| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Maleware gefunden - was muß ich nun tun?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
08.03.2015, 16:05
| #1 |
 |  Maleware gefunden - was muß ich nun tun? Hallo, ich hoffe ich bin in dieser Rubrik richtig, heute wurde von meinem Antivirusprogramm (Avira) das erstem Mal Maleware gefunden. Diese habe ich in den Ordner Quarantäne verschoben und dann gelöscht. Daraufhin habe ich das Virusprogramm erneut durchlaufen lassen, diesmal ohne Fund. War / Ist das korrekt so? Wie kann ich herausfinden ob schon Schaden angerichtet wurde und ob die wirklich gelöscht sind so einfach? Muß ich jetzt alle meine Passwörte ändern? Wo kommen die her? Ich klicke nie Links in eMails an die ich bekomme die ich nicht 100%ig kenne) Es handelte sich um: tr/zbot.palsh tr/cript.xpack.119403 und die anderen beiden waren auch tr/cript.xpack. (aber mit anderen Nummern dahinter) Würde mich freuen wenn mir jemand meine Frage hilfreich beantworten würde. viele Dankende Grüße mysteryPC |
|
08.03.2015, 16:06
| #2 |
| /// the machine /// TB-Ausbilder    | Maleware gefunden - was muß ich nun tun? hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
08.03.2015, 17:54
| #3 |
| | Maleware gefunden - was muß ich nun tun? Hallo Schrauber, ich habe mir jetzt das FRST64 runtergeladen und es ist auch gelaufen (auf der Website steht das eh nur ein Programm von den beiden läuft von daher denke ich das war das richtige), aber ich finde kein #-Symbol und damit weiß ich nicht wie ich Dir was rübersenden soll...Er hat eine schadhafte Datei gefunden...
__________________würde mich freuen wenn Du mir da weiterhilfst (bin totaler PC-Leghateniker aber ich gebe mein bestes) PS: es sind auch keine Logdateien oder so auf meinem desktop...:-( |
|
08.03.2015, 19:30
| #4 | |
| /// the machine /// TB-Ausbilder | Maleware gefunden - was muß ich nun tun?Zitat:
Und nach dem Lauf öffnen sich automatisch zwei Logfiles. Sicher dass Du das korrekte Tool geladen hast und nicht auf WErbung geklickt hast?  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
08.03.2015, 20:08
| #5 |
| | Maleware gefunden - was muß ich nun tun? Juhuu jetzt hab ichs: FRST.txt.: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-03-2015 03
Ran by Slim (administrator) on SLIM-36FB768E46 on 08-03-2015 20:00:37
Running from C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temporary Internet Files\Content.IE5\4UGBU3HV
Loaded Profiles: Slim & UpdatusUser (Available profiles: Slim & UpdatusUser)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\sched.exe
(Advanced Micro Devices Inc.) C:\Programme\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(HP) C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
(Apple Computer, Inc.) C:\Programme\QuickTime\qttask.exe
(Dritek System Inc.) C:\PROGRA~1\OfficeKB\OfficeKB.EXE
(Dritek System Inc.) C:\PROGRA~1\OfficeKB\KPDrv4XP.EXE
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(NVIDIA Corporation) C:\Programme\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avgnt.exe
(RealNetworks, Inc.) C:\Programme\Real\RealPlayer\Update\realsched.exe
(Microsoft Corporation) C:\Programme\Messenger\msmsgs.exe
() C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
(InterVideo Inc.) C:\Programme\Gemeinsame Dateien\InterVideo\Common\Bin\WinCinemaMgr.exe
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avguard.exe
(InterVideo Inc.) C:\Programme\Gemeinsame Dateien\InterVideo\DeviceService\DevSvc.exe
(ATI Technologies Inc.) C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Ellora Assets Corp.) C:\Programme\Freemake\CaptureLib\CaptureLibService.exe
(Microsoft Corporation) C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
() C:\Programme\CDBurnerXP\NMSAccessU.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(NVIDIA Corporation) C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe
(Reimage®) C:\Programme\Reimage\Reimage Protector\ReiGuard.exe
(Reimage®) C:\Programme\Reimage\Reimage Protector\ReiSystem.exe
(Ulead Systems, Inc.) C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Microsoft Corporation) C:\Programme\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Programme\Internet Explorer\iexplore.exe
(RealNetworks, Inc.) C:\Programme\RealNetworks\RealDownloader\recordingmanager.exe
(Microsoft Corporation) C:\Programme\Internet Explorer\iexplore.exe
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\update.exe
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\updrgui.exe
(Farbar) C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temporary Internet Files\Content.IE5\4UGBU3HV\FRST[1].exe
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\update.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [StartCCC] => C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2009-02-25] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [17531392 2009-03-12] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2011-01-31] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [HPDJ Taskbar Utility] => C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe [188416 2002-07-10] (HP)
HKLM\...\Run: [UVS11 Preload] => C:\Programme\Ulead Systems\Ulead VideoStudio 11\uvPL.exe [341232 2007-07-23] (InterVideo Digital Technology Corporation)
HKLM\...\Run: [QuickTime Task] => C:\Programme\QuickTime\qttask.exe [282624 2006-09-01] (Apple Computer, Inc.)
