30 16:06:59: ===========================================
2014-09-30 16:06:59: Folder: C:\temp\crypted
2014-09-30 16:06:59: Original: F:\Preisliste Bilder.doc
2014-09-30 16:06:59: Encrypted:
2014-09-30 16:06:59: C:\DOKUME~1\*******~1\LOKALE~1\Temp\PRDecrypt\RansomDecrypt.exe -o "F:\Preisliste Bilder.doc" -e "C:\temp\crypted\Preisliste Bilder.doc" -f C:\temp\crypted
2014-09-30 16:06:59: [i] ### Generate key using <F:\Preisliste Bilder.doc> vs <C:\temp\crypted\Preisliste Bilder.doc> ###

2014-09-30 16:06:59:
2014-09-30 16:06:59: [i] Generating new key <key.bin>.

2014-09-30 16:06:59:
2014-09-30 16:06:59: [i] Searching crypted files.

2014-09-30 16:06:59:
2014-09-30 16:06:59: No files decrypted.
2014-09-30 16:06:59: Done.
2014-09-30 16:07:54: ===========================================
2014-09-30 16:07:55: Start...
2014-09-30 16:07:55: ===========================================
2014-09-30 16:07:55: Folder: C:\temp\crypted
2014-09-30 16:07:55: C:\DOKUME~1\*******~1\LOKALE~1\Temp\PRDecrypt\RansomDecrypt.exe -k "C:\DOKUME~1\*******~1\LOKALE~1\Temp\PRDecrypt\key.bin" -f C:\temp\crypted
2014-09-30 16:07:55: [i] ### Using key <C:\DOKUME~1\*******~1\LOKALE~1\Temp\PRDecrypt\key.bin> ###

2014-09-30 16:07:55:
2014-09-30 16:07:55: [i] Searching crypted files.

2014-09-30 16:07:55:
2014-09-30 16:07:55: No files decrypted.
2014-09-30 16:07:55: Done.
2014-09-30 16:07:56: ===========================================
2014-09-30 16:07:56: Start...
2014-09-30 16:07:56: ===========================================
2014-09-30 16:07:56: Folder: C:\temp\crypted
2014-09-30 16:07:56: C:\DOKUME~1\*******~1\LOKALE~1\Temp\PRDecrypt\RansomDecrypt.exe -k "C:\DOKUME~1\*******~1\LOKALE~1\Temp\PRDecrypt\key.bin" -f C:\temp\crypted
2014-09-30 16:07:57: [i] ### Using key <C:\DOKUME~1\*******~1\LOKALE~1\Temp\PRDecrypt\key.bin> ###

2014-09-30 16:07:57:
2014-09-30 16:07:57: [i] Searching crypted files.

2014-09-30 16:07:57:
2014-09-30 16:07:57: No files decrypted.
2014-09-30 16:07:57: Done.
2014-09-30 16:08:11: Error: Systemfehler: -2146697211.

2014-09-30 16:08:11: Error:

Hab also schon einige decryptor Programme probiert, leider alle ohne Erfolg :-(

Antwort

Themen zu Windows XP: Email Zip Attachment und danach Dateien verschlüsselt
anhänge, anzahl, bilder, datei, dateien, email, encrypted, extrahieren, gen, hoffnung, html, hänge, konnte, logfiles, office, ordner, original, recht, suche, tools, trojaner, verschlüsselt, verschlüsselte, verschlüsselte dateien, videos, windows, windows xp, zip datei, zusätzlich


« hohe CPU-Auslastung - teilweise 99 %, Lüfter läuft fast ununterbrochen | Merkwürdige verbindung bei Netstat -a (Trojaner ?) »


Ähnliche Themen: Windows XP: Email Zip Attachment und danach Dateien verschlüsselt


  1. PDF und Doc Dateien verschlüsselt
    Plagegeister aller Art und deren Bekämpfung - 15.10.2015 (7)
  2. Windows Vista Dateien verschlüsselt
    Plagegeister aller Art und deren Bekämpfung - 25.09.2015 (7)
  3. Dateien verschlüsselt evt. Cryptowall
    Log-Analyse und Auswertung - 09.09.2015 (4)
  4. XTBL - Dateien verschlüsselt
    Plagegeister aller Art und deren Bekämpfung - 29.07.2015 (4)
  5. Win 7: Dateien verschlüsselt
    Log-Analyse und Auswertung - 15.02.2015 (9)
  6. PC gehackt und Dateien verschlüsselt
    Plagegeister aller Art und deren Bekämpfung - 20.01.2015 (8)
  7. paypal-Trojaner (zip email attachment geöffnet und auf die Datei geklickt)?
    Plagegeister aller Art und deren Bekämpfung - 07.08.2014 (3)
  8. Malware löscht alle Dateien und danach Windows
    Plagegeister aller Art und deren Bekämpfung - 30.12.2013 (5)
  9. Virus hat Dateien verschlüsselt
    Plagegeister aller Art und deren Bekämpfung - 02.02.2013 (1)
  10. BKA 14.1 Dateien Verschlüsselt
    Log-Analyse und Auswertung - 16.10.2012 (1)
  11. Bundestrojaner dateien verschlüsselt
    Log-Analyse und Auswertung - 22.09.2012 (1)
  12. Windows Verschlüsselungs Trojaner entfernt aber die Dateien sind verschlüsselt!
    Plagegeister aller Art und deren Bekämpfung - 09.08.2012 (25)
  13. Bild-Dateien verschlüsselt
    Plagegeister aller Art und deren Bekämpfung - 19.07.2012 (5)
  14. Dateien bleiben Verschlüsselt "Windows Update Verschlüsselungstrojaner"
    Plagegeister aller Art und deren Bekämpfung - 14.06.2012 (1)
  15. Trojaner -- Dateien verschlüsselt
    Log-Analyse und Auswertung - 10.06.2012 (4)
  16. wieder Dateien verschlüsselt Windows XP
    Log-Analyse und Auswertung - 24.05.2012 (21)
  17. Windows Update Virus, Nach Beseitigung bleiben eigene Dateien und Fotos verschlüsselt!
    Log-Analyse und Auswertung - 24.05.2012 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Windows XP: Email Zip Attachment und danach Dateien verschlüsselt - 15:46:47.0937 0x0454 TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58 15:46:50.0906 0x0454 ============================================================ 15:46:50.0906 0x0454 Current date / time: 2014/09/30 15:46:50.0906 15:46:50.0906 0x0454 SystemInfo: 15:46:50.0906 0x0454 15:46:50.0906 0x0454 OS - Windows XP: Email Zip Attachment und danach Dateien verschlüsselt...
Archiv
Du betrachtest: Windows XP: Email Zip Attachment und danach Dateien verschlüsselt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27