| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Maleware gefunden - was muß ich nun tun?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
18.03.2015, 08:49
| #31 |
 |  Maleware gefunden - was muß ich nun tun? Hallo Schrauber, habe mich an Deine Anweisung gehalten, aber ich weiß nicht ob alles richtig gelaufen ist... anbei das was ich habe... öhäm: wo/wie update ich Java und: Bitte erklär mir was wir in dem letzten Schritt gemacht haben? Wofür war das gut? Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 11-03-2015
Ran by Slim at 2015-03-18 08:37:58 Run:1
Running from C:\Dokumente und Einstellungen\Slim\Desktop
Loaded Profiles: Slim & UpdatusUser (Available profiles: Slim & UpdatusUser)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
:\Programme\SoftonicDownloader_fuer_microsoft-office-powerpoint-viewer.exe
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437011.exe
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437013.dll
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437014.dll
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437015.dll
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437016.dll
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437017.dll
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437018.dll
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437019.dll
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437020.dll
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437021.dll
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437022.dll
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437024.dll
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437025.dll
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437026.dll
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437027.dll
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437028.dll
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437029.dll
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437030.dll
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437031.dll
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437032.exe
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437033.exe
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437034.dll
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437035.dll
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437036.dll
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1060\A0438707.dll
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1060\A0438708.dll
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1060\A0438709.dll
HKU\S-1-5-18\...\RunOnce: [DeleteEngineAfterUpdate] => reg DELETE HKCU\Software\ConduitEngine /f
U3 Winsock - Google Desktop Search Backup Before First Install; No ImagePath
U3 Winsock - Google Desktop Search Backup Before Last Install; No ImagePath
Emptytemp:
*****************
:\Programme\SoftonicDownloader_fuer_microsoft-office-powerpoint-viewer.exe => Error: No automatic fix found for this entry.
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437011.exe => Moved successfully.
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437013.dll => Moved successfully.
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437014.dll => Moved successfully.
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437015.dll => Moved successfully.
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437016.dll => Moved successfully.
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437017.dll => Moved successfully.
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437018.dll => Moved successfully.
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437019.dll => Moved successfully.
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437020.dll => Moved successfully.
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437021.dll => Moved successfully.
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437022.dll => Moved successfully.
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437024.dll => Moved successfully.
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437025.dll => Moved successfully.
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437026.dll => Moved successfully.
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437027.dll => Moved successfully.
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437028.dll => Moved successfully.
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437029.dll => Moved successfully.
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437030.dll => Moved successfully.
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437031.dll => Moved successfully.
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437032.exe => Moved successfully.
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437033.exe => Moved successfully.
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437034.dll => Moved successfully.
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437035.dll => Moved successfully.
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1057\A0437036.dll => Moved successfully.
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1060\A0438707.dll => Moved successfully.
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1060\A0438708.dll => Moved successfully.
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1060\A0438709.dll => Moved successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\DeleteEngineAfterUpdate => value deleted successfully.
Winsock - Google Desktop Search Backup Before First Install => Service deleted successfully.
Winsock - Google Desktop Search Backup Before Last Install => Service deleted successfully.
EmptyTemp: => Removed 954.6 MB temporary data.
The system needed a reboot.
==== End of Fixlog 08:38:59 ====
Geändert von mysteryPC (18.03.2015 um 09:15 Uhr) |
|
18.03.2015, 17:15
| #32 |
| /// the machine /// TB-Ausbilder    | Maleware gefunden - was muß ich nun tun? Java deinstallieren, dann die aktuelle Version installieren. Welchen letzten Schritt meinst Du genau?
__________________
__________________ |
|
19.03.2015, 07:00
| #33 |
| | Maleware gefunden - was muß ich nun tun? Ich meinte den Schritt mit dem Text ins Fenster kopieren...was hab ich da gemacht? Wozu war das gut?
__________________Java deinstallieren und neu drauf würde ich ja machen finde ich aber nicht in der Software unter Systemsteuerung deswegen frag ich... |
|
19.03.2015, 13:04
| #34 |
| /// the machine /// TB-Ausbilder | Maleware gefunden - was muß ich nun tun? Wir haben die Funde von ESET und paar Reste gefixt. Frisches FRST log bitte. Das mit Java kannste ignorieren 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
19.03.2015, 18:04
| #35 |
| | Maleware gefunden - was muß ich nun tun? heee, bin grad gar nicht auf diese Seite gekommen, bekamm nur komische Zahlencodes etc. ...dann ist Avira angesprungen und meldete das sich ein Virus versucht hat. lasse jetzt Avira durchlaufen und dann nochmal Maylware Antimalewarebytes danach frisches FRST log, okay?! Code:
ATTFilter
Avira Free Antivirus
Erstellungsdatum der Reportdatei: Donnerstag, 19. März 2015 15:42
Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.
Lizenznehmer : Avira Antivirus Free
Seriennummer : 0000149996-AVHOE-0000001
Plattform : Microsoft Windows XP
Windowsversion : (Service Pack 3) [5.1.2600]
Boot Modus : Normal gebootet
Benutzername : SYSTEM
Computername : SLIM-36FB768E46
Versionsinformationen:
BUILD.DAT : 15.0.8.656 91858 Bytes 17.03.2015 13:02:00
AVSCAN.EXE : 15.0.8.652 1014064 Bytes 19.03.2015 14:17:17
AVSCANRC.DLL : 15.0.8.652 63792 Bytes 19.03.2015 14:17:17
LUKE.DLL : 15.0.8.652 60664 Bytes 19.03.2015 14:17:46
AVSCPLR.DLL : 15.0.8.652 93488 Bytes 19.03.2015 14:17:17
REPAIR.DLL : 15.0.8.652 365360 Bytes 19.03.2015 14:17:14
REPAIR.RDF : 1.0.6.48 806858 Bytes 19.03.2015 14:17:59
AVREG.DLL : 15.0.8.652 265464 Bytes 19.03.2015 14:17:13
AVLODE.DLL : 15.0.8.656 645368 Bytes 19.03.2015 14:17:12
AVLODE.RDF : 14.0.4.54 78895 Bytes 21.12.2014 14:55:10
XBV00017.VDF : 8.11.165.190 2048 Bytes 07.08.2014 09:23:34
XBV00018.VDF : 8.11.165.190 2048 Bytes 07.08.2014 09:23:34
XBV00019.VDF : 8.11.165.190 2048 Bytes 07.08.2014 09:23:34
XBV00020.VDF : 8.11.165.190 2048 Bytes 07.08.2014 09:23:34
XBV00021.VDF : 8.11.165.190 2048 Bytes 07.08.2014 09:23:34
XBV00022.VDF : 8.11.165.190 2048 Bytes 07.08.2014 09:23:34
XBV00023.VDF : 8.11.165.190 2048 Bytes 07.08.2014 09:23:34
XBV00024.VDF : 8.11.165.190 2048 Bytes 07.08.2014 09:23:34
XBV00025.VDF : 8.11.165.190 2048 Bytes 07.08.2014 09:23:34
XBV00026.VDF : 8.11.165.190 2048 Bytes 07.08.2014 09:23:34
XBV00027.VDF : 8.11.165.190 2048 Bytes 07.08.2014 09:23:34
XBV00028.VDF : 8.11.165.190 2048 Bytes 07.08.2014 09:23:34
XBV00029.VDF : 8.11.165.190 2048 Bytes 07.08.2014 09:23:34
XBV00030.VDF : 8.11.165.190 2048 Bytes 07.08.2014 09:23:34
XBV00031.VDF : 8.11.165.190 2048 Bytes 07.08.2014 09:23:34
XBV00032.VDF : 8.11.165.190 2048 Bytes 07.08.2014 09:23:34
XBV00033.VDF : 8.11.165.190 2048 Bytes 07.08.2014 09:23:34
XBV00034.VDF : 8.11.165.190 2048 Bytes 07.08.2014 09:23:34
XBV00035.VDF : 8.11.165.190 2048 Bytes 07.08.2014 09:23:34
XBV00036.VDF : 8.11.165.190 2048 Bytes 07.08.2014 09:23:34
XBV00037.VDF : 8.11.165.190 2048 Bytes 07.08.2014 09:23:34
XBV00038.VDF : 8.11.165.190 2048 Bytes 07.08.2014 09:23:34
XBV00039.VDF : 8.11.165.190 2048 Bytes 07.08.2014 09:23:34
XBV00040.VDF : 8.11.165.190 2048 Bytes 07.08.2014 09:23:34
XBV00041.VDF : 8.11.165.190 2048 Bytes 07.08.2014 09:23:34
XBV00174.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:19
XBV00175.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:19
XBV00176.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:19
XBV00177.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:19
XBV00178.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:20
XBV00179.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:20
XBV00180.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:20
XBV00181.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:20
XBV00182.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:20
XBV00183.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:20
XBV00184.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:20
XBV00185.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:20
XBV00186.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:20
XBV00187.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:20
XBV00188.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:20
XBV00189.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:21
XBV00190.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:21
XBV00191.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:21
XBV00192.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:21
XBV00193.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:21
XBV00194.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:21
XBV00195.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:21
XBV00196.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:21
XBV00197.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:21
XBV00198.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:21
XBV00199.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:21
XBV00200.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:21
XBV00201.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:21
XBV00202.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:21
XBV00203.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:22
XBV00204.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:22
XBV00205.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:22
XBV00206.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:22
XBV00207.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:22
XBV00208.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:22
XBV00209.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:22
XBV00210.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:23
XBV00211.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:23
XBV00212.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:23
XBV00213.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:23
XBV00214.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:23
XBV00215.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:23
XBV00216.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:23
XBV00217.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:23
XBV00218.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:23
XBV00219.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:23
XBV00220.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:23
XBV00221.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:23
XBV00222.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:23
XBV00223.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:23
XBV00224.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:23
XBV00225.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:23
XBV00226.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:24
XBV00227.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:24
XBV00228.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:24
XBV00229.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:24
XBV00230.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:24
XBV00231.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:24
XBV00232.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:24
XBV00233.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:24
XBV00234.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:24
XBV00235.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:24
XBV00236.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:24
XBV00237.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:24
XBV00238.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:24
XBV00239.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:24
XBV00240.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:24
XBV00241.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:24
XBV00242.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:24
XBV00243.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:24
XBV00244.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:24
XBV00245.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:24
XBV00246.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:24
XBV00247.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:24
XBV00248.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:25
XBV00249.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:25
XBV00250.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:25
XBV00251.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:25
XBV00252.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:25
XBV00253.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:25
XBV00254.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:25
XBV00255.VDF : 8.11.213.176 2048 Bytes 05.03.2015 13:43:25
XBV00000.VDF : 7.11.70.0 66736640 Bytes 04.04.2013 09:23:34
XBV00001.VDF : 7.11.74.226 2201600 Bytes 30.04.2013 09:23:34
XBV00002.VDF : 7.11.80.60 2751488 Bytes 28.05.2013 09:23:34
XBV00003.VDF : 7.11.85.214 2162688 Bytes 21.06.2013 09:23:34
XBV00004.VDF : 7.11.91.176 3903488 Bytes 23.07.2013 09:23:34
XBV00005.VDF : 7.11.98.186 6822912 Bytes 29.08.2013 09:23:34
XBV00006.VDF : 7.11.139.38 15708672 Bytes 27.03.2014 09:23:34
XBV00007.VDF : 7.11.152.100 4193792 Bytes 02.06.2014 09:23:34
XBV00008.VDF : 8.11.165.192 4251136 Bytes 07.08.2014 09:23:34
XBV00009.VDF : 8.11.172.30 2094080 Bytes 15.09.2014 09:23:34
XBV00010.VDF : 8.11.178.32 1581056 Bytes 14.10.2014 09:23:34
XBV00011.VDF : 8.11.184.50 2178560 Bytes 11.11.2014 09:23:34
XBV00012.VDF : 8.11.190.32 1876992 Bytes 03.12.2014 14:55:18
XBV00013.VDF : 8.11.201.28 2973696 Bytes 14.01.2015 05:39:37
XBV00014.VDF : 8.11.206.252 2695680 Bytes 04.02.2015 19:04:59
XBV00015.VDF : 8.11.213.84 3175936 Bytes 03.03.2015 06:35:03
XBV00016.VDF : 8.11.213.176 212480 Bytes 05.03.2015 13:43:05
XBV00042.VDF : 8.11.213.202 3584 Bytes 05.03.2015 13:43:05
XBV00043.VDF : 8.11.213.204 2048 Bytes 05.03.2015 13:43:06
XBV00044.VDF : 8.11.213.230 40960 Bytes 05.03.2015 05:44:49
XBV00045.VDF : 8.11.214.2 29184 Bytes 05.03.2015 05:44:49
XBV00046.VDF : 8.11.214.28 25088 Bytes 05.03.2015 05:44:49
XBV00047.VDF : 8.11.214.30 14848 Bytes 05.03.2015 05:44:49
XBV00048.VDF : 8.11.214.32 3072 Bytes 05.03.2015 05:44:50
XBV00049.VDF : 8.11.214.34 2048 Bytes 06.03.2015 05:44:50
XBV00050.VDF : 8.11.214.38 39424 Bytes 06.03.2015 11:45:06
XBV00051.VDF : 8.11.214.40 6656 Bytes 06.03.2015 11:45:06
XBV00052.VDF : 8.11.214.42 4608 Bytes 06.03.2015 11:45:06
XBV00053.VDF : 8.11.214.44 5120 Bytes 06.03.2015 11:45:06
XBV00054.VDF : 8.11.214.46 23552 Bytes 06.03.2015 11:45:06
XBV00055.VDF : 8.11.214.48 3072 Bytes 06.03.2015 05:17:40
XBV00056.VDF : 8.11.214.50 25600 Bytes 06.03.2015 05:17:40
XBV00057.VDF : 8.11.214.72 2048 Bytes 06.03.2015 05:17:40
XBV00058.VDF : 8.11.214.92 48128 Bytes 06.03.2015 05:17:41
XBV00059.VDF : 8.11.214.112 12800 Bytes 06.03.2015 05:17:41
XBV00060.VDF : 8.11.214.114 2560 Bytes 06.03.2015 05:17:41
XBV00061.VDF : 8.11.214.136 32256 Bytes 06.03.2015 05:17:41
XBV00062.VDF : 8.11.214.138 2048 Bytes 06.03.2015 05:17:41
XBV00063.VDF : 8.11.214.140 2048 Bytes 07.03.2015 05:17:41
XBV00064.VDF : 8.11.214.144 34304 Bytes 07.03.2015 06:52:26
XBV00065.VDF : 8.11.214.146 2048 Bytes 07.03.2015 06:52:26
XBV00066.VDF : 8.11.214.168 33792 Bytes 07.03.2015 06:52:26
XBV00067.VDF : 8.11.214.188 71168 Bytes 08.03.2015 12:52:25
XBV00068.VDF : 8.11.214.190 2048 Bytes 08.03.2015 12:52:25
XBV00069.VDF : 8.11.214.192 2048 Bytes 08.03.2015 12:52:25
XBV00070.VDF : 8.11.214.212 2048 Bytes 08.03.2015 12:52:25
XBV00071.VDF : 8.11.214.232 28672 Bytes 08.03.2015 18:59:47
XBV00072.VDF : 8.11.214.252 69120 Bytes 09.03.2015 11:11:30
XBV00073.VDF : 8.11.215.14 3584 Bytes 09.03.2015 11:11:30
XBV00074.VDF : 8.11.215.32 7168 Bytes 09.03.2015 11:11:30
XBV00075.VDF : 8.11.215.50 12800 Bytes 09.03.2015 05:42:31
XBV00076.VDF : 8.11.215.52 5120 Bytes 09.03.2015 05:42:31
XBV00077.VDF : 8.11.215.70 17920 Bytes 09.03.2015 05:42:31
XBV00078.VDF : 8.11.215.90 2048 Bytes 09.03.2015 05:42:31
XBV00079.VDF : 8.11.215.110 2048 Bytes 09.03.2015 05:42:32
XBV00080.VDF : 8.11.215.132 29696 Bytes 09.03.2015 05:42:32
XBV00081.VDF : 8.11.215.134 11264 Bytes 09.03.2015 05:42:32
XBV00082.VDF : 8.11.215.136 11264 Bytes 09.03.2015 05:42:32
XBV00083.VDF : 8.11.215.138 12288 Bytes 10.03.2015 13:44:36
XBV00084.VDF : 8.11.215.140 35840 Bytes 10.03.2015 13:44:36
XBV00085.VDF : 8.11.215.158 6144 Bytes 10.03.2015 13:44:36
XBV00086.VDF : 8.11.215.174 5632 Bytes 10.03.2015 13:44:36
XBV00087.VDF : 8.11.215.190 8704 Bytes 10.03.2015 13:44:36
XBV00088.VDF : 8.11.215.206 19968 Bytes 10.03.2015 13:44:37
XBV00089.VDF : 8.11.215.222 12800 Bytes 10.03.2015 13:44:37
XBV00090.VDF : 8.11.215.226 2048 Bytes 10.03.2015 13:44:37
XBV00091.VDF : 8.11.215.230 14336 Bytes 10.03.2015 06:04:15
XBV00092.VDF : 8.11.215.234 26112 Bytes 10.03.2015 06:04:15
XBV00093.VDF : 8.11.215.236 11776 Bytes 10.03.2015 06:04:15
XBV00094.VDF : 8.11.215.240 22016 Bytes 11.03.2015 18:04:59
XBV00095.VDF : 8.11.215.242 2048 Bytes 11.03.2015 18:04:59
XBV00096.VDF : 8.11.215.244 2048 Bytes 11.03.2015 18:04:59
XBV00097.VDF : 8.11.216.4 7680 Bytes 11.03.2015 18:04:59
XBV00098.VDF : 8.11.216.20 12800 Bytes 11.03.2015 18:04:59
XBV00099.VDF : 8.11.216.36 19968 Bytes 11.03.2015 18:04:59
XBV00100.VDF : 8.11.216.52 2560 Bytes 11.03.2015 18:04:59
XBV00101.VDF : 8.11.216.54 22016 Bytes 11.03.2015 18:05:00
XBV00102.VDF : 8.11.216.56 8192 Bytes 11.03.2015 05:52:17
XBV00103.VDF : 8.11.216.58 4608 Bytes 11.03.2015 05:52:17
XBV00104.VDF : 8.11.216.60 16896 Bytes 11.03.2015 05:52:17
XBV00105.VDF : 8.11.216.76 14336 Bytes 11.03.2015 05:52:17
XBV00106.VDF : 8.11.216.90 30208 Bytes 11.03.2015 05:52:17
XBV00107.VDF : 8.11.216.104 5632 Bytes 12.03.2015 05:52:17
XBV00108.VDF : 8.11.216.118 6656 Bytes 12.03.2015 13:46:56
XBV00109.VDF : 8.11.216.120 24576 Bytes 12.03.2015 13:46:57
XBV00110.VDF : 8.11.216.122 16896 Bytes 12.03.2015 06:57:31
XBV00111.VDF : 8.11.216.124 2048 Bytes 12.03.2015 06:57:31
XBV00112.VDF : 8.11.216.138 16896 Bytes 12.03.2015 06:57:31
XBV00113.VDF : 8.11.216.140 2048 Bytes 12.03.2015 06:57:31
XBV00114.VDF : 8.11.216.154 3584 Bytes 12.03.2015 06:57:31
XBV00115.VDF : 8.11.216.168 2048 Bytes 12.03.2015 06:57:31
XBV00116.VDF : 8.11.216.182 70144 Bytes 12.03.2015 06:57:31
XBV00117.VDF : 8.11.216.196 2048 Bytes 13.03.2015 06:57:31
XBV00118.VDF : 8.11.216.200 46080 Bytes 13.03.2015 06:57:32
XBV00119.VDF : 8.11.216.214 11776 Bytes 13.03.2015 13:29:17
XBV00120.VDF : 8.11.216.228 4096 Bytes 13.03.2015 13:29:17
XBV00121.VDF : 8.11.216.242 2560 Bytes 13.03.2015 13:29:17
XBV00122.VDF : 8.11.216.254 2560 Bytes 13.03.2015 13:29:17
XBV00123.VDF : 8.11.217.10 7680 Bytes 13.03.2015 05:40:08
XBV00124.VDF : 8.11.217.14 2048 Bytes 13.03.2015 05:40:08
XBV00125.VDF : 8.11.217.16 24576 Bytes 13.03.2015 05:40:08
XBV00126.VDF : 8.11.217.22 17408 Bytes 13.03.2015 05:40:08
XBV00127.VDF : 8.11.217.24 2048 Bytes 13.03.2015 05:40:08
XBV00128.VDF : 8.11.217.26 2048 Bytes 13.03.2015 05:40:09
XBV00129.VDF : 8.11.217.28 15872 Bytes 13.03.2015 05:40:09
XBV00130.VDF : 8.11.217.42 84480 Bytes 14.03.2015 15:56:23
XBV00131.VDF : 8.11.217.54 2048 Bytes 14.03.2015 15:56:23
XBV00132.VDF : 8.11.217.66 2048 Bytes 14.03.2015 15:56:23
XBV00133.VDF : 8.11.217.78 19456 Bytes 14.03.2015 15:56:23
XBV00134.VDF : 8.11.217.90 71680 Bytes 15.03.2015 16:16:28
XBV00135.VDF : 8.11.217.102 2048 Bytes 15.03.2015 16:16:28
XBV00136.VDF : 8.11.217.124 6656 Bytes 15.03.2015 16:16:28
XBV00137.VDF : 8.11.217.136 76800 Bytes 16.03.2015 11:29:46
XBV00138.VDF : 8.11.217.146 3584 Bytes 16.03.2015 11:29:46
XBV00139.VDF : 8.11.217.156 3584 Bytes 16.03.2015 11:29:46
XBV00140.VDF : 8.11.217.166 4096 Bytes 16.03.2015 11:29:46
XBV00141.VDF : 8.11.217.176 12288 Bytes 16.03.2015 11:29:46
XBV00142.VDF : 8.11.217.186 13312 Bytes 16.03.2015 05:53:32
XBV00143.VDF : 8.11.217.188 24064 Bytes 16.03.2015 05:53:33
XBV00144.VDF : 8.11.217.194 7680 Bytes 16.03.2015 05:53:33
XBV00145.VDF : 8.11.217.198 31232 Bytes 16.03.2015 05:53:33
XBV00146.VDF : 8.11.217.208 13824 Bytes 16.03.2015 05:53:33
XBV00147.VDF : 8.11.217.216 7680 Bytes 16.03.2015 05:53:33
XBV00148.VDF : 8.11.217.224 2048 Bytes 17.03.2015 05:53:33
XBV00149.VDF : 8.11.217.232 23552 Bytes 17.03.2015 05:53:33
XBV00150.VDF : 8.11.217.240 7168 Bytes 17.03.2015 06:24:19
XBV00151.VDF : 8.11.217.242 9216 Bytes 17.03.2015 06:24:19
XBV00152.VDF : 8.11.217.244 13824 Bytes 17.03.2015 06:24:19
XBV00153.VDF : 8.11.217.252 4608 Bytes 17.03.2015 06:24:19
XBV00154.VDF : 8.11.218.4 10240 Bytes 17.03.2015 06:24:19
XBV00155.VDF : 8.11.218.6 12800 Bytes 17.03.2015 06:24:19
XBV00156.VDF : 8.11.218.16 14848 Bytes 17.03.2015 06:24:19
XBV00157.VDF : 8.11.218.20 2048 Bytes 17.03.2015 06:24:19
XBV00158.VDF : 8.11.218.28 4096 Bytes 17.03.2015 06:24:19
XBV00159.VDF : 8.11.218.30 25600 Bytes 17.03.2015 06:24:19
XBV00160.VDF : 8.11.218.32 2048 Bytes 17.03.2015 06:24:19
XBV00161.VDF : 8.11.218.34 18432 Bytes 17.03.2015 06:24:20
XBV00162.VDF : 8.11.218.38 26112 Bytes 18.03.2015 06:24:20
XBV00163.VDF : 8.11.218.46 4096 Bytes 18.03.2015 05:50:15
XBV00164.VDF : 8.11.218.52 3584 Bytes 18.03.2015 05:50:15
XBV00165.VDF : 8.11.218.66 5120 Bytes 18.03.2015 05:50:15
XBV00166.VDF : 8.11.218.78 24576 Bytes 18.03.2015 05:50:15
XBV00167.VDF : 8.11.218.88 15360 Bytes 18.03.2015 05:50:15
XBV00168.VDF : 8.11.218.98 17408 Bytes 18.03.2015 05:50:16
XBV00169.VDF : 8.11.218.100 10240 Bytes 18.03.2015 05:50:16
XBV00170.VDF : 8.11.218.102 7680 Bytes 18.03.2015 05:50:16
XBV00171.VDF : 8.11.218.106 39936 Bytes 19.03.2015 14:17:53
XBV00172.VDF : 8.11.218.116 37888 Bytes 19.03.2015 14:17:53
XBV00173.VDF : 8.11.218.126 14336 Bytes 19.03.2015 14:17:53
LOCAL001.VDF : 8.11.218.126 124887552 Bytes 19.03.2015 14:18:34
Engineversion : 8.3.30.4
AEVDF.DLL : 8.3.1.6 133992 Bytes 20.08.2014 13:15:26
AESCRIPT.DLL : 8.2.2.58 560248 Bytes 18.03.2015 06:24:19
AESCN.DLL : 8.3.2.2 139456 Bytes 25.07.2014 05:14:55
AESBX.DLL : 8.2.20.34 1615784 Bytes 05.03.2015 05:39:13
AERDL.DLL : 8.2.1.20 731040 Bytes 12.02.2015 06:30:12
AEPACK.DLL : 8.4.0.62 793456 Bytes 21.02.2015 16:26:41
AEOFFICE.DLL : 8.3.1.14 354216 Bytes 10.03.2015 13:44:33
AEMOBILE.DLL : 8.1.7.0 281456 Bytes 10.03.2015 13:44:36
AEHEUR.DLL : 8.1.4.1606 8256368 Bytes 19.03.2015 14:17:04
AEHELP.DLL : 8.3.2.0 281456 Bytes 19.03.2015 14:16:50
AEGEN.DLL : 8.1.7.40 456608 Bytes 21.12.2014 14:54:50
AEEXP.DLL : 8.4.2.70 255904 Bytes 06.02.2015 12:26:16
AEEMU.DLL : 8.1.3.4 399264 Bytes 08.08.2014 06:14:10
AEDROID.DLL : 8.4.3.116 1050536 Bytes 10.03.2015 13:44:35
AECORE.DLL : 8.3.4.0 243624 Bytes 21.12.2014 14:54:49
AEBB.DLL : 8.1.2.0 60448 Bytes 08.08.2014 06:14:08
AVWINLL.DLL : 15.0.8.652 25904 Bytes 19.03.2015 14:16:49
AVPREF.DLL : 15.0.8.652 53248 Bytes 19.03.2015 14:17:13
AVREP.DLL : 15.0.8.652 221432 Bytes 19.03.2015 14:17:14
AVARKT.DLL : 15.0.8.652 228088 Bytes 19.03.2015 14:17:04
AVEVTLOG.DLL : 15.0.8.652 183600 Bytes 19.03.2015 14:17:09
SQLITE3.DLL : 15.0.8.652 456440 Bytes 19.03.2015 14:17:53
AVSMTP.DLL : 15.0.8.652 79360 Bytes 19.03.2015 14:17:18
NETNT.DLL : 15.0.8.652 17352 Bytes 19.03.2015 14:17:47
RCIMAGE.DLL : 15.0.8.652 4864816 Bytes 19.03.2015 14:16:49
RCTEXT.DLL : 15.0.8.652 75056 Bytes 19.03.2015 14:16:49
Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Vollständige Systemprüfung
Konfigurationsdatei...................: c:\programme\avira\antivir desktop\sysscan.avp
Protokollierung.......................: standard
Primäre Aktion........................: Interaktiv
Sekundäre Aktion......................: Ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:, D:,
Durchsuche aktive Programme...........: ein
Laufende Programme erweitert..........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: aus
Prüfe alle Dateien....................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert
Beginn des Suchlaufs: Donnerstag, 19. März 2015 15:42
Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'HDD0(C:, D:)'
[INFO] Es wurde kein Virus gefunden!
Der Suchlauf nach versteckten Objekten wird begonnen.
Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'rsmsink.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '93' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '88' Modul(e) wurden durchsucht
Durchsuche Prozess 'wuauclt.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'msdtc.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'dllhost.exe' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'dllhost.exe' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'vssvc.exe' - '48' Modul(e) wurden durchsucht
Durchsuche Prozess 'wuauclt.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '90' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '117' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'WPFFontCache_v0400.exe' - '15' Modul(e) wurden durchsucht
Durchsuche Prozess 'alg.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '81' Modul(e) wurden durchsucht
Durchsuche Prozess 'wdfmgr.exe' - '15' Modul(e) wurden durchsucht
Durchsuche Prozess 'ULCDRSvr.exe' - '6' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'rndlresolversvc.exe' - '17' Modul(e) wurden durchsucht
Durchsuche Prozess 'daemonu.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvsvc32.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'NMSAccessU.exe' - '14' Modul(e) wurden durchsucht
Durchsuche Prozess 'mdm.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'CaptureLibService.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'FreemakeUtilsService.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'DevSvc.exe' - '48' Modul(e) wurden durchsucht
Durchsuche Prozess 'WinCinemaMgr.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'ctfmon.exe' - '25' Modul(e) wurden durchsucht
Durchsuche Prozess 'AmazonMP3DownloaderHelper.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'realsched.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvtmru.exe' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'RunDLL32.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'KPDrv4XP.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'OfficeKB.EXE' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'qttask.exe' - '19' Modul(e) wurden durchsucht
Durchsuche Prozess 'hpztsb05.exe' - '20' Modul(e) wurden durchsucht
Durchsuche Prozess 'RTHDCPL.EXE' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '86' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'Ati2evxx.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '171' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'Ati2evxx.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '58' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '74' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '12' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht
Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '2246' Dateien ).
Der Suchlauf über die ausgewählten Dateien wird begonnen:
Beginne mit der Suche in 'C:\' <Windows>
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1060\A0437556.exe
[FUND] Ist das Trojanische Pferd TR/Trash.Gen
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1060\A0437557.exe
[FUND] Ist das Trojanische Pferd TR/Trash.Gen
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1060\A0437558.exe
[FUND] Ist das Trojanische Pferd TR/Trash.Gen
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1060\A0437559.exe
[FUND] Ist das Trojanische Pferd TR/Trash.Gen
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1060\A0437560.dll
[FUND] Ist das Trojanische Pferd TR/Trash.Gen
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1060\A0437563.dll
[FUND] Ist das Trojanische Pferd TR/Trash.Gen
Beginne mit der Suche in 'D:\' <Daten_1>
Beginne mit der Desinfektion:
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1060\A0437563.dll
[FUND] Ist das Trojanische Pferd TR/Trash.Gen
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '56fa51f9.qua' verschoben!
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1060\A0437560.dll
[FUND] Ist das Trojanische Pferd TR/Trash.Gen
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4e6d7e5e.qua' verschoben!
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1060\A0437559.exe
[FUND] Ist das Trojanische Pferd TR/Trash.Gen
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '1c3224b6.qua' verschoben!
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1060\A0437558.exe
[FUND] Ist das Trojanische Pferd TR/Trash.Gen
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '7a056b7a.qua' verschoben!
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1060\A0437557.exe
[FUND] Ist das Trojanische Pferd TR/Trash.Gen
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '3f814644.qua' verschoben!
C:\System Volume Information\_restore{4EB3D36F-B0A7-4C0B-8E55-8FC1C38F5E6A}\RP1060\A0437556.exe
[FUND] Ist das Trojanische Pferd TR/Trash.Gen
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '409a7425.qua' verschoben!
Ende des Suchlaufs: Donnerstag, 19. März 2015 17:10
Benötigte Zeit: 1:17:47 Stunde(n)
Der Suchlauf wurde vollständig durchgeführt.