HKLM\...\Run: [OfficeKB] => C:\Programme\OfficeKB\OfficeKB.EXE [200704 2004-10-22] (Dritek System Inc.)
HKLM\...\Run: [KPDrv4XP] => C:\Programme\OfficeKB\KPDrv4XP.EXE [32768 2003-06-12] (Dritek System Inc.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
HKLM\...\Run: [nwiz] => C:\Programme\NVIDIA Corporation\nview\nwiz.exe [2586912 2013-09-12] ()
HKLM\...\Run: [Nvtmru] => C:\Programme\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-08-27] (NVIDIA Corporation)
HKLM\...\Run: [avgnt] => C:\Programme\Avira\AntiVir Desktop\avgnt.exe [703280 2015-03-05] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [TkBellExe] => C:\Programme\Real\RealPlayer\update\realsched.exe [295512 2014-04-29] (RealNetworks, Inc.)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
HKU\S-1-5-21-796845957-926492609-839522115-1003\...\Run: [MSMSGS] => C:\Programme\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-796845957-926492609-839522115-1003\...\Run: [AmazonMP3DownloaderHelper] => C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()
HKU\S-1-5-21-796845957-926492609-839522115-1003\...\MountPoints2: {31dc8b12-1fbe-11e3-b359-0019dbcf6bff} - H:\VTP_Manager.exe
HKU\S-1-5-21-796845957-926492609-839522115-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssmarque.scr [20992 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [DeleteEngineAfterUpdate] => reg DELETE HKCU\Software\ConduitEngine /f
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\InterVideo WinCinema Manager.lnk
ShortcutTarget: InterVideo WinCinema Manager.lnk -> C:\Programme\Gemeinsame Dateien\InterVideo\Common\Bin\WinCinemaMgr.exe (InterVideo Inc.)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Programme\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-796845957-926492609-839522115-1003\Software\Microsoft\Internet Explorer\Main,Start Page = Google
HKU\S-1-5-21-796845957-926492609-839522115-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: HKU\S-1-5-21-796845957-926492609-839522115-1003 - ST-de3 Toolbar - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\prxtbsof2.dll (Conduit Ltd.)
URLSearchHook: [S-1-5-21-796845957-926492609-839522115-1010] ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKU\S-1-5-21-796845957-926492609-839522115-1003 -> DefaultScope {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431245
SearchScopes: HKU\S-1-5-21-796845957-926492609-839522115-1003 -> {0D7562AE-8EF6-416d-A838-AB665251703A} URL = hxxp://start.facemoods.com/?a=stonicde&s={searchTerms}&f=4
SearchScopes: HKU\S-1-5-21-796845957-926492609-839522115-1003 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch
SearchScopes: HKU\S-1-5-21-796845957-926492609-839522115-1003 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL =
SearchScopes: HKU\S-1-5-21-796845957-926492609-839522115-1003 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431245
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22] (Adobe Systems Incorporated)
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14] (RealDownloader)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Programme\Google\GoogleToolbarNotifier\5.10.11023.1534\swg.dll [2015-03-03] (Google Inc.)
BHO: ST-de3 Toolbar -> {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} -> C:\Programme\softonic-de3\prxtbsof2.dll [2013-11-06] (Conduit Ltd.)
Toolbar: HKLM - ST-de3 Toolbar - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\prxtbsof2.dll [2013-11-06] (Conduit Ltd.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.)
Toolbar: HKU\.DEFAULT -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.)
Toolbar: HKU\.DEFAULT -> ST-de3 Toolbar - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Programme\softonic-de3\prxtbsof2.dll [2013-11-06] (Conduit Ltd.)
Toolbar: HKU\S-1-5-21-796845957-926492609-839522115-1003 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKU\S-1-5-21-796845957-926492609-839522115-1003 -> ST-de3 Toolbar - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Programme\softonic-de3\prxtbsof2.dll [2013-11-06] (Conduit Ltd.)
Toolbar: HKU\S-1-5-21-796845957-926492609-839522115-1003 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.)
Toolbar: HKU\S-1-5-21-796845957-926492609-839522115-1003 -> No Name - {41564952-412D-5637-4300-7A786E7484D7} - No File
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Dokumente und Einstellungen\Slim\Anwendungsdaten\Mozilla\Firefox\Profiles\i64sllul.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-04] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Programme\Microsoft Silverlight\3.0.40818.0\npctrl.dll [2009-08-17] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.3.51 -> C:\Programme\Real\RealPlayer\Netscape6\nppl3260.dll [2014-04-29] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-10-28] (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-10-28] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 -> C:\Programme\Real\RealPlayer\Netscape6\nprpplugin.dll [2014-04-29] (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-08-14] (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Programme\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Programme\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-01-16]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-10-28]
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: No Name - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-06-12]
FF HKLM\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Programme\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com
FF Extension: Freemake Video Downloader Plugin - C:\Programme\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com [2014-06-06]
FF HKLM\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Programme\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com
FF Extension: Freemake Youtube Download Button - C:\Programme\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2014-06-06]
Chrome:
=======
CHR Profile: C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk(2) [2014-02-11]
CHR HKLM\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Programme\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2014-06-06]
CHR HKLM\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Programme\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx [2014-06-06]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [ihflimipbcaljfnojhhknppphnnciiif] - C:\Programme\facemoods.com\facemoods\1.4.17.3\facemoods.crx [Not Found]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Programme\Avira\AntiVir Desktop\sched.exe [432888 2015-03-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Programme\Avira\AntiVir Desktop\avguard.exe [432888 2015-03-05] (Avira Operations GmbH & Co. KG)
S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [593920 2009-02-25] () [File not signed]
R2 Capture Device Service; C:\Programme\Gemeinsame Dateien\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.)
S2 Freemake Improver; C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-05-22] (Freemake) [File not signed]
R2 FreemakeVideoCapture; C:\Programme\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-05-22] (Ellora Assets Corp.) [File not signed]
S3 getPlusHelper; C:\Programme\NOS\bin\getPlus_Helper.dll [67360 2009-12-17] (NOS Microsystems Ltd.)
S2 gupdate; C:\Programme\Google\Update\GoogleUpdate.exe [116648 2013-08-14] (Google Inc.)
S3 gupdatem; C:\Programme\Google\Update\GoogleUpdate.exe [116648 2013-08-14] (Google Inc.)
S3 gusvc; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [194032 2013-10-10] (Google)
R2 MDM; C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe [322120 2003-06-19] (Microsoft Corporation)
S3 MozillaMaintenance; C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe [114800 2015-01-27] (Mozilla Foundation)
R2 NMSAccess; C:\Programme\CDBurnerXP\NMSAccessU.exe [71096 2010-03-04] ()
R2 nvUpdatusService; C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2155296 2013-08-27] (NVIDIA Corporation)
R2 RealNetworks Downloader Resolver Service; C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 ReimageRealTimeProtector; C:\Programme\Reimage\Reimage Protector\ReiGuard.exe [6079848 2015-01-14] (Reimage®)
R2 UleadBurningHelper; C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe [67056 2007-03-03] (Ulead Systems, Inc.)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1684736 2008-08-05] (Creative)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [105864 2015-03-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\System32\DRIVERS\avipbb.sys [136216 2015-03-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\System32\DRIVERS\avkmgr.sys [37352 2013-12-09] (Avira Operations GmbH & Co. KG)
R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [24232 2009-02-17] (Elaborate Bytes AG)
R3 HIDKbFlt; C:\WINDOWS\System32\drivers\HIDKbFlt.sys [21120 2004-12-14] (Dritek System Inc.) [File not signed]
R3 Iviaspi; C:\WINDOWS\System32\drivers\iviaspi.sys [10368 2005-09-20] (InterVideo, Inc.) [File not signed]
R0 iviVD; C:\WINDOWS\System32\DRIVERS\iviVD.sys [45056 2005-11-16] (InterVideo)
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1389056 2006-01-04] (Creative Technology Ltd.)
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.)