8737 Verzeichnisse wurden überprüft
386078 Dateien wurden geprüft
6 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
0 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
6 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
0 Dateien konnten nicht durchsucht werden
386072 Dateien ohne Befall
6316 Archive wurden durchsucht
0 Warnungen
6 Hinweise
341996 Objekte wurden beim Rootkitscan durchsucht
0 Versteckte Objekte wurden gefunden
Code:
ATTFilter 17:56:34.0359 0x0abc TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
17:56:40.0578 0x0abc ============================================================
17:56:40.0578 0x0abc Current date / time: 2015/03/19 17:56:40.0578
17:56:40.0578 0x0abc SystemInfo:
17:56:40.0578 0x0abc
17:56:40.0578 0x0abc OS Version: 5.1.2600 ServicePack: 3.0
17:56:40.0578 0x0abc Product type: Workstation
17:56:40.0578 0x0abc ComputerName: SLIM-36FB768E46
17:56:40.0578 0x0abc UserName: Slim
17:56:40.0578 0x0abc Windows directory: C:\WINDOWS
17:56:40.0578 0x0abc System windows directory: C:\WINDOWS
17:56:40.0578 0x0abc Processor architecture: Intel x86
17:56:40.0578 0x0abc Number of processors: 2
17:56:40.0578 0x0abc Page size: 0x1000
17:56:40.0578 0x0abc Boot type: Normal boot
17:56:40.0578 0x0abc ============================================================
17:56:43.0171 0x0abc KLMD registered as C:\WINDOWS\system32\drivers\02645618.sys
17:56:43.0468 0x0abc System UUID: {BCCF5BF6-C583-03CB-A2E0-C8C56FD0AB87}
17:56:44.0437 0x0abc Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 ( 74.53 Gb ), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
17:56:44.0453 0x0abc ============================================================
17:56:44.0453 0x0abc \Device\Harddisk0\DR0:
17:56:44.0453 0x0abc MBR partitions:
17:56:44.0453 0x0abc \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x61A7927
17:56:44.0453 0x0abc \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x61A7966, BlocksNum 0x3366B5B
17:56:44.0453 0x0abc ============================================================
17:56:44.0484 0x0abc C: <-> \Device\Harddisk0\DR0\Partition1
17:56:44.0531 0x0abc D: <-> \Device\Harddisk0\DR0\Partition2
17:56:44.0531 0x0abc ============================================================
17:56:44.0531 0x0abc Initialize success
17:56:44.0531 0x0abc ============================================================
17:56:47.0625 0x0814 ============================================================
17:56:47.0625 0x0814 Scan started
17:56:47.0625 0x0814 Mode: Manual;
17:56:47.0625 0x0814 ============================================================
17:56:47.0625 0x0814 KSN ping started
17:57:01.0093 0x0814 KSN ping finished: true
17:57:02.0453 0x0814 ================ Scan system memory ========================
17:57:02.0453 0x0814 System memory - ok
17:57:02.0453 0x0814 ================ Scan services =============================
17:57:02.0562 0x0814 Abiosdsk - ok
17:57:02.0562 0x0814 abp480n5 - ok
17:57:02.0609 0x0814 [ AC407F1A62C3A300B4F2B5A9F1D55B2C, 31F5FC61B37E22100B3A52A590295A7E827FFC581FA9960C64B9032452AAECED ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:57:02.0609 0x0814 ACPI - ok
17:57:02.0687 0x0814 [ 9E1CA3160DAFB159CA14F83B1E317F75, 13B3E897B0E819BF734449416D9EC6EBCAC89538EC69BF48C068593B82D57004 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
17:57:02.0687 0x0814 ACPIEC - ok
17:57:02.0781 0x0814 [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:57:02.0781 0x0814 AdobeFlashPlayerUpdateSvc - ok
17:57:02.0796 0x0814 adpu160m - ok
17:57:02.0812 0x0814 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
17:57:02.0828 0x0814 aec - ok
17:57:02.0859 0x0814 [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys
17:57:02.0875 0x0814 AFD - ok
17:57:02.0875 0x0814 Aha154x - ok
17:57:02.0875 0x0814 aic78u2 - ok
17:57:02.0890 0x0814 aic78xx - ok
17:57:02.0921 0x0814 [ 738D80CC01D7BC7584BE917B7F544394, DCC17AAEF5CDDF52FAAC3CC6904EF421CD595F66318A2370BEE261D5C3A8E340 ] Alerter C:\WINDOWS\system32\alrsvc.dll
17:57:02.0921 0x0814 Alerter - ok
17:57:02.0953 0x0814 [ 190CD73D4984F94D823F9444980513E5, 93A32C2495CCA094F768BA707C74DA5C00B8A88A9236DD1A297439A7C2E6C6FA ] ALG C:\WINDOWS\System32\alg.exe
17:57:02.0953 0x0814 ALG - ok
17:57:02.0953 0x0814 AliIde - ok
17:57:03.0093 0x0814 [ F6AF59D6EEE5E1C304F7F73706AD11D8, F5D39EF40CDB5102A84C8594CFC54DDBD5060E193E6D07421A9003D2ABC63E30 ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys
17:57:03.0171 0x0814 Ambfilt - ok
17:57:03.0187 0x0814 amsint - ok
17:57:03.0328 0x0814 [ 624D29E2D70F83147A79043FD0024D1D, 8B9D4692529155893E3E73E2CF1B0A36354C7032C9524FDCBC5D57562F7F0342 ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe
17:57:03.0343 0x0814 AntiVirSchedulerService - ok
17:57:03.0390 0x0814 [ 624D29E2D70F83147A79043FD0024D1D, 8B9D4692529155893E3E73E2CF1B0A36354C7032C9524FDCBC5D57562F7F0342 ] AntiVirService C:\Programme\Avira\AntiVir Desktop\avguard.exe
17:57:03.0421 0x0814 AntiVirService - ok
17:57:03.0468 0x0814 [ D45960BE52C3C610D361977057F98C54, 9186589B502F46B47672CFB8EBD558D51B0F3CBFE4E0DDBA625A4265236518CE ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
17:57:03.0468 0x0814 AppMgmt - ok
17:57:03.0484 0x0814 asc - ok
17:57:03.0484 0x0814 asc3350p - ok
17:57:03.0500 0x0814 asc3550 - ok
17:57:03.0609 0x0814 [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
17:57:03.0609 0x0814 aspnet_state - ok
17:57:03.0640 0x0814 [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:57:03.0640 0x0814 AsyncMac - ok
17:57:03.0687 0x0814 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
17:57:03.0687 0x0814 atapi - ok
17:57:03.0687 0x0814 Atdisk - ok
17:57:03.0781 0x0814 [ 2A27A3A8634FB9E29F539D6D3ED3646A, 08C5E28BB1A3DC856C6B7956F6F47EE0AEFEB82E7E9474848DDFAFD8A627A281 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
17:57:03.0796 0x0814 Ati HotKey Poller - ok
17:57:03.0859 0x0814 [ 72810C6A63076A480ABCE0E0BA0BC981, 8551F6394A64C1270A573C75BC6EF326300FBC3F8E0BCD6F8BDA58874D65C036 ] ATI Smart C:\WINDOWS\system32\ati2sgag.exe
17:57:03.0890 0x0814 ATI Smart - ok
17:57:04.0093 0x0814 [ 8763EDE3E0CD40F5C3450571AC57F205, 8564071956609F679C511B87C0328578824A7C1ED08DE22CFC74DF589E6EEEF2 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
17:57:04.0281 0x0814 ati2mtag - ok
17:57:04.0328 0x0814 [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:57:04.0328 0x0814 Atmarpc - ok
17:57:04.0359 0x0814 [ 58ED0D5452DF7BE732193E7999C6B9A4, 254E2ECF592DDA2E3E6CA9F6F3E77926E2265586A7937BA95199ED47BCDE69A3 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
17:57:04.0359 0x0814 AudioSrv - ok
17:57:04.0406 0x0814 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
17:57:04.0406 0x0814 audstub - ok
17:57:04.0437 0x0814 [ AF5DA81B19AFA730F1E5246AD81D140A, 532951071F56896A3B5D47874C14D996C8620EA02F87D4BA21B083EC804FB166 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
17:57:04.0453 0x0814 avgntflt - ok
17:57:04.0468 0x0814 [ A5674637BCA212D9FE136ADFA04C9857, 95F3632EBB041C539816D285EBE1F379D46A4187379C69D4683D9F4DECBDB80C ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
17:57:04.0484 0x0814 avipbb - ok
17:57:04.0484 0x0814 [ D8C712305F73CD34D1B344810E522728, 49A474FF6CA44E8427D7A8290B47395125B0148AF384CF2B3B1FA495A4718CBA ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
17:57:04.0500 0x0814 avkmgr - ok
17:57:04.0515 0x0814 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
17:57:04.0515 0x0814 Beep - ok
17:57:04.0578 0x0814 [ D6F603772A789BB3228F310D650B8BD1, A539025C70FD998A9B8703DE05CAE5E99BC721D8852EA561EBC2DD20CB371D2E ] BITS C:\WINDOWS\system32\qmgr.dll
17:57:04.0609 0x0814 BITS - ok
17:57:04.0640 0x0814 [ B42057F06BBB98B31876C0B3F2B54E33, 779AF28378E8D37E784BEDBEE23DCFFC6C9C9068180F2A9058C91047E33ED078 ] Browser C:\WINDOWS\System32\browser.dll
17:57:04.0640 0x0814 Browser - ok
17:57:04.0703 0x0814 [ 1778EBA872274C1226D869CD9486847E, C76B8E07DD27E038B243A27C9FE6FB168731726638C83ADA29D18EE673D58835 ] Capture Device Service C:\Programme\Gemeinsame Dateien\InterVideo\DeviceService\DevSvc.exe
17:57:04.0703 0x0814 Capture Device Service - ok
17:57:04.0843 0x0814 catchme - ok
17:57:04.0875 0x0814 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
17:57:04.0875 0x0814 cbidf2k - ok
17:57:04.0890 0x0814 cd20xrnt - ok
17:57:04.0906 0x0814 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
17:57:04.0906 0x0814 Cdaudio - ok
17:57:04.0921 0x0814 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
17:57:04.0921 0x0814 Cdfs - ok
17:57:04.0953 0x0814 [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:57:04.0953 0x0814 Cdrom - ok
17:57:04.0968 0x0814 Changer - ok
17:57:05.0000 0x0814 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E, ACB458E8A11AA2143734A5A0281973D95158E6402A6453F98F9832D1E19B01F9 ] CiSvc C:\WINDOWS\system32\cisvc.exe
17:57:05.0015 0x0814 CiSvc - ok
17:57:05.0031 0x0814 [ 778A30ED3C134EB7E406AFC407E9997D, 3E6AD115AB2596EB001BC21AEADDBC75F27C42DB90C986B7AD17743CE631234E ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
17:57:05.0031 0x0814 ClipSrv - ok
17:57:05.0078 0x0814 [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:57:05.0093 0x0814 clr_optimization_v2.0.50727_32 - ok
17:57:05.0140 0x0814 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:57:05.0140 0x0814 clr_optimization_v4.0.30319_32 - ok
17:57:05.0140 0x0814 CmdIde - ok
17:57:05.0156 0x0814 COMSysApp - ok
17:57:05.0171 0x0814 Cpqarray - ok
17:57:05.0203 0x0814 [ 611F824E5C703A5A899F84C5F1699E4D, 9EFA5612FE58E9974E4CC13D39D91D7B5DEA3ED66BEFBED3AAE6D2800FD8162A ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
17:57:05.0203 0x0814 CryptSvc - ok
17:57:05.0218 0x0814 dac2w2k - ok
17:57:05.0218 0x0814 dac960nt - ok
17:57:05.0281 0x0814 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
17:57:05.0312 0x0814 DcomLaunch - ok
17:57:05.0359 0x0814 [ C29A1C9B75BA38FA37F8C44405DEC360, 7476D8BC4380CDE56764B2034AF3741DA4ED00F315E41C9A02B5EAD04374F241 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
17:57:05.0359 0x0814 Dhcp - ok
17:57:05.0406 0x0814 [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
17:57:05.0406 0x0814 Disk - ok
17:57:05.0406 0x0814 dmadmin - ok
17:57:05.0500 0x0814 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA, 89B0AEE5BE01B9FE4FF2989FF16DB6121721ACDFCE6D9655C0ACD321D8C308BE ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
17:57:05.0562 0x0814 dmboot - ok
17:57:05.0593 0x0814 [ 53720AB12B48719D00E327DA470A619A, 800264866A6267C9000A85D00095D57908D059D737E5F28C9C4049B884C46228 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
17:57:05.0593 0x0814 dmio - ok
17:57:05.0640 0x0814 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
17:57:05.0640 0x0814 dmload - ok
17:57:05.0671 0x0814 [ 25C83FFBBA13B554EB6D59A9B2E2EE78, 9FBD655ED3E9163AE11EC207F283E387EFBA5A23108EC790BAE4846B35E66F16 ] dmserver C:\WINDOWS\System32\dmserver.dll
17:57:05.0671 0x0814 dmserver - ok
17:57:05.0687 0x0814 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
17:57:05.0687 0x0814 DMusic - ok
17:57:05.0734 0x0814 [ 407F3227AC618FD1CA54B335B083DE07, 96B8E734648FE9A4EBA59C096C8779BD1A11A93A6303AFD438A406C8122D36C6 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
17:57:05.0734 0x0814 Dnscache - ok
17:57:05.0781 0x0814 [ 676E36C4FF5BCEA1900F44182B9723E6, 740CF18BD40E00FEA26CF0E6340C5D18F7D0B4390055FAEEC258B3AA790C4AE9 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
17:57:05.0781 0x0814 Dot3svc - ok
17:57:05.0796 0x0814 dpti2o - ok
17:57:05.0828 0x0814 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
17:57:05.0828 0x0814 drmkaud - ok
17:57:05.0859 0x0814 [ 4E4F2FDDAB0A0736D7671134DCCE91FB, 8E2C57D1A006856C47CBDD5765A9DD317DB205B26DA8BFC70555A506257A1CD9 ] EapHost C:\WINDOWS\System32\eapsvc.dll
17:57:05.0859 0x0814 EapHost - ok
17:57:05.0890 0x0814 [ 178CC9403816C082D22A1D47FA1F9C85, B9AD7199C00D477EBBC15F2DCF78A6BA60C2670DAD0EF0994CEBCCB19111F890 ] ElbyCDIO C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
17:57:05.0890 0x0814 ElbyCDIO - ok
17:57:05.0937 0x0814 [ 877C18558D70587AA7823A1A308AC96B, 6B336A62112988D855513F45153F73F8470C41A448E9B7438B4A8EC1813AABF1 ] ERSvc C:\WINDOWS\System32\ersvc.dll
17:57:05.0937 0x0814 ERSvc - ok
17:57:05.0968 0x0814 [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] Eventlog C:\WINDOWS\system32\services.exe
17:57:05.0968 0x0814 Eventlog - ok
17:57:06.0015 0x0814 [ AF4F6B5739D18CA7972AB53E091CBC74, A399E2CC026730D3A429727AAB48093B9F1E5DD8EB6336519C7F16182FDB3905 ] EventSystem C:\WINDOWS\system32\es.dll
17:57:06.0031 0x0814 EventSystem - ok
17:57:06.0046 0x0814 [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
17:57:06.0062 0x0814 Fastfat - ok
17:57:06.0093 0x0814 [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
17:57:06.0109 0x0814 FastUserSwitchingCompatibility - ok
17:57:06.0140 0x0814 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
17:57:06.0140 0x0814 Fdc - ok
17:57:06.0156 0x0814 [ B0678A548587C5F1967B0D70BACAD6C1, 7E49910212ED87313F926E4800EA8D34809C287A686CA69B82B79C1A6451F88C ] Fips C:\WINDOWS\system32\drivers\Fips.sys
17:57:06.0156 0x0814 Fips - ok
17:57:06.0171 0x0814 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
17:57:06.0171 0x0814 Flpydisk - ok
17:57:06.0218 0x0814 [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
17:57:06.0218 0x0814 FltMgr - ok
17:57:06.0296 0x0814 [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
17:57:06.0296 0x0814 FontCache3.0.0.0 - ok
17:57:06.0406 0x0814 [ 3C36885FAD477629BE44BDC2D98682D6, 2A7B79E5896CAC37DB2C77C081B77FBD85F73333F4B50FD408CD0A04A2228239 ] Freemake Improver C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
17:57:06.0406 0x0814 Freemake Improver - ok
17:57:06.0468 0x0814 [ 23BA2103F69C7E12138240C86030F954, 2BDA358530FC776B835B90AC551D3FEBD660A97620EA9724DD3A5741DD3AB66D ] FreemakeVideoCapture C:\Programme\Freemake\CaptureLib\CaptureLibService.exe
17:57:06.0468 0x0814 FreemakeVideoCapture - ok
17:57:06.0484 0x0814 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:57:06.0484 0x0814 Fs_Rec - ok
17:57:06.0500 0x0814 [ 8F1955CE42E1484714B542F341647778, 8EB3F99625F409D3032561E8AB44BEFBFBFBA4EC873C2151C92A5CAAF7F2AA55 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:57:06.0515 0x0814 Ftdisk - ok
17:57:06.0562 0x0814 [ 9599A713E1776B8F69300FC9008F33C1, 8C1836847319D492EA6DC5DE3D4C57DB580B903F8B2AEFCD13B5E6054CE6B722 ] getPlusHelper C:\Programme\NOS\bin\getPlus_Helper.dll
17:57:06.0562 0x0814 getPlusHelper - ok
17:57:06.0609 0x0814 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:57:06.0609 0x0814 Gpc - ok
17:57:06.0687 0x0814 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Programme\Google\Update\GoogleUpdate.exe
17:57:06.0703 0x0814 gupdate - ok
17:57:06.0703 0x0814 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe
17:57:06.0703 0x0814 gupdatem - ok
17:57:06.0765 0x0814 [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
17:57:06.0765 0x0814 gusvc - ok
17:57:06.0828 0x0814 [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
17:57:06.0828 0x0814 HDAudBus - ok
17:57:06.0906 0x0814 [ CB66BF85BF599BEFD6C6A57C2E20357F, 55D3A0F9279FF316766F42548FCB61C452942B08A37590C4892DF110BE4E53C6 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
17:57:06.0906 0x0814 helpsvc - ok
17:57:06.0953 0x0814 [ 76E15E6D2E405D5020736A6C912968BA, F87BBF0782A89A3340C3FEC58CF2DEF35BBE11B69BE1B29DB57BF45FF4A592E3 ] HIDKbFlt C:\WINDOWS\system32\drivers\HIDKbFlt.sys
17:57:06.0953 0x0814 HIDKbFlt - ok
17:57:06.0984 0x0814 [ B35DA85E60C0103F2E4104532DA2F12B, E13C9F73DF7713554CB614B36123D75014F5121AA1FC9069733E61758751CBE4 ] HidServ C:\WINDOWS\System32\hidserv.dll
17:57:06.0984 0x0814 HidServ - ok
17:57:07.0031 0x0814 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:57:07.0031 0x0814 HidUsb - ok
17:57:07.0062 0x0814 [ ED29F14101523A6E0E808107405D452C, B8FA987637787BEECC2EB06D36293DAC355523392B49A8C5A9491EEE961917E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
17:57:07.0078 0x0814 hkmsvc - ok
17:57:07.0078 0x0814 hpn - ok
17:57:07.0125 0x0814 [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
17:57:07.0140 0x0814 HTTP - ok
17:57:07.0171 0x0814 [ 9E4ADB854CEBCFB81A4B36718FEECD16, 677AB64460775686F8366D6BF35D420A2486C3F07338A00A7C2788A5142B9F08 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
17:57:07.0187 0x0814 HTTPFilter - ok
17:57:07.0187 0x0814 i2omgmt - ok
17:57:07.0187 0x0814 i2omp - ok
17:57:07.0234 0x0814 [ E283B97CFBEB86C1D86BAED5F7846A92, 7664F791D08C80DF1E52B34BE69F073AA645610C4BD975F498254807602374AB ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
17:57:07.0234 0x0814 i8042prt - ok
17:57:07.0359 0x0814 [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:57:07.0421 0x0814 idsvc - ok
17:57:07.0453 0x0814 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
17:57:07.0453 0x0814 Imapi - ok
17:57:07.0500 0x0814 [ D4B413AA210C21E46AEDD2BA5B68D38E, 2309622867AA8FC832A729FA78F48742D4BD6CA0DAFBFB9DDB0772D671E1ED75 ] ImapiService C:\WINDOWS\system32\imapi.exe
17:57:07.0515 0x0814 ImapiService - ok
17:57:07.0515 0x0814 ini910u - ok
17:57:07.0828 0x0814 [ 2B1CDDFE53715372B2677ACE12FC9FE5, 40061A5CC3864A5B5A44212AFC493983087D54C603DCE3E9C291D8F9E846E26B ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
17:57:08.0078 0x0814 IntcAzAudAddService - ok
17:57:08.0109 0x0814 IntelIde - ok
17:57:08.0140 0x0814 [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
17:57:08.0140 0x0814 Ip6Fw - ok
17:57:08.0171 0x0814 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:57:08.0171 0x0814 IpFilterDriver - ok
17:57:08.0187 0x0814 [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:57:08.0187 0x0814 IpInIp - ok
17:57:08.0234 0x0814 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:57:08.0234 0x0814 IpNat - ok
17:57:08.0250 0x0814 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:57:08.0250 0x0814 IPSec - ok
17:57:08.0281 0x0814 [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
17:57:08.0281 0x0814 IRENUM - ok
17:57:08.0296 0x0814 [ 6DFB88F64135C525433E87648BDA30DE, 8233EEFBEF36AAA152F2C55D23D7118F0DE40C9C22EB5D9793405A4770889540 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:57:08.0296 0x0814 isapnp - ok
17:57:08.0343 0x0814 [ 4AC11B2250106774F694DF2DB4FFED61, 99D0FF40CE5B6BCB46966770B0BC1C9FED9FF23D2635B2C9B1B148BE83B395AA ] Iviaspi C:\WINDOWS\system32\drivers\iviaspi.sys
17:57:08.0343 0x0814 Iviaspi - ok
17:57:08.0359 0x0814 [ 7BD8FF29FECC1F4EF5B26CE3FFA80AE8, AAA32579A1CF3FE0AB1627F3D7929CA62A3A8D9E27A1CD64F027C1DF999ECBFD ] iviVD C:\WINDOWS\system32\DRIVERS\iviVD.sys
17:57:08.0359 0x0814 iviVD - ok
17:57:08.0390 0x0814 [ 1704D8C4C8807B889E43C649B478A452, E854C90CD301F42BE2520CEDAD35E49DF2D43606CF4EEED861B74882118D04D1 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:57:08.0390 0x0814 Kbdclass - ok
17:57:08.0421 0x0814 [ B6D6C117D771C98130497265F26D1882, E79CC4EA5C088F988BA61F80764F9CAD9B78BC56A7E17DD54622C75483BC5DF4 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
17:57:08.0437 0x0814 kbdhid - ok
17:57:08.0453 0x0814 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
17:57:08.0468 0x0814 kmixer - ok
17:57:08.0500 0x0814 [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
17:57:08.0500 0x0814 KSecDD - ok
17:57:08.0546 0x0814 [ 2BBDCB79900990F0716DFCB714E72DE7, 6283789201164A9254632D9A3C8A54FE697717D5F8D5A37804D924DC2B70C8E3 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
17:57:08.0562 0x0814 lanmanserver - ok
17:57:08.0593 0x0814 [ 1869B14B06B44B44AF70548E1EA3303F, 4D63B4DAF580C86F86837C7D1753E2105B4C52E26D4CA0CAAFE83755EFF7AFBE ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
17:57:08.0609 0x0814 lanmanworkstation - ok
17:57:08.0609 0x0814 lbrtfdc - ok
17:57:08.0656 0x0814 [ 636714B7D43C8D0C80449123FD266920, F06F6C7DC49B26EFCAC3570C67BA9BD934F62C6F382DA4DD2AB302C7B970F414 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
17:57:08.0656 0x0814 LmHosts - ok
17:57:08.0687 0x0814 [ FFB32E70D735146F5630DC7A96B6E1A8, DE1A8CF40FB077FA9AB04D4C292DBD8E42643A822CA5C4B90EC992802EF6765E ] mbamchameleon C:\WINDOWS\system32\drivers\mbamchameleon.sys
17:57:08.0687 0x0814 mbamchameleon - ok
17:57:08.0734 0x0814 [ 8E2E9CCD873ABF180F48BCAEEEBE347D, 35DBBB8E63B480151EA5701D9DB7C90642FA2391D044DB400D3644F3E21BB0C1 ] MBAMSwissArmy C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
17:57:08.0734 0x0814 MBAMSwissArmy - ok
17:57:08.0843 0x0814 [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1FFB32B2AF9D5D8 ] MDM C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
17:57:08.0875 0x0814 MDM - ok
17:57:08.0921 0x0814 [ B7550A7107281D170CE85524B1488C98, A3854B16A65436BEF6BEDE918B43B3BE8F00D303660DB5831DD376271DC43239 ] Messenger C:\WINDOWS\System32\msgsvc.dll
17:57:08.0921 0x0814 Messenger - ok
17:57:08.0953 0x0814 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
17:57:08.0953 0x0814 mnmdd - ok
17:57:08.0984 0x0814 [ C2F1D365FD96791B037EE504868065D3, 87BD87E08FD00D115524B049F1A3A719AB86557D68968E7090CD0F271F985CAF ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
17:57:08.0984 0x0814 mnmsrvc - ok
17:57:09.0031 0x0814 [ 6FB74EBD4EC57A6F1781DE3852CC3362, 0454509D9A31E0202C08AE17294E2682F227D177A3C73B303E4C8332757AFCA1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
17:57:09.0031 0x0814 Modem - ok
17:57:09.0140 0x0814 [ 9FA7207D1B1ADEAD88AE8EED9CDBBAA5, 2AC3875B2E7D9B0692253A9867B940CF214DE03574808B42C3702843BC1D5696 ] Monfilt C:\WINDOWS\system32\drivers\Monfilt.sys
17:57:09.0234 0x0814 Monfilt - ok
17:57:09.0250 0x0814 [ B24CE8005DEAB254C0251E15CB71D802, 6804A8ABDAD5EC846E7F8077D1EE9BA45D6226ACFF42C70BE3DE7C8980EF9EC4 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:57:09.0250 0x0814 Mouclass - ok
17:57:09.0265 0x0814 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
17:57:09.0265 0x0814 MountMgr - ok
17:57:09.0328 0x0814 [ 81E8AF6407EC3F41908FE37F054353EA, 756C7656ED68AEAE4225E952ED1CED0717264D3378DB8DF0B2D70B6EBC67C62F ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
17:57:09.0343 0x0814 MozillaMaintenance - ok
17:57:09.0343 0x0814 mraid35x - ok
17:57:09.0359 0x0814 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:57:09.0359 0x0814 MRxDAV - ok
17:57:09.0421 0x0814 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:57:09.0453 0x0814 MRxSmb - ok
17:57:09.0484 0x0814 [ 35A031AF38C55F92D28AA03EE9F12CC9, 97245D204C886EE8DCCC2DEAC80A0E358A7E0C1982F77389DA50DCF091FC9DDC ] MSDTC C:\WINDOWS\system32\msdtc.exe
17:57:09.0484 0x0814 MSDTC - ok
17:57:09.0515 0x0814 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
17:57:09.0515 0x0814 Msfs - ok
17:57:09.0515 0x0814 MSIServer - ok
17:57:09.0546 0x0814 [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:57:09.0546 0x0814 MSKSSRV - ok
17:57:09.0562 0x0814 [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:57:09.0562 0x0814 MSPCLOCK - ok
17:57:09.0578 0x0814 [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
17:57:09.0578 0x0814 MSPQM - ok
17:57:09.0609 0x0814 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:57:09.0609 0x0814 mssmbios - ok
17:57:09.0656 0x0814 [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
17:57:09.0671 0x0814 Mup - ok
17:57:09.0703 0x0814 [ 46BB15AE2AC7D025D6D2567B876817BD, 102A101B96D1078C98FA0F871C801A9A8538E20E5686AB0C7680B2F6C92B3165 ] napagent C:\WINDOWS\System32\qagentrt.dll
17:57:09.0718 0x0814 napagent - ok
17:57:09.0765 0x0814 [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
17:57:09.0765 0x0814 NDIS - ok
17:57:09.0796 0x0814 [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:57:09.0812 0x0814 NdisTapi - ok
17:57:09.0812 0x0814 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:57:09.0812 0x0814 Ndisuio - ok
17:57:09.0859 0x0814 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:57:09.0859 0x0814 NdisWan - ok
17:57:09.0906 0x0814 [ 9282BD12DFB069D3889EB3FCC1000A9B, 09A46F1712BD9165068D8E153585FE3E6E5CBF4F1DDEC142115555D3A91AEC09 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
17:57:09.0906 0x0814 NDProxy - ok
17:57:09.0953 0x0814 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
17:57:09.0953 0x0814 NetBIOS - ok
17:57:09.0968 0x0814 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
17:57:09.0984 0x0814 NetBT - ok
17:57:10.0015 0x0814 [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDE C:\WINDOWS\system32\netdde.exe
17:57:10.0031 0x0814 NetDDE - ok
17:57:10.0031 0x0814 [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
17:57:10.0031 0x0814 NetDDEdsdm - ok
17:57:10.0062 0x0814 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] Netlogon C:\WINDOWS\system32\lsass.exe
17:57:10.0062 0x0814 Netlogon - ok
17:57:10.0078 0x0814 [ E6D88F1F6745BF00B57E7855A2AB696C, 12A5EDD853600FF5EBF91E127077745AE1E61E66DBC1D4D4306570F171AF4A39 ] Netman C:\WINDOWS\System32\netman.dll
17:57:10.0093 0x0814 Netman - ok
17:57:10.0140 0x0814 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:57:10.0140 0x0814 NetTcpPortSharing - ok
17:57:10.0171 0x0814 [ F1B67B6B0751AE0E6E964B02821206A3, 3D5A7593ABDEE2047C5738671C85DC8B95A4ECF58D5D7B04EEE13A689839A540 ] Nla C:\WINDOWS\System32\mswsock.dll
17:57:10.0171 0x0814 Nla - ok
17:57:10.0250 0x0814 [ 7AEA4DF1CA68FD45DD4BBE1F0243CE7F, 4CCE820F455512C41E4F98109FA6F048907DD3452D5A00D5F885C77F93C9C105 ] NMSAccess C:\Programme\CDBurnerXP\NMSAccessU.exe
17:57:10.0250 0x0814 NMSAccess - ok
17:57:10.0296 0x0814 [ B48DC6ABCD3AEFF8618350CCBDC6B09A, 824D8B03E061DDD0D33EF9F03C669B13E7B6E339684009BD44D69178C45E2DE1 ] npf C:\WINDOWS\system32\drivers\npf.sys
17:57:10.0312 0x0814 npf - ok
17:57:10.0343 0x0814 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
17:57:10.0343 0x0814 Npfs - ok
17:57:10.0390 0x0814 [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
17:57:10.0421 0x0814 Ntfs - ok
17:57:10.0437 0x0814 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
17:57:10.0437 0x0814 NtLmSsp - ok
17:57:10.0500 0x0814 [ 56AF4064996FA5BAC9C449B1514B4770, 154602EFEC22728503D4ABA025DF711B0F2CFC983F5E3BF25F2A4BCD1AE250EC ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
17:57:10.0531 0x0814 NtmsSvc - ok
17:57:10.0546 0x0814 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
17:57:10.0546 0x0814 Null - ok
17:57:11.0171 0x0814 [ 5AFC57ED9FE985DE99FC8A37884DAE10, B541C359108CC9D8864FE06AF0D4A77C7052C278AD4225A96180F5F96AD21381 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
17:57:11.0718 0x0814 nv - ok
17:57:11.0796 0x0814 [ EFC9A7307691E3C3DB8D2AA81A778356, EC9A04DC1828C3B4478A78F6DD8F702547902B8A12FF50E517D6A16751F6C910 ] NVHDA C:\WINDOWS\system32\drivers\nvhda32.sys
17:57:11.0796 0x0814 NVHDA - ok
17:57:11.0843 0x0814 [ F0FA6A2FE9DD2D164208384764110A36, 91F4A4CE9E3E9A5F014BCAD461958C773BC599510A7B7652EA4E2582A3FF52E6 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
17:57:11.0859 0x0814 NVSvc - ok
17:57:12.0031 0x0814 [ 005E474630A7AA05A617C574B702FEED, E7B8181232DAA787EE8B98DDB5775E4B33C82B4D2E4A27D3DCD9FBAA6663BD97 ] nvUpdatusService C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
17:57:12.0140 0x0814 nvUpdatusService - ok
17:57:12.0171 0x0814 [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:57:12.0187 0x0814 NwlnkFlt - ok
17:57:12.0203 0x0814 [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:57:12.0203 0x0814 NwlnkFwd - ok
17:57:12.0250 0x0814 [ F84785660305B9B903FB3BCA8BA29837, BDBDE61076800415D98759077E9E039C80B55DBE68E31F8BF44A909C6C3D3276 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
17:57:12.0250 0x0814 Parport - ok
17:57:12.0265 0x0814 [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
17:57:12.0265 0x0814 PartMgr - ok
17:57:12.0296 0x0814 [ C2BF987829099A3EAA2CA6A0A90ECB4F, 1DF21EA8E43875CFEECD869407429F82FB449707CFB845718499468E699BAAAA ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
17:57:12.0296 0x0814 ParVdm - ok
17:57:12.0312 0x0814 [ 387E8DEDC343AA2D1EFBC30580273ACD, 5F3E642BDB759777E570ED5B22AC7E93CDCD362708F281657AD7BAB44EDEC802 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
17:57:12.0312 0x0814 PCI - ok
17:57:12.0328 0x0814 PCIDump - ok
17:57:12.0359 0x0814 [ 59BA86D9A61CBCF4DF8E598C331F5B82, 822D11C5CE77BFD7B2F25350CCBF92B0B9388EEA6D86ED220B768C720976D839 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
17:57:12.0359 0x0814 PCIIde - ok
17:57:12.0375 0x0814 [ A2A966B77D61847D61A3051DF87C8C97, 6CED7CA26DC62B0AAFC83A2E07336DAD25954491201BB8E06103971F3F0B8B51 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
17:57:12.0375 0x0814 Pcmcia - ok
17:57:12.0390 0x0814 PDCOMP - ok
17:57:12.0390 0x0814 PDFRAME - ok
17:57:12.0390 0x0814 PDRELI - ok
17:57:12.0406 0x0814 PDRFRAME - ok
17:57:12.0406 0x0814 perc2 - ok
17:57:12.0421 0x0814 perc2hib - ok
17:57:12.0453 0x0814 [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] PlugPlay C:\WINDOWS\system32\services.exe
17:57:12.0453 0x0814 PlugPlay - ok
17:57:12.0468 0x0814 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
17:57:12.0468 0x0814 PolicyAgent - ok
17:57:12.0484 0x0814 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:57:12.0484 0x0814 PptpMiniport - ok
17:57:12.0500 0x0814 [ 2CB55427C58679F49AD600FCCBA76360, 2B5242E9637FCB6A7C16F720C9D8D440AA88B61FB5F108B295A208886C01C4D1 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
17:57:12.0500 0x0814 Processor - ok
17:57:12.0515 0x0814 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
17:57:12.0515 0x0814 ProtectedStorage - ok
17:57:12.0531 0x0814 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
17:57:12.0531 0x0814 PSched - ok
17:57:12.0562 0x0814 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:57:12.0562 0x0814 Ptilink - ok
17:57:12.0578 0x0814 ql1080 - ok
17:57:12.0578 0x0814 Ql10wnt - ok
17:57:12.0593 0x0814 ql12160 - ok
17:57:12.0593 0x0814 ql1240 - ok
17:57:12.0593 0x0814 ql1280 - ok
17:57:12.0609 0x0814 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:57:12.0625 0x0814 RasAcd - ok