R3 NVHDA; C:\WINDOWS\System32\drivers\nvhda32.sys [128672 2013-06-16] (NVIDIA Corporation)
R1 ssmdrv; C:\WINDOWS\System32\DRIVERS\ssmdrv.sys [28520 2013-12-09] (Avira GmbH)
S3 ss_bbus; C:\WINDOWS\System32\DRIVERS\ss_bbus.sys [98432 2009-09-19] (MCCI)
S3 ss_bmdfl; C:\WINDOWS\System32\DRIVERS\ss_bmdfl.sys [14848 2009-09-19] (MCCI Corporation)
S3 ss_bmdm; C:\WINDOWS\System32\DRIVERS\ss_bmdm.sys [123648 2009-09-19] (MCCI Corporation)
S3 ss_bserd; C:\WINDOWS\System32\DRIVERS\ss_bserd.sys [100224 2009-09-19] (MCCI Corporation)
S3 StarOpen; C:\WINDOWS\system32\Drivers\StarOpen.sys [7168 2009-11-12] () [File not signed]
S3 cpuz134; \??\C:\DOKUME~1\Slim\LOKALE~1\Temp\cpuz134\cpuz134_x32.sys [X]
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
U3 Winsock - Google Desktop Search Backup Before First Install; No ImagePath
U3 Winsock - Google Desktop Search Backup Before Last Install; No ImagePath
U1 WS2IFSL; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-08 20:00 - 2015-03-08 20:00 - 00000000 ____D () C:\FRST
2015-03-08 17:33 - 2015-03-08 19:51 - 00000322 _____ () C:\WINDOWS\Tasks\ReimageUpdater.job
2015-03-08 17:32 - 2015-03-08 19:58 - 00000000 ____D () C:\Programme\Reimage
2015-03-08 17:32 - 2015-03-08 17:34 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Reimage Protector
2015-03-08 17:29 - 2015-03-08 18:04 - 00000165 _____ () C:\WINDOWS\Reimage.ini
2015-03-08 16:59 - 2015-03-08 17:00 - 00016486 _____ () C:\WINDOWS\KB2807986.log
2015-03-08 16:59 - 2015-03-08 16:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2807986$
2015-03-08 16:52 - 2015-03-08 16:52 - 00013796 _____ () C:\WINDOWS\KB2868038.log
2015-03-08 16:52 - 2015-03-08 16:52 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868038$
2015-03-08 16:51 - 2015-03-08 16:52 - 00011537 _____ () C:\WINDOWS\KB978695.log
2015-03-08 16:48 - 2015-03-08 16:48 - 00014698 _____ () C:\WINDOWS\KB2603381.log
2015-03-08 16:48 - 2015-03-08 16:48 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2603381$
2015-03-08 16:47 - 2015-03-08 16:47 - 00015361 _____ () C:\WINDOWS\KB952069.log
2015-03-08 16:47 - 2015-03-08 16:47 - 00010517 _____ () C:\WINDOWS\KB2834903-v2.log
2015-03-08 16:47 - 2015-03-08 16:47 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2834903-v2_WM10L$
2015-03-08 16:46 - 2015-03-08 16:47 - 00015844 _____ () C:\WINDOWS\KB2698365.log
2015-03-08 16:46 - 2015-03-08 16:47 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2698365$
2015-03-08 16:41 - 2015-03-08 16:41 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2723135-v2$
2015-03-08 16:40 - 2015-03-08 16:41 - 00014505 _____ () C:\WINDOWS\KB2723135-v2.log
2015-03-08 16:40 - 2015-03-08 16:40 - 00011957 _____ () C:\WINDOWS\KB2909210-IE8.log
2015-03-08 16:40 - 2015-03-08 16:40 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862330$
2015-03-08 16:36 - 2015-03-08 16:47 - 00003199 _____ () C:\WINDOWS\updspapi.log
2015-03-08 16:35 - 2015-03-08 16:36 - 00014632 _____ () C:\WINDOWS\KB2936068-IE8.log
2015-03-08 16:32 - 2015-03-08 16:36 - 00009501 _____ () C:\WINDOWS\KB2868626.log
2015-03-08 16:30 - 2015-03-08 16:36 - 00007391 _____ () C:\WINDOWS\KB2922229.log
2015-03-08 16:30 - 2015-03-08 16:36 - 00007290 _____ () C:\WINDOWS\KB2712808.log
2015-03-08 16:23 - 2015-03-08 16:36 - 00007294 _____ () C:\WINDOWS\KB2916036.log
2015-03-08 16:22 - 2015-03-08 16:36 - 00007194 _____ () C:\WINDOWS\KB2780091.log
2015-03-08 16:22 - 2015-03-08 16:35 - 00007190 _____ () C:\WINDOWS\KB2864063.log
2015-03-08 16:22 - 2015-03-08 16:35 - 00007090 _____ () C:\WINDOWS\KB2585542.log
2015-03-08 16:21 - 2015-03-08 16:35 - 00007412 _____ () C:\WINDOWS\KB2930275.log
2015-03-08 16:21 - 2015-03-08 16:35 - 00006895 _____ () C:\WINDOWS\KB2876217.log
2015-03-08 16:21 - 2015-03-08 16:35 - 00006890 _____ () C:\WINDOWS\KB2802968.log
2015-03-08 16:21 - 2015-03-08 16:35 - 00006800 _____ () C:\WINDOWS\KB2631813.log
2015-03-08 16:21 - 2015-03-08 16:35 - 00006789 _____ () C:\WINDOWS\KB2847311.log
2015-03-08 16:20 - 2015-03-08 16:35 - 00006794 _____ () C:\WINDOWS\KB2898715.log
2015-03-08 16:20 - 2015-03-08 16:35 - 00006791 _____ () C:\WINDOWS\KB2929961.log
2015-03-08 16:19 - 2015-03-08 16:34 - 00006791 _____ () C:\WINDOWS\KB2850869.log
2015-03-08 16:19 - 2015-03-08 16:34 - 00006704 _____ () C:\WINDOWS\KB2691442.log
2015-03-08 16:18 - 2015-03-08 16:34 - 00006590 _____ () C:\WINDOWS\KB2655992.log
2015-03-08 16:16 - 2015-03-08 16:34 - 00006590 _____ () C:\WINDOWS\KB2862152.log
2015-03-08 16:16 - 2015-03-08 16:34 - 00006487 _____ () C:\WINDOWS\KB2598479.log
2015-03-08 16:16 - 2015-03-08 16:34 - 00006399 _____ () C:\WINDOWS\KB2719985.log
2015-03-08 16:14 - 2015-03-08 17:00 - 00065980 _____ () C:\WINDOWS\iis6.log
2015-03-08 16:14 - 2015-03-08 17:00 - 00061829 _____ () C:\WINDOWS\FaxSetup.log
2015-03-08 16:14 - 2015-03-08 17:00 - 00029560 _____ () C:\WINDOWS\ocgen.log
2015-03-08 16:14 - 2015-03-08 17:00 - 00028210 _____ () C:\WINDOWS\tsoc.log
2015-03-08 16:14 - 2015-03-08 17:00 - 00020447 _____ () C:\WINDOWS\comsetup.log
2015-03-08 16:14 - 2015-03-08 17:00 - 00018630 _____ () C:\WINDOWS\msmqinst.log
2015-03-08 16:14 - 2015-03-08 17:00 - 00012380 _____ () C:\WINDOWS\ntdtcsetup.log
2015-03-08 16:14 - 2015-03-08 17:00 - 00010830 _____ () C:\WINDOWS\netfxocm.log
2015-03-08 16:14 - 2015-03-08 17:00 - 00004250 _____ () C:\WINDOWS\MedCtrOC.log
2015-03-08 16:14 - 2015-03-08 17:00 - 00003420 _____ () C:\WINDOWS\ocmsn.log
2015-03-08 16:14 - 2015-03-08 17:00 - 00003110 _____ () C:\WINDOWS\tabletoc.log
2015-03-08 16:14 - 2015-03-08 17:00 - 00003090 _____ () C:\WINDOWS\msgsocm.log
2015-03-08 16:14 - 2015-03-08 17:00 - 00001355 _____ () C:\WINDOWS\imsins.log
2015-03-08 16:14 - 2015-03-08 16:52 - 00001355 _____ () C:\WINDOWS\imsins.BAK
2015-03-08 16:14 - 2015-03-08 16:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2914368$
2015-03-08 16:13 - 2015-03-08 16:14 - 00007156 _____ () C:\WINDOWS\KB2914368.log
2015-03-08 16:06 - 2015-03-08 16:34 - 00006718 _____ () C:\WINDOWS\KB2859537.log
2015-03-08 16:06 - 2015-03-08 16:34 - 00006386 _____ () C:\WINDOWS\KB2876331.log
2015-03-08 16:06 - 2013-02-12 01:32 - 00012928 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usb8023x.sys
2015-03-08 16:06 - 2013-02-12 01:32 - 00012928 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usb8023.sys
2015-03-08 16:03 - 2013-07-17 01:58 - 00123008 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbvideo.sys
2015-03-08 16:03 - 2013-07-17 01:58 - 00046848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\irbus.sys
2015-03-08 16:02 - 2015-03-08 16:33 - 00006289 _____ () C:\WINDOWS\KB2820917.log
2015-03-08 16:02 - 2015-03-08 16:33 - 00006288 _____ () C:\WINDOWS\KB2893294.log
2015-03-08 16:02 - 2015-03-08 16:33 - 00006194 _____ () C:\WINDOWS\KB2757638.log
2015-03-08 16:01 - 2015-03-08 16:33 - 00006088 _____ () C:\WINDOWS\KB2653956.log
2015-03-08 16:01 - 2015-03-08 16:33 - 00005989 _____ () C:\WINDOWS\KB2892075.log
2015-03-08 16:01 - 2015-03-08 16:33 - 00005988 _____ () C:\WINDOWS\KB2749655.log
2015-03-08 16:00 - 2015-03-08 16:33 - 00005889 _____ () C:\WINDOWS\KB2619339.log
2015-03-08 15:59 - 2015-03-08 16:33 - 00006449 _____ () C:\WINDOWS\KB2813345.log
2015-03-08 15:59 - 2015-03-08 16:33 - 00005832 _____ () C:\WINDOWS\KB2705219-v2.log
2015-03-08 15:59 - 2015-03-08 16:33 - 00005686 _____ () C:\WINDOWS\KB2727528.log
2015-03-08 15:59 - 2013-08-09 01:55 - 00144128 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbport.sys
2015-03-08 15:59 - 2013-08-09 01:55 - 00005376 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbd.sys
2015-03-08 15:59 - 2009-03-18 12:02 - 00030336 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbehci.sys
2015-03-08 15:58 - 2015-03-08 16:32 - 00007050 _____ () C:\WINDOWS\KB2676562.log
2015-03-08 15:56 - 2014-03-06 18:58 - 11113472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SET6C1.tmp