17:57:12.0656 0x0814 [ F5BA6CACCDB66C8F048E867563203246, AFEAD8FC02313F7EBC8F9F39E7ED2868852B480BE3902FA7BD0AFD81492AB243 ] RasAuto C:\WINDOWS\System32\rasauto.dll
17:57:12.0656 0x0814 RasAuto - ok
17:57:12.0671 0x0814 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:57:12.0687 0x0814 Rasl2tp - ok
17:57:12.0734 0x0814 [ F9A7B66EA345726EDB5862A46B1ECCD5, 5D35429D394D36A1692A7E219BA1A85CD8096FEAE0F90BFE036A63118FEDBF57 ] RasMan C:\WINDOWS\System32\rasmans.dll
17:57:12.0734 0x0814 RasMan - ok
17:57:12.0796 0x0814 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:57:12.0796 0x0814 RasPppoe - ok
17:57:12.0828 0x0814 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
17:57:12.0828 0x0814 Raspti - ok
17:57:12.0875 0x0814 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:57:12.0875 0x0814 Rdbss - ok
17:57:12.0890 0x0814 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:57:12.0890 0x0814 RDPCDD - ok
17:57:12.0937 0x0814 [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
17:57:12.0953 0x0814 rdpdr - ok
17:57:12.0968 0x0814 [ FC105DD312ED64EB66BFF111E8EC6EAC, 1B29D928DDD43A1929D5A788648536603EA60AF6D4EC9BF0B20AD7F71BD88ACB ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
17:57:12.0984 0x0814 RDPWD - ok
17:57:13.0015 0x0814 [ 263AF18AF0F3DB99F574C95F284CCEC9, 2BFA9952E97EFEB386FC56EC2C125080CD12DAC078DBE43C395CB4D9F22165D3 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
17:57:13.0015 0x0814 RDSessMgr - ok
17:57:13.0093 0x0814 [ 96EFEC24346A8EB1157E80523079ADDC, 7F8FC284029856C754E400B6C954369FFE27763C81D8F4AF4E58BFDD44CBC24A ] RealNetworks Downloader Resolver Service C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe
17:57:13.0093 0x0814 RealNetworks Downloader Resolver Service - ok
17:57:13.0140 0x0814 [ ED761D453856F795A7FE056E42C36365, EF026585B33415D8FCE94A9F27D7A4396C7C35C88E06A4CF0FEA702401E8597A ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
17:57:13.0140 0x0814 redbook - ok
17:57:13.0187 0x0814 [ 0E97EC96D6942CEEC2D188CC2EB69A01, D4253B4420BEF19451A55AB91E4834482181A31A31134F6E2AFE05C8E20C81A5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
17:57:13.0187 0x0814 RemoteAccess - ok
17:57:13.0234 0x0814 [ E4CD1F3D84E1C2CA0B8CF7501E201593, 649CC0B04F94D407EB6B4C7FDE2C6E4D2B1531307BC67C5775E44D66EF2E4F8A ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
17:57:13.0234 0x0814 RemoteRegistry - ok
17:57:13.0250 0x0814 [ 2A02E21867497DF20B8FC95631395169, D89E2D17ED4E1C727847C0E92D2DF68AEB70BF0B956BD2FE024ED70A961759D2 ] RpcLocator C:\WINDOWS\system32\locator.exe
17:57:13.0265 0x0814 RpcLocator - ok
17:57:13.0296 0x0814 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] RpcSs C:\WINDOWS\System32\rpcss.dll
17:57:13.0312 0x0814 RpcSs - ok
17:57:13.0343 0x0814 [ 4BDD71B4B521521499DFD14735C4F398, 7B1498D3C67E56D05B58B7DA319ECB0117C37963AABB0E59B42831C087469DA1 ] RSVP C:\WINDOWS\system32\rsvp.exe
17:57:13.0359 0x0814 RSVP - ok
17:57:13.0375 0x0814 [ 00FD6811350E175585ABCF7D4A61DD90, 00B54CB6547E47E6A2B8AE4BB220E68BBFECF2188CB7DFE651B50F7FE6AC7E9D ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
17:57:13.0390 0x0814 RTLE8023xp - ok
17:57:13.0406 0x0814 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] SamSs C:\WINDOWS\system32\lsass.exe
17:57:13.0406 0x0814 SamSs - ok
17:57:13.0453 0x0814 [ DCEC079FAD95D36C8DD5CB6D779DFE32, F8546552D939A225853A0CE4913701A93738DF02C999D16E141E9A828814BBC6 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
17:57:13.0453 0x0814 SCardSvr - ok
17:57:13.0500 0x0814 [ A050194A44D7FA8D7186ED2F4E8367AE, BCDF56D5A2F9E202DC67E7FE4BCC617BCC0BDFF2D221A621020068B17B2855BB ] Schedule C:\WINDOWS\system32\schedsvc.dll
17:57:13.0500 0x0814 Schedule - ok
17:57:13.0531 0x0814 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:57:13.0531 0x0814 Secdrv - ok
17:57:13.0562 0x0814 [ BEE4CFD1D48C23B44CF4B974B0B79B2B, DF3B02D713F8A4602BE75F004074D5DF79AFF2D58FF37110B2A6AC29F680758B ] seclogon C:\WINDOWS\System32\seclogon.dll
17:57:13.0578 0x0814 seclogon - ok
17:57:13.0625 0x0814 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3, 95D83F054A6610328D56E56CD948A6618C590231853E56FC20E7557DB61384A4 ] SENS C:\WINDOWS\system32\sens.dll
17:57:13.0625 0x0814 SENS - ok
17:57:13.0640 0x0814 [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
17:57:13.0640 0x0814 serenum - ok
17:57:13.0671 0x0814 [ CF24EB4F0412C82BCD1F4F35A025E31D, B74CB094126F5C23F601C34D53B2DF5BE3E5918230AC9DCFCFFA8E66B3A0FA25 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
17:57:13.0671 0x0814 Serial - ok
17:57:13.0718 0x0814 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
17:57:13.0718 0x0814 Sfloppy - ok
17:57:13.0781 0x0814 [ CAD058D5F8B889A87CA3EB3CF624DCEF, A7CDCF44261D1F4D820927253EA8EBB63714B7BAFF8B08DE073507D9A7EEA5BB ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
17:57:13.0812 0x0814 SharedAccess - ok
17:57:13.0843 0x0814 [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
17:57:13.0843 0x0814 ShellHWDetection - ok
17:57:13.0859 0x0814 Simbad - ok
17:57:13.0859 0x0814 Sparrow - ok
17:57:13.0890 0x0814 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
17:57:13.0890 0x0814 splitter - ok
17:57:13.0937 0x0814 [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe
17:57:13.0937 0x0814 Spooler - ok
17:57:13.0953 0x0814 [ 50FA898F8C032796D3B1B9951BB5A90F, 1C86273EC19EB96D6DB9CE6670C00683B77C99C42CC2F7E75BC50872B93446B1 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
17:57:13.0953 0x0814 sr - ok
17:57:14.0015 0x0814 [ FE77A85495065F3AD59C5C65B6C54182, EB4BAF992F961B2FD5D24BFCB6BCB2142BC32933139A818835FEAB190E4283BB ] srservice C:\WINDOWS\system32\srsvc.dll
17:57:14.0015 0x0814 srservice - ok
17:57:14.0093 0x0814 [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
17:57:14.0109 0x0814 Srv - ok
17:57:14.0156 0x0814 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500, 2971D7D45D6942D310D47DBD19B9680D2D29527E79B86133C72217FD29259465 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
17:57:14.0156 0x0814 SSDPSRV - ok
17:57:14.0187 0x0814 [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
17:57:14.0187 0x0814 ssmdrv - ok
17:57:14.0234 0x0814 [ 3F0164FBC0BD1ADBD02DF9759181451A, 8BDAA0373BD16B38407F93FE5C697481D4D88C72B1931D6A7B9F80C0276242B9 ] ss_bbus C:\WINDOWS\system32\DRIVERS\ss_bbus.sys
17:57:14.0234 0x0814 ss_bbus - ok
17:57:14.0281 0x0814 [ B89D62206034E5FE573C80A24DD55675, 26D12E2A7CB538DDEEA7B764242E9EAE25E0A46293AE3608E6B7DD71AECBA901 ] ss_bmdfl C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys
17:57:14.0281 0x0814 ss_bmdfl - ok
17:57:14.0328 0x0814 [ 1ED0FCEA586FE2A416EE15196E5631DD, AF1EBAD7D580BF85ACD6C6287892DE4E7A679852887B9E866A032B1DDCF26183 ] ss_bmdm C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys
17:57:14.0328 0x0814 ss_bmdm - ok
17:57:14.0375 0x0814 [ 994D2E5378CC337EC7DD73C1E04FCAA4, 4320B6EFF5CFA40DCD7EF1ED1BB79AC29D5FC34FCFA97BA97333CB5ABD741E05 ] ss_bserd C:\WINDOWS\system32\DRIVERS\ss_bserd.sys
17:57:14.0375 0x0814 ss_bserd - ok
17:57:14.0421 0x0814 [ F92254B0BCFCD10CAAC7BCCC7CB7F467, A44B569F658BED53502C9155947759EE67FABEE306DA2A9ABE87141F99B251A3 ] StarOpen C:\WINDOWS\system32\drivers\StarOpen.sys
17:57:14.0421 0x0814 StarOpen - ok
17:57:14.0468 0x0814 [ BC2C5985611C5356B24AEB370953DED9, 15CBAB8166827DC098E2B16AB6F49A1441A4CB52AF3588F0AD964CAB596DFE10 ] stisvc C:\WINDOWS\system32\wiaservc.dll
17:57:14.0500 0x0814 stisvc - ok
17:57:14.0531 0x0814 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
17:57:14.0531 0x0814 swenum - ok
17:57:14.0562 0x0814 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
17:57:14.0562 0x0814 swmidi - ok
17:57:14.0562 0x0814 SwPrv - ok
17:57:14.0578 0x0814 symc810 - ok
17:57:14.0578 0x0814 symc8xx - ok
17:57:14.0593 0x0814 sym_hi - ok
17:57:14.0593 0x0814 sym_u3 - ok
17:57:14.0609 0x0814 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
17:57:14.0609 0x0814 sysaudio - ok
17:57:14.0656 0x0814 [ 2903FFFA2523926D6219428040DCE6B9, 4F13181931B0499F6C3F08138054DBCD1F84CB9806999A9172B80DE79D446F62 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
17:57:14.0656 0x0814 SysmonLog - ok
17:57:14.0703 0x0814 [ 05903CAC4B98908D55EA5774775B382E, AC3666CBD894D737874A5998DC7F46A0A51A7B23B1835FC735B9AD503A2191CC ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
17:57:14.0718 0x0814 TapiSrv - ok
17:57:14.0781 0x0814 [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:57:14.0828 0x0814 Tcpip - ok
17:57:14.0859 0x0814 [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
17:57:14.0859 0x0814 TDPIPE - ok
17:57:14.0890 0x0814 [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
17:57:14.0890 0x0814 TDTCP - ok
17:57:14.0921 0x0814 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
17:57:14.0921 0x0814 TermDD - ok
17:57:14.0968 0x0814 [ B7DE02C863D8F5A005A7BF375375A6A4, 6DE05A7B28CA5A78D58536347FC47F15883EEDBEF487CEA0117CC280FC582DCC ] TermService C:\WINDOWS\System32\termsrv.dll
17:57:14.0984 0x0814 TermService - ok
17:57:15.0031 0x0814 [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] Themes C:\WINDOWS\System32\shsvcs.dll
17:57:15.0031 0x0814 Themes - ok
17:57:15.0062 0x0814 [ 03681A1CE77F51586903869A5AB1DEAB, E2EC0A481412166B654682C2F3D953E96E757466135CBD2D813B967EDB13C721 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
17:57:15.0062 0x0814 TlntSvr - ok
17:57:15.0078 0x0814 TosIde - ok
17:57:15.0093 0x0814 [ 626504572B175867F30F3215C04B3E2F, 47E87CE9BC666D5CB5953C5D497DC00A7CC28F8EC0A064B3E47700279C5C4B91 ] TrkWks C:\WINDOWS\system32\trkwks.dll
17:57:15.0109 0x0814 TrkWks - ok
17:57:15.0125 0x0814 [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
17:57:15.0125 0x0814 Udfs - ok
17:57:15.0203 0x0814 [ 4BD2C322118A2470B450492A0C3302F9, 31DD44C09F0165147B6E68F3865AF4EC3CF36C3D637501025076F748475DD38F ] UleadBurningHelper C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe
17:57:15.0203 0x0814 UleadBurningHelper - ok
17:57:15.0218 0x0814 ultra - ok
17:57:15.0250 0x0814 [ AB0A7CA90D9E3D6A193905DC1715DED0, CA764A2B92E727E3398134CD50D5622B4EC387436A3644063DA1D114CE63BD64 ] UMWdf C:\WINDOWS\system32\wdfmgr.exe
17:57:15.0250 0x0814 UMWdf - ok
17:57:15.0312 0x0814 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
17:57:15.0343 0x0814 Update - ok
17:57:15.0390 0x0814 [ 1DFD8975D8C89214B98D9387C1125B49, 0B6B268487C8E45E9B86BF4A0A9DB669E0E45D600DE3C82B63F9986CA9E01082 ] upnphost C:\WINDOWS\System32\upnphost.dll
17:57:15.0390 0x0814 upnphost - ok
17:57:15.0406 0x0814 [ 9B11E6118958E63E1FEF129466E2BDA7, 97168BCE3F4A9BB9E6500F05E34851FB957B219C598944FADC28AC0011C0503B ] UPS C:\WINDOWS\System32\ups.exe
17:57:15.0421 0x0814 UPS - ok
17:57:15.0437 0x0814 [ E919708DB44ED8543A7C017953148330, 226D032912D396117213FC29CD0BB5A8B2F872DD91D92F254F2F1FE392481B61 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
17:57:15.0453 0x0814 usbaudio - ok
17:57:15.0484 0x0814 [ 173F317CE0DB8E21322E71B7E60A27E8, 7042441BA63AE38AE9D7BE0BC5CA7404FC9EE5BB3F084604A68F01E82769652A ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
17:57:15.0484 0x0814 usbccgp - ok
17:57:15.0500 0x0814 [ 65DCF09D0E37D4C6B11B5B0B76D470A7, 90EBA8BAF45932B453D905EDF2BDDDF3A432BFD50B9F7DF58CDEAE98D11C2E2F ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:57:15.0500 0x0814 usbehci - ok
17:57:15.0546 0x0814 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:57:15.0546 0x0814 usbhub - ok
17:57:15.0562 0x0814 [ 0DAECCE65366EA32B162F85F07C6753B, 3C33AC2FC95E876933F2016CF0CDA2745491679728684DA8DF95A515CE4804BD ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
17:57:15.0562 0x0814 usbohci - ok
17:57:15.0578 0x0814 [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
17:57:15.0578 0x0814 usbprint - ok
17:57:15.0609 0x0814 [ A0B8CF9DEB1184FBDD20784A58FA75D4, D8AFD45BD9CF7B02F2554AA6085194DE82893AF794EDF479BC9B9E9C1758DC75 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
17:57:15.0625 0x0814 usbscan - ok
17:57:15.0656 0x0814 [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:57:15.0656 0x0814 USBSTOR - ok
17:57:15.0703 0x0814 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
17:57:15.0703 0x0814 VgaSave - ok
17:57:15.0718 0x0814 ViaIde - ok
17:57:15.0734 0x0814 [ A5A712F4E880874A477AF790B5186E1D, FE885ED04C3EAFC379787F836738A2769E43D07CF52DD917D90C38E001957A5E ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
17:57:15.0734 0x0814 VolSnap - ok
17:57:15.0781 0x0814 [ 68F106273BE29E7B7EF8266977268E78, 1488AB7A654EBC94C73E1D494067189ACB95BC233980110CAC4C0297CDC4115A ] VSS C:\WINDOWS\System32\vssvc.exe
17:57:15.0812 0x0814 VSS - ok
17:57:15.0859 0x0814 [ 7B353059E665F8B7AD2BBEAEF597CF45, 84A4311F18A4B8DCB364741DEA7D18E2363F19564B2EF25214965DC729527068 ] W32Time C:\WINDOWS\system32\w32time.dll
17:57:15.0859 0x0814 W32Time - ok
17:57:15.0906 0x0814 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:57:15.0906 0x0814 Wanarp - ok
17:57:15.0921 0x0814 WDICA - ok
17:57:15.0953 0x0814 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
17:57:15.0953 0x0814 wdmaud - ok
17:57:16.0000 0x0814 [ 81727C9873E3905A2FFC1EBD07265002, 6AC2383A1DCBB7FA3DB90FBB874C8E1819F5B7492717FF41E303EFC7BF72F93E ] WebClient C:\WINDOWS\System32\webclnt.dll
17:57:16.0000 0x0814 WebClient - ok
17:57:16.0093 0x0814 [ 6F3F3973D97714CC5F906A19FE883729, 7817118BE94D0F6FAE0F9CE48AD70FFE0AEF886CCE09C666768FAB61047F992F ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
17:57:16.0093 0x0814 winmgmt - ok
17:57:16.0140 0x0814 [ 140EF97B64F560FD78643CAE2CDAD838, 1DEA8005220A3EFEC6E32A7DE4386026CCC1E5328E2FDCB82B1FB335905D1962 ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
17:57:16.0140 0x0814 WmdmPmSN - ok
17:57:16.0203 0x0814 [ FFA4D901D46D07A5BAB2D8307FBB51A6, 53C6D04D111EDF774C7F7EEB8D032B372E6244774D56B1B34CF1236027EC9450 ] Wmi C:\WINDOWS\System32\advapi32.dll
17:57:16.0234 0x0814 Wmi - ok
17:57:16.0281 0x0814 [ 93908111BA57A6E60EC2FA2DE202105C, F395F25F18D15C6B9FEDB45FD31E10295FFE5517E2BC86ACAC11904EA0664BE2 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
17:57:16.0281 0x0814 WmiApSrv - ok
17:57:16.0312 0x0814 [ 1385E5AA9C9821790D33A9563B8D2DD0, 35248DA1BBB6E88D6C7706B81A48F7EA4E4F2673228D69E622525D478B8E7220 ] WpdUsb C:\WINDOWS\system32\Drivers\wpdusb.sys
17:57:16.0328 0x0814 WpdUsb - ok
17:57:16.0453 0x0814 [ DCF3E3EDF5109EE8BC02FE6E1F045795, 4B8E14B1CFB095982D34DAEC336114F5039D7793080FB787DC95A63B6B945DD0 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
17:57:16.0484 0x0814 WPFFontCache_v0400 - ok
17:57:16.0531 0x0814 [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
17:57:16.0531 0x0814 WS2IFSL - ok
17:57:16.0578 0x0814 [ 300B3E84FAF1A5C1F791C159BA28035D, 0194856BDF94C1F274AF70AD558290ACDACDDEA331BD66FEB8E167ABD1E36786 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
17:57:16.0578 0x0814 wscsvc - ok
17:57:16.0593 0x0814 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085, A1DB8909FA73337DB613D01824945485186654364A4DF129B8CB913CF87D1D2E ] wuauserv C:\WINDOWS\system32\wuauserv.dll
17:57:16.0593 0x0814 wuauserv - ok
17:57:16.0671 0x0814 [ C4F109C005F6725162D2D12CA751E4A7, AC996B44338328BDD4442FE48406F286A64526F0EC77BE00A19FA7FDB0407CFE ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
17:57:16.0718 0x0814 WZCSVC - ok
17:57:16.0765 0x0814 [ 0ADA34871A2E1CD2CAAFED1237A47750, 45BEF8649078BD74C1A347B5F2D3A1958E5A7DCD6C6BA8A2E0CAD277A929C64E ] xmlprov C:\WINDOWS\System32\xmlprov.dll
17:57:16.0765 0x0814 xmlprov - ok
17:57:16.0765 0x0814 ================ Scan global ===============================
17:57:16.0796 0x0814 [ 2C60091CA5F67C3032EAB3B30390C27F, 9E205C8E67F4B61FCFA2A82AA1968D522C3B6410D7075BE813F7F1564D61632E ] C:\WINDOWS\system32\basesrv.dll
17:57:16.0859 0x0814 [ 77A50BBD2A1CD6D54A876BB63570E2A8, 80DBEE5B754952411470B9B8A813C989F7074EF6CC07A081A179E523C10C465E ] C:\WINDOWS\system32\winsrv.dll
17:57:16.0921 0x0814 [ 77A50BBD2A1CD6D54A876BB63570E2A8, 80DBEE5B754952411470B9B8A813C989F7074EF6CC07A081A179E523C10C465E ] C:\WINDOWS\system32\winsrv.dll
17:57:16.0953 0x0814 [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] C:\WINDOWS\system32\services.exe
17:57:16.0953 0x0814 [ Global ] - ok
17:57:16.0953 0x0814 ================ Scan MBR ==================================
17:57:16.0984 0x0814 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
17:57:17.0140 0x0814 \Device\Harddisk0\DR0 - ok
17:57:17.0140 0x0814 ================ Scan VBR ==================================
17:57:17.0156 0x0814 [ A7D120127FFBA7CD40328F0D53B5F71F ] \Device\Harddisk0\DR0\Partition1
17:57:17.0156 0x0814 \Device\Harddisk0\DR0\Partition1 - ok
17:57:17.0156 0x0814 [ 3B57FFE28F9E55442818CF2382708E72 ] \Device\Harddisk0\DR0\Partition2
17:57:17.0156 0x0814 \Device\Harddisk0\DR0\Partition2 - ok
17:57:17.0156 0x0814 ================ Scan generic autorun ======================
17:57:17.0250 0x0814 [ A00F240E6B250E91536CE18BFE0A350C, 338DD25039D4BA97DF669493F6ED59D8E3448BE1F9E954E98B46B188B6359D45 ] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
17:57:17.0250 0x0814 StartCCC - ok
17:57:18.0203 0x0814 [ D37F604F98E1FC2D7AEC8EF3515409D7, 570629023EBBF0D5070A84B33DAC32BAC11CE27E64F5A47B95B5C300AA5C1E15 ] C:\WINDOWS\RTHDCPL.EXE
17:57:19.0109 0x0814 RTHDCPL - ok
17:57:19.0234 0x0814 [ 37BF603C3685289CA684C4D3400A9DE7, 242379ED5F485E47897B15A1DC200B44B673147A636ADF640A32C72AEF8ABE40 ] C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe
17:57:19.0234 0x0814 Adobe Reader Speed Launcher - ok
17:57:19.0359 0x0814 [ 48BE298F7FD1BEF4D8FBACB04D8D95C4, D375B3F6E850E4B0EC81BAA0E554C356BE2248AA77C6C56F5267CA05460FE4EB ] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe
17:57:19.0406 0x0814 Adobe ARM - ok
17:57:19.0484 0x0814 [ 2CEC0358AEAF3D34E7FAEE85ED55E9EB, F682779B67B3BC958DEB0853E49F15EA2342E2CD299E2DFE4874E48559EBB683 ] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
17:57:19.0500 0x0814 HPDJ Taskbar Utility - ok
17:57:19.0593 0x0814 [ 2103DE800D67BFDD2EC58AE0F242A359, 8CA6797C6EAE8219FD04DF9F761853A0617AB54E6229F44DD1F186E8A9C360FE ] C:\Programme\Ulead Systems\Ulead VideoStudio 11\uvPL.exe
17:57:19.0625 0x0814 UVS11 Preload - ok
17:57:19.0718 0x0814 [ CAF03357DE72F8F19FA099581A685C1A, FD7647ECEB96CDAAC516FD40407C2E191703276DC2967475ED1AAD43544DD2C4 ] C:\Programme\QuickTime\qttask.exe
17:57:19.0734 0x0814 QuickTime Task - ok
17:57:19.0796 0x0814 [ CD63BDE3117B69C8B21C21DC348858FD, D061C54F037A3CAA0D954297A82C7CF8C40DD3F5188EE325B1780A75FC519566 ] C:\PROGRA~1\OfficeKB\OfficeKB.EXE
17:57:19.0812 0x0814 OfficeKB - ok
17:57:19.0812 0x0814 [ E1F68E30FFE27E375A331E0C09CC1C43, 55EBC223C7177CE707B9672316E8EC28733AF943C50C6481717DA437147611EF ] C:\PROGRA~1\OfficeKB\KPDrv4XP.exe
17:57:19.0828 0x0814 KPDrv4XP - ok
17:57:19.0828 0x0814 NvCplDaemon - ok
17:57:19.0828 0x0814 NvMediaCenter - ok
17:57:20.0015 0x0814 [ A23319A38290D9F495A076254D995499, B78D16FAC286ABBB36F1E7D8732886A793B82346B7BD85A575B70B673059120C ] C:\Programme\NVIDIA Corporation\nview\nwiz.exe
17:57:20.0140 0x0814 nwiz - ok
17:57:20.0250 0x0814 [ 1775BDBEF28FD1B0F0AC43F10F483E08, F7E6C3177CFFABF605CC86F585CBF1DE541732DD92F92D1AB97B9BFFB3F2C5A6 ] C:\Programme\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
17:57:20.0312 0x0814 Nvtmru - ok
17:57:20.0406 0x0814 [ 69B388D8F3085411D00F875FF5CBCAF6, 22F6DCF1E6D1DD28793CCDFE9FC33E737180BB3C5C65BE3BFA9C2522B6B6F66B ] C:\Programme\Avira\AntiVir Desktop\avgnt.exe
17:57:20.0453 0x0814 avgnt - ok
17:57:20.0578 0x0814 [ F6158734F1E24C6C510155CF0D363911, 320900BA90AF14E254CFAFA70FB15A0E77506217E47A406FA1ED821D0206FE29 ] C:\Programme\Real\RealPlayer\update\realsched.exe
17:57:20.0640 0x0814 TkBellExe - ok
17:57:20.0671 0x0814 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE
17:57:20.0671 0x0814 CTFMON.EXE - ok
17:57:20.0843 0x0814 [ E8405C87CD06FF5D69BC6F3B24D766D0, C82171BEDBFE593A04D09C2E20B0528AA3CEC722D6919F8A5C70C6EFFB9EFEAE ] C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
17:57:20.0875 0x0814 AmazonMP3DownloaderHelper - ok
17:57:20.0906 0x0814 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\ctfmon.exe
17:57:20.0906 0x0814 ctfmon.exe - ok
17:57:20.0921 0x0814 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE
17:57:20.0921 0x0814 CTFMON.EXE - ok
17:57:20.0921 0x0814 Waiting for KSN requests completion. In queue: 203
17:57:21.0921 0x0814 Waiting for KSN requests completion. In queue: 203
17:57:22.0921 0x0814 Waiting for KSN requests completion. In queue: 203
17:57:23.0921 0x0814 Waiting for KSN requests completion. In queue: 203
17:57:24.0968 0x0814 AV detected via SS1: Avira Desktop, 15.0.8.652, enabled, updated
17:57:24.0984 0x0814 Win FW state via NFM: enabled
17:57:27.0375 0x0814 ============================================================
17:57:27.0375 0x0814 Scan finished
17:57:27.0375 0x0814 ============================================================
17:57:27.0375 0x044c Detected object count: 0
17:57:27.0375 0x044c Actual detected object count: 0
17:58:21.0140 0x08c8 ============================================================
17:58:21.0140 0x08c8 Scan started
17:58:21.0140 0x08c8 Mode: Manual;
17:58:21.0140 0x08c8 ============================================================
17:58:21.0140 0x08c8 KSN ping started
17:58:34.0484 0x08c8 KSN ping finished: true
17:58:35.0453 0x08c8 ================ Scan system memory ========================
17:58:35.0453 0x08c8 System memory - ok
17:58:35.0453 0x08c8 ================ Scan services =============================
17:58:35.0531 0x08c8 Abiosdsk - ok
17:58:35.0546 0x08c8 abp480n5 - ok
17:58:35.0593 0x08c8 [ AC407F1A62C3A300B4F2B5A9F1D55B2C, 31F5FC61B37E22100B3A52A590295A7E827FFC581FA9960C64B9032452AAECED ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:58:35.0593 0x08c8 ACPI - ok
17:58:35.0640 0x08c8 [ 9E1CA3160DAFB159CA14F83B1E317F75, 13B3E897B0E819BF734449416D9EC6EBCAC89538EC69BF48C068593B82D57004 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
17:58:35.0640 0x08c8 ACPIEC - ok
17:58:35.0718 0x08c8 [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:58:35.0718 0x08c8 AdobeFlashPlayerUpdateSvc - ok
17:58:35.0734 0x08c8 adpu160m - ok
17:58:35.0750 0x08c8 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
17:58:35.0765 0x08c8 aec - ok
17:58:35.0796 0x08c8 [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys
17:58:35.0812 0x08c8 AFD - ok
17:58:35.0812 0x08c8 Aha154x - ok
17:58:35.0812 0x08c8 aic78u2 - ok
17:58:35.0828 0x08c8 aic78xx - ok
17:58:35.0859 0x08c8 [ 738D80CC01D7BC7584BE917B7F544394, DCC17AAEF5CDDF52FAAC3CC6904EF421CD595F66318A2370BEE261D5C3A8E340 ] Alerter C:\WINDOWS\system32\alrsvc.dll
17:58:35.0859 0x08c8 Alerter - ok
17:58:35.0890 0x08c8 [ 190CD73D4984F94D823F9444980513E5, 93A32C2495CCA094F768BA707C74DA5C00B8A88A9236DD1A297439A7C2E6C6FA ] ALG C:\WINDOWS\System32\alg.exe
17:58:35.0890 0x08c8 ALG - ok
17:58:35.0890 0x08c8 AliIde - ok
17:58:36.0031 0x08c8 [ F6AF59D6EEE5E1C304F7F73706AD11D8, F5D39EF40CDB5102A84C8594CFC54DDBD5060E193E6D07421A9003D2ABC63E30 ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys
17:58:36.0078 0x08c8 Ambfilt - ok
17:58:36.0078 0x08c8 amsint - ok
17:58:36.0218 0x08c8 [ 624D29E2D70F83147A79043FD0024D1D, 8B9D4692529155893E3E73E2CF1B0A36354C7032C9524FDCBC5D57562F7F0342 ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe
17:58:36.0234 0x08c8 AntiVirSchedulerService - ok
17:58:36.0281 0x08c8 [ 624D29E2D70F83147A79043FD0024D1D, 8B9D4692529155893E3E73E2CF1B0A36354C7032C9524FDCBC5D57562F7F0342 ] AntiVirService C:\Programme\Avira\AntiVir Desktop\avguard.exe
17:58:36.0296 0x08c8 AntiVirService - ok
17:58:36.0343 0x08c8 [ D45960BE52C3C610D361977057F98C54, 9186589B502F46B47672CFB8EBD558D51B0F3CBFE4E0DDBA625A4265236518CE ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
17:58:36.0343 0x08c8 AppMgmt - ok
17:58:36.0359 0x08c8 asc - ok
17:58:36.0359 0x08c8 asc3350p - ok
17:58:36.0359 0x08c8 asc3550 - ok
17:58:36.0500 0x08c8 [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
17:58:36.0500 0x08c8 aspnet_state - ok
17:58:36.0531 0x08c8 [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:58:36.0531 0x08c8 AsyncMac - ok
17:58:36.0562 0x08c8 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
17:58:36.0562 0x08c8 atapi - ok
17:58:36.0578 0x08c8 Atdisk - ok
17:58:36.0656 0x08c8 [ 2A27A3A8634FB9E29F539D6D3ED3646A, 08C5E28BB1A3DC856C6B7956F6F47EE0AEFEB82E7E9474848DDFAFD8A627A281 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
17:58:36.0671 0x08c8 Ati HotKey Poller - ok
17:58:36.0718 0x08c8 [ 72810C6A63076A480ABCE0E0BA0BC981, 8551F6394A64C1270A573C75BC6EF326300FBC3F8E0BCD6F8BDA58874D65C036 ] ATI Smart C:\WINDOWS\system32\ati2sgag.exe
17:58:36.0734 0x08c8 ATI Smart - ok
17:58:36.0953 0x08c8 [ 8763EDE3E0CD40F5C3450571AC57F205, 8564071956609F679C511B87C0328578824A7C1ED08DE22CFC74DF589E6EEEF2 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
17:58:37.0046 0x08c8 ati2mtag - ok
17:58:37.0093 0x08c8 [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:58:37.0093 0x08c8 Atmarpc - ok
17:58:37.0125 0x08c8 [ 58ED0D5452DF7BE732193E7999C6B9A4, 254E2ECF592DDA2E3E6CA9F6F3E77926E2265586A7937BA95199ED47BCDE69A3 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
17:58:37.0125 0x08c8 AudioSrv - ok
17:58:37.0156 0x08c8 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
17:58:37.0156 0x08c8 audstub - ok
17:58:37.0203 0x08c8 [ AF5DA81B19AFA730F1E5246AD81D140A, 532951071F56896A3B5D47874C14D996C8620EA02F87D4BA21B083EC804FB166 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
17:58:37.0203 0x08c8 avgntflt - ok
17:58:37.0218 0x08c8 [ A5674637BCA212D9FE136ADFA04C9857, 95F3632EBB041C539816D285EBE1F379D46A4187379C69D4683D9F4DECBDB80C ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
17:58:37.0218 0x08c8 avipbb - ok
17:58:37.0234 0x08c8 [ D8C712305F73CD34D1B344810E522728, 49A474FF6CA44E8427D7A8290B47395125B0148AF384CF2B3B1FA495A4718CBA ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
17:58:37.0234 0x08c8 avkmgr - ok
17:58:37.0265 0x08c8 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
17:58:37.0265 0x08c8 Beep - ok
17:58:37.0328 0x08c8 [ D6F603772A789BB3228F310D650B8BD1, A539025C70FD998A9B8703DE05CAE5E99BC721D8852EA561EBC2DD20CB371D2E ] BITS C:\WINDOWS\system32\qmgr.dll
17:58:37.0343 0x08c8 BITS - ok
17:58:37.0375 0x08c8 [ B42057F06BBB98B31876C0B3F2B54E33, 779AF28378E8D37E784BEDBEE23DCFFC6C9C9068180F2A9058C91047E33ED078 ] Browser C:\WINDOWS\System32\browser.dll
17:58:37.0375 0x08c8 Browser - ok
17:58:37.0421 0x08c8 [ 1778EBA872274C1226D869CD9486847E, C76B8E07DD27E038B243A27C9FE6FB168731726638C83ADA29D18EE673D58835 ] Capture Device Service C:\Programme\Gemeinsame Dateien\InterVideo\DeviceService\DevSvc.exe
17:58:37.0437 0x08c8 Capture Device Service - ok
17:58:37.0562 0x08c8 catchme - ok
17:58:37.0609 0x08c8 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
17:58:37.0609 0x08c8 cbidf2k - ok
17:58:37.0625 0x08c8 cd20xrnt - ok
17:58:37.0640 0x08c8 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
17:58:37.0640 0x08c8 Cdaudio - ok
17:58:37.0687 0x08c8 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
17:58:37.0687 0x08c8 Cdfs - ok
17:58:37.0718 0x08c8 [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:58:37.0718 0x08c8 Cdrom - ok
17:58:37.0734 0x08c8 Changer - ok
17:58:37.0765 0x08c8 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E, ACB458E8A11AA2143734A5A0281973D95158E6402A6453F98F9832D1E19B01F9 ] CiSvc C:\WINDOWS\system32\cisvc.exe
17:58:37.0765 0x08c8 CiSvc - ok
17:58:37.0781 0x08c8 [ 778A30ED3C134EB7E406AFC407E9997D, 3E6AD115AB2596EB001BC21AEADDBC75F27C42DB90C986B7AD17743CE631234E ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
17:58:37.0781 0x08c8 ClipSrv - ok
17:58:37.0843 0x08c8 [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:58:37.0843 0x08c8 clr_optimization_v2.0.50727_32 - ok
17:58:37.0890 0x08c8 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:58:37.0890 0x08c8 clr_optimization_v4.0.30319_32 - ok
17:58:37.0906 0x08c8 CmdIde - ok
17:58:37.0906 0x08c8 COMSysApp - ok
17:58:37.0921 0x08c8 Cpqarray - ok
17:58:37.0968 0x08c8 [ 611F824E5C703A5A899F84C5F1699E4D, 9EFA5612FE58E9974E4CC13D39D91D7B5DEA3ED66BEFBED3AAE6D2800FD8162A ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
17:58:37.0968 0x08c8 CryptSvc - ok
17:58:37.0968 0x08c8 dac2w2k - ok
17:58:37.0968 0x08c8 dac960nt - ok
17:58:38.0046 0x08c8 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
17:58:38.0062 0x08c8 DcomLaunch - ok
17:58:38.0109 0x08c8 [ C29A1C9B75BA38FA37F8C44405DEC360, 7476D8BC4380CDE56764B2034AF3741DA4ED00F315E41C9A02B5EAD04374F241 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
17:58:38.0109 0x08c8 Dhcp - ok
17:58:38.0156 0x08c8 [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
17:58:38.0156 0x08c8 Disk - ok
17:58:38.0156 0x08c8 dmadmin - ok
17:58:38.0265 0x08c8 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA, 89B0AEE5BE01B9FE4FF2989FF16DB6121721ACDFCE6D9655C0ACD321D8C308BE ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
17:58:38.0281 0x08c8 dmboot - ok
17:58:38.0312 0x08c8 [ 53720AB12B48719D00E327DA470A619A, 800264866A6267C9000A85D00095D57908D059D737E5F28C9C4049B884C46228 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
17:58:38.0312 0x08c8 dmio - ok
17:58:38.0359 0x08c8 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
17:58:38.0359 0x08c8 dmload - ok
17:58:38.0390 0x08c8 [ 25C83FFBBA13B554EB6D59A9B2E2EE78, 9FBD655ED3E9163AE11EC207F283E387EFBA5A23108EC790BAE4846B35E66F16 ] dmserver C:\WINDOWS\System32\dmserver.dll
17:58:38.0390 0x08c8 dmserver - ok
17:58:38.0406 0x08c8 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
17:58:38.0406 0x08c8 DMusic - ok
17:58:38.0453 0x08c8 [ 407F3227AC618FD1CA54B335B083DE07, 96B8E734648FE9A4EBA59C096C8779BD1A11A93A6303AFD438A406C8122D36C6 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
17:58:38.0453 0x08c8 Dnscache - ok
17:58:38.0484 0x08c8 [ 676E36C4FF5BCEA1900F44182B9723E6, 740CF18BD40E00FEA26CF0E6340C5D18F7D0B4390055FAEEC258B3AA790C4AE9 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
17:58:38.0484 0x08c8 Dot3svc - ok
17:58:38.0500 0x08c8 dpti2o - ok