2015-03-08 15:56 - 2014-03-06 18:58 - 06021632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SET6B9.tmp
2015-03-08 15:56 - 2014-03-06 18:58 - 02006016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SET6BF.tmp
2015-03-08 15:56 - 2014-03-06 18:58 - 01216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SET6B3.tmp
2015-03-08 15:56 - 2014-03-06 18:58 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\SET6BB.tmp
2015-03-08 15:56 - 2014-03-06 18:58 - 00522240 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsdbgui.dll
2015-03-08 15:56 - 2014-03-06 18:58 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\SET6B5.tmp
2015-03-08 15:56 - 2014-03-06 18:58 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SET6BA.tmp
2015-03-08 15:52 - 2015-03-08 16:30 - 00005386 _____ () C:\WINDOWS\KB2620712.log
2015-03-08 15:50 - 2015-03-08 16:15 - 00005352 _____ () C:\WINDOWS\KB2584146.log
2015-03-08 13:56 - 2015-03-08 13:56 - 00000000 __SHD () C:\Dokumente und Einstellungen\LocalService\IETldCache
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-08 20:02 - 2010-01-13 20:45 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp
2015-03-08 20:00 - 2013-06-21 05:50 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-03-08 19:58 - 2013-10-08 13:38 - 00009248 _____ () C:\WINDOWS\system32\nvAppTimestamps
2015-03-08 19:58 - 2010-01-13 20:38 - 01306619 _____ () C:\WINDOWS\WindowsUpdate.log
2015-03-08 19:58 - 2010-01-13 20:28 - 00000000 ___RD () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme
2015-03-08 19:55 - 2014-10-07 09:19 - 00000268 _____ () C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-796845957-926492609-839522115-1003.job
2015-03-08 19:55 - 2014-04-29 17:36 - 00000276 _____ () C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job
2015-03-08 19:55 - 2010-07-01 18:44 - 00000268 _____ () C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-796845957-926492609-839522115-1003.job
2015-03-08 19:55 - 2006-02-28 13:00 - 00013646 _____ () C:\WINDOWS\system32\wpa.dbl
2015-03-08 19:52 - 2010-01-13 20:31 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2015-03-08 19:52 - 2010-01-13 20:31 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2015-03-08 19:51 - 2014-04-29 17:48 - 00000290 _____ () C:\WINDOWS\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-796845957-926492609-839522115-1003.job
2015-03-08 19:51 - 2013-08-14 13:54 - 00001086 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-08 19:51 - 2010-01-13 20:44 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-03-08 19:14 - 2010-01-13 21:23 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2015-03-08 19:03 - 2013-08-14 13:54 - 00001090 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-08 18:40 - 2013-09-30 14:01 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Startmenü\Programme\Amazon
2015-03-08 18:40 - 2010-08-18 08:49 - 00000000 ____D () C:\Programme\Amazon
2015-03-08 18:39 - 2010-08-18 08:50 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Anwendungsdaten\Amazon
2015-03-08 18:39 - 2010-08-18 08:49 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Amazon
2015-03-08 18:37 - 2014-02-07 08:41 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Opera Software
2015-03-08 18:37 - 2014-02-07 08:41 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Anwendungsdaten\Opera Software
2015-03-08 18:37 - 2013-01-19 19:52 - 00000000 ____D () C:\Programme\Opera
2015-03-08 17:32 - 2010-01-13 20:29 - 00000000 ___RD () C:\Programme
2015-03-08 17:11 - 2010-01-13 20:44 - 00032566 _____ () C:\WINDOWS\SchedLgU.Txt
2015-03-08 17:10 - 2014-06-06 11:00 - 00131072 _____ () C:\WINDOWS\system32\config\CaptureL.evt
2015-03-08 17:10 - 2010-01-13 21:28 - 00524288 _____ () C:\WINDOWS\system32\config\ACEEvent.evt
2015-03-08 17:08 - 2010-01-13 20:29 - 01468408 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-03-08 16:59 - 2010-01-13 20:40 - 00000000 ___HD () C:\WINDOWS\$hf_mig$
2015-03-08 16:52 - 2013-07-23 11:12 - 00121165 _____ () C:\WINDOWS\setupapi.log
2015-03-08 16:40 - 2010-01-13 21:59 - 00000000 ____D () C:\WINDOWS\ie8updates
2015-03-08 16:37 - 2010-01-16 20:15 - 00000000 ____D () C:\WINDOWS\system32\XPSViewer
2015-03-08 16:10 - 2010-01-13 20:45 - 00000300 ___SH () C:\Dokumente und Einstellungen\Slim\ntuser.ini
2015-03-08 16:10 - 2010-01-13 20:45 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim
2015-03-08 15:22 - 2011-03-01 21:59 - 00054156 ____H () C:\WINDOWS\QTFont.qfn
2015-03-08 14:29 - 2011-05-27 14:14 - 00000000 ____D () C:\WINDOWS\system32\NtmsData
2015-03-08 13:56 - 2010-01-13 20:44 - 00000000 __SHD () C:\Dokumente und Einstellungen\LocalService
2015-03-08 12:24 - 2010-01-13 20:35 - 00000000 ____D () C:\WINDOWS\Registration
2015-03-08 11:27 - 2010-01-13 20:45 - 00000000 ___RD () C:\Dokumente und Einstellungen\Slim\Eigene Dateien\Eigene Bilder
2015-03-06 11:37 - 2014-04-29 17:48 - 00000298 _____ () C:\WINDOWS\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job
2015-03-05 14:41 - 2014-01-31 09:30 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2015-03-05 14:41 - 2014-01-31 09:30 - 00105864 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-03-03 14:36 - 2010-01-15 13:59 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Google
2015-03-02 14:23 - 2010-09-30 09:23 - 00002501 _____ () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Word.lnk
2015-02-23 08:27 - 2013-02-03 18:34 - 00000000 ____D () C:\Dokumente und Einstellungen\Slim\Anwendungsdaten\TS3Client
2015-02-21 11:24 - 2014-04-29 17:48 - 00000316 _____ () C:\WINDOWS\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job
2015-02-21 06:42 - 2010-01-13 20:43 - 00000000 __SHD () C:\Dokumente und Einstellungen\NetworkService
2015-02-17 18:20 - 2010-07-01 18:43 - 00000276 _____ () C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job
2015-02-13 19:29 - 2011-05-06 09:50 - 00000000 ___RD () C:\Dokumente und Einstellungen\Slim\Eigene Dateien\Meine Bilder (D)
==================== Files in the root of some directories =======
2013-09-30 14:01 - 2013-09-30 14:01 - 2328864 _____ () C:\Programme\AmazonMP3DownloaderInstall._V383688031_.exe
2010-06-30 06:27 - 2010-06-30 06:28 - 33177736 _____ (Nero AG) C:\Programme\Nero-9.4.12.708b_lite.exe
2010-07-01 18:39 - 2010-07-01 18:39 - 0822296 _____ (RealNetworks, Inc.) C:\Programme\RealPlayerSPGold_de.exe
2010-09-30 09:28 - 2010-09-30 09:29 - 0291680 _____ () C:\Programme\SoftonicDownloader_fuer_microsoft-office-powerpoint-viewer.exe
2011-02-18 10:13 - 2011-02-18 10:13 - 0287032 _____ () C:\Programme\SoftonicDownloader_fuer_picture-converter.exe
2010-08-18 11:00 - 2010-08-18 11:02 - 0000150 _____ () C:\Dokumente und Einstellungen\Slim\Anwendungsdaten\burnaware.ini
2010-02-02 18:10 - 2014-05-06 19:39 - 0062976 _____ () C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-04-09 18:27 - 2010-04-09 18:27 - 0000137 _____ () C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
Some content of TEMP:
====================
C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\AskSLib.dll
C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\AutoRun.exe
C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\AutoRunGUI.dll
C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\avgnt.exe
C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\BearShare_setup.exe
C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\drm_dialogs.dll
C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\eauninstall.exe
C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\facemoods.exe
C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\fp_pl_pfs_installer.exe
C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\FreemakeVideoDownloader_3.7.0.1.exe
C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\Installhelper.dll