17:58:38.0531 0x08c8 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
17:58:38.0531 0x08c8 drmkaud - ok
17:58:38.0562 0x08c8 [ 4E4F2FDDAB0A0736D7671134DCCE91FB, 8E2C57D1A006856C47CBDD5765A9DD317DB205B26DA8BFC70555A506257A1CD9 ] EapHost C:\WINDOWS\System32\eapsvc.dll
17:58:38.0578 0x08c8 EapHost - ok
17:58:38.0593 0x08c8 [ 178CC9403816C082D22A1D47FA1F9C85, B9AD7199C00D477EBBC15F2DCF78A6BA60C2670DAD0EF0994CEBCCB19111F890 ] ElbyCDIO C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
17:58:38.0609 0x08c8 ElbyCDIO - ok
17:58:38.0640 0x08c8 [ 877C18558D70587AA7823A1A308AC96B, 6B336A62112988D855513F45153F73F8470C41A448E9B7438B4A8EC1813AABF1 ] ERSvc C:\WINDOWS\System32\ersvc.dll
17:58:38.0640 0x08c8 ERSvc - ok
17:58:38.0687 0x08c8 [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] Eventlog C:\WINDOWS\system32\services.exe
17:58:38.0687 0x08c8 Eventlog - ok
17:58:38.0734 0x08c8 [ AF4F6B5739D18CA7972AB53E091CBC74, A399E2CC026730D3A429727AAB48093B9F1E5DD8EB6336519C7F16182FDB3905 ] EventSystem C:\WINDOWS\system32\es.dll
17:58:38.0750 0x08c8 EventSystem - ok
17:58:38.0765 0x08c8 [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
17:58:38.0765 0x08c8 Fastfat - ok
17:58:38.0812 0x08c8 [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
17:58:38.0828 0x08c8 FastUserSwitchingCompatibility - ok
17:58:38.0859 0x08c8 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
17:58:38.0859 0x08c8 Fdc - ok
17:58:38.0875 0x08c8 [ B0678A548587C5F1967B0D70BACAD6C1, 7E49910212ED87313F926E4800EA8D34809C287A686CA69B82B79C1A6451F88C ] Fips C:\WINDOWS\system32\drivers\Fips.sys
17:58:38.0875 0x08c8 Fips - ok
17:58:38.0890 0x08c8 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
17:58:38.0890 0x08c8 Flpydisk - ok
17:58:38.0937 0x08c8 [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
17:58:38.0937 0x08c8 FltMgr - ok
17:58:39.0000 0x08c8 [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
17:58:39.0015 0x08c8 FontCache3.0.0.0 - ok
17:58:39.0125 0x08c8 [ 3C36885FAD477629BE44BDC2D98682D6, 2A7B79E5896CAC37DB2C77C081B77FBD85F73333F4B50FD408CD0A04A2228239 ] Freemake Improver C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
17:58:39.0125 0x08c8 Freemake Improver - ok
17:58:39.0187 0x08c8 [ 23BA2103F69C7E12138240C86030F954, 2BDA358530FC776B835B90AC551D3FEBD660A97620EA9724DD3A5741DD3AB66D ] FreemakeVideoCapture C:\Programme\Freemake\CaptureLib\CaptureLibService.exe
17:58:39.0187 0x08c8 FreemakeVideoCapture - ok
17:58:39.0203 0x08c8 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:58:39.0203 0x08c8 Fs_Rec - ok
17:58:39.0218 0x08c8 [ 8F1955CE42E1484714B542F341647778, 8EB3F99625F409D3032561E8AB44BEFBFBFBA4EC873C2151C92A5CAAF7F2AA55 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:58:39.0218 0x08c8 Ftdisk - ok
17:58:39.0281 0x08c8 [ 9599A713E1776B8F69300FC9008F33C1, 8C1836847319D492EA6DC5DE3D4C57DB580B903F8B2AEFCD13B5E6054CE6B722 ] getPlusHelper C:\Programme\NOS\bin\getPlus_Helper.dll
17:58:39.0281 0x08c8 getPlusHelper - ok
17:58:39.0312 0x08c8 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:58:39.0312 0x08c8 Gpc - ok
17:58:39.0390 0x08c8 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Programme\Google\Update\GoogleUpdate.exe
17:58:39.0390 0x08c8 gupdate - ok
17:58:39.0390 0x08c8 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe
17:58:39.0390 0x08c8 gupdatem - ok
17:58:39.0437 0x08c8 [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
17:58:39.0453 0x08c8 gusvc - ok
17:58:39.0500 0x08c8 [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
17:58:39.0500 0x08c8 HDAudBus - ok
17:58:39.0562 0x08c8 [ CB66BF85BF599BEFD6C6A57C2E20357F, 55D3A0F9279FF316766F42548FCB61C452942B08A37590C4892DF110BE4E53C6 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
17:58:39.0578 0x08c8 helpsvc - ok
17:58:39.0609 0x08c8 [ 76E15E6D2E405D5020736A6C912968BA, F87BBF0782A89A3340C3FEC58CF2DEF35BBE11B69BE1B29DB57BF45FF4A592E3 ] HIDKbFlt C:\WINDOWS\system32\drivers\HIDKbFlt.sys
17:58:39.0609 0x08c8 HIDKbFlt - ok
17:58:39.0640 0x08c8 [ B35DA85E60C0103F2E4104532DA2F12B, E13C9F73DF7713554CB614B36123D75014F5121AA1FC9069733E61758751CBE4 ] HidServ C:\WINDOWS\System32\hidserv.dll
17:58:39.0640 0x08c8 HidServ - ok
17:58:39.0687 0x08c8 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:58:39.0687 0x08c8 HidUsb - ok
17:58:39.0718 0x08c8 [ ED29F14101523A6E0E808107405D452C, B8FA987637787BEECC2EB06D36293DAC355523392B49A8C5A9491EEE961917E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
17:58:39.0734 0x08c8 hkmsvc - ok
17:58:39.0734 0x08c8 hpn - ok
17:58:39.0781 0x08c8 [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
17:58:39.0781 0x08c8 HTTP - ok
17:58:39.0828 0x08c8 [ 9E4ADB854CEBCFB81A4B36718FEECD16, 677AB64460775686F8366D6BF35D420A2486C3F07338A00A7C2788A5142B9F08 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
17:58:39.0828 0x08c8 HTTPFilter - ok
17:58:39.0828 0x08c8 i2omgmt - ok
17:58:39.0843 0x08c8 i2omp - ok
17:58:39.0875 0x08c8 [ E283B97CFBEB86C1D86BAED5F7846A92, 7664F791D08C80DF1E52B34BE69F073AA645610C4BD975F498254807602374AB ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
17:58:39.0890 0x08c8 i8042prt - ok
17:58:40.0000 0x08c8 [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:58:40.0031 0x08c8 idsvc - ok
17:58:40.0062 0x08c8 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
17:58:40.0062 0x08c8 Imapi - ok
17:58:40.0109 0x08c8 [ D4B413AA210C21E46AEDD2BA5B68D38E, 2309622867AA8FC832A729FA78F48742D4BD6CA0DAFBFB9DDB0772D671E1ED75 ] ImapiService C:\WINDOWS\system32\imapi.exe
17:58:40.0109 0x08c8 ImapiService - ok
17:58:40.0125 0x08c8 ini910u - ok
17:58:40.0437 0x08c8 [ 2B1CDDFE53715372B2677ACE12FC9FE5, 40061A5CC3864A5B5A44212AFC493983087D54C603DCE3E9C291D8F9E846E26B ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
17:58:40.0562 0x08c8 IntcAzAudAddService - ok
17:58:40.0578 0x08c8 IntelIde - ok
17:58:40.0609 0x08c8 [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
17:58:40.0609 0x08c8 Ip6Fw - ok
17:58:40.0640 0x08c8 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:58:40.0640 0x08c8 IpFilterDriver - ok
17:58:40.0656 0x08c8 [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:58:40.0656 0x08c8 IpInIp - ok
17:58:40.0703 0x08c8 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:58:40.0703 0x08c8 IpNat - ok
17:58:40.0718 0x08c8 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:58:40.0718 0x08c8 IPSec - ok
17:58:40.0734 0x08c8 [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
17:58:40.0750 0x08c8 IRENUM - ok
17:58:40.0765 0x08c8 [ 6DFB88F64135C525433E87648BDA30DE, 8233EEFBEF36AAA152F2C55D23D7118F0DE40C9C22EB5D9793405A4770889540 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:58:40.0765 0x08c8 isapnp - ok
17:58:40.0812 0x08c8 [ 4AC11B2250106774F694DF2DB4FFED61, 99D0FF40CE5B6BCB46966770B0BC1C9FED9FF23D2635B2C9B1B148BE83B395AA ] Iviaspi C:\WINDOWS\system32\drivers\iviaspi.sys
17:58:40.0812 0x08c8 Iviaspi - ok
17:58:40.0828 0x08c8 [ 7BD8FF29FECC1F4EF5B26CE3FFA80AE8, AAA32579A1CF3FE0AB1627F3D7929CA62A3A8D9E27A1CD64F027C1DF999ECBFD ] iviVD C:\WINDOWS\system32\DRIVERS\iviVD.sys
17:58:40.0843 0x08c8 iviVD - ok
17:58:40.0859 0x08c8 [ 1704D8C4C8807B889E43C649B478A452, E854C90CD301F42BE2520CEDAD35E49DF2D43606CF4EEED861B74882118D04D1 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:58:40.0859 0x08c8 Kbdclass - ok
17:58:40.0906 0x08c8 [ B6D6C117D771C98130497265F26D1882, E79CC4EA5C088F988BA61F80764F9CAD9B78BC56A7E17DD54622C75483BC5DF4 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
17:58:40.0906 0x08c8 kbdhid - ok
17:58:40.0921 0x08c8 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
17:58:40.0921 0x08c8 kmixer - ok
17:58:40.0968 0x08c8 [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
17:58:40.0968 0x08c8 KSecDD - ok
17:58:41.0015 0x08c8 [ 2BBDCB79900990F0716DFCB714E72DE7, 6283789201164A9254632D9A3C8A54FE697717D5F8D5A37804D924DC2B70C8E3 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
17:58:41.0015 0x08c8 lanmanserver - ok
17:58:41.0062 0x08c8 [ 1869B14B06B44B44AF70548E1EA3303F, 4D63B4DAF580C86F86837C7D1753E2105B4C52E26D4CA0CAAFE83755EFF7AFBE ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
17:58:41.0078 0x08c8 lanmanworkstation - ok
17:58:41.0078 0x08c8 lbrtfdc - ok
17:58:41.0125 0x08c8 [ 636714B7D43C8D0C80449123FD266920, F06F6C7DC49B26EFCAC3570C67BA9BD934F62C6F382DA4DD2AB302C7B970F414 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
17:58:41.0125 0x08c8 LmHosts - ok
17:58:41.0156 0x08c8 [ FFB32E70D735146F5630DC7A96B6E1A8, DE1A8CF40FB077FA9AB04D4C292DBD8E42643A822CA5C4B90EC992802EF6765E ] mbamchameleon C:\WINDOWS\system32\drivers\mbamchameleon.sys
17:58:41.0156 0x08c8 mbamchameleon - ok
17:58:41.0187 0x08c8 [ 8E2E9CCD873ABF180F48BCAEEEBE347D, 35DBBB8E63B480151EA5701D9DB7C90642FA2391D044DB400D3644F3E21BB0C1 ] MBAMSwissArmy C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
17:58:41.0203 0x08c8 MBAMSwissArmy - ok
17:58:41.0296 0x08c8 [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1FFB32B2AF9D5D8 ] MDM C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
17:58:41.0312 0x08c8 MDM - ok
17:58:41.0343 0x08c8 [ B7550A7107281D170CE85524B1488C98, A3854B16A65436BEF6BEDE918B43B3BE8F00D303660DB5831DD376271DC43239 ] Messenger C:\WINDOWS\System32\msgsvc.dll
17:58:41.0343 0x08c8 Messenger - ok
17:58:41.0375 0x08c8 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
17:58:41.0375 0x08c8 mnmdd - ok
17:58:41.0406 0x08c8 [ C2F1D365FD96791B037EE504868065D3, 87BD87E08FD00D115524B049F1A3A719AB86557D68968E7090CD0F271F985CAF ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
17:58:41.0406 0x08c8 mnmsrvc - ok
17:58:41.0437 0x08c8 [ 6FB74EBD4EC57A6F1781DE3852CC3362, 0454509D9A31E0202C08AE17294E2682F227D177A3C73B303E4C8332757AFCA1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
17:58:41.0437 0x08c8 Modem - ok
17:58:41.0593 0x08c8 [ 9FA7207D1B1ADEAD88AE8EED9CDBBAA5, 2AC3875B2E7D9B0692253A9867B940CF214DE03574808B42C3702843BC1D5696 ] Monfilt C:\WINDOWS\system32\drivers\Monfilt.sys
17:58:41.0640 0x08c8 Monfilt - ok
17:58:41.0671 0x08c8 [ B24CE8005DEAB254C0251E15CB71D802, 6804A8ABDAD5EC846E7F8077D1EE9BA45D6226ACFF42C70BE3DE7C8980EF9EC4 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:58:41.0671 0x08c8 Mouclass - ok
17:58:41.0718 0x08c8 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
17:58:41.0718 0x08c8 MountMgr - ok
17:58:41.0796 0x08c8 [ 81E8AF6407EC3F41908FE37F054353EA, 756C7656ED68AEAE4225E952ED1CED0717264D3378DB8DF0B2D70B6EBC67C62F ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
17:58:41.0812 0x08c8 MozillaMaintenance - ok
17:58:41.0812 0x08c8 mraid35x - ok
17:58:41.0843 0x08c8 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:58:41.0843 0x08c8 MRxDAV - ok
17:58:41.0937 0x08c8 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:58:41.0937 0x08c8 MRxSmb - ok
17:58:41.0984 0x08c8 [ 35A031AF38C55F92D28AA03EE9F12CC9, 97245D204C886EE8DCCC2DEAC80A0E358A7E0C1982F77389DA50DCF091FC9DDC ] MSDTC C:\WINDOWS\system32\msdtc.exe
17:58:41.0984 0x08c8 MSDTC - ok
17:58:42.0031 0x08c8 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
17:58:42.0031 0x08c8 Msfs - ok
17:58:42.0031 0x08c8 MSIServer - ok
17:58:42.0062 0x08c8 [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:58:42.0062 0x08c8 MSKSSRV - ok
17:58:42.0078 0x08c8 [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:58:42.0093 0x08c8 MSPCLOCK - ok
17:58:42.0093 0x08c8 [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
17:58:42.0093 0x08c8 MSPQM - ok
17:58:42.0140 0x08c8 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
|
|
19.03.2015, 18:04
| #36 |
| | Maleware gefunden - was muß ich nun tun?Code:
ATTFilter 17:58:42.0140 0x08c8 mssmbios - ok
17:58:42.0171 0x08c8 [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
17:58:42.0171 0x08c8 Mup - ok
17:58:42.0218 0x08c8 [ 46BB15AE2AC7D025D6D2567B876817BD, 102A101B96D1078C98FA0F871C801A9A8538E20E5686AB0C7680B2F6C92B3165 ] napagent C:\WINDOWS\System32\qagentrt.dll
17:58:42.0234 0x08c8 napagent - ok
17:58:42.0265 0x08c8 [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
17:58:42.0265 0x08c8 NDIS - ok
17:58:42.0296 0x08c8 [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:58:42.0296 0x08c8 NdisTapi - ok
17:58:42.0312 0x08c8 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:58:42.0312 0x08c8 Ndisuio - ok
17:58:42.0328 0x08c8 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:58:42.0328 0x08c8 NdisWan - ok
17:58:42.0375 0x08c8 [ 9282BD12DFB069D3889EB3FCC1000A9B, 09A46F1712BD9165068D8E153585FE3E6E5CBF4F1DDEC142115555D3A91AEC09 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
17:58:42.0375 0x08c8 NDProxy - ok
17:58:42.0421 0x08c8 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
17:58:42.0421 0x08c8 NetBIOS - ok
17:58:42.0437 0x08c8 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
17:58:42.0437 0x08c8 NetBT - ok
17:58:42.0484 0x08c8 [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDE C:\WINDOWS\system32\netdde.exe
17:58:42.0484 0x08c8 NetDDE - ok
17:58:42.0500 0x08c8 [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
17:58:42.0500 0x08c8 NetDDEdsdm - ok
17:58:42.0531 0x08c8 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] Netlogon C:\WINDOWS\system32\lsass.exe
17:58:42.0531 0x08c8 Netlogon - ok
17:58:42.0546 0x08c8 [ E6D88F1F6745BF00B57E7855A2AB696C, 12A5EDD853600FF5EBF91E127077745AE1E61E66DBC1D4D4306570F171AF4A39 ] Netman C:\WINDOWS\System32\netman.dll
17:58:42.0562 0x08c8 Netman - ok
17:58:42.0625 0x08c8 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:58:42.0625 0x08c8 NetTcpPortSharing - ok
17:58:42.0671 0x08c8 [ F1B67B6B0751AE0E6E964B02821206A3, 3D5A7593ABDEE2047C5738671C85DC8B95A4ECF58D5D7B04EEE13A689839A540 ] Nla C:\WINDOWS\System32\mswsock.dll
17:58:42.0671 0x08c8 Nla - ok
17:58:42.0750 0x08c8 [ 7AEA4DF1CA68FD45DD4BBE1F0243CE7F, 4CCE820F455512C41E4F98109FA6F048907DD3452D5A00D5F885C77F93C9C105 ] NMSAccess C:\Programme\CDBurnerXP\NMSAccessU.exe
17:58:42.0750 0x08c8 NMSAccess - ok
17:58:42.0796 0x08c8 [ B48DC6ABCD3AEFF8618350CCBDC6B09A, 824D8B03E061DDD0D33EF9F03C669B13E7B6E339684009BD44D69178C45E2DE1 ] npf C:\WINDOWS\system32\drivers\npf.sys
17:58:42.0796 0x08c8 npf - ok
17:58:42.0843 0x08c8 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
17:58:42.0843 0x08c8 Npfs - ok
17:58:42.0890 0x08c8 [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
17:58:42.0906 0x08c8 Ntfs - ok
17:58:42.0921 0x08c8 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
17:58:42.0921 0x08c8 NtLmSsp - ok
17:58:42.0984 0x08c8 [ 56AF4064996FA5BAC9C449B1514B4770, 154602EFEC22728503D4ABA025DF711B0F2CFC983F5E3BF25F2A4BCD1AE250EC ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
17:58:43.0000 0x08c8 NtmsSvc - ok
17:58:43.0015 0x08c8 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
17:58:43.0015 0x08c8 Null - ok
17:58:43.0656 0x08c8 [ 5AFC57ED9FE985DE99FC8A37884DAE10, B541C359108CC9D8864FE06AF0D4A77C7052C278AD4225A96180F5F96AD21381 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
17:58:43.0937 0x08c8 nv - ok
17:58:44.0000 0x08c8 [ EFC9A7307691E3C3DB8D2AA81A778356, EC9A04DC1828C3B4478A78F6DD8F702547902B8A12FF50E517D6A16751F6C910 ] NVHDA C:\WINDOWS\system32\drivers\nvhda32.sys
17:58:44.0000 0x08c8 NVHDA - ok
17:58:44.0062 0x08c8 [ F0FA6A2FE9DD2D164208384764110A36, 91F4A4CE9E3E9A5F014BCAD461958C773BC599510A7B7652EA4E2582A3FF52E6 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
17:58:44.0062 0x08c8 NVSvc - ok
17:58:44.0250 0x08c8 [ 005E474630A7AA05A617C574B702FEED, E7B8181232DAA787EE8B98DDB5775E4B33C82B4D2E4A27D3DCD9FBAA6663BD97 ] nvUpdatusService C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
17:58:44.0296 0x08c8 nvUpdatusService - ok
17:58:44.0328 0x08c8 [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:58:44.0328 0x08c8 NwlnkFlt - ok
17:58:44.0343 0x08c8 [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:58:44.0359 0x08c8 NwlnkFwd - ok
17:58:44.0390 0x08c8 [ F84785660305B9B903FB3BCA8BA29837, BDBDE61076800415D98759077E9E039C80B55DBE68E31F8BF44A909C6C3D3276 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
17:58:44.0390 0x08c8 Parport - ok
17:58:44.0406 0x08c8 [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
17:58:44.0406 0x08c8 PartMgr - ok
17:58:44.0453 0x08c8 [ C2BF987829099A3EAA2CA6A0A90ECB4F, 1DF21EA8E43875CFEECD869407429F82FB449707CFB845718499468E699BAAAA ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
17:58:44.0453 0x08c8 ParVdm - ok
17:58:44.0453 0x08c8 [ 387E8DEDC343AA2D1EFBC30580273ACD, 5F3E642BDB759777E570ED5B22AC7E93CDCD362708F281657AD7BAB44EDEC802 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
17:58:44.0468 0x08c8 PCI - ok
17:58:44.0468 0x08c8 PCIDump - ok
17:58:44.0500 0x08c8 [ 59BA86D9A61CBCF4DF8E598C331F5B82, 822D11C5CE77BFD7B2F25350CCBF92B0B9388EEA6D86ED220B768C720976D839 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
17:58:44.0500 0x08c8 PCIIde - ok
17:58:44.0515 0x08c8 [ A2A966B77D61847D61A3051DF87C8C97, 6CED7CA26DC62B0AAFC83A2E07336DAD25954491201BB8E06103971F3F0B8B51 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
17:58:44.0531 0x08c8 Pcmcia - ok
17:58:44.0531 0x08c8 PDCOMP - ok
17:58:44.0531 0x08c8 PDFRAME - ok
17:58:44.0546 0x08c8 PDRELI - ok
17:58:44.0546 0x08c8 PDRFRAME - ok
17:58:44.0562 0x08c8 perc2 - ok
17:58:44.0562 0x08c8 perc2hib - ok
17:58:44.0593 0x08c8 [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] PlugPlay C:\WINDOWS\system32\services.exe
17:58:44.0609 0x08c8 PlugPlay - ok
17:58:44.0625 0x08c8 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
17:58:44.0625 0x08c8 PolicyAgent - ok
17:58:44.0640 0x08c8 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:58:44.0640 0x08c8 PptpMiniport - ok
17:58:44.0656 0x08c8 [ 2CB55427C58679F49AD600FCCBA76360, 2B5242E9637FCB6A7C16F720C9D8D440AA88B61FB5F108B295A208886C01C4D1 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
17:58:44.0656 0x08c8 Processor - ok
17:58:44.0656 0x08c8 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
17:58:44.0656 0x08c8 ProtectedStorage - ok
17:58:44.0671 0x08c8 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
17:58:44.0671 0x08c8 PSched - ok
17:58:44.0718 0x08c8 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:58:44.0718 0x08c8 Ptilink - ok
17:58:44.0718 0x08c8 ql1080 - ok
17:58:44.0734 0x08c8 Ql10wnt - ok
17:58:44.0734 0x08c8 ql12160 - ok
17:58:44.0734 0x08c8 ql1240 - ok
17:58:44.0750 0x08c8 ql1280 - ok
17:58:44.0765 0x08c8 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:58:44.0765 0x08c8 RasAcd - ok
17:58:44.0796 0x08c8 [ F5BA6CACCDB66C8F048E867563203246, AFEAD8FC02313F7EBC8F9F39E7ED2868852B480BE3902FA7BD0AFD81492AB243 ] RasAuto C:\WINDOWS\System32\rasauto.dll
17:58:44.0796 0x08c8 RasAuto - ok
17:58:44.0828 0x08c8 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:58:44.0828 0x08c8 Rasl2tp - ok
17:58:44.0875 0x08c8 [ F9A7B66EA345726EDB5862A46B1ECCD5, 5D35429D394D36A1692A7E219BA1A85CD8096FEAE0F90BFE036A63118FEDBF57 ] RasMan C:\WINDOWS\System32\rasmans.dll
17:58:44.0875 0x08c8 RasMan - ok
17:58:44.0890 0x08c8 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:58:44.0890 0x08c8 RasPppoe - ok
17:58:44.0906 0x08c8 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
17:58:44.0906 0x08c8 Raspti - ok
17:58:44.0953 0x08c8 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:58:44.0953 0x08c8 Rdbss - ok
17:58:44.0968 0x08c8 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:58:44.0968 0x08c8 RDPCDD - ok
17:58:44.0984 0x08c8 [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
17:58:44.0984 0x08c8 rdpdr - ok
17:58:45.0031 0x08c8 [ FC105DD312ED64EB66BFF111E8EC6EAC, 1B29D928DDD43A1929D5A788648536603EA60AF6D4EC9BF0B20AD7F71BD88ACB ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
17:58:45.0046 0x08c8 RDPWD - ok
17:58:45.0093 0x08c8 [ 263AF18AF0F3DB99F574C95F284CCEC9, 2BFA9952E97EFEB386FC56EC2C125080CD12DAC078DBE43C395CB4D9F22165D3 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
17:58:45.0093 0x08c8 RDSessMgr - ok
17:58:45.0156 0x08c8 [ 96EFEC24346A8EB1157E80523079ADDC, 7F8FC284029856C754E400B6C954369FFE27763C81D8F4AF4E58BFDD44CBC24A ] RealNetworks Downloader Resolver Service C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe
17:58:45.0156 0x08c8 RealNetworks Downloader Resolver Service - ok
17:58:45.0171 0x08c8 [ ED761D453856F795A7FE056E42C36365, EF026585B33415D8FCE94A9F27D7A4396C7C35C88E06A4CF0FEA702401E8597A ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
17:58:45.0171 0x08c8 redbook - ok
17:58:45.0203 0x08c8 [ 0E97EC96D6942CEEC2D188CC2EB69A01, D4253B4420BEF19451A55AB91E4834482181A31A31134F6E2AFE05C8E20C81A5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
17:58:45.0203 0x08c8 RemoteAccess - ok
17:58:45.0250 0x08c8 [ E4CD1F3D84E1C2CA0B8CF7501E201593, 649CC0B04F94D407EB6B4C7FDE2C6E4D2B1531307BC67C5775E44D66EF2E4F8A ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
17:58:45.0250 0x08c8 RemoteRegistry - ok
17:58:45.0265 0x08c8 [ 2A02E21867497DF20B8FC95631395169, D89E2D17ED4E1C727847C0E92D2DF68AEB70BF0B956BD2FE024ED70A961759D2 ] RpcLocator C:\WINDOWS\system32\locator.exe
17:58:45.0281 0x08c8 RpcLocator - ok
17:58:45.0312 0x08c8 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] RpcSs C:\WINDOWS\System32\rpcss.dll
17:58:45.0328 0x08c8 RpcSs - ok
17:58:45.0359 0x08c8 [ 4BDD71B4B521521499DFD14735C4F398, 7B1498D3C67E56D05B58B7DA319ECB0117C37963AABB0E59B42831C087469DA1 ] RSVP C:\WINDOWS\system32\rsvp.exe
17:58:45.0359 0x08c8 RSVP - ok
17:58:45.0390 0x08c8 [ 00FD6811350E175585ABCF7D4A61DD90, 00B54CB6547E47E6A2B8AE4BB220E68BBFECF2188CB7DFE651B50F7FE6AC7E9D ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
17:58:45.0406 0x08c8 RTLE8023xp - ok
17:58:45.0421 0x08c8 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] SamSs C:\WINDOWS\system32\lsass.exe
17:58:45.0421 0x08c8 SamSs - ok
17:58:45.0453 0x08c8 [ DCEC079FAD95D36C8DD5CB6D779DFE32, F8546552D939A225853A0CE4913701A93738DF02C999D16E141E9A828814BBC6 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
17:58:45.0468 0x08c8 SCardSvr - ok
17:58:45.0515 0x08c8 [ A050194A44D7FA8D7186ED2F4E8367AE, BCDF56D5A2F9E202DC67E7FE4BCC617BCC0BDFF2D221A621020068B17B2855BB ] Schedule C:\WINDOWS\system32\schedsvc.dll
17:58:45.0515 0x08c8 Schedule - ok
17:58:45.0546 0x08c8 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:58:45.0546 0x08c8 Secdrv - ok
17:58:45.0578 0x08c8 [ BEE4CFD1D48C23B44CF4B974B0B79B2B, DF3B02D713F8A4602BE75F004074D5DF79AFF2D58FF37110B2A6AC29F680758B ] seclogon C:\WINDOWS\System32\seclogon.dll
17:58:45.0593 0x08c8 seclogon - ok
17:58:45.0609 0x08c8 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3, 95D83F054A6610328D56E56CD948A6618C590231853E56FC20E7557DB61384A4 ] SENS C:\WINDOWS\system32\sens.dll
17:58:45.0609 0x08c8 SENS - ok
17:58:45.0625 0x08c8 [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
17:58:45.0625 0x08c8 serenum - ok
17:58:45.0640 0x08c8 [ CF24EB4F0412C82BCD1F4F35A025E31D, B74CB094126F5C23F601C34D53B2DF5BE3E5918230AC9DCFCFFA8E66B3A0FA25 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
17:58:45.0640 0x08c8 Serial - ok
17:58:45.0671 0x08c8 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
17:58:45.0671 0x08c8 Sfloppy - ok
17:58:45.0734 0x08c8 [ CAD058D5F8B889A87CA3EB3CF624DCEF, A7CDCF44261D1F4D820927253EA8EBB63714B7BAFF8B08DE073507D9A7EEA5BB ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
17:58:45.0750 0x08c8 SharedAccess - ok
17:58:45.0765 0x08c8 [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
17:58:45.0765 0x08c8 ShellHWDetection - ok
17:58:45.0781 0x08c8 Simbad - ok
17:58:45.0781 0x08c8 Sparrow - ok
17:58:45.0828 0x08c8 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
17:58:45.0828 0x08c8 splitter - ok
17:58:45.0875 0x08c8 [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe
17:58:45.0875 0x08c8 Spooler - ok
17:58:45.0890 0x08c8 [ 50FA898F8C032796D3B1B9951BB5A90F, 1C86273EC19EB96D6DB9CE6670C00683B77C99C42CC2F7E75BC50872B93446B1 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
17:58:45.0890 0x08c8 sr - ok
17:58:45.0937 0x08c8 [ FE77A85495065F3AD59C5C65B6C54182, EB4BAF992F961B2FD5D24BFCB6BCB2142BC32933139A818835FEAB190E4283BB ] srservice C:\WINDOWS\system32\srsvc.dll
17:58:45.0937 0x08c8 srservice - ok
17:58:46.0000 0x08c8 [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
17:58:46.0015 0x08c8 Srv - ok
17:58:46.0046 0x08c8 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500, 2971D7D45D6942D310D47DBD19B9680D2D29527E79B86133C72217FD29259465 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
17:58:46.0046 0x08c8 SSDPSRV - ok
17:58:46.0078 0x08c8 [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
17:58:46.0078 0x08c8 ssmdrv - ok
17:58:46.0125 0x08c8 [ 3F0164FBC0BD1ADBD02DF9759181451A, 8BDAA0373BD16B38407F93FE5C697481D4D88C72B1931D6A7B9F80C0276242B9 ] ss_bbus C:\WINDOWS\system32\DRIVERS\ss_bbus.sys
17:58:46.0125 0x08c8 ss_bbus - ok
17:58:46.0156 0x08c8 [ B89D62206034E5FE573C80A24DD55675, 26D12E2A7CB538DDEEA7B764242E9EAE25E0A46293AE3608E6B7DD71AECBA901 ] ss_bmdfl C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys
17:58:46.0156 0x08c8 ss_bmdfl - ok
17:58:46.0203 0x08c8 [ 1ED0FCEA586FE2A416EE15196E5631DD, AF1EBAD7D580BF85ACD6C6287892DE4E7A679852887B9E866A032B1DDCF26183 ] ss_bmdm C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys
17:58:46.0218 0x08c8 ss_bmdm - ok
17:58:46.0250 0x08c8 [ 994D2E5378CC337EC7DD73C1E04FCAA4, 4320B6EFF5CFA40DCD7EF1ED1BB79AC29D5FC34FCFA97BA97333CB5ABD741E05 ] ss_bserd C:\WINDOWS\system32\DRIVERS\ss_bserd.sys
17:58:46.0250 0x08c8 ss_bserd - ok
17:58:46.0281 0x08c8 [ F92254B0BCFCD10CAAC7BCCC7CB7F467, A44B569F658BED53502C9155947759EE67FABEE306DA2A9ABE87141F99B251A3 ] StarOpen C:\WINDOWS\system32\drivers\StarOpen.sys
17:58:46.0296 0x08c8 StarOpen - ok
17:58:46.0343 0x08c8 [ BC2C5985611C5356B24AEB370953DED9, 15CBAB8166827DC098E2B16AB6F49A1441A4CB52AF3588F0AD964CAB596DFE10 ] stisvc C:\WINDOWS\system32\wiaservc.dll
17:58:46.0359 0x08c8 stisvc - ok
17:58:46.0390 0x08c8 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
17:58:46.0390 0x08c8 swenum - ok
17:58:46.0406 0x08c8 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
17:58:46.0406 0x08c8 swmidi - ok
17:58:46.0406 0x08c8 SwPrv - ok
17:58:46.0421 0x08c8 symc810 - ok
17:58:46.0421 0x08c8 symc8xx - ok
17:58:46.0437 0x08c8 sym_hi - ok
17:58:46.0437 0x08c8 sym_u3 - ok
17:58:46.0453 0x08c8 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
17:58:46.0453 0x08c8 sysaudio - ok
17:58:46.0500 0x08c8 [ 2903FFFA2523926D6219428040DCE6B9, 4F13181931B0499F6C3F08138054DBCD1F84CB9806999A9172B80DE79D446F62 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
17:58:46.0500 0x08c8 SysmonLog - ok
17:58:46.0562 0x08c8 [ 05903CAC4B98908D55EA5774775B382E, AC3666CBD894D737874A5998DC7F46A0A51A7B23B1835FC735B9AD503A2191CC ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
17:58:46.0562 0x08c8 TapiSrv - ok
17:58:46.0625 0x08c8 [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:58:46.0640 0x08c8 Tcpip - ok
17:58:46.0671 0x08c8 [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
17:58:46.0671 0x08c8 TDPIPE - ok
17:58:46.0687 0x08c8 [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
17:58:46.0687 0x08c8 TDTCP - ok
17:58:46.0718 0x08c8 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
17:58:46.0718 0x08c8 TermDD - ok
17:58:46.0765 0x08c8 [ B7DE02C863D8F5A005A7BF375375A6A4, 6DE05A7B28CA5A78D58536347FC47F15883EEDBEF487CEA0117CC280FC582DCC ] TermService C:\WINDOWS\System32\termsrv.dll
17:58:46.0765 0x08c8 TermService - ok
17:58:46.0796 0x08c8 [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] Themes C:\WINDOWS\System32\shsvcs.dll
17:58:46.0796 0x08c8 Themes - ok
17:58:46.0843 0x08c8 [ 03681A1CE77F51586903869A5AB1DEAB, E2EC0A481412166B654682C2F3D953E96E757466135CBD2D813B967EDB13C721 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
17:58:46.0843 0x08c8 TlntSvr - ok
17:58:46.0859 0x08c8 TosIde - ok
17:58:46.0875 0x08c8 [ 626504572B175867F30F3215C04B3E2F, 47E87CE9BC666D5CB5953C5D497DC00A7CC28F8EC0A064B3E47700279C5C4B91 ] TrkWks C:\WINDOWS\system32\trkwks.dll
17:58:46.0890 0x08c8 TrkWks - ok
17:58:46.0906 0x08c8 [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
17:58:46.0906 0x08c8 Udfs - ok
17:58:46.0984 0x08c8 [ 4BD2C322118A2470B450492A0C3302F9, 31DD44C09F0165147B6E68F3865AF4EC3CF36C3D637501025076F748475DD38F ] UleadBurningHelper C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe
17:58:46.0984 0x08c8 UleadBurningHelper - ok
17:58:47.0000 0x08c8 ultra - ok
17:58:47.0031 0x08c8 [ AB0A7CA90D9E3D6A193905DC1715DED0, CA764A2B92E727E3398134CD50D5622B4EC387436A3644063DA1D114CE63BD64 ] UMWdf C:\WINDOWS\system32\wdfmgr.exe
17:58:47.0031 0x08c8 UMWdf - ok
17:58:47.0093 0x08c8 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
17:58:47.0109 0x08c8 Update - ok
17:58:47.0156 0x08c8 [ 1DFD8975D8C89214B98D9387C1125B49, 0B6B268487C8E45E9B86BF4A0A9DB669E0E45D600DE3C82B63F9986CA9E01082 ] upnphost C:\WINDOWS\System32\upnphost.dll
17:58:47.0156 0x08c8 upnphost - ok
17:58:47.0187 0x08c8 [ 9B11E6118958E63E1FEF129466E2BDA7, 97168BCE3F4A9BB9E6500F05E34851FB957B219C598944FADC28AC0011C0503B ] UPS C:\WINDOWS\System32\ups.exe
17:58:47.0187 0x08c8 UPS - ok
17:58:47.0218 0x08c8 [ E919708DB44ED8543A7C017953148330, 226D032912D396117213FC29CD0BB5A8B2F872DD91D92F254F2F1FE392481B61 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
17:58:47.0218 0x08c8 usbaudio - ok
17:58:47.0250 0x08c8 [ 173F317CE0DB8E21322E71B7E60A27E8, 7042441BA63AE38AE9D7BE0BC5CA7404FC9EE5BB3F084604A68F01E82769652A ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
17:58:47.0265 0x08c8 usbccgp - ok
17:58:47.0281 0x08c8 [ 65DCF09D0E37D4C6B11B5B0B76D470A7, 90EBA8BAF45932B453D905EDF2BDDDF3A432BFD50B9F7DF58CDEAE98D11C2E2F ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:58:47.0281 0x08c8 usbehci - ok
17:58:47.0312 0x08c8 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:58:47.0312 0x08c8 usbhub - ok
17:58:47.0328 0x08c8 [ 0DAECCE65366EA32B162F85F07C6753B, 3C33AC2FC95E876933F2016CF0CDA2745491679728684DA8DF95A515CE4804BD ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
17:58:47.0328 0x08c8 usbohci - ok
17:58:47.0359 0x08c8 [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
17:58:47.0359 0x08c8 usbprint - ok
17:58:47.0375 0x08c8 [ A0B8CF9DEB1184FBDD20784A58FA75D4, D8AFD45BD9CF7B02F2554AA6085194DE82893AF794EDF479BC9B9E9C1758DC75 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
17:58:47.0390 0x08c8 usbscan - ok
17:58:47.0421 0x08c8 [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:58:47.0421 0x08c8 USBSTOR - ok
17:58:47.0437 0x08c8 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
17:58:47.0437 0x08c8 VgaSave - ok
17:58:47.0453 0x08c8 ViaIde - ok
17:58:47.0453 0x08c8 [ A5A712F4E880874A477AF790B5186E1D, FE885ED04C3EAFC379787F836738A2769E43D07CF52DD917D90C38E001957A5E ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
17:58:47.0468 0x08c8 VolSnap - ok
17:58:47.0515 0x08c8 [ 68F106273BE29E7B7EF8266977268E78, 1488AB7A654EBC94C73E1D494067189ACB95BC233980110CAC4C0297CDC4115A ] VSS C:\WINDOWS\System32\vssvc.exe
17:58:47.0531 0x08c8 VSS - ok
17:58:47.0546 0x08c8 [ 7B353059E665F8B7AD2BBEAEF597CF45, 84A4311F18A4B8DCB364741DEA7D18E2363F19564B2EF25214965DC729527068 ] W32Time C:\WINDOWS\system32\w32time.dll
17:58:47.0546 0x08c8 W32Time - ok
17:58:47.0578 0x08c8 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:58:47.0578 0x08c8 Wanarp - ok
17:58:47.0578 0x08c8 WDICA - ok
17:58:47.0625 0x08c8 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
17:58:47.0625 0x08c8 wdmaud - ok
17:58:47.0656 0x08c8 [ 81727C9873E3905A2FFC1EBD07265002, 6AC2383A1DCBB7FA3DB90FBB874C8E1819F5B7492717FF41E303EFC7BF72F93E ] WebClient C:\WINDOWS\System32\webclnt.dll
17:58:47.0671 0x08c8 WebClient - ok
17:58:47.0750 0x08c8 [ 6F3F3973D97714CC5F906A19FE883729, 7817118BE94D0F6FAE0F9CE48AD70FFE0AEF886CCE09C666768FAB61047F992F ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
17:58:47.0750 0x08c8 winmgmt - ok
17:58:47.0812 0x08c8 [ 140EF97B64F560FD78643CAE2CDAD838, 1DEA8005220A3EFEC6E32A7DE4386026CCC1E5328E2FDCB82B1FB335905D1962 ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
17:58:47.0812 0x08c8 WmdmPmSN - ok
17:58:47.0859 0x08c8 [ FFA4D901D46D07A5BAB2D8307FBB51A6, 53C6D04D111EDF774C7F7EEB8D032B372E6244774D56B1B34CF1236027EC9450 ] Wmi C:\WINDOWS\System32\advapi32.dll
17:58:47.0875 0x08c8 Wmi - ok
17:58:47.0937 0x08c8 [ 93908111BA57A6E60EC2FA2DE202105C, F395F25F18D15C6B9FEDB45FD31E10295FFE5517E2BC86ACAC11904EA0664BE2 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
17:58:47.0937 0x08c8 WmiApSrv - ok
17:58:47.0984 0x08c8 [ 1385E5AA9C9821790D33A9563B8D2DD0, 35248DA1BBB6E88D6C7706B81A48F7EA4E4F2673228D69E622525D478B8E7220 ] WpdUsb C:\WINDOWS\system32\Drivers\wpdusb.sys
17:58:47.0984 0x08c8 WpdUsb - ok
17:58:48.0109 0x08c8 [ DCF3E3EDF5109EE8BC02FE6E1F045795, 4B8E14B1CFB095982D34DAEC336114F5039D7793080FB787DC95A63B6B945DD0 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
17:58:48.0125 0x08c8 WPFFontCache_v0400 - ok
17:58:48.0171 0x08c8 [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
17:58:48.0171 0x08c8 WS2IFSL - ok
17:58:48.0218 0x08c8 [ 300B3E84FAF1A5C1F791C159BA28035D, 0194856BDF94C1F274AF70AD558290ACDACDDEA331BD66FEB8E167ABD1E36786 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
17:58:48.0218 0x08c8 wscsvc - ok
17:58:48.0265 0x08c8 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085, A1DB8909FA73337DB613D01824945485186654364A4DF129B8CB913CF87D1D2E ] wuauserv C:\WINDOWS\system32\wuauserv.dll
17:58:48.0265 0x08c8 wuauserv - ok
17:58:48.0437 0x08c8 [ C4F109C005F6725162D2D12CA751E4A7, AC996B44338328BDD4442FE48406F286A64526F0EC77BE00A19FA7FDB0407CFE ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
17:58:48.0453 0x08c8 WZCSVC - ok
17:58:48.0484 0x08c8 [ 0ADA34871A2E1CD2CAAFED1237A47750, 45BEF8649078BD74C1A347B5F2D3A1958E5A7DCD6C6BA8A2E0CAD277A929C64E ] xmlprov C:\WINDOWS\System32\xmlprov.dll
17:58:48.0484 0x08c8 xmlprov - ok
17:58:48.0484 0x08c8 ================ Scan global ===============================
17:58:48.0531 0x08c8 [ 2C60091CA5F67C3032EAB3B30390C27F, 9E205C8E67F4B61FCFA2A82AA1968D522C3B6410D7075BE813F7F1564D61632E ] C:\WINDOWS\system32\basesrv.dll
17:58:48.0609 0x08c8 [ 77A50BBD2A1CD6D54A876BB63570E2A8, 80DBEE5B754952411470B9B8A813C989F7074EF6CC07A081A179E523C10C465E ] C:\WINDOWS\system32\winsrv.dll
17:58:48.0656 0x08c8 [ 77A50BBD2A1CD6D54A876BB63570E2A8, 80DBEE5B754952411470B9B8A813C989F7074EF6CC07A081A179E523C10C465E ] C:\WINDOWS\system32\winsrv.dll
17:58:48.0687 0x08c8 [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] C:\WINDOWS\system32\services.exe
17:58:48.0687 0x08c8 [ Global ] - ok
17:58:48.0687 0x08c8 ================ Scan MBR ==================================
17:58:48.0703 0x08c8 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
17:58:48.0875 0x08c8 \Device\Harddisk0\DR0 - ok
17:58:48.0875 0x08c8 ================ Scan VBR ==================================
17:58:48.0875 0x08c8 [ A7D120127FFBA7CD40328F0D53B5F71F ] \Device\Harddisk0\DR0\Partition1
17:58:48.0875 0x08c8 \Device\Harddisk0\DR0\Partition1 - ok
17:58:48.0875 0x08c8 [ 3B57FFE28F9E55442818CF2382708E72 ] \Device\Harddisk0\DR0\Partition2
17:58:48.0875 0x08c8 \Device\Harddisk0\DR0\Partition2 - ok
17:58:48.0890 0x08c8 ================ Scan generic autorun ======================
17:58:48.0968 0x08c8 [ A00F240E6B250E91536CE18BFE0A350C, 338DD25039D4BA97DF669493F6ED59D8E3448BE1F9E954E98B46B188B6359D45 ] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
17:58:48.0984 0x08c8 StartCCC - ok
17:58:49.0937 0x08c8 [ D37F604F98E1FC2D7AEC8EF3515409D7, 570629023EBBF0D5070A84B33DAC32BAC11CE27E64F5A47B95B5C300AA5C1E15 ] C:\WINDOWS\RTHDCPL.EXE
17:58:50.0375 0x08c8 RTHDCPL - ok
17:58:50.0484 0x08c8 [ 37BF603C3685289CA684C4D3400A9DE7, 242379ED5F485E47897B15A1DC200B44B673147A636ADF640A32C72AEF8ABE40 ] C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe
17:58:50.0484 0x08c8 Adobe Reader Speed Launcher - ok
17:58:50.0609 0x08c8 [ 48BE298F7FD1BEF4D8FBACB04D8D95C4, D375B3F6E850E4B0EC81BAA0E554C356BE2248AA77C6C56F5267CA05460FE4EB ] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe
17:58:50.0640 0x08c8 Adobe ARM - ok
17:58:50.0718 0x08c8 [ 2CEC0358AEAF3D34E7FAEE85ED55E9EB, F682779B67B3BC958DEB0853E49F15EA2342E2CD299E2DFE4874E48559EBB683 ] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
17:58:50.0718 0x08c8 HPDJ Taskbar Utility - ok
17:58:50.0828 0x08c8 [ 2103DE800D67BFDD2EC58AE0F242A359, 8CA6797C6EAE8219FD04DF9F761853A0617AB54E6229F44DD1F186E8A9C360FE ] C:\Programme\Ulead Systems\Ulead VideoStudio 11\uvPL.exe
17:58:50.0843 0x08c8 UVS11 Preload - ok
17:58:50.0906 0x08c8 [ CAF03357DE72F8F19FA099581A685C1A, FD7647ECEB96CDAAC516FD40407C2E191703276DC2967475ED1AAD43544DD2C4 ] C:\Programme\QuickTime\qttask.exe
17:58:50.0921 0x08c8 QuickTime Task - ok
17:58:50.0968 0x08c8 [ CD63BDE3117B69C8B21C21DC348858FD, D061C54F037A3CAA0D954297A82C7CF8C40DD3F5188EE325B1780A75FC519566 ] C:\PROGRA~1\OfficeKB\OfficeKB.EXE
17:58:50.0968 0x08c8 OfficeKB - ok
17:58:50.0984 0x08c8 [ E1F68E30FFE27E375A331E0C09CC1C43, 55EBC223C7177CE707B9672316E8EC28733AF943C50C6481717DA437147611EF ] C:\PROGRA~1\OfficeKB\KPDrv4XP.exe
17:58:50.0984 0x08c8 KPDrv4XP - ok
17:58:50.0984 0x08c8 NvCplDaemon - ok
17:58:51.0000 0x08c8 NvMediaCenter - ok
17:58:51.0187 0x08c8 [ A23319A38290D9F495A076254D995499, B78D16FAC286ABBB36F1E7D8732886A793B82346B7BD85A575B70B673059120C ] C:\Programme\NVIDIA Corporation\nview\nwiz.exe
17:58:51.0250 0x08c8 nwiz - ok
17:58:51.0359 0x08c8 [ 1775BDBEF28FD1B0F0AC43F10F483E08, F7E6C3177CFFABF605CC86F585CBF1DE541732DD92F92D1AB97B9BFFB3F2C5A6 ] C:\Programme\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
17:58:51.0375 0x08c8 Nvtmru - ok
17:58:51.0500 0x08c8 [ 69B388D8F3085411D00F875FF5CBCAF6, 22F6DCF1E6D1DD28793CCDFE9FC33E737180BB3C5C65BE3BFA9C2522B6B6F66B ] C:\Programme\Avira\AntiVir Desktop\avgnt.exe
17:58:51.0515 0x08c8 avgnt - ok
17:58:51.0625 0x08c8 [ F6158734F1E24C6C510155CF0D363911, 320900BA90AF14E254CFAFA70FB15A0E77506217E47A406FA1ED821D0206FE29 ] C:\Programme\Real\RealPlayer\update\realsched.exe
17:58:51.0640 0x08c8 TkBellExe - ok
17:58:51.0671 0x08c8 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE
17:58:51.0671 0x08c8 CTFMON.EXE - ok
17:58:51.0843 0x08c8 [ E8405C87CD06FF5D69BC6F3B24D766D0, C82171BEDBFE593A04D09C2E20B0528AA3CEC722D6919F8A5C70C6EFFB9EFEAE ] C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
17:58:51.0843 0x08c8 AmazonMP3DownloaderHelper - ok
17:58:51.0875 0x08c8 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\ctfmon.exe
17:58:51.0875 0x08c8 ctfmon.exe - ok
17:58:51.0875 0x08c8 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE
17:58:51.0875 0x08c8 CTFMON.EXE - ok
17:58:51.0890 0x08c8 AV detected via SS1: Avira Desktop, 15.0.8.652, enabled, updated
17:58:51.0890 0x08c8 Win FW state via NFM: enabled
17:58:54.0250 0x08c8 ============================================================
17:58:54.0250 0x08c8 Scan finished
17:58:54.0250 0x08c8 ============================================================
17:58:54.0250 0x0d60 Detected object count: 0
17:58:54.0250 0x0d60 Actual detected object count: 0
18:00:09.0421 0x0fe8 ============================================================
18:00:09.0421 0x0fe8 Scan started
18:00:09.0421 0x0fe8 Mode: Manual; SigCheck; TDLFS;
18:00:09.0421 0x0fe8 ============================================================
18:00:09.0421 0x0fe8 KSN ping started
18:00:22.0765 0x0fe8 KSN ping finished: true
18:00:23.0656 0x0fe8 ================ Scan system memory ========================
18:00:23.0656 0x0fe8 System memory - ok
18:00:23.0656 0x0fe8 ================ Scan services =============================
18:00:23.0750 0x0fe8 Abiosdsk - ok
18:00:23.0765 0x0fe8 abp480n5 - ok
18:00:23.0796 0x0fe8 [ AC407F1A62C3A300B4F2B5A9F1D55B2C, 31F5FC61B37E22100B3A52A590295A7E827FFC581FA9960C64B9032452AAECED ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
18:00:24.0609 0x0fe8 ACPI - ok
18:00:24.0640 0x0fe8 [ 9E1CA3160DAFB159CA14F83B1E317F75, 13B3E897B0E819BF734449416D9EC6EBCAC89538EC69BF48C068593B82D57004 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
18:00:24.0765 0x0fe8 ACPIEC - ok
18:00:24.0859 0x0fe8 [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:00:24.0875 0x0fe8 AdobeFlashPlayerUpdateSvc - ok
18:00:24.0890 0x0fe8 adpu160m - ok
18:00:24.0906 0x0fe8 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
18:00:25.0031 0x0fe8 aec - ok
18:00:25.0078 0x0fe8 [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys
18:00:25.0125 0x0fe8 AFD - ok
18:00:25.0140 0x0fe8 Aha154x - ok
18:00:25.0140 0x0fe8 aic78u2 - ok
18:00:25.0156 0x0fe8 aic78xx - ok
18:00:25.0171 0x0fe8 [ 738D80CC01D7BC7584BE917B7F544394, DCC17AAEF5CDDF52FAAC3CC6904EF421CD595F66318A2370BEE261D5C3A8E340 ] Alerter C:\WINDOWS\system32\alrsvc.dll
18:00:25.0312 0x0fe8 Alerter - ok
18:00:25.0343 0x0fe8 [ 190CD73D4984F94D823F9444980513E5, 93A32C2495CCA094F768BA707C74DA5C00B8A88A9236DD1A297439A7C2E6C6FA ] ALG C:\WINDOWS\System32\alg.exe
18:00:25.0406 0x0fe8 ALG - ok
18:00:25.0406 0x0fe8 AliIde - ok
18:00:25.0546 0x0fe8 [ F6AF59D6EEE5E1C304F7F73706AD11D8, F5D39EF40CDB5102A84C8594CFC54DDBD5060E193E6D07421A9003D2ABC63E30 ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys
18:00:25.0703 0x0fe8 Ambfilt - ok
18:00:25.0718 0x0fe8 amsint - ok
18:00:25.0843 0x0fe8 [ 624D29E2D70F83147A79043FD0024D1D, 8B9D4692529155893E3E73E2CF1B0A36354C7032C9524FDCBC5D57562F7F0342 ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe
18:00:25.0875 0x0fe8 AntiVirSchedulerService - ok
18:00:25.0921 0x0fe8 [ 624D29E2D70F83147A79043FD0024D1D, 8B9D4692529155893E3E73E2CF1B0A36354C7032C9524FDCBC5D57562F7F0342 ] AntiVirService C:\Programme\Avira\AntiVir Desktop\avguard.exe
18:00:25.0953 0x0fe8 AntiVirService - ok
18:00:26.0000 0x0fe8 [ D45960BE52C3C610D361977057F98C54, 9186589B502F46B47672CFB8EBD558D51B0F3CBFE4E0DDBA625A4265236518CE ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
18:00:26.0078 0x0fe8 AppMgmt - ok
18:00:26.0078 0x0fe8 asc - ok
18:00:26.0078 0x0fe8 asc3350p - ok
18:00:26.0093 0x0fe8 asc3550 - ok
18:00:26.0203 0x0fe8 [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
18:00:26.0218 0x0fe8 aspnet_state - ok
18:00:26.0250 0x0fe8 [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:00:26.0375 0x0fe8 AsyncMac - ok
18:00:26.0406 0x0fe8 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
18:00:26.0531 0x0fe8 atapi - ok
18:00:26.0546 0x0fe8 Atdisk - ok
18:00:26.0625 0x0fe8 [ 2A27A3A8634FB9E29F539D6D3ED3646A, 08C5E28BB1A3DC856C6B7956F6F47EE0AEFEB82E7E9474848DDFAFD8A627A281 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
18:00:26.0734 0x0fe8 Ati HotKey Poller - ok
18:00:26.0796 0x0fe8 [ 72810C6A63076A480ABCE0E0BA0BC981, 8551F6394A64C1270A573C75BC6EF326300FBC3F8E0BCD6F8BDA58874D65C036 ] ATI Smart C:\WINDOWS\system32\ati2sgag.exe
18:00:26.0859 0x0fe8 ATI Smart - detected UnsignedFile.Multi.Generic ( 1 )
18:00:26.0859 0x0fe8 Detect skipped due to KSN trusted
18:00:26.0859 0x0fe8 ATI Smart - ok
18:00:27.0093 0x0fe8 [ 8763EDE3E0CD40F5C3450571AC57F205, 8564071956609F679C511B87C0328578824A7C1ED08DE22CFC74DF589E6EEEF2 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
18:00:27.0328 0x0fe8 ati2mtag - ok
18:00:27.0375 0x0fe8 [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
18:00:27.0515 0x0fe8 Atmarpc - ok
18:00:27.0546 0x0fe8 [ 58ED0D5452DF7BE732193E7999C6B9A4, 254E2ECF592DDA2E3E6CA9F6F3E77926E2265586A7937BA95199ED47BCDE69A3 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
18:00:27.0687 0x0fe8 AudioSrv - ok
18:00:27.0718 0x0fe8 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
18:00:27.0843 0x0fe8 audstub - ok
18:00:27.0890 0x0fe8 [ AF5DA81B19AFA730F1E5246AD81D140A, 532951071F56896A3B5D47874C14D996C8620EA02F87D4BA21B083EC804FB166 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
18:00:27.0921 0x0fe8 avgntflt - ok
18:00:27.0937 0x0fe8 [ A5674637BCA212D9FE136ADFA04C9857, 95F3632EBB041C539816D285EBE1F379D46A4187379C69D4683D9F4DECBDB80C ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
18:00:27.0953 0x0fe8 avipbb - ok
18:00:27.0968 0x0fe8 [ D8C712305F73CD34D1B344810E522728, 49A474FF6CA44E8427D7A8290B47395125B0148AF384CF2B3B1FA495A4718CBA ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
18:00:27.0984 0x0fe8 avkmgr - ok
18:00:28.0015 0x0fe8 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
18:00:28.0140 0x0fe8 Beep - ok
18:00:28.0218 0x0fe8 [ D6F603772A789BB3228F310D650B8BD1, A539025C70FD998A9B8703DE05CAE5E99BC721D8852EA561EBC2DD20CB371D2E ] BITS C:\WINDOWS\system32\qmgr.dll
18:00:28.0390 0x0fe8 BITS - ok
18:00:28.0437 0x0fe8 [ B42057F06BBB98B31876C0B3F2B54E33, 779AF28378E8D37E784BEDBEE23DCFFC6C9C9068180F2A9058C91047E33ED078 ] Browser C:\WINDOWS\System32\browser.dll
18:00:28.0562 0x0fe8 Browser - ok
18:00:28.0625 0x0fe8 [ 1778EBA872274C1226D869CD9486847E, C76B8E07DD27E038B243A27C9FE6FB168731726638C83ADA29D18EE673D58835 ] Capture Device Service C:\Programme\Gemeinsame Dateien\InterVideo\DeviceService\DevSvc.exe
18:00:28.0640 0x0fe8 Capture Device Service - ok
18:00:28.0781 0x0fe8 catchme - ok
18:00:28.0812 0x0fe8 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
18:00:28.0953 0x0fe8 cbidf2k - ok
18:00:28.0953 0x0fe8 cd20xrnt - ok
18:00:28.0968 0x0fe8 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
18:00:29.0093 0x0fe8 Cdaudio - ok
18:00:29.0109 0x0fe8 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
18:00:29.0234 0x0fe8 Cdfs - ok
18:00:29.0265 0x0fe8 [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
18:00:29.0406 0x0fe8 Cdrom - ok
18:00:29.0406 0x0fe8 Changer - ok
18:00:29.0453 0x0fe8 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E, ACB458E8A11AA2143734A5A0281973D95158E6402A6453F98F9832D1E19B01F9 ] CiSvc C:\WINDOWS\system32\cisvc.exe
18:00:29.0578 0x0fe8 CiSvc - ok
18:00:29.0609 0x0fe8 [ 778A30ED3C134EB7E406AFC407E9997D, 3E6AD115AB2596EB001BC21AEADDBC75F27C42DB90C986B7AD17743CE631234E ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
18:00:29.0734 0x0fe8 ClipSrv - ok
18:00:29.0796 0x0fe8 [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:00:29.0796 0x0fe8 clr_optimization_v2.0.50727_32 - ok
18:00:29.0843 0x0fe8 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:00:29.0859 0x0fe8 clr_optimization_v4.0.30319_32 - ok
18:00:29.0875 0x0fe8 CmdIde - ok
18:00:29.0875 0x0fe8 COMSysApp - ok
18:00:29.0890 0x0fe8 Cpqarray - ok
18:00:29.0921 0x0fe8 [ 611F824E5C703A5A899F84C5F1699E4D, 9EFA5612FE58E9974E4CC13D39D91D7B5DEA3ED66BEFBED3AAE6D2800FD8162A ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
18:00:30.0062 0x0fe8 CryptSvc - ok
18:00:30.0062 0x0fe8 dac2w2k - ok
18:00:30.0062 0x0fe8 dac960nt - ok
18:00:30.0140 0x0fe8 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
18:00:30.0218 0x0fe8 DcomLaunch - ok
18:00:30.0265 0x0fe8 [ C29A1C9B75BA38FA37F8C44405DEC360, 7476D8BC4380CDE56764B2034AF3741DA4ED00F315E41C9A02B5EAD04374F241 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
18:00:30.0406 0x0fe8 Dhcp - ok
18:00:30.0437 0x0fe8 [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
18:00:30.0562 0x0fe8 Disk - ok
18:00:30.0578 0x0fe8 dmadmin - ok
18:00:30.0671 0x0fe8 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA, 89B0AEE5BE01B9FE4FF2989FF16DB6121721ACDFCE6D9655C0ACD321D8C308BE ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
18:00:30.0828 0x0fe8 dmboot - ok
18:00:30.0859 0x0fe8 [ 53720AB12B48719D00E327DA470A619A, 800264866A6267C9000A85D00095D57908D059D737E5F28C9C4049B884C46228 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
18:00:31.0156 0x0fe8 dmio - ok
18:00:31.0187 0x0fe8 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
18:00:31.0312 0x0fe8 dmload - ok
18:00:31.0343 0x0fe8 [ 25C83FFBBA13B554EB6D59A9B2E2EE78, 9FBD655ED3E9163AE11EC207F283E387EFBA5A23108EC790BAE4846B35E66F16 ] dmserver C:\WINDOWS\System32\dmserver.dll
18:00:31.0453 0x0fe8 dmserver - ok
18:00:31.0468 0x0fe8 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
18:00:31.0593 0x0fe8 DMusic - ok
18:00:31.0640 0x0fe8 [ 407F3227AC618FD1CA54B335B083DE07, 96B8E734648FE9A4EBA59C096C8779BD1A11A93A6303AFD438A406C8122D36C6 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
18:00:31.0671 0x0fe8 Dnscache - ok
18:00:31.0734 0x0fe8 [ 676E36C4FF5BCEA1900F44182B9723E6, 740CF18BD40E00FEA26CF0E6340C5D18F7D0B4390055FAEEC258B3AA790C4AE9 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
18:00:31.0859 0x0fe8 Dot3svc - ok
18:00:31.0875 0x0fe8 dpti2o - ok
18:00:31.0890 0x0fe8 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
18:00:32.0000 0x0fe8 drmkaud - ok
18:00:32.0046 0x0fe8 [ 4E4F2FDDAB0A0736D7671134DCCE91FB, 8E2C57D1A006856C47CBDD5765A9DD317DB205B26DA8BFC70555A506257A1CD9 ] EapHost C:\WINDOWS\System32\eapsvc.dll
18:00:32.0187 0x0fe8 EapHost - ok
18:00:32.0218 0x0fe8 [ 178CC9403816C082D22A1D47FA1F9C85, B9AD7199C00D477EBBC15F2DCF78A6BA60C2670DAD0EF0994CEBCCB19111F890 ] ElbyCDIO C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
18:00:32.0234 0x0fe8 ElbyCDIO - ok
18:00:32.0265 0x0fe8 [ 877C18558D70587AA7823A1A308AC96B, 6B336A62112988D855513F45153F73F8470C41A448E9B7438B4A8EC1813AABF1 ] ERSvc C:\WINDOWS\System32\ersvc.dll
18:00:32.0421 0x0fe8 ERSvc - ok
18:00:32.0453 0x0fe8 [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] Eventlog C:\WINDOWS\system32\services.exe
18:00:32.0484 0x0fe8 Eventlog - ok
18:00:32.0531 0x0fe8 [ AF4F6B5739D18CA7972AB53E091CBC74, A399E2CC026730D3A429727AAB48093B9F1E5DD8EB6336519C7F16182FDB3905 ] EventSystem C:\WINDOWS\system32\es.dll
18:00:32.0578 0x0fe8 EventSystem - ok
18:00:32.0593 0x0fe8 [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
18:00:32.0718 0x0fe8 Fastfat - ok
18:00:32.0765 0x0fe8 [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
18:00:32.0812 0x0fe8 FastUserSwitchingCompatibility - ok
18:00:32.0843 0x0fe8 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
18:00:32.0968 0x0fe8 Fdc - ok
18:00:32.0984 0x0fe8 [ B0678A548587C5F1967B0D70BACAD6C1, 7E49910212ED87313F926E4800EA8D34809C287A686CA69B82B79C1A6451F88C ] Fips C:\WINDOWS\system32\drivers\Fips.sys
18:00:33.0109 0x0fe8 Fips - ok
18:00:33.0125 0x0fe8 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
18:00:33.0234 0x0fe8 Flpydisk - ok
18:00:33.0281 0x0fe8 [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
18:00:33.0406 0x0fe8 FltMgr - ok
18:00:33.0468 0x0fe8 [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
18:00:33.0484 0x0fe8 FontCache3.0.0.0 - ok
18:00:33.0593 0x0fe8 [ 3C36885FAD477629BE44BDC2D98682D6, 2A7B79E5896CAC37DB2C77C081B77FBD85F73333F4B50FD408CD0A04A2228239 ] Freemake Improver C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
18:00:33.0593 0x0fe8 Freemake Improver - detected UnsignedFile.Multi.Generic ( 1 )
18:00:33.0593 0x0fe8 Detect skipped due to KSN trusted
18:00:33.0593 0x0fe8 Freemake Improver - ok
18:00:33.0671 0x0fe8 [ 23BA2103F69C7E12138240C86030F954, 2BDA358530FC776B835B90AC551D3FEBD660A97620EA9724DD3A5741DD3AB66D ] FreemakeVideoCapture C:\Programme\Freemake\CaptureLib\CaptureLibService.exe
18:00:33.0687 0x0fe8 FreemakeVideoCapture - detected UnsignedFile.Multi.Generic ( 1 )
18:00:33.0687 0x0fe8 Detect skipped due to KSN trusted
18:00:33.0687 0x0fe8 FreemakeVideoCapture - ok
18:00:33.0703 0x0fe8 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:00:33.0828 0x0fe8 Fs_Rec - ok
18:00:33.0843 0x0fe8 [ 8F1955CE42E1484714B542F341647778, 8EB3F99625F409D3032561E8AB44BEFBFBFBA4EC873C2151C92A5CAAF7F2AA55 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
18:00:33.0968 0x0fe8 Ftdisk - ok
18:00:34.0015 0x0fe8 [ 9599A713E1776B8F69300FC9008F33C1, 8C1836847319D492EA6DC5DE3D4C57DB580B903F8B2AEFCD13B5E6054CE6B722 ] getPlusHelper C:\Programme\NOS\bin\getPlus_Helper.dll
18:00:34.0031 0x0fe8 getPlusHelper - ok
18:00:34.0062 0x0fe8 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
18:00:34.0187 0x0fe8 Gpc - ok
18:00:34.0250 0x0fe8 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Programme\Google\Update\GoogleUpdate.exe
18:00:34.0265 0x0fe8 gupdate - ok
18:00:34.0265 0x0fe8 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe
18:00:34.0281 0x0fe8 gupdatem - ok
18:00:34.0312 0x0fe8 [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
18:00:34.0328 0x0fe8 gusvc - ok
18:00:34.0375 0x0fe8 [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
18:00:34.0500 0x0fe8 HDAudBus - ok
18:00:34.0562 0x0fe8 [ CB66BF85BF599BEFD6C6A57C2E20357F, 55D3A0F9279FF316766F42548FCB61C452942B08A37590C4892DF110BE4E53C6 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
18:00:34.0687 0x0fe8 helpsvc - ok
18:00:34.0734 0x0fe8 [ 76E15E6D2E405D5020736A6C912968BA, F87BBF0782A89A3340C3FEC58CF2DEF35BBE11B69BE1B29DB57BF45FF4A592E3 ] HIDKbFlt C:\WINDOWS\system32\drivers\HIDKbFlt.sys
18:00:34.0734 0x0fe8 HIDKbFlt - detected UnsignedFile.Multi.Generic ( 1 )
18:00:34.0734 0x0fe8 Detect skipped due to KSN trusted
18:00:34.0734 0x0fe8 HIDKbFlt - ok
18:00:34.0781 0x0fe8 [ B35DA85E60C0103F2E4104532DA2F12B, E13C9F73DF7713554CB614B36123D75014F5121AA1FC9069733E61758751CBE4 ] HidServ C:\WINDOWS\System32\hidserv.dll
18:00:34.0890 0x0fe8 HidServ - ok
18:00:34.0921 0x0fe8 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
18:00:35.0046 0x0fe8 HidUsb - ok
18:00:35.0093 0x0fe8 [ ED29F14101523A6E0E808107405D452C, B8FA987637787BEECC2EB06D36293DAC355523392B49A8C5A9491EEE961917E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
18:00:35.0218 0x0fe8 hkmsvc - ok
18:00:35.0218 0x0fe8 hpn - ok
18:00:35.0265 0x0fe8 [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
18:00:35.0312 0x0fe8 HTTP - ok
18:00:35.0343 0x0fe8 [ 9E4ADB854CEBCFB81A4B36718FEECD16, 677AB64460775686F8366D6BF35D420A2486C3F07338A00A7C2788A5142B9F08 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
18:00:35.0468 0x0fe8 HTTPFilter - ok
18:00:35.0484 0x0fe8 i2omgmt - ok
18:00:35.0484 0x0fe8 i2omp - ok
18:00:35.0515 0x0fe8 [ E283B97CFBEB86C1D86BAED5F7846A92, 7664F791D08C80DF1E52B34BE69F073AA645610C4BD975F498254807602374AB ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
18:00:35.0640 0x0fe8 i8042prt - ok
18:00:35.0765 0x0fe8 [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:00:35.0812 0x0fe8 idsvc - ok
18:00:35.0843 0x0fe8 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
18:00:35.0953 0x0fe8 Imapi - ok
18:00:36.0000 0x0fe8 [ D4B413AA210C21E46AEDD2BA5B68D38E, 2309622867AA8FC832A729FA78F48742D4BD6CA0DAFBFB9DDB0772D671E1ED75 ] ImapiService C:\WINDOWS\system32\imapi.exe
18:00:36.0125 0x0fe8 ImapiService - ok
18:00:36.0140 0x0fe8 ini910u - ok
18:00:36.0468 0x0fe8 [ 2B1CDDFE53715372B2677ACE12FC9FE5, 40061A5CC3864A5B5A44212AFC493983087D54C603DCE3E9C291D8F9E846E26B ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
18:00:36.0796 0x0fe8 IntcAzAudAddService - ok
18:00:36.0828 0x0fe8 IntelIde - ok
18:00:36.0859 0x0fe8 [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
18:00:36.0984 0x0fe8 Ip6Fw - ok
18:00:37.0015 0x0fe8 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:00:37.0156 0x0fe8 IpFilterDriver - ok
18:00:37.0171 0x0fe8 [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
18:00:37.0296 0x0fe8 IpInIp - ok
18:00:37.0343 0x0fe8 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
18:00:37.0468 0x0fe8 IpNat - ok
18:00:37.0484 0x0fe8 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
18:00:37.0625 0x0fe8 IPSec - ok
18:00:37.0640 0x0fe8 [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
18:00:37.0718 0x0fe8 IRENUM - ok
18:00:37.0734 0x0fe8 [ 6DFB88F64135C525433E87648BDA30DE, 8233EEFBEF36AAA152F2C55D23D7118F0DE40C9C22EB5D9793405A4770889540 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
18:00:37.0843 0x0fe8 isapnp - ok
18:00:37.0890 0x0fe8 [ 4AC11B2250106774F694DF2DB4FFED61, 99D0FF40CE5B6BCB46966770B0BC1C9FED9FF23D2635B2C9B1B148BE83B395AA ] Iviaspi C:\WINDOWS\system32\drivers\iviaspi.sys
18:00:37.0906 0x0fe8 Iviaspi - detected UnsignedFile.Multi.Generic ( 1 )
18:00:37.0906 0x0fe8 Detect skipped due to KSN trusted
18:00:37.0906 0x0fe8 Iviaspi - ok
18:00:37.0921 0x0fe8 [ 7BD8FF29FECC1F4EF5B26CE3FFA80AE8, AAA32579A1CF3FE0AB1627F3D7929CA62A3A8D9E27A1CD64F027C1DF999ECBFD ] iviVD C:\WINDOWS\system32\DRIVERS\iviVD.sys
18:00:37.0984 0x0fe8 iviVD - ok
18:00:38.0015 0x0fe8 [ 1704D8C4C8807B889E43C649B478A452, E854C90CD301F42BE2520CEDAD35E49DF2D43606CF4EEED861B74882118D04D1 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
18:00:38.0140 0x0fe8 Kbdclass - ok
18:00:38.0171 0x0fe8 [ B6D6C117D771C98130497265F26D1882, E79CC4EA5C088F988BA61F80764F9CAD9B78BC56A7E17DD54622C75483BC5DF4 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
18:00:38.0296 0x0fe8 kbdhid - ok
18:00:38.0328 0x0fe8 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
18:00:38.0453 0x0fe8 kmixer - ok
18:00:38.0500 0x0fe8 [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
18:00:38.0546 0x0fe8 KSecDD - ok
18:00:38.0593 0x0fe8 [ 2BBDCB79900990F0716DFCB714E72DE7, 6283789201164A9254632D9A3C8A54FE697717D5F8D5A37804D924DC2B70C8E3 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
18:00:38.0625 0x0fe8 lanmanserver - ok
18:00:38.0671 0x0fe8 [ 1869B14B06B44B44AF70548E1EA3303F, 4D63B4DAF580C86F86837C7D1753E2105B4C52E26D4CA0CAAFE83755EFF7AFBE ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
18:00:38.0703 0x0fe8 lanmanworkstation - ok
18:00:38.0703 0x0fe8 lbrtfdc - ok
18:00:38.0750 0x0fe8 [ 636714B7D43C8D0C80449123FD266920, F06F6C7DC49B26EFCAC3570C67BA9BD934F62C6F382DA4DD2AB302C7B970F414 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
18:00:38.0875 0x0fe8 LmHosts - ok
18:00:38.0906 0x0fe8 [ FFB32E70D735146F5630DC7A96B6E1A8, DE1A8CF40FB077FA9AB04D4C292DBD8E42643A822CA5C4B90EC992802EF6765E ] mbamchameleon C:\WINDOWS\system32\drivers\mbamchameleon.sys
18:00:38.0921 0x0fe8 mbamchameleon - ok
18:00:38.0953 0x0fe8 [ 8E2E9CCD873ABF180F48BCAEEEBE347D, 35DBBB8E63B480151EA5701D9DB7C90642FA2391D044DB400D3644F3E21BB0C1 ] MBAMSwissArmy C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
18:00:38.0968 0x0fe8 MBAMSwissArmy - ok
18:00:39.0062 0x0fe8 [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1FFB32B2AF9D5D8 ] MDM C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
18:00:39.0093 0x0fe8 MDM - ok
18:00:39.0109 0x0fe8 [ B7550A7107281D170CE85524B1488C98, A3854B16A65436BEF6BEDE918B43B3BE8F00D303660DB5831DD376271DC43239 ] Messenger C:\WINDOWS\System32\msgsvc.dll
18:00:39.0250 0x0fe8 Messenger - ok
18:00:39.0281 0x0fe8 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
18:00:39.0390 0x0fe8 mnmdd - ok
18:00:39.0421 0x0fe8 [ C2F1D365FD96791B037EE504868065D3, 87BD87E08FD00D115524B049F1A3A719AB86557D68968E7090CD0F271F985CAF ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
18:00:39.0546 0x0fe8 mnmsrvc - ok
18:00:39.0593 0x0fe8 [ 6FB74EBD4EC57A6F1781DE3852CC3362, 0454509D9A31E0202C08AE17294E2682F227D177A3C73B303E4C8332757AFCA1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
18:00:39.0718 0x0fe8 Modem - ok
18:00:39.0828 0x0fe8 [ 9FA7207D1B1ADEAD88AE8EED9CDBBAA5, 2AC3875B2E7D9B0692253A9867B940CF214DE03574808B42C3702843BC1D5696 ] Monfilt C:\WINDOWS\system32\drivers\Monfilt.sys
18:00:39.0921 0x0fe8 Monfilt - ok
18:00:39.0953 0x0fe8 [ B24CE8005DEAB254C0251E15CB71D802, 6804A8ABDAD5EC846E7F8077D1EE9BA45D6226ACFF42C70BE3DE7C8980EF9EC4 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
18:00:40.0062 0x0fe8 Mouclass - ok
18:00:40.0078 0x0fe8 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
18:00:40.0203 0x0fe8 MountMgr - ok
18:00:40.0265 0x0fe8 [ 81E8AF6407EC3F41908FE37F054353EA, 756C7656ED68AEAE4225E952ED1CED0717264D3378DB8DF0B2D70B6EBC67C62F ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
18:00:40.0281 0x0fe8 MozillaMaintenance - ok
18:00:40.0281 0x0fe8 mraid35x - ok
18:00:40.0296 0x0fe8 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
18:00:40.0437 0x0fe8 MRxDAV - ok
18:00:40.0500 0x0fe8 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:00:40.0578 0x0fe8 MRxSmb - ok
18:00:40.0609 0x0fe8 [ 35A031AF38C55F92D28AA03EE9F12CC9, 97245D204C886EE8DCCC2DEAC80A0E358A7E0C1982F77389DA50DCF091FC9DDC ] MSDTC C:\WINDOWS\system32\msdtc.exe
18:00:40.0718 0x0fe8 MSDTC - ok
18:00:40.0734 0x0fe8 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
18:00:40.0859 0x0fe8 Msfs - ok
18:00:40.0859 0x0fe8 MSIServer - ok
18:00:40.0906 0x0fe8 [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:00:41.0015 0x0fe8 MSKSSRV - ok
18:00:41.0031 0x0fe8 [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:00:41.0140 0x0fe8 MSPCLOCK - ok
18:00:41.0140 0x0fe8 [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
18:00:41.0250 0x0fe8 MSPQM - ok
18:00:41.0281 0x0fe8 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
18:00:41.0390 0x0fe8 mssmbios - ok
18:00:41.0437 0x0fe8 [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
18:00:41.0484 0x0fe8 Mup - ok
18:00:41.0531 0x0fe8 [ 46BB15AE2AC7D025D6D2567B876817BD, 102A101B96D1078C98FA0F871C801A9A8538E20E5686AB0C7680B2F6C92B3165 ] napagent C:\WINDOWS\System32\qagentrt.dll
18:00:41.0656 0x0fe8 napagent - ok
18:00:41.0718 0x0fe8 [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
18:00:41.0843 0x0fe8 NDIS - ok
18:00:41.0875 0x0fe8 [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:00:41.0921 0x0fe8 NdisTapi - ok
18:00:41.0937 0x0fe8 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:00:42.0031 0x0fe8 Ndisuio - ok
18:00:42.0046 0x0fe8 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:00:42.0171 0x0fe8 NdisWan - ok
18:00:42.0203 0x0fe8 [ 9282BD12DFB069D3889EB3FCC1000A9B, 09A46F1712BD9165068D8E153585FE3E6E5CBF4F1DDEC142115555D3A91AEC09 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
18:00:42.0281 0x0fe8 NDProxy - ok
18:00:42.0312 0x0fe8 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
18:00:42.0437 0x0fe8 NetBIOS - ok
18:00:42.0453 0x0fe8 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
18:00:42.0578 0x0fe8 NetBT - ok
18:00:42.0609 0x0fe8 [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDE C:\WINDOWS\system32\netdde.exe
18:00:42.0734 0x0fe8 NetDDE - ok
18:00:42.0750 0x0fe8 [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
18:00:42.0859 0x0fe8 NetDDEdsdm - ok
18:00:42.0906 0x0fe8 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] Netlogon C:\WINDOWS\system32\lsass.exe
18:00:43.0015 0x0fe8 Netlogon - ok
18:00:43.0031 0x0fe8 [ E6D88F1F6745BF00B57E7855A2AB696C, 12A5EDD853600FF5EBF91E127077745AE1E61E66DBC1D4D4306570F171AF4A39 ] Netman C:\WINDOWS\System32\netman.dll
18:00:43.0156 0x0fe8 Netman - ok
18:00:43.0203 0x0fe8 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:00:43.0218 0x0fe8 NetTcpPortSharing - ok
18:00:43.0250 0x0fe8 [ F1B67B6B0751AE0E6E964B02821206A3, 3D5A7593ABDEE2047C5738671C85DC8B95A4ECF58D5D7B04EEE13A689839A540 ] Nla C:\WINDOWS\System32\mswsock.dll
18:00:43.0296 0x0fe8 Nla - ok
18:00:43.0359 0x0fe8 [ 7AEA4DF1CA68FD45DD4BBE1F0243CE7F, 4CCE820F455512C41E4F98109FA6F048907DD3452D5A00D5F885C77F93C9C105 ] NMSAccess C:\Programme\CDBurnerXP\NMSAccessU.exe
18:00:43.0375 0x0fe8 NMSAccess - ok
18:00:43.0421 0x0fe8 [ B48DC6ABCD3AEFF8618350CCBDC6B09A, 824D8B03E061DDD0D33EF9F03C669B13E7B6E339684009BD44D69178C45E2DE1 ] npf C:\WINDOWS\system32\drivers\npf.sys
18:00:43.0421 0x0fe8 npf - ok
18:00:43.0468 0x0fe8 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
18:00:43.0593 0x0fe8 Npfs - ok
18:00:43.0640 0x0fe8 [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
18:00:43.0812 0x0fe8 Ntfs - ok
18:00:43.0843 0x0fe8 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
18:00:43.0968 0x0fe8 NtLmSsp - ok
18:00:44.0046 0x0fe8 [ 56AF4064996FA5BAC9C449B1514B4770, 154602EFEC22728503D4ABA025DF711B0F2CFC983F5E3BF25F2A4BCD1AE250EC ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
18:00:44.0187 0x0fe8 NtmsSvc - ok
18:00:44.0218 0x0fe8 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
18:00:44.0328 0x0fe8 Null - ok
18:00:44.0937 0x0fe8 [ 5AFC57ED9FE985DE99FC8A37884DAE10, B541C359108CC9D8864FE06AF0D4A77C7052C278AD4225A96180F5F96AD21381 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
18:00:45.0515 0x0fe8 nv - ok
18:00:45.0578 0x0fe8 [ EFC9A7307691E3C3DB8D2AA81A778356, EC9A04DC1828C3B4478A78F6DD8F702547902B8A12FF50E517D6A16751F6C910 ] NVHDA C:\WINDOWS\system32\drivers\nvhda32.sys
18:00:45.0593 0x0fe8 NVHDA - ok
18:00:45.0640 0x0fe8 [ F0FA6A2FE9DD2D164208384764110A36, 91F4A4CE9E3E9A5F014BCAD461958C773BC599510A7B7652EA4E2582A3FF52E6 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
18:00:45.0656 0x0fe8 NVSvc - ok
18:00:45.0843 0x0fe8 [ 005E474630A7AA05A617C574B702FEED, E7B8181232DAA787EE8B98DDB5775E4B33C82B4D2E4A27D3DCD9FBAA6663BD97 ] nvUpdatusService C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
18:00:45.0953 0x0fe8 nvUpdatusService - ok
18:00:45.0984 0x0fe8 [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
18:00:46.0109 0x0fe8 NwlnkFlt - ok
18:00:46.0125 0x0fe8 [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
18:00:46.0234 0x0fe8 NwlnkFwd - ok
18:00:46.0281 0x0fe8 [ F84785660305B9B903FB3BCA8BA29837, BDBDE61076800415D98759077E9E039C80B55DBE68E31F8BF44A909C6C3D3276 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
18:00:46.0390 0x0fe8 Parport - ok
18:00:46.0406 0x0fe8 [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
18:00:46.0515 0x0fe8 PartMgr - ok
18:00:46.0562 0x0fe8 [ C2BF987829099A3EAA2CA6A0A90ECB4F, 1DF21EA8E43875CFEECD869407429F82FB449707CFB845718499468E699BAAAA ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
18:00:46.0671 0x0fe8 ParVdm - ok
18:00:46.0703 0x0fe8 [ 387E8DEDC343AA2D1EFBC30580273ACD, 5F3E642BDB759777E570ED5B22AC7E93CDCD362708F281657AD7BAB44EDEC802 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
18:00:46.0843 0x0fe8 PCI - ok
18:00:46.0843 0x0fe8 PCIDump - ok
18:00:46.0875 0x0fe8 [ 59BA86D9A61CBCF4DF8E598C331F5B82, 822D11C5CE77BFD7B2F25350CCBF92B0B9388EEA6D86ED220B768C720976D839 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
18:00:47.0000 0x0fe8 PCIIde - ok
18:00:47.0031 0x0fe8 [ A2A966B77D61847D61A3051DF87C8C97, 6CED7CA26DC62B0AAFC83A2E07336DAD25954491201BB8E06103971F3F0B8B51 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
18:00:47.0140 0x0fe8 Pcmcia - ok
18:00:47.0156 0x0fe8 PDCOMP - ok
18:00:47.0156 0x0fe8 PDFRAME - ok
18:00:47.0156 0x0fe8 PDRELI - ok
18:00:47.0171 0x0fe8 PDRFRAME - ok
18:00:47.0171 0x0fe8 perc2 - ok
18:00:47.0187 0x0fe8 perc2hib - ok
18:00:47.0218 0x0fe8 [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] PlugPlay C:\WINDOWS\system32\services.exe
18:00:47.0234 0x0fe8 PlugPlay - ok
18:00:47.0265 0x0fe8 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
18:00:47.0359 0x0fe8 PolicyAgent - ok
18:00:47.0375 0x0fe8 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:00:47.0484 0x0fe8 PptpMiniport - ok
18:00:47.0500 0x0fe8 [ 2CB55427C58679F49AD600FCCBA76360, 2B5242E9637FCB6A7C16F720C9D8D440AA88B61FB5F108B295A208886C01C4D1 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
18:00:47.0609 0x0fe8 Processor - ok
18:00:47.0609 0x0fe8 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
18:00:47.0718 0x0fe8 ProtectedStorage - ok
18:00:47.0734 0x0fe8 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
18:00:47.0859 0x0fe8 PSched - ok
18:00:47.0890 0x0fe8 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
18:00:48.0000 0x0fe8 Ptilink - ok
18:00:48.0000 0x0fe8 ql1080 - ok
18:00:48.0015 0x0fe8 Ql10wnt - ok
18:00:48.0015 0x0fe8 ql12160 - ok
18:00:48.0031 0x0fe8 ql1240 - ok
18:00:48.0031 0x0fe8 ql1280 - ok
18:00:48.0046 0x0fe8 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:00:48.0156 0x0fe8 RasAcd - ok
18:00:48.0187 0x0fe8 [ F5BA6CACCDB66C8F048E867563203246, AFEAD8FC02313F7EBC8F9F39E7ED2868852B480BE3902FA7BD0AFD81492AB243 ] RasAuto C:\WINDOWS\System32\rasauto.dll
18:00:48.0312 0x0fe8 RasAuto - ok
18:00:48.0328 0x0fe8 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:00:48.0453 0x0fe8 Rasl2tp - ok
18:00:48.0500 0x0fe8 [ F9A7B66EA345726EDB5862A46B1ECCD5, 5D35429D394D36A1692A7E219BA1A85CD8096FEAE0F90BFE036A63118FEDBF57 ] RasMan C:\WINDOWS\System32\rasmans.dll
18:00:48.0609 0x0fe8 RasMan - ok
18:00:48.0640 0x0fe8 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:00:48.0750 0x0fe8 RasPppoe - ok
18:00:48.0765 0x0fe8 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
18:00:49.0078 0x0fe8 Raspti - ok
18:00:49.0140 0x0fe8 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:00:49.0265 0x0fe8 Rdbss - ok
18:00:49.0281 0x0fe8 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
18:00:49.0390 0x0fe8 RDPCDD - ok
18:00:49.0421 0x0fe8 [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
18:00:49.0531 0x0fe8 rdpdr - ok
18:00:49.0578 0x0fe8 [ FC105DD312ED64EB66BFF111E8EC6EAC, 1B29D928DDD43A1929D5A788648536603EA60AF6D4EC9BF0B20AD7F71BD88ACB ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
18:00:49.0640 0x0fe8 RDPWD - ok
18:00:49.0671 0x0fe8 [ 263AF18AF0F3DB99F574C95F284CCEC9, 2BFA9952E97EFEB386FC56EC2C125080CD12DAC078DBE43C395CB4D9F22165D3 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
18:00:49.0796 0x0fe8 RDSessMgr - ok
18:00:49.0921 0x0fe8 [ 96EFEC24346A8EB1157E80523079ADDC, 7F8FC284029856C754E400B6C954369FFE27763C81D8F4AF4E58BFDD44CBC24A ] RealNetworks Downloader Resolver Service C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe
18:00:49.0937 0x0fe8 RealNetworks Downloader Resolver Service - ok
18:00:49.0968 0x0fe8 [ ED761D453856F795A7FE056E42C36365, EF026585B33415D8FCE94A9F27D7A4396C7C35C88E06A4CF0FEA702401E8597A ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
18:00:50.0109 0x0fe8 redbook - ok
18:00:50.0171 0x0fe8 [ 0E97EC96D6942CEEC2D188CC2EB69A01, D4253B4420BEF19451A55AB91E4834482181A31A31134F6E2AFE05C8E20C81A5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
18:00:50.0296 0x0fe8 RemoteAccess - ok
18:00:50.0343 0x0fe8 [ E4CD1F3D84E1C2CA0B8CF7501E201593, 649CC0B04F94D407EB6B4C7FDE2C6E4D2B1531307BC67C5775E44D66EF2E4F8A ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
18:00:50.0453 0x0fe8 RemoteRegistry - ok
18:00:50.0484 0x0fe8 [ 2A02E21867497DF20B8FC95631395169, D89E2D17ED4E1C727847C0E92D2DF68AEB70BF0B956BD2FE024ED70A961759D2 ] RpcLocator C:\WINDOWS\system32\locator.exe
18:00:50.0593 0x0fe8 RpcLocator - ok
18:00:50.0640 0x0fe8 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] RpcSs C:\WINDOWS\System32\rpcss.dll
18:00:50.0671 0x0fe8 RpcSs - ok
18:00:50.0718 0x0fe8 [ 4BDD71B4B521521499DFD14735C4F398, 7B1498D3C67E56D05B58B7DA319ECB0117C37963AABB0E59B42831C087469DA1 ] RSVP C:\WINDOWS\system32\rsvp.exe
18:00:50.0843 0x0fe8 RSVP - ok
18:00:50.0890 0x0fe8 [ 00FD6811350E175585ABCF7D4A61DD90, 00B54CB6547E47E6A2B8AE4BB220E68BBFECF2188CB7DFE651B50F7FE6AC7E9D ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
18:00:50.0937 0x0fe8 RTLE8023xp - ok
18:00:50.0953 0x0fe8 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] SamSs C:\WINDOWS\system32\lsass.exe
18:00:51.0062 0x0fe8 SamSs - ok
18:00:51.0109 0x0fe8 [ DCEC079FAD95D36C8DD5CB6D779DFE32, F8546552D939A225853A0CE4913701A93738DF02C999D16E141E9A828814BBC6 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
18:00:51.0234 0x0fe8 SCardSvr - ok
18:00:51.0281 0x0fe8 [ A050194A44D7FA8D7186ED2F4E8367AE, BCDF56D5A2F9E202DC67E7FE4BCC617BCC0BDFF2D221A621020068B17B2855BB ] Schedule C:\WINDOWS\system32\schedsvc.dll
18:00:51.0390 0x0fe8 Schedule - ok
18:00:51.0421 0x0fe8 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
18:00:51.0484 0x0fe8 Secdrv - ok
18:00:51.0515 0x0fe8 [ BEE4CFD1D48C23B44CF4B974B0B79B2B, DF3B02D713F8A4602BE75F004074D5DF79AFF2D58FF37110B2A6AC29F680758B ] seclogon C:\WINDOWS\System32\seclogon.dll
18:00:51.0625 0x0fe8 seclogon - ok
18:00:51.0656 0x0fe8 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3, 95D83F054A6610328D56E56CD948A6618C590231853E56FC20E7557DB61384A4 ] SENS C:\WINDOWS\system32\sens.dll
18:00:51.0765 0x0fe8 SENS - ok
18:00:51.0796 0x0fe8 [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
18:00:51.0906 0x0fe8 serenum - ok
18:00:51.0921 0x0fe8 [ CF24EB4F0412C82BCD1F4F35A025E31D, B74CB094126F5C23F601C34D53B2DF5BE3E5918230AC9DCFCFFA8E66B3A0FA25 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
18:00:52.0046 0x0fe8 Serial - ok
18:00:52.0078 0x0fe8 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
18:00:52.0203 0x0fe8 Sfloppy - ok
18:00:52.0250 0x0fe8 [ CAD058D5F8B889A87CA3EB3CF624DCEF, A7CDCF44261D1F4D820927253EA8EBB63714B7BAFF8B08DE073507D9A7EEA5BB ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
18:00:52.0406 0x0fe8 SharedAccess - ok
18:00:52.0437 0x0fe8 [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
18:00:52.0453 0x0fe8 ShellHWDetection - ok
18:00:52.0453 0x0fe8 Simbad - ok
18:00:52.0468 0x0fe8 Sparrow - ok
18:00:52.0500 0x0fe8 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
18:00:52.0609 0x0fe8 splitter - ok
18:00:52.0656 0x0fe8 [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe
18:00:52.0687 0x0fe8 Spooler - ok
18:00:52.0718 0x0fe8 [ 50FA898F8C032796D3B1B9951BB5A90F, 1C86273EC19EB96D6DB9CE6670C00683B77C99C42CC2F7E75BC50872B93446B1 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
18:00:52.0781 0x0fe8 sr - ok
18:00:52.0828 0x0fe8 [ FE77A85495065F3AD59C5C65B6C54182, EB4BAF992F961B2FD5D24BFCB6BCB2142BC32933139A818835FEAB190E4283BB ] srservice C:\WINDOWS\system32\srsvc.dll
18:00:52.0906 0x0fe8 srservice - ok
18:00:52.0968 0x0fe8 [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
18:00:53.0046 0x0fe8 Srv - ok
18:00:53.0093 0x0fe8 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500, 2971D7D45D6942D310D47DBD19B9680D2D29527E79B86133C72217FD29259465 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
18:00:53.0171 0x0fe8 SSDPSRV - ok
18:00:53.0187 0x0fe8 [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
18:00:53.0203 0x0fe8 ssmdrv - ok
18:00:53.0234 0x0fe8 [ 3F0164FBC0BD1ADBD02DF9759181451A, 8BDAA0373BD16B38407F93FE5C697481D4D88C72B1931D6A7B9F80C0276242B9 ] ss_bbus C:\WINDOWS\system32\DRIVERS\ss_bbus.sys
18:00:53.0250 0x0fe8 ss_bbus - ok
18:00:53.0296 0x0fe8 [ B89D62206034E5FE573C80A24DD55675, 26D12E2A7CB538DDEEA7B764242E9EAE25E0A46293AE3608E6B7DD71AECBA901 ] ss_bmdfl C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys
18:00:53.0296 0x0fe8 ss_bmdfl - ok
18:00:53.0343 0x0fe8 [ 1ED0FCEA586FE2A416EE15196E5631DD, AF1EBAD7D580BF85ACD6C6287892DE4E7A679852887B9E866A032B1DDCF26183 ] ss_bmdm C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys
18:00:53.0359 0x0fe8 ss_bmdm - ok
18:00:53.0406 0x0fe8 [ 994D2E5378CC337EC7DD73C1E04FCAA4, 4320B6EFF5CFA40DCD7EF1ED1BB79AC29D5FC34FCFA97BA97333CB5ABD741E05 ] ss_bserd C:\WINDOWS\system32\DRIVERS\ss_bserd.sys
18:00:53.0406 0x0fe8 ss_bserd - ok
18:00:53.0468 0x0fe8 [ F92254B0BCFCD10CAAC7BCCC7CB7F467, A44B569F658BED53502C9155947759EE67FABEE306DA2A9ABE87141F99B251A3 ] StarOpen C:\WINDOWS\system32\drivers\StarOpen.sys
18:00:53.0484 0x0fe8 StarOpen - detected UnsignedFile.Multi.Generic ( 1 )
18:00:53.0484 0x0fe8 Detect skipped due to KSN trusted
18:00:53.0484 0x0fe8 StarOpen - ok
18:00:53.0546 0x0fe8 [ BC2C5985611C5356B24AEB370953DED9, 15CBAB8166827DC098E2B16AB6F49A1441A4CB52AF3588F0AD964CAB596DFE10 ] stisvc C:\WINDOWS\system32\wiaservc.dll
18:00:53.0703 0x0fe8 stisvc - ok
18:00:53.0750 0x0fe8 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
18:00:53.0859 0x0fe8 swenum - ok
18:00:53.0875 0x0fe8 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
18:00:54.0000 0x0fe8 swmidi - ok
18:00:54.0000 0x0fe8 SwPrv - ok
18:00:54.0015 0x0fe8 symc810 - ok
18:00:54.0015 0x0fe8 symc8xx - ok
18:00:54.0015 0x0fe8 sym_hi - ok
18:00:54.0031 0x0fe8 sym_u3 - ok
18:00:54.0046 0x0fe8 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
18:00:54.0171 0x0fe8 sysaudio - ok
18:00:54.0203 0x0fe8 [ 2903FFFA2523926D6219428040DCE6B9, 4F13181931B0499F6C3F08138054DBCD1F84CB9806999A9172B80DE79D446F62 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
18:00:54.0328 0x0fe8 SysmonLog - ok
18:00:54.0375 0x0fe8 [ 05903CAC4B98908D55EA5774775B382E, AC3666CBD894D737874A5998DC7F46A0A51A7B23B1835FC735B9AD503A2191CC ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
18:00:54.0500 0x0fe8 TapiSrv - ok
18:00:54.0562 0x0fe8 [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:00:54.0625 0x0fe8 Tcpip - ok
18:00:54.0656 0x0fe8 [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
18:00:54.0750 0x0fe8 TDPIPE - ok
18:00:54.0781 0x0fe8 [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
18:00:54.0890 0x0fe8 TDTCP - ok
18:00:54.0906 0x0fe8 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
18:00:55.0000 0x0fe8 TermDD - ok
18:00:55.0062 0x0fe8 [ B7DE02C863D8F5A005A7BF375375A6A4, 6DE05A7B28CA5A78D58536347FC47F15883EEDBEF487CEA0117CC280FC582DCC ] TermService C:\WINDOWS\System32\termsrv.dll
18:00:55.0359 0x0fe8 TermService - ok
18:00:55.0390 0x0fe8 [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] Themes C:\WINDOWS\System32\shsvcs.dll
18:00:55.0406 0x0fe8 Themes - ok
18:00:55.0437 0x0fe8 [ 03681A1CE77F51586903869A5AB1DEAB, E2EC0A481412166B654682C2F3D953E96E757466135CBD2D813B967EDB13C721 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
18:00:55.0515 0x0fe8 TlntSvr - ok
18:00:55.0515 0x0fe8 TosIde - ok
18:00:55.0562 0x0fe8 [ 626504572B175867F30F3215C04B3E2F, 47E87CE9BC666D5CB5953C5D497DC00A7CC28F8EC0A064B3E47700279C5C4B91 ] TrkWks C:\WINDOWS\system32\trkwks.dll
18:00:55.0687 0x0fe8 TrkWks - ok
18:00:55.0703 0x0fe8 [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
18:00:55.0812 0x0fe8 Udfs - ok
18:00:55.0890 0x0fe8 [ 4BD2C322118A2470B450492A0C3302F9, 31DD44C09F0165147B6E68F3865AF4EC3CF36C3D637501025076F748475DD38F ] UleadBurningHelper C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe
18:00:55.0906 0x0fe8 UleadBurningHelper - ok
18:00:55.0906 0x0fe8 ultra - ok
18:00:55.0953 0x0fe8 [ AB0A7CA90D9E3D6A193905DC1715DED0, CA764A2B92E727E3398134CD50D5622B4EC387436A3644063DA1D114CE63BD64 ] UMWdf C:\WINDOWS\system32\wdfmgr.exe
18:00:55.0984 0x0fe8 UMWdf - ok
18:00:56.0046 0x0fe8 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
18:00:56.0187 0x0fe8 Update - ok
18:00:56.0234 0x0fe8 [ 1DFD8975D8C89214B98D9387C1125B49, 0B6B268487C8E45E9B86BF4A0A9DB669E0E45D600DE3C82B63F9986CA9E01082 ] upnphost C:\WINDOWS\System32\upnphost.dll
18:00:56.0296 0x0fe8 upnphost - ok
18:00:56.0328 0x0fe8 [ 9B11E6118958E63E1FEF129466E2BDA7, 97168BCE3F4A9BB9E6500F05E34851FB957B219C598944FADC28AC0011C0503B ] UPS C:\WINDOWS\System32\ups.exe
18:00:56.0453 0x0fe8 UPS - ok
18:00:56.0484 0x0fe8 [ E919708DB44ED8543A7C017953148330, 226D032912D396117213FC29CD0BB5A8B2F872DD91D92F254F2F1FE392481B61 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
18:00:56.0609 0x0fe8 usbaudio - ok
18:00:56.0640 0x0fe8 [ 173F317CE0DB8E21322E71B7E60A27E8, 7042441BA63AE38AE9D7BE0BC5CA7404FC9EE5BB3F084604A68F01E82769652A ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
18:00:56.0750 0x0fe8 usbccgp - ok
18:00:56.0781 0x0fe8 [ 65DCF09D0E37D4C6B11B5B0B76D470A7, 90EBA8BAF45932B453D905EDF2BDDDF3A432BFD50B9F7DF58CDEAE98D11C2E2F ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
18:00:56.0890 0x0fe8 usbehci - ok
18:00:56.0937 0x0fe8 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
18:00:57.0046 0x0fe8 usbhub - ok
18:00:57.0062 0x0fe8 [ 0DAECCE65366EA32B162F85F07C6753B, 3C33AC2FC95E876933F2016CF0CDA2745491679728684DA8DF95A515CE4804BD ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
18:00:57.0171 0x0fe8 usbohci - ok
18:00:57.0187 0x0fe8 [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
18:00:57.0312 0x0fe8 usbprint - ok
18:00:57.0343 0x0fe8 [ A0B8CF9DEB1184FBDD20784A58FA75D4, D8AFD45BD9CF7B02F2554AA6085194DE82893AF794EDF479BC9B9E9C1758DC75 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
18:00:57.0468 0x0fe8 usbscan - ok
18:00:57.0500 0x0fe8 [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
18:00:57.0609 0x0fe8 USBSTOR - ok
18:00:57.0656 0x0fe8 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
18:00:57.0765 0x0fe8 VgaSave - ok
18:00:57.0765 0x0fe8 ViaIde - ok
18:00:57.0796 0x0fe8 [ A5A712F4E880874A477AF790B5186E1D, FE885ED04C3EAFC379787F836738A2769E43D07CF52DD917D90C38E001957A5E ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
18:00:57.0890 0x0fe8 VolSnap - ok
18:00:57.0953 0x0fe8 [ 68F106273BE29E7B7EF8266977268E78, 1488AB7A654EBC94C73E1D494067189ACB95BC233980110CAC4C0297CDC4115A ] VSS C:\WINDOWS\System32\vssvc.exe
18:00:58.0031 0x0fe8 VSS - ok
18:00:58.0062 0x0fe8 [ 7B353059E665F8B7AD2BBEAEF597CF45, 84A4311F18A4B8DCB364741DEA7D18E2363F19564B2EF25214965DC729527068 ] W32Time C:\WINDOWS\system32\w32time.dll
18:00:58.0171 0x0fe8 W32Time - ok
18:00:58.0218 0x0fe8 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:00:58.0328 0x0fe8 Wanarp - ok
18:00:58.0328 0x0fe8 WDICA - ok
18:00:58.0375 0x0fe8 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
18:00:58.0484 0x0fe8 wdmaud - ok
18:00:58.0515 0x0fe8 [ 81727C9873E3905A2FFC1EBD07265002, 6AC2383A1DCBB7FA3DB90FBB874C8E1819F5B7492717FF41E303EFC7BF72F93E ] WebClient C:\WINDOWS\System32\webclnt.dll
18:00:58.0625 0x0fe8 WebClient - ok
18:00:58.0718 0x0fe8 [ 6F3F3973D97714CC5F906A19FE883729, 7817118BE94D0F6FAE0F9CE48AD70FFE0AEF886CCE09C666768FAB61047F992F ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
18:00:58.0828 0x0fe8 winmgmt - ok
18:00:58.0890 0x0fe8 [ 140EF97B64F560FD78643CAE2CDAD838, 1DEA8005220A3EFEC6E32A7DE4386026CCC1E5328E2FDCB82B1FB335905D1962 ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
18:00:58.0921 0x0fe8 WmdmPmSN - ok
18:00:58.0984 0x0fe8 [ FFA4D901D46D07A5BAB2D8307FBB51A6, 53C6D04D111EDF774C7F7EEB8D032B372E6244774D56B1B34CF1236027EC9450 ] Wmi C:\WINDOWS\System32\advapi32.dll
18:00:59.0031 0x0fe8 Wmi - ok
18:00:59.0078 0x0fe8 [ 93908111BA57A6E60EC2FA2DE202105C, F395F25F18D15C6B9FEDB45FD31E10295FFE5517E2BC86ACAC11904EA0664BE2 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
18:00:59.0203 0x0fe8 WmiApSrv - ok
18:00:59.0250 0x0fe8 [ 1385E5AA9C9821790D33A9563B8D2DD0, 35248DA1BBB6E88D6C7706B81A48F7EA4E4F2673228D69E622525D478B8E7220 ] WpdUsb C:\WINDOWS\system32\Drivers\wpdusb.sys
18:00:59.0265 0x0fe8 WpdUsb - ok
18:00:59.0390 0x0fe8 [ DCF3E3EDF5109EE8BC02FE6E1F045795, 4B8E14B1CFB095982D34DAEC336114F5039D7793080FB787DC95A63B6B945DD0 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
18:00:59.0437 0x0fe8 WPFFontCache_v0400 - ok
18:00:59.0468 0x0fe8 [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
18:00:59.0593 0x0fe8 WS2IFSL - ok
18:00:59.0625 0x0fe8 [ 300B3E84FAF1A5C1F791C159BA28035D, 0194856BDF94C1F274AF70AD558290ACDACDDEA331BD66FEB8E167ABD1E36786 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
18:00:59.0750 0x0fe8 wscsvc - ok
18:00:59.0765 0x0fe8 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085, A1DB8909FA73337DB613D01824945485186654364A4DF129B8CB913CF87D1D2E ] wuauserv C:\WINDOWS\system32\wuauserv.dll
18:00:59.0875 0x0fe8 wuauserv - ok
18:00:59.0953 0x0fe8 [ C4F109C005F6725162D2D12CA751E4A7, AC996B44338328BDD4442FE48406F286A64526F0EC77BE00A19FA7FDB0407CFE ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
18:01:00.0109 0x0fe8 WZCSVC - ok
18:01:00.0140 0x0fe8 [ 0ADA34871A2E1CD2CAAFED1237A47750, 45BEF8649078BD74C1A347B5F2D3A1958E5A7DCD6C6BA8A2E0CAD277A929C64E ] xmlprov C:\WINDOWS\System32\xmlprov.dll
18:01:00.0265 0x0fe8 xmlprov - ok
18:01:00.0265 0x0fe8 ================ Scan global ===============================
18:01:00.0281 0x0fe8 [ 2C60091CA5F67C3032EAB3B30390C27F, 9E205C8E67F4B61FCFA2A82AA1968D522C3B6410D7075BE813F7F1564D61632E ] C:\WINDOWS\system32\basesrv.dll
18:01:00.0343 0x0fe8 [ 77A50BBD2A1CD6D54A876BB63570E2A8, 80DBEE5B754952411470B9B8A813C989F7074EF6CC07A081A179E523C10C465E ] C:\WINDOWS\system32\winsrv.dll
18:01:00.0375 0x0fe8 [ 77A50BBD2A1CD6D54A876BB63570E2A8, 80DBEE5B754952411470B9B8A813C989F7074EF6CC07A081A179E523C10C465E ] C:\WINDOWS\system32\winsrv.dll
18:01:00.0390 0x0fe8 [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] C:\WINDOWS\system32\services.exe
18:01:00.0406 0x0fe8 [ Global ] - ok
18:01:00.0406 0x0fe8 ================ Scan MBR ==================================
18:01:00.0421 0x0fe8 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
18:01:00.0640 0x0fe8 \Device\Harddisk0\DR0 - ok
18:01:00.0640 0x0fe8 ================ Scan VBR ==================================
18:01:00.0640 0x0fe8 [ A7D120127FFBA7CD40328F0D53B5F71F ] \Device\Harddisk0\DR0\Partition1
18:01:00.0640 0x0fe8 \Device\Harddisk0\DR0\Partition1 - ok
18:01:00.0640 0x0fe8 [ 3B57FFE28F9E55442818CF2382708E72 ] \Device\Harddisk0\DR0\Partition2
18:01:00.0640 0x0fe8 \Device\Harddisk0\DR0\Partition2 - ok
18:01:00.0640 0x0fe8 ================ Scan generic autorun ======================
18:01:00.0750 0x0fe8 [ A00F240E6B250E91536CE18BFE0A350C, 338DD25039D4BA97DF669493F6ED59D8E3448BE1F9E954E98B46B188B6359D45 ] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
18:01:00.0750 0x0fe8 StartCCC - detected UnsignedFile.Multi.Generic ( 1 )
18:01:00.0750 0x0fe8 Detect skipped due to KSN trusted
18:01:00.0750 0x0fe8 StartCCC - ok
18:01:01.0718 0x0fe8 [ D37F604F98E1FC2D7AEC8EF3515409D7, 570629023EBBF0D5070A84B33DAC32BAC11CE27E64F5A47B95B5C300AA5C1E15 ] C:\WINDOWS\RTHDCPL.EXE
18:01:02.0796 0x0fe8 RTHDCPL - ok
18:01:02.0937 0x0fe8 [ 37BF603C3685289CA684C4D3400A9DE7, 242379ED5F485E47897B15A1DC200B44B673147A636ADF640A32C72AEF8ABE40 ] C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe
18:01:02.0937 0x0fe8 Adobe Reader Speed Launcher - ok
18:01:03.0062 0x0fe8 [ 48BE298F7FD1BEF4D8FBACB04D8D95C4, D375B3F6E850E4B0EC81BAA0E554C356BE2248AA77C6C56F5267CA05460FE4EB ] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe
18:01:03.0125 0x0fe8 Adobe ARM - ok
18:01:03.0187 0x0fe8 [ 2CEC0358AEAF3D34E7FAEE85ED55E9EB, F682779B67B3BC958DEB0853E49F15EA2342E2CD299E2DFE4874E48559EBB683 ] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
18:01:03.0281 0x0fe8 HPDJ Taskbar Utility - ok
18:01:03.0390 0x0fe8 [ 2103DE800D67BFDD2EC58AE0F242A359, 8CA6797C6EAE8219FD04DF9F761853A0617AB54E6229F44DD1F186E8A9C360FE ] C:\Programme\Ulead Systems\Ulead VideoStudio 11\uvPL.exe
18:01:03.0406 0x0fe8 UVS11 Preload - ok
18:01:03.0500 0x0fe8 [ CAF03357DE72F8F19FA099581A685C1A, FD7647ECEB96CDAAC516FD40407C2E191703276DC2967475ED1AAD43544DD2C4 ] C:\Programme\QuickTime\qttask.exe
18:01:03.0515 0x0fe8 QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
18:01:03.0515 0x0fe8 Detect skipped due to KSN trusted
18:01:03.0515 0x0fe8 QuickTime Task - ok
18:01:03.0578 0x0fe8 [ CD63BDE3117B69C8B21C21DC348858FD, D061C54F037A3CAA0D954297A82C7CF8C40DD3F5188EE325B1780A75FC519566 ] C:\PROGRA~1\OfficeKB\OfficeKB.EXE
18:01:03.0578 0x0fe8 OfficeKB - detected UnsignedFile.Multi.Generic ( 1 )
18:01:03.0656 0x0fe8 OfficeKB ( UnsignedFile.Multi.Generic ) - warning
18:01:06.0031 0x0fe8 [ E1F68E30FFE27E375A331E0C09CC1C43, 55EBC223C7177CE707B9672316E8EC28733AF943C50C6481717DA437147611EF ] C:\PROGRA~1\OfficeKB\KPDrv4XP.exe
18:01:06.0031 0x0fe8 KPDrv4XP - detected UnsignedFile.Multi.Generic ( 1 )
18:01:06.0031 0x0fe8 KPDrv4XP ( UnsignedFile.Multi.Generic ) - warning
18:01:08.0359 0x0fe8 NvCplDaemon - ok
18:01:08.0359 0x0fe8 NvMediaCenter - ok
18:01:08.0531 0x0fe8 [ A23319A38290D9F495A076254D995499, B78D16FAC286ABBB36F1E7D8732886A793B82346B7BD85A575B70B673059120C ] C:\Programme\NVIDIA Corporation\nview\nwiz.exe
18:01:08.0656 0x0fe8 nwiz - ok
18:01:08.0750 0x0fe8 [ 1775BDBEF28FD1B0F0AC43F10F483E08, F7E6C3177CFFABF605CC86F585CBF1DE541732DD92F92D1AB97B9BFFB3F2C5A6 ] C:\Programme\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
18:01:08.0812 0x0fe8 Nvtmru - ok
18:01:08.0906 0x0fe8 [ 69B388D8F3085411D00F875FF5CBCAF6, 22F6DCF1E6D1DD28793CCDFE9FC33E737180BB3C5C65BE3BFA9C2522B6B6F66B ] C:\Programme\Avira\AntiVir Desktop\avgnt.exe
18:01:08.0937 0x0fe8 avgnt - ok
18:01:09.0062 0x0fe8 [ F6158734F1E24C6C510155CF0D363911, 320900BA90AF14E254CFAFA70FB15A0E77506217E47A406FA1ED821D0206FE29 ] C:\Programme\Real\RealPlayer\update\realsched.exe
18:01:09.0078 0x0fe8 TkBellExe - ok
18:01:09.0109 0x0fe8 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE
18:01:09.0234 0x0fe8 CTFMON.EXE - ok
18:01:09.0390 0x0fe8 [ E8405C87CD06FF5D69BC6F3B24D766D0, C82171BEDBFE593A04D09C2E20B0528AA3CEC722D6919F8A5C70C6EFFB9EFEAE ] C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
18:01:09.0421 0x0fe8 AmazonMP3DownloaderHelper - ok
18:01:09.0437 0x0fe8 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\ctfmon.exe
18:01:09.0546 0x0fe8 ctfmon.exe - ok
18:01:09.0546 0x0fe8 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE
18:01:09.0656 0x0fe8 CTFMON.EXE - ok
18:01:09.0671 0x0fe8 AV detected via SS1: Avira Desktop, 15.0.8.652, enabled, updated
18:01:09.0671 0x0fe8 Win FW state via NFM: enabled
18:01:12.0031 0x0fe8 ============================================================
18:01:12.0031 0x0fe8 Scan finished
18:01:12.0031 0x0fe8 ============================================================
18:01:12.0031 0x0d00 Detected object count: 2
18:01:12.0031 0x0d00 Actual detected object count: 2
18:01:44.0078 0x0d00 OfficeKB ( UnsignedFile.Multi.Generic ) - skipped by user
18:01:44.0078 0x0d00 OfficeKB ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:01:44.0078 0x0d00 KPDrv4XP ( UnsignedFile.Multi.Generic ) - skipped by user
18:01:44.0078 0x0d00 KPDrv4XP ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
19.03.2015, 21:16
| #37 |
| | Maleware gefunden - was muß ich nun tun? FRST Logfile: FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015 Ran by Slim (administrator) on SLIM-36FB768E46 on 19-03-2015 18:05:49 Running from C:\Dokumente und Einstellungen\Slim\Desktop Loaded Profiles: Slim & UpdatusUser & (Available profiles: Slim & UpdatusUser) Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Deutsch (Deutschland) Internet Explorer Version 8 (Default browser: IE) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe (ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe (Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE (HP) C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe (Apple Computer, Inc.) C:\Programme\QuickTime\qttask.exe (Dritek System Inc.) C:\PROGRA~1\OfficeKB\OfficeKB.EXE (Dritek System Inc.) C:\PROGRA~1\OfficeKB\KPDrv4XP.EXE (Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe (NVIDIA Corporation) C:\Programme\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (RealNetworks, Inc.) C:\Programme\Real\RealPlayer\Update\realsched.exe () C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe (InterVideo Inc.) C:\Programme\Gemeinsame Dateien\InterVideo\Common\Bin\WinCinemaMgr.exe (InterVideo Inc.) C:\Programme\Gemeinsame Dateien\InterVideo\DeviceService\DevSvc.exe (Freemake) C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe (Ellora Assets Corp.) C:\Programme\Freemake\CaptureLib\CaptureLibService.exe (Microsoft Corporation) C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe () C:\Programme\CDBurnerXP\NMSAccessU.exe (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation) C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe () C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe (Ulead Systems, Inc.) C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe (Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Microsoft Corporation) C:\WINDOWS\system32\dllhost.exe (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe (Malwarebytes Corporation) C:\Programme\ Malwarebytes Anti-Malware \mbam.exe (Microsoft Corporation) C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Programme\Internet Explorer\iexplore.exe (RealNetworks, Inc.) C:\Programme\RealNetworks\RealDownloader\recordingmanager.exe (Microsoft Corporation) C:\Programme\Internet Explorer\iexplore.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [StartCCC] => C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2009-02-25] (Advanced Micro Devices, Inc.) HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [17531392 2009-03-12] (Realtek Semiconductor Corp.) HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2011-01-31] (Adobe Systems Incorporated) HKLM\...\Run: [Adobe ARM] => C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM\...\Run: [HPDJ Taskbar Utility] => C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe [188416 2002-07-10] (HP) HKLM\...\Run: [UVS11 Preload] => C:\Programme\Ulead Systems\Ulead VideoStudio 11\uvPL.exe [341232 2007-07-23] (InterVideo Digital Technology Corporation) HKLM\...\Run: [QuickTime Task] => C:\Programme\QuickTime\qttask.exe [282624 2006-09-01] (Apple Computer, Inc.) HKLM\...\Run: [OfficeKB] => C:\Programme\OfficeKB\OfficeKB.EXE [200704 2004-10-22] (Dritek System Inc.) HKLM\...\Run: [KPDrv4XP] => C:\Programme\OfficeKB\KPDrv4XP.EXE [32768 2003-06-12] (Dritek System Inc.) HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup HKLM\...\Run: [NvMediaCenter] => RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login HKLM\...\Run: [nwiz] => C:\Programme\NVIDIA Corporation\nview\nwiz.exe [2586912 2013-09-12] () HKLM\...\Run: [Nvtmru] => C:\Programme\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-08-27] (NVIDIA Corporation) HKLM\...\Run: [avgnt] => C:\Programme\Avira\AntiVir Desktop\avgnt.exe [704512 2015-03-19] (Avira Operations GmbH & Co. KG) HKLM\...\Run: [TkBellExe] => C:\Programme\Real\RealPlayer\update\realsched.exe [295512 2014-04-29] (RealNetworks, Inc.) Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.) HKU\S-1-5-21-796845957-926492609-839522115-1003\...\Run: [AmazonMP3DownloaderHelper] => C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] () HKU\S-1-5-21-796845957-926492609-839522115-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssmarque.scr [20992 2008-04-14] (Microsoft Corporation) HKU\S-1-5-21-796845957-926492609-839522115-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AmazonMP3DownloaderHelper] => C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] () HKU\S-1-5-21-796845957-926492609-839522115-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssmarque.scr [20992 2008-04-14] (Microsoft Corporation) Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\InterVideo WinCinema Manager.lnk ShortcutTarget: InterVideo WinCinema Manager.lnk -> C:\Programme\Gemeinsame Dateien\InterVideo\Common\Bin\WinCinemaMgr.exe (InterVideo Inc.) Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Microsoft Office.lnk ShortcutTarget: Microsoft Office.lnk -> C:\Programme\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-796845957-926492609-839522115-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-796845957-926492609-839522115-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-796845957-926492609-839522115-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ HKU\S-1-5-21-796845957-926492609-839522115-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-796845957-926492609-839522115-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ HKU\S-1-5-21-796845957-926492609-839522115-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch URLSearchHook: [S-1-5-21-796845957-926492609-839522115-1010] ATTENTION ==> Default URLSearchHook is missing. URLSearchHook: [S-1-5-21-796845957-926492609-839522115-1010-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0] ATTENTION ==> Default URLSearchHook is missing. SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-796845957-926492609-839522115-1010 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-796845957-926492609-839522115-1010-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22] (Adobe Systems Incorporated) BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14] (RealDownloader) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.) BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Programme\Google\GoogleToolbarNotifier\5.10.11023.1534\swg.dll [2015-03-03] (Google Inc.) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.) Toolbar: HKU\.DEFAULT -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.) Toolbar: HKU\S-1-5-21-796845957-926492609-839522115-1003 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.) Toolbar: HKU\S-1-5-21-796845957-926492609-839522115-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.) DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation) Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation) Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation) Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation) Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation) Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation) Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation) Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Dokumente und Einstellungen\Slim\Anwendungsdaten\Mozilla\Firefox\Profiles\i64sllul.default FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-04] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Programme\Microsoft Silverlight\3.0.40818.0\npctrl.dll [2009-08-17] ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation) FF Plugin: @real.com/nppl3260;version=16.0.3.51 -> C:\Programme\Real\RealPlayer\Netscape6\nppl3260.dll [2014-04-29] (RealNetworks, Inc.) FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-08-14] (RealNetworks, Inc.) FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-08-14] (RealNetworks, Inc.) FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-08-14] (RealNetworks, Inc.) FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-10-28] (RealNetworks, Inc.) FF Plugin: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-10-28] (RealNetworks, Inc.) FF Plugin: @real.com/nprpplugin;version=16.0.3.51 -> C:\Programme\Real\RealPlayer\Netscape6\nprpplugin.dll [2014-04-29] (RealPlayer) FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-08-14] (RealDownloader) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Programme\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Programme\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.) FF Plugin HKU\S-1-5-21-796845957-926492609-839522115-1003: amazon.com/AmazonMP3DownloaderPlugin -> C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [2013-05-22] (Amazon.com, Inc.) FF Plugin HKU\S-1-5-21-796845957-926492609-839522115-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: amazon.com/AmazonMP3DownloaderPlugin -> C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [2013-05-22] (Amazon.com, Inc.) FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-01-16] FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF Extension: RealPlayer Browser Record Plugin - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-10-28] FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF Extension: No Name - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-06-12] FF HKLM\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Programme\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com FF Extension: Freemake Video Downloader Plugin - C:\Programme\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com [2014-06-06] FF HKLM\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Programme\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com FF Extension: Freemake Youtube Download Button - C:\Programme\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2014-06-06] Chrome: ======= CHR Profile: C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default CHR Extension: (No Name) - C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk(2) [2014-02-11] CHR HKLM\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Programme\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2014-06-06] CHR HKLM\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Programme\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx [2014-06-06] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [Not Found] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AntiVirSchedulerService; C:\Programme\Avira\AntiVir Desktop\sched.exe [432888 2015-03-19] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Programme\Avira\AntiVir Desktop\avguard.exe [432888 2015-03-19] (Avira Operations GmbH & Co. KG) S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [593920 2009-02-25] () [File not signed] R2 Capture Device Service; C:\Programme\Gemeinsame Dateien\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.) R2 Freemake Improver; C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-05-22] (Freemake) [File not signed] R2 FreemakeVideoCapture; C:\Programme\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-05-22] (Ellora Assets Corp.) [File not signed] S3 getPlusHelper; C:\Programme\NOS\bin\getPlus_Helper.dll [67360 2009-12-17] (NOS Microsystems Ltd.) S2 gupdate; C:\Programme\Google\Update\GoogleUpdate.exe [116648 2013-08-14] (Google Inc.) S3 gupdatem; C:\Programme\Google\Update\GoogleUpdate.exe [116648 2013-08-14] (Google Inc.) S3 gusvc; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [194032 2013-10-10] (Google) R2 MDM; C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe [322120 2003-06-19] (Microsoft Corporation) S3 MozillaMaintenance; C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe [148080 2015-03-13] (Mozilla Foundation) R2 NMSAccess; C:\Programme\CDBurnerXP\NMSAccessU.exe [71096 2010-03-04] () R2 nvUpdatusService; C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2155296 2013-08-27] (NVIDIA Corporation) R2 RealNetworks Downloader Resolver Service; C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] () R2 UleadBurningHelper; C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe [67056 2007-03-03] (Ulead Systems, Inc.) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1684736 2008-08-05] (Creative) R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [105864 2015-03-05] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\WINDOWS\System32\DRIVERS\avipbb.sys [136216 2015-03-05] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\WINDOWS\System32\DRIVERS\avkmgr.sys [37352 2013-12-09] (Avira Operations GmbH & Co. KG) R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [24232 2009-02-17] (Elaborate Bytes AG) R3 HIDKbFlt; C:\WINDOWS\System32\drivers\HIDKbFlt.sys [21120 2004-12-14] (Dritek System Inc.) [File not signed] R3 Iviaspi; C:\WINDOWS\System32\drivers\iviaspi.sys [10368 2005-09-20] (InterVideo, Inc.) [File not signed] R0 iviVD; C:\WINDOWS\System32\DRIVERS\iviVD.sys [45056 2005-11-16] (InterVideo) S3 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [54360 2014-11-21] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [114904 2015-03-19] (Malwarebytes Corporation) S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1389056 2006-01-04] (Creative Technology Ltd.) R2 npf; C:\WINDOWS\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.) R3 NVHDA; C:\WINDOWS\System32\drivers\nvhda32.sys [128672 2013-06-16] (NVIDIA Corporation) R1 ssmdrv; C:\WINDOWS\System32\DRIVERS\ssmdrv.sys [28520 2013-12-09] (Avira GmbH) S3 ss_bbus; C:\WINDOWS\System32\DRIVERS\ss_bbus.sys [98432 2009-09-19] (MCCI) S3 ss_bmdfl; C:\WINDOWS\System32\DRIVERS\ss_bmdfl.sys [14848 2009-09-19] (MCCI Corporation) S3 ss_bmdm; C:\WINDOWS\System32\DRIVERS\ss_bmdm.sys [123648 2009-09-19] (MCCI Corporation) S3 ss_bserd; C:\WINDOWS\System32\DRIVERS\ss_bserd.sys [100224 2009-09-19] (MCCI Corporation) S3 StarOpen; C:\WINDOWS\system32\Drivers\StarOpen.sys [7168 2009-11-12] () [File not signed] S3 catchme; \??\C:\DOKUME~1\Slim\LOKALE~1\Temp\catchme.sys [X] S4 IntelIde; No ImagePath U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-19 18:05 - 2015-03-19 18:06 - 00022520 _____ () C:\Dokumente und Einstellungen\Slim\Desktop\FRST.txt 2015-03-19 16:07 - 2015-03-19 16:11 - 00008295 _____ () C:\WINDOWS\KB2930275.log 2015-03-19 16:07 - 2015-03-19 16:11 - 00008107 _____ () C:\WINDOWS\KB2859537.log 2015-03-19 16:07 - 2015-03-19 16:11 - 00007782 _____ () C:\WINDOWS\KB2876217.log 2015-03-19 16:07 - 2015-03-19 16:11 - 00007778 _____ () C:\WINDOWS\KB2864063.log 2015-03-19 16:07 - 2015-03-19 16:11 - 00007777 _____ () C:\WINDOWS\KB2862152.log 2015-03-19 16:07 - 2015-03-19 16:11 - 00007775 _____ () C:\WINDOWS\KB2850869.log 2015-03-19 16:07 - 2015-03-19 16:11 - 00007774 _____ () C:\WINDOWS\KB2876331.log 2015-03-19 16:07 - 2015-03-19 16:11 - 00007682 _____ () C:\WINDOWS\KB2780091.log 2015-03-19 16:06 - 2015-03-19 16:11 - 00007775 _____ () C:\WINDOWS\KB2893294.log 2015-03-19 16:06 - 2015-03-19 16:11 - 00007682 _____ () C:\WINDOWS\KB2757638.log 2015-03-19 16:06 - 2015-03-19 16:11 - 00007677 _____ () C:\WINDOWS\KB2820917.log 2015-03-19 16:06 - 2015-03-19 16:10 - 00007683 _____ () C:\WINDOWS\KB2719985.log 2015-03-19 16:06 - 2015-03-19 16:10 - 00007676 _____ () C:\WINDOWS\KB2749655.log 2015-03-19 16:00 - 2015-03-19 16:10 - 00007677 _____ () C:\WINDOWS\KB2653956.log 2015-03-19 15:52 - 2015-03-19 16:10 - 00007777 _____ () C:\WINDOWS\KB2892075.log 2015-03-19 15:51 - 2015-03-19 16:10 - 00007679 _____ () C:\WINDOWS\KB2619339.log 2015-03-19 15:50 - 2015-03-19 16:10 - 00008537 _____ () C:\WINDOWS\KB2813345.log 2015-03-19 15:50 - 2015-03-19 16:10 - 00007779 _____ () C:\WINDOWS\KB2705219-v2.log 2015-03-19 15:50 - 2015-03-19 16:10 - 00007676 _____ () C:\WINDOWS\KB2727528.log 2015-03-19 15:49 - 2015-03-19 16:09 - 00009284 _____ () C:\WINDOWS\KB2676562.log 2015-03-19 15:43 - 2015-03-19 16:09 - 00007766 _____ () C:\WINDOWS\KB2620712.log 2015-03-19 15:41 - 2015-03-19 15:41 - 00006051 _____ () C:\WINDOWS\KB2802968.log 2015-03-19 15:41 - 2015-03-19 15:41 - 00006048 _____ () C:\WINDOWS\KB2868626.log 2015-03-19 15:40 - 2015-03-19 15:40 - 00006053 _____ () C:\WINDOWS\KB2916036.log 2015-03-19 15:40 - 2015-03-19 15:40 - 00006052 _____ () C:\WINDOWS\KB2922229.log 2015-03-19 15:40 - 2015-03-19 15:40 - 00006052 _____ () C:\WINDOWS\KB2898715.log 2015-03-19 15:40 - 2015-03-19 15:40 - 00006051 _____ () C:\WINDOWS\KB2847311.log 2015-03-19 15:40 - 2015-03-19 15:40 - 00006047 _____ () C:\WINDOWS\KB2929961.log 2015-03-19 15:39 - 2015-03-19 15:39 - 00006003 _____ () C:\WINDOWS\KB2691442.log 2015-03-19 15:39 - 2015-03-19 15:39 - 00005848 _____ () C:\WINDOWS\KB2712808.log 2015-03-19 15:38 - 2015-03-19 15:39 - 00005751 _____ () C:\WINDOWS\KB2585542.log 2015-03-19 15:38 - 2015-03-19 15:38 - 00005655 _____ () C:\WINDOWS\KB2631813.log 2015-03-19 15:38 - 2015-03-19 15:38 - 00005548 _____ () C:\WINDOWS\KB2655992.log 2015-03-19 15:38 - 2015-03-19 15:38 - 00005452 _____ () C:\WINDOWS\KB2598479.log 2015-03-19 15:37 - 2015-03-19 16:00 - 00007057 _____ () C:\WINDOWS\KB2584146.log 2015-03-19 15:29 - 2015-03-19 15:37 - 00000000 ____D () C:\WINDOWS\LastGood 2015-03-19 15:29 - 2015-03-19 15:29 - 00000349 _____ () C:\WINDOWS\setupapi.log 2015-03-15 19:16 - 2015-03-15 19:16 - 00852604 _____ () C:\SecurityCheck.exe 2015-03-14 17:40 - 2015-03-14 17:40 - 00039466 _____ () C:\Addition.txt 2015-03-14 17:39 - 2015-03-14 17:40 - 00035743 _____ () C:\FRST.txt 2015-03-14 17:39 - 2015-03-14 17:39 - 01135104 _____ (Farbar) C:\Dokumente und Einstellungen\Slim\Desktop\FRST.exe 2015-03-14 17:35 - 2015-03-14 17:35 - 00000727 _____ () C:\JRT.txt 2015-03-14 17:31 - 2015-03-14 17:31 - 01388333 _____ (Thisisu) C:\Dokumente und Einstellungen\Slim\Desktop\JRT.exe 2015-03-13 16:00 - 2015-03-13 16:00 - 00000000 ____D () C:\Programme\Mozilla Firefox 2015-03-13 15:29 - 2015-03-14 17:21 - 00000000 ____D () C:\AdwCleaner 2015-03-13 15:01 - 2015-03-13 15:01 - 00001222 _____ () C:\mbam.txt. für schrauber.txt 2015-03-13 14:34 - 2015-03-13 14:34 - 00000756 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk 2015-03-13 14:34 - 2015-03-13 14:34 - 00000000 ____D () C:\Programme\ Malwarebytes Anti-Malware 2015-03-13 14:34 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2015-03-12 16:44 - 2015-03-12 16:44 - 00000422 _____ () C:\Dokumente und Einstellungen\Slim\Desktop\Verknüpfung mit ComboFix.lnk 2015-03-12 16:25 - 2015-03-19 18:06 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\temp 2015-03-12 16:25 - 2015-03-12 16:25 - 00022597 _____ () C:\ComboFix.txt 2015-03-12 16:25 - 2015-03-12 16:25 - 00000000 ____D () C:\Dokumente und Einstellungen\UpdatusUser\Lokale Einstellungen\temp 2015-03-12 16:25 - 2015-03-12 16:25 - 00000000 ____D () C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\temp 2015-03-12 16:25 - 2015-03-12 16:25 - 00000000 ____D () C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\temp 2015-03-12 16:15 - 2015-03-12 16:15 - 00000000 _RSHD () C:\cmdcons 2015-03-12 16:15 - 2010-01-13 20:32 - 00000211 _____ () C:\Boot.bak 2015-03-12 16:15 - 2004-08-03 23:00 - 00262448 __RSH () C:\cmldr 2015-03-12 16:06 - 2011-06-26 07:45 - 00256000 _____ () C:\WINDOWS\PEV.exe 2015-03-12 16:06 - 2010-11-07 18:20 - 00208896 _____ () C:\WINDOWS\MBR.exe 2015-03-12 16:06 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe 2015-03-12 16:06 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe 2015-03-12 16:06 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe 2015-03-12 16:06 - 2000-08-31 01:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe 2015-03-12 16:06 - 2000-08-31 01:00 - 00098816 _____ () C:\WINDOWS\sed.exe 2015-03-12 16:06 - 2000-08-31 01:00 - 00080412 _____ () C:\WINDOWS\grep.exe 2015-03-12 16:06 - 2000-08-31 01:00 - 00068096 _____ () C:\WINDOWS\zip.exe 2015-03-12 16:05 - 2015-03-12 16:25 - 00000000 ____D () C:\Qoobox 2015-03-12 16:05 - 2015-03-12 16:05 - 00000000 ___RD () C:\Dokumente und Einstellungen\Slim\Startmenü\Programme\Verwaltung 2015-03-12 16:04 - 2015-03-12 16:24 - 00000000 ____D () C:\WINDOWS\erdnt 2015-03-12 16:04 - 2015-03-12 16:03 - 05613296 ____R (Swearware) C:\ComboFix.exe 2015-03-11 19:08 - 2015-03-11 19:08 - 00000000 ____D () C:\TDSSKiller_Quarantine 2015-03-11 07:39 - 2015-03-11 07:39 - 04197016 _____ (Kaspersky Lab ZAO) C:\Dokumente und Einstellungen\Slim\Desktop\tdsskiller.exe 2015-03-09 14:24 - 2015-03-13 14:34 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes 2015-03-09 14:23 - 2015-03-19 17:14 - 00114904 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-03-09 14:23 - 2015-03-13 08:48 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes' Anti-Malware (portable) 2015-03-09 14:20 - 2015-03-10 11:20 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Desktop\mbar 2015-03-09 14:20 - 2014-11-21 06:14 - 00054360 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2015-03-09 13:57 - 2015-03-09 13:57 - 00000896 _____ () C:\Dokumente und Einstellungen\Slim\Desktop\Revo Uninstaller.lnk 2015-03-09 13:57 - 2015-03-09 13:57 - 00000000 ____D () C:\Programme\VS Revo Group 2015-03-09 07:59 - 2015-03-09 07:59 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Eigene Dateien\Ulead VideoStudio 2015-03-09 07:24 - 2015-03-09 07:24 - 00000060 _____ () C:\WINDOWS\setupact.log 2015-03-09 07:24 - 2015-03-09 07:24 - 00000000 _____ () C:\WINDOWS\setuperr.log 2015-03-09 06:58 - 2015-03-09 06:58 - 00000000 ___DC () C:\NVIDIA 2015-03-08 21:03 - 2015-03-09 06:59 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2862335$ 2015-03-08 21:01 - 2015-03-09 07:00 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2780091$ 2015-03-08 20:58 - 2015-03-09 07:00 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2904266$ 2015-03-08 20:57 - 2015-03-09 07:00 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2930275$ 2015-03-08 20:57 - 2015-03-09 07:00 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2876217$ 2015-03-08 20:57 - 2015-03-09 07:00 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2864063$ 2015-03-08 20:57 - 2015-03-09 07:00 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2862152$ 2015-03-08 20:57 - 2015-03-09 07:00 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2719985$ 2015-03-08 20:32 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB941569$ 2015-03-08 20:32 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2770660$ 2015-03-08 20:31 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2876331$ 2015-03-08 20:31 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2859537$ 2015-03-08 20:31 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2850869$ 2015-03-08 20:30 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2893294$ 2015-03-08 20:30 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2820917$ 2015-03-08 20:30 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2757638$ 2015-03-08 20:30 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2749655$ 2015-03-08 20:30 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2653956$ 2015-03-08 20:29 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2892075$ 2015-03-08 20:29 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2813345$ 2015-03-08 20:29 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2727528$ 2015-03-08 20:29 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2705219-v2$ 2015-03-08 20:29 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2619339$ 2015-03-08 20:28 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2676562$ 2015-03-08 20:28 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2620712$ 2015-03-08 20:28 - 2015-03-09 07:01 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2584146$ 2015-03-08 20:00 - 2015-03-19 18:05 - 00000000 ____D () C:\FRST 2015-03-08 16:59 - 2015-03-09 07:05 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2807986$ 2015-03-08 16:52 - 2015-03-09 07:07 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2868038$ 2015-03-08 16:48 - 2015-03-08 16:48 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2603381$ 2015-03-08 16:47 - 2015-03-09 07:08 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2834903-v2_WM10L$ 2015-03-08 16:46 - 2015-03-09 07:08 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2698365$ 2015-03-08 16:41 - 2015-03-09 07:09 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2723135-v2$ 2015-03-08 16:40 - 2015-03-09 07:09 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2862330$ 2015-03-08 16:14 - 2015-03-09 07:13 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2914368$ 2015-03-08 13:56 - 2015-03-08 13:56 - 00000000 ____D () C:\Dokumente und Einstellungen\LocalService\IETldCache ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-19 18:03 - 2013-08-14 13:54 - 00001090 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-03-19 18:03 - 2013-08-14 13:54 - 00001086 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-03-19 18:00 - 2013-06-21 05:50 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-03-19 17:57 - 2013-10-08 13:38 - 00009362 _____ () C:\WINDOWS\system32\nvAppTimestamps 2015-03-19 16:54 - 2011-05-27 14:14 - 00000000 ____D () C:\WINDOWS\system32\NtmsData 2015-03-19 16:06 - 2010-01-13 20:38 - 01692845 _____ () C:\WINDOWS\WindowsUpdate.log 2015-03-19 15:41 - 2010-01-13 20:40 - 00000000 ___HD () C:\WINDOWS\$hf_mig$ 2015-03-19 15:30 - 2010-01-13 20:43 - 00000000 __SHD () C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Verlauf 2015-03-19 15:30 - 2010-01-13 20:43 - 00000000 __SHD () C:\Dokumente und Einstellungen\NetworkService 2015-03-19 15:29 - 2010-01-13 20:35 - 00000000 ____D () C:\WINDOWS\Registration 2015-03-19 15:11 - 2014-10-07 09:19 - 00000268 _____ () C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-796845957-926492609-839522115-1003.job 2015-03-19 15:11 - 2014-04-29 17:36 - 00000276 _____ () C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job 2015-03-19 15:11 - 2010-07-01 18:44 - 00000268 _____ () C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-796845957-926492609-839522115-1003.job 2015-03-19 15:11 - 2006-02-28 13:00 - 00013646 _____ () C:\WINDOWS\system32\wpa.dbl 2015-03-19 15:09 - 2010-01-13 20:31 - 00000157 _____ () C:\WINDOWS\wiadebug.log 2015-03-19 15:09 - 2010-01-13 20:31 - 00000050 _____ () C:\WINDOWS\wiaservc.log 2015-03-19 15:08 - 2014-04-29 17:48 - 00000290 _____ () C:\WINDOWS\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-796845957-926492609-839522115-1003.job 2015-03-19 15:08 - 2010-01-13 20:44 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2015-03-19 07:35 - 2014-06-06 11:00 - 00196608 _____ () C:\WINDOWS\system32\config\CaptureL.evt 2015-03-19 07:35 - 2010-01-13 20:45 - 00000300 ___SH () C:\Dokumente und Einstellungen\Slim\ntuser.ini 2015-03-19 07:35 - 2010-01-13 20:45 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim 2015-03-19 07:35 - 2010-01-13 20:44 - 00032470 _____ () C:\WINDOWS\SchedLgU.Txt 2015-03-18 08:41 - 2010-01-13 20:44 - 00000000 __SHD () C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Verlauf 2015-03-18 08:40 - 2010-01-13 20:45 - 00000000 __SHD () C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Verlauf 2015-03-18 08:38 - 2013-10-08 13:33 - 00000000 ___HD () C:\Dokumente und Einstellungen\UpdatusUser\Lokale Einstellungen\Verlauf 2015-03-18 08:38 - 2010-01-13 20:28 - 00000000 __SHD () C:\Dokumente und Einstellungen\Default User\Lokale Einstellungen\Verlauf 2015-03-16 06:21 - 2010-01-13 20:29 - 00000000 ___RD () C:\Programme 2015-03-14 06:31 - 2014-03-13 15:56 - 00000000 ____D () C:\Programme\Mozilla Maintenance Service 2015-03-13 15:53 - 2010-02-04 14:35 - 00082800 _____ () C:\Dokumente und Einstellungen\Slim\Anwendungsdaten\GDIPFONTCACHEV1.DAT 2015-03-13 15:52 - 2010-09-30 09:23 - 00002501 _____ () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Word.lnk 2015-03-13 15:03 - 2011-03-21 13:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2443685$ 2015-03-12 19:31 - 2010-01-15 14:40 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Anwendungsdaten\vlc 2015-03-12 19:19 - 2011-03-01 21:59 - 00054156 ____H () C:\WINDOWS\QTFont.qfn 2015-03-12 16:23 - 2006-02-28 13:00 - 00000227 _____ () C:\WINDOWS\system.ini 2015-03-12 16:15 - 2010-01-13 21:27 - 00000327 __RSH () C:\boot.ini 2015-03-12 16:05 - 2010-01-13 20:45 - 00000000 ___RD () C:\Dokumente und Einstellungen\Slim\Startmenü\Programme 2015-03-10 18:20 - 2010-07-01 18:43 - 00000276 _____ () C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job 2015-03-10 07:52 - 2013-02-03 18:34 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Anwendungsdaten\TS3Client 2015-03-09 14:07 - 2012-11-03 09:27 - 00000000 ____D () C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Conduit 2015-03-09 07:17 - 2010-01-13 20:28 - 00294864 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2015-03-09 07:16 - 2010-01-13 20:44 - 00000000 __SHD () C:\Dokumente und Einstellungen\LocalService 2015-03-09 07:10 - 2010-01-16 20:15 - 00000000 ____D () C:\WINDOWS\system32\XPSViewer 2015-03-09 07:03 - 2010-01-13 20:28 - 00000000 ___RD () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme 2015-03-09 07:02 - 2014-02-07 08:41 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Opera Software 2015-03-09 07:02 - 2014-02-07 08:41 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Anwendungsdaten\Opera Software 2015-03-09 07:02 - 2013-09-30 14:01 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Startmenü\Programme\Amazon 2015-03-09 07:02 - 2013-01-19 19:52 - 00000000 ____D () C:\Programme\Opera 2015-03-09 07:02 - 2010-08-18 08:50 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Anwendungsdaten\Amazon 2015-03-09 07:02 - 2010-08-18 08:49 - 00000000 ____D () C:\Programme\Amazon 2015-03-09 07:02 - 2010-08-18 08:49 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Amazon 2015-03-09 06:58 - 2010-01-13 21:28 - 00524288 _____ () C:\WINDOWS\system32\config\ACEEvent.evt 2015-03-09 06:24 - 2010-01-13 21:23 - 00000000 ____D () C:\WINDOWS\Microsoft.NET 2015-03-08 20:58 - 2010-01-13 22:00 - 00031828 _____ () C:\WINDOWS\system32\TZLog.log 2015-03-08 16:40 - 2010-01-13 21:59 - 00000000 ____D () C:\WINDOWS\ie8updates 2015-03-06 11:37 - 2014-04-29 17:48 - 00000298 _____ () C:\WINDOWS\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job 2015-03-05 14:41 - 2014-01-31 09:30 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys 2015-03-05 14:41 - 2014-01-31 09:30 - 00105864 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys 2015-03-03 14:36 - 2010-01-15 13:59 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Google 2015-02-21 11:24 - 2014-04-29 17:48 - 00000316 _____ () C:\WINDOWS\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job ==================== Files in the root of some directories ======= 2010-06-30 06:27 - 2010-06-30 06:28 - 33177736 _____ (Nero AG) C:\Programme\Nero-9.4.12.708b_lite.exe 2010-07-01 18:39 - 2010-07-01 18:39 - 0822296 _____ (RealNetworks, Inc.) C:\Programme\RealPlayerSPGold_de.exe 2010-09-30 09:28 - 2010-09-30 09:29 - 0291680 _____ () C:\Programme\SoftonicDownloader_fuer_microsoft-office-powerpoint-viewer.exe 2010-08-18 11:00 - 2010-08-18 11:02 - 0000150 _____ () C:\Dokumente und Einstellungen\Slim\Anwendungsdaten\burnaware.ini 2010-02-02 18:10 - 2014-05-06 19:39 - 0062976 _____ () C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2010-04-09 18:27 - 2010-04-09 18:27 - 0000137 _____ () C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat Some content of TEMP: ==================== C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\temp\avgnt.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End Of Log ============================ --- --- --- --- --- --- --- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-03-2015
Ran by Slim at 2015-03-19 18:06:23
Running from C:\Dokumente und Einstellungen\Slim\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {AD166499-45F9-482A-A743-FDD3350758C7}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Download Manager (HKLM\...\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}) (Version: 1.6.2.60 - NOS Microsystems Ltd.)
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader 9.3.4 - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-A93000000001}) (Version: 9.3.4 - Adobe Systems Incorporated)
Advertising Center (Version: 0.0.0.2 - Nero AG) Hidden
Amazon Kindle (HKLM\...\Amazon Kindle) (Version: - Amazon)
Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-796845957-926492609-839522115-1003\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-796845957-926492609-839522115-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
Amazon MP3-Downloader 1.0.9 (HKLM\...\Amazon MP3-Downloader) (Version: - )
ArcSoft PhotoStudio 5 (HKLM\...\{03F1CC67-5BD8-4C36-8394-76311B2AE69A}) (Version: - )
ATI - Software Uninstall Utility (HKLM\...\All ATI Software) (Version: 6.14.10.1022 - )
ATI Catalyst Control Center (HKLM\...\{055EE59D-217B-43A7-ABFF-507B966405D8}) (Version: 2.009.0225.1545 - )
ATI Display Driver (HKLM\...\ATI Display Driver) (Version: 8.591-090225a-076825C-ATI - )
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 15.0.8.656 - Avira)
ccc-core-preinstall (Version: 2009.0225.1546.28221 - ATI) Hidden
ccc-core-static (Version: 2009.0225.1546.28221 - ATI) Hidden
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.3.7.2356 - CDBurnerXP)
CloneDVD2 (HKLM\...\CloneDVD2) (Version: - Elaborate Bytes)
Freemake Video Downloader (HKLM\...\Freemake Video Downloader_is1) (Version: 3.7.0 - Ellora Assets Corporation)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
High Definition Audio Driver Package - KB888111 (HKLM\...\KB888111WXPSP2) (Version: 20040219.000000 - Microsoft Corporation)
Hotfix für Windows XP (KB2443685) (HKLM\...\KB2443685) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB2570791) (HKLM\...\KB2570791) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB952287) (HKLM\...\KB952287) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB961118) (HKLM\...\KB961118) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB976098-v2) (HKLM\...\KB976098-v2) (Version: 2 - Microsoft Corporation)
Hotfix für Windows XP (KB979306) (HKLM\...\KB979306) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB981793) (HKLM\...\KB981793) (Version: 1 - Microsoft Corporation)
hp deskjet 3320 series (HKLM\...\hp deskjet 3320 series_Driver) (Version: - )
hp deskjet 3320 series (nur entfernen) (HKLM\...\hp deskjet 3320 series) (Version: - )
InterVideo DeviceService (HKLM\...\{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}) (Version: 1.0.0 - InterVideo)
InterVideo DVDCopy5 (HKLM\...\{C167A588-87AA-47BF-A88E-5B0F9A14480D}) (Version: 5.0-B4.45 - InterVideo Inc.)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Media & Office Keyboard (HKLM\...\OfficeKB) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office XP Small Business (HKLM\...\{91130407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 36.0.1 (x86 de) (HKLM\...\Mozilla Firefox 36.0.1 (x86 de)) (Version: 36.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MySQL Connector/ODBC 3.51 (HKLM\...\{0CB3C535-1171-4A20-B549-E2CB5DEB9723}) (Version: 3.51.12 - MySQL AB)
Nero 9 Lite (HKLM\...\{53205192-a183-469b-8d43-7adad9c360cc}) (Version: - Nero AG)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: - )
NVIDIA GeForce Experience 1.6.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.6.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 327.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.23 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA nView 140.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 140.62 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
Opera Stable 27.0.1689.76 (HKLM\...\Opera 27.0.1689.76) (Version: 27.0.1689.76 - Opera Software ASA)
QuickTime (HKLM\...\{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}) (Version: 7.1.3.100 - Apple Computer, Inc.)
RealDownloader (Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
REALTEK GbE & FE Ethernet PCI-E NIC Driver (HKLM\...\{C9BED750-1211-4480-B1A5-718A3BE15525}) (Version: 1.23.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.5809 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SAMSUNG USB Mobile Device Software (HKLM\...\SAMSUNG USB Mobile Device) (Version: - )
Sicherheitsupdate für Microsoft Windows (KB2564958) (HKLM\...\KB2564958) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2183461) (HKLM\...\KB2183461-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2482017) (HKLM\...\KB2482017-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2510531) (HKLM\...\KB2510531-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2544521) (HKLM\...\KB2544521-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2586448) (HKLM\...\KB2586448-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB971961) (HKLM\...\KB971961-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB976325) (HKLM\...\KB976325-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB978207) (HKLM\...\KB978207-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB981332) (HKLM\...\KB981332-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB982381) (HKLM\...\KB982381-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Media Encoder (KB2447961) (HKLM\...\KB2447961_WM9L) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows Media Encoder (KB954156) (HKLM\...\KB954156_WM9L) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows Media Encoder (KB979332) (HKLM\...\KB979332_WM9L) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB2378111) (HKLM\...\KB2378111_WM9) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB952069) (HKLM\...\KB952069_WM9) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB954155) (HKLM\...\KB954155_WM9) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB968816) (HKLM\...\KB968816_WM9) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB973540) (HKLM\...\KB973540_WM9) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB975558) (HKLM\...\KB975558_WM8) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB978695) (HKLM\...\KB978695_WM9) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB979402) (HKLM\...\KB979402_WM9) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2079403) (HKLM\...\KB2079403) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2115168) (HKLM\...\KB2115168) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2121546) (HKLM\...\KB2121546) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2160329) (HKLM\...\KB2160329) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2229593) (HKLM\...\KB2229593) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2259922) (HKLM\...\KB2259922) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2286198) (HKLM\...\KB2286198) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2296011) (HKLM\...\KB2296011) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2347290) (HKLM\...\KB2347290) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2360937) (HKLM\...\KB2360937) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2387149) (HKLM\...\KB2387149) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2393802) (HKLM\...\KB2393802) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2412687) (HKLM\...\KB2412687) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2419632) (HKLM\...\KB2419632) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2423089) (HKLM\...\KB2423089) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2440591) (HKLM\...\KB2440591) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2443105) (HKLM\...\KB2443105) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2476490) (HKLM\...\KB2476490) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2476687) (HKLM\...\KB2476687) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2478960) (HKLM\...\KB2478960) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2478971) (HKLM\...\KB2478971) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2479628) (HKLM\...\KB2479628) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2479943) (HKLM\...\KB2479943) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2481109) (HKLM\...\KB2481109) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2483185) (HKLM\...\KB2483185) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2485376) (HKLM\...\KB2485376) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2485663) (HKLM\...\KB2485663) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2506212) (HKLM\...\KB2506212) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2507618) (HKLM\...\KB2507618) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2507938) (HKLM\...\KB2507938) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2508272) (HKLM\...\KB2508272) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2508429) (HKLM\...\KB2508429) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2509553) (HKLM\...\KB2509553) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2535512) (HKLM\...\KB2535512) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2536276-v2) (HKLM\...\KB2536276-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2544893-v2) (HKLM\...\KB2544893-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2562937) (HKLM\...\KB2562937) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2566454) (HKLM\...\KB2566454) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2567053) (HKLM\...\KB2567053) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2567680) (HKLM\...\KB2567680) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2570222) (HKLM\...\KB2570222) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2570947) (HKLM\...\KB2570947) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2592799) (HKLM\...\KB2592799) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB923561) (HKLM\...\KB923561) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB923789) (HKLM\...\KB923789) (Version: - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB946648) (HKLM\...\KB946648) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB950762) (HKLM\...\KB950762) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB950974) (HKLM\...\KB950974) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB951066) (HKLM\...\KB951066) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB951376-v2) (HKLM\...\KB951376-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB951748) (HKLM\...\KB951748) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB952004) (HKLM\...\KB952004) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB952954) (HKLM\...\KB952954) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB955069) (HKLM\...\KB955069) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956572) (HKLM\...\KB956572) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956744) (HKLM\...\KB956744) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956802) (HKLM\...\KB956802) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956803) (HKLM\...\KB956803) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956844) (HKLM\...\KB956844) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB957097) (HKLM\...\KB957097) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB958644) (HKLM\...\KB958644) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB958687) (HKLM\...\KB958687) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB958869) (HKLM\...\KB958869) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB959426) (HKLM\...\KB959426) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB960225) (HKLM\...\KB960225) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB960803) (HKLM\...\KB960803) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB960859) (HKLM\...\KB960859) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB961501) (HKLM\...\KB961501) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB969059) (HKLM\...\KB969059) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB969947) (HKLM\...\KB969947) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB970238) (HKLM\...\KB970238) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB970430) (HKLM\...\KB970430) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB971468) (HKLM\...\KB971468) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB971486) (HKLM\...\KB971486) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB971557) (HKLM\...\KB971557) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB971633) (HKLM\...\KB971633) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB971657) (HKLM\...\KB971657) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB972270) (HKLM\...\KB972270) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973354) (HKLM\...\KB973354) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973507) (HKLM\...\KB973507) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973525) (HKLM\...\KB973525) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973869) (HKLM\...\KB973869) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973904) (HKLM\...\KB973904) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974112) (HKLM\...\KB974112) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974318) (HKLM\...\KB974318) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974392) (HKLM\...\KB974392) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974571) (HKLM\...\KB974571) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975025) (HKLM\...\KB975025) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975467) (HKLM\...\KB975467) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975560) (HKLM\...\KB975560) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975561) (HKLM\...\KB975561) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975562) (HKLM\...\KB975562) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975713) (HKLM\...\KB975713) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB976325) (Version: 1 - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows XP (KB977165-v2) (HKLM\...\KB977165-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB977816) (HKLM\...\KB977816) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB977914) (HKLM\...\KB977914) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978037) (HKLM\...\KB978037) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978251) (HKLM\...\KB978251) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978262) (HKLM\...\KB978262) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978338) (HKLM\...\KB978338) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978542) (HKLM\...\KB978542) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978601) (HKLM\...\KB978601) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978706) (HKLM\...\KB978706) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979309) (HKLM\...\KB979309) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979482) (HKLM\...\KB979482) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979559) (HKLM\...\KB979559) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979683) (HKLM\...\KB979683) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979687) (HKLM\...\KB979687) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB980195) (HKLM\...\KB980195) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB980218) (HKLM\...\KB980218) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB980232) (HKLM\...\KB980232) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB980436) (HKLM\...\KB980436) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB981322) (HKLM\...\KB981322) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB981852) (HKLM\...\KB981852) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB981997) (HKLM\...\KB981997) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB982132) (HKLM\...\KB982132) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB982214) (HKLM\...\KB982214) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB982665) (HKLM\...\KB982665) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB982802) (HKLM\...\KB982802) (Version: 1 - Microsoft Corporation)
Skins (Version: 2009.0225.1546.28221 - ATI) Hidden
SmartSound Quicktracks Plugin (HKLM\...\InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}) (Version: 3.0.5.0 - SmartSound Software Inc)
SmartSound Quicktracks Plugin (Version: 3.0.5.0 - SmartSound Software Inc) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15.1 - TeamSpeak Systems GmbH)
Ulead VideoStudio 11 (HKLM\...\InstallShield_{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}) (Version: 11.0.0.0000 - InterVideo Digital Technology Corporation)
upapp (HKLM\...\{4EF69D40-4DC9-485E-95D3-B1C22F218FC8}) (Version: 0.20.0000 - Hewlett-Packard)
Update für Windows Internet Explorer 8 (KB975364) (HKLM\...\KB975364-IE8) (Version: 1 - Microsoft Corporation)
Update für Windows Internet Explorer 8 (KB976662) (HKLM\...\KB976662-IE8) (Version: 1 - Microsoft Corporation)
Update für Windows Internet Explorer 8 (KB980182) (HKLM\...\KB980182-IE8) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2141007) (HKLM\...\KB2141007) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB951978) (HKLM\...\KB951978) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
VideoStudio (Version: 11.0.0.0000 - InterVideo Digital Technology Corporation) Hidden
VLC media player 1.0.3 (HKLM\...\VLC media player) (Version: 1.0.3 - VideoLAN Team)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM\...\Windows Media Encoder 9) (Version: - )
Windows Media Format Runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031514 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
XMedia Recode 2.2.5.0 (HKLM\...\XMedia Recode) (Version: 2.2.5.0 - Sebastian Dörfler)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-796845957-926492609-839522115-1003_Classes\CLSID\{A863CE12-5BDE-4B93-90DC-16D2078C0317}\InprocServer32 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{64937408-0582-4B1C-9C31-D08E175394CA}\soft (the data entry has 15 more characters).
==================== Restore Points =========================
09-03-2015 06:58:11 Wiederherstellungsvorgang
09-03-2015 14:06:59 Revo Uninstaller's restore point - softonic-de3 Toolbar
11-03-2015 08:37:17 Systemprüfpunkt
12-03-2015 16:03:04 vor combifox
13-03-2015 09:35:16 Software Distribution Service 3.0
15-03-2015 10:03:19 Systemprüfpunkt
16-03-2015 12:15:53 Systemprüfpunkt
18-03-2015 09:08:24 Systemprüfpunkt
19-03-2015 16:16:13 Systemprüfpunkt
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-02-28 13:00 - 2015-03-12 16:23 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Programme\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Programme\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job => C:\Programme\RealNetworks\RealDownloader\recordingmanager.exe
Task: C:\WINDOWS\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-796845957-926492609-839522115-1003.job => C:\Programme\RealNetworks\RealDownloader\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job => C:\Programme\RealNetworks\RealDownloader\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-796845957-926492609-839522115-1003.job => C:\Programme\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job => C:\Programme\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-796845957-926492609-839522115-1003.job => C:\Programme\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job => C:\Programme\Real\RealUpgrade\realupgrade.exe
==================== Loaded Modules (whitelisted) ==============
2009-02-27 16:41 - 2009-02-27 16:41 - 00311296 _____ () C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU
2013-05-22 19:50 - 2013-05-22 19:50 - 00400704 _____ () C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
2006-02-28 13:00 - 2008-04-14 07:52 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2010-08-18 11:07 - 2010-03-04 22:38 - 00071096 _____ () C:\Programme\CDBurnerXP\NMSAccessU.exe
2013-08-14 14:19 - 2013-08-14 14:19 - 00039056 _____ () C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Dokumente und Einstellungen\All Users\Desktop:$SS_DESCRIPTOR_PVX2VCGFMVF9V8N4TKBRVDNGCMPLJ9M9YWPP96MVV4VTJFVVMJVM
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> (Kein)
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> (Kein)
HKU\S-1-5-21-796845957-926492609-839522115-1003\Control Panel\Desktop\\Wallpaper -> C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
HKU\S-1-5-21-796845957-926492609-839522115-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
HKU\S-1-5-21-796845957-926492609-839522115-1010\Control Panel\Desktop\\Wallpaper -> (Kein)
HKU\S-1-5-21-796845957-926492609-839522115-1010-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> (Kein)
DNS Servers: 192.168.178.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Administrator (S-1-5-21-796845957-926492609-839522115-500 - Administrator - Enabled)
ASPNET (S-1-5-21-796845957-926492609-839522115-1009 - Limited - Enabled)
Gast (S-1-5-21-796845957-926492609-839522115-501 - Limited - Disabled)
Hilfeassistent (S-1-5-21-796845957-926492609-839522115-1000 - Limited - Disabled)
Slim (S-1-5-21-796845957-926492609-839522115-1003 - Administrator - Enabled) => %SystemDrive%\Dokumente und Einstellungen\Slim
SUPPORT_388945a0 (S-1-5-21-796845957-926492609-839522115-1002 - Limited - Disabled)
UpdatusUser (S-1-5-21-796845957-926492609-839522115-1010 - Limited - Enabled) => %SystemDrive%\Dokumente und Einstellungen\UpdatusUser
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/15/2015 11:09:22 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error: (03/13/2015 03:30:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error: (03/13/2015 03:11:25 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error: (03/13/2015 03:09:53 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error: (03/13/2015 09:34:40 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error: (03/11/2015 09:25:18 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error: (03/10/2015 06:24:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlgeschlagene Anwendung iexplore.exe, Version 8.0.6001.18702, fehlgeschlagenes Modul mshtml.dll, Version 8.0.6001.19154, Fehleradresse 0x0014cb6f.
Das medienspezifische Ereignis für [iexplore.exe!ws!] wird verarbeitet.
Error: (03/09/2015 03:10:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Stillstehende Anwendung mbar.exe, Version 1.9.1.1004, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error: (03/09/2015 01:54:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error: (03/09/2015 01:52:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
System errors:
=============
Error: (03/19/2015 03:11:09 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.
Error: (03/19/2015 06:44:56 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.
Error: (03/18/2015 10:14:32 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.
Error: (03/18/2015 08:43:19 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.
Error: (03/18/2015 07:18:48 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.
Error: (03/17/2015 06:48:10 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.
Error: (03/16/2015 05:25:23 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.
Error: (03/16/2015 00:03:04 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.
Error: (03/16/2015 06:24:29 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.
Error: (03/15/2015 05:11:08 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet.
Microsoft Office Sessions:
=========================
Error: (03/15/2015 11:09:22 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000
Error: (03/13/2015 03:30:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000
Error: (03/13/2015 03:11:25 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000
Error: (03/13/2015 03:09:53 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000
Error: (03/13/2015 09:34:40 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000
Error: (03/11/2015 09:25:18 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000
Error: (03/10/2015 06:24:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe8.0.6001.18702mshtml.dll8.0.6001.191540014cb6f
Error: (03/09/2015 03:10:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: mbar.exe1.9.1.1004hungapp0.0.0.000000000
Error: (03/09/2015 01:54:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000
Error: (03/09/2015 01:52:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000
==================== Memory info ===========================
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 4000+
Percentage of memory in use: 44%
Total physical RAM: 1535.29 MB
Available physical RAM: 853.4 MB
Total Pagefile: 3431.74 MB
Available Pagefile: 2649 MB
Total Virtual: 2047.88 MB
Available Virtual: 1949.99 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:48.83 GB) (Free:20.06 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: (Daten_1) (Fixed) (Total:25.7 GB) (Free:14.68 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 74.5 GB) (Disk ID: E4DFE4DF)
Partition 1: (Active) - (Size=48.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=25.7 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Malewarebytes AntiRootkit will nicht laufen: Scan failed steht da oooh man und warum speichert mozilla jetzt in der eingabeleiste nicht mehr meine Internetseite? muß ich die jetzt jedesmal neu eingeben??? Sonst bin ich auf den Pfeil der nach unten zeigt und dann war der Verlauf da...???? |
|
20.03.2015, 06:44
| #38 |
| /// the machine /// TB-Ausbilder | Maleware gefunden - was muß ich nun tun? Avira meldet nur Zeugs in der Systemwiederherstellung. Revo Uninstaller - Download - Filepony damit Firefox deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren. Dann: https://support.mozilla.org/de/kb/fi...einfach-loesen Aber nochmal: der Rechner darf eigentlich gar nicht mehr online sein.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
21.03.2015, 06:33
| #39 |
| | Maleware gefunden - was muß ich nun tun? ok und was mache ich damit er wieder online sein darf? Und wie? andere Frage: sind wir soweit durch? Oder brauchst Du noch was? Lösche ich das alles was ich bei der Arbeit mit Dir draufgemacht habe? Oder soll ich das ein oder andere drauflassen? (Revo Uninstaller find ich gut der bleibt drauf ;-) ) ich weiß sind jetzt viele Fragen...:-) PS: ach ja den Link den Du mir bezügl. Mozillainfo gegeben hast (support) den habe ich auch gefunden schon...bin aber kläglich gescheitert :-( Der Mozilla hat mich vereiert...habe gmacht wie Du gesagt hast, war auch alles ok, als ich das zweite mal rein bin, hat er gerechnet wie blöd und ich hatte im niegelagelneuen Mozilla tauchten wieder Daten auf, die ich auch froh war weg zu haben....grummel.... Beim hochstarten kommt immer noch die Meldung das ein Programm fehlt. Das habe ich seitdem ich denn CCleaner hab drüberlaufen lassen damals....(was ich niiiieee wieder tun werde - zumindest ohne Anleitung)... |
|
21.03.2015, 16:32
| #40 | |
| /// the machine /// TB-Ausbilder | Maleware gefunden - was muß ich nun tun?Zitat:
Kannste mir nen Screenshot von der Meldung zeigen?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
22.03.2015, 10:56
| #41 |
| | Maleware gefunden - was muß ich nun tun? Ich weiß nicht wie das hier im Forum geht mit dem screenshot einfügen bzw. wie ich die Datei verkleiner (hab ich noch nie gemacht und probier schon den ganzen morgen rum) aber direkt nach dem hochfahren erscheint ein blaues fenster und da steht drin: Could not load file assembly 'sorttbls.nlp' one of it's dependencies. das System konnte die angegebene Datei nicht finden. und darunter der Button: Okay Geändert von mysteryPC (22.03.2015 um 11:10 Uhr) |
|
22.03.2015, 17:45
| #42 |
| /// the machine /// TB-Ausbilder | Maleware gefunden - was muß ich nun tun? Kannste den Screenshot bei irgend einem Filehoster hochladen?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
22.03.2015, 17:53
| #43 |
| | Maleware gefunden - was muß ich nun tun? ich weiß wie man einen screenshot via email versendet ...(also von meinem email Postfach ausgehend) würde das helfen? |
|
22.03.2015, 18:15
| #44 |
| | Maleware gefunden - was muß ich nun tun? tataaa :-)))) |
|
23.03.2015, 09:24
| #45 |
| /// the machine /// TB-Ausbilder | Maleware gefunden - was muß ich nun tun? Merkwürdig. FRST öffnen, Haken setzen bei Addition und scannen, poste bitte beide Logs. Achtung: Mach den FRST Scan erst wenn das Fenster da ist, und lass das Fenster stehen, nicht weg klicken.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Maleware gefunden - was muß ich nun tun? |
| andere, anderen, antivirusprogramm, avira, dahinter, einfach, emails, erneut, frage, freue, herausfinden, hoffe, klicke, korrekt, links, maleware, nummer, nummern, ordner, quarantäne, richtig, rubrik, verschoben, wirklich, worte, ändern |
Linear-Darstellung