C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\nsbE.tmp.ConduitEngineEmbbed.exe
C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\nsk9.tmp.ConduitEngineEmbbed.exe
C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\nsx9.tmp.ConduitEngineEmbbed.exe
C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\Offercast_AVIRAV7_.exe
C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\ReimagePackage.exe
C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\ReiSysUpdate.exe
C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\softonic-de3.exe
C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\sqlite3.exe
C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\stubhelper.dll
C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\The Battle for Middle-earth_uninst.exe
C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\YSPCUNLR.dll
C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\_is1.exe
C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\_is2.exe
C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\_is35.exe
C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\_is4.exe
C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\_is5.exe
C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\_is6.exe
C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\_is9.exe
C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\_is93.exe
C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\_isD6.exe
C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\_isE8.exe
C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temp\_isE9.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End Of Log ============================
--- --- --- Addition.txt. dditional scan result of Farbar Recovery Scan Tool (x86) Version: 08-03-2015 03 Ran by Slim at 2015-03-08 20:03:13 Running from C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Temporary Internet Files\Content.IE5\4UGBU3HV Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avira Desktop (Enabled - Up to date) {AD166499-45F9-482A-A743-FDD3350758C7} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Download Manager (HKLM\...\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}) (Version: 1.6.2.60 - NOS Microsystems Ltd.) Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated) Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated) Adobe Reader 9.3.4 - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-A93000000001}) (Version: 9.3.4 - Adobe Systems Incorporated) Advertising Center (Version: 0.0.0.2 - Nero AG) Hidden ArcSoft PhotoStudio 5 (HKLM\...\{03F1CC67-5BD8-4C36-8394-76311B2AE69A}) (Version: - ) ATI - Software Uninstall Utility (HKLM\...\All ATI Software) (Version: 6.14.10.1022 - ) ATI Catalyst Control Center (HKLM\...\{055EE59D-217B-43A7-ABFF-507B966405D8}) (Version: 2.009.0225.1545 - ) ATI Display Driver (HKLM\...\ATI Display Driver) (Version: 8.591-090225a-076825C-ATI - ) Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 15.0.8.650 - Avira) ccc-core-preinstall (Version: 2009.0225.1546.28221 - ATI) Hidden ccc-core-static (Version: 2009.0225.1546.28221 - ATI) Hidden CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.3.7.2356 - CDBurnerXP) CloneDVD2 (HKLM\...\CloneDVD2) (Version: - Elaborate Bytes) Freemake Video Downloader (HKLM\...\Freemake Video Downloader_is1) (Version: 3.7.0 - Ellora Assets Corporation) Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.) Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden High Definition Audio Driver Package - KB888111 (HKLM\...\KB888111WXPSP2) (Version: 20040219.000000 - Microsoft Corporation) Hotfix für Windows XP (KB2443685) (HKLM\...\KB2443685) (Version: 1 - Microsoft Corporation) Hotfix für Windows XP (KB2570791) (HKLM\...\KB2570791) (Version: 1 - Microsoft Corporation) Hotfix für Windows XP (KB952287) (HKLM\...\KB952287) (Version: 1 - Microsoft Corporation) Hotfix für Windows XP (KB961118) (HKLM\...\KB961118) (Version: 1 - Microsoft Corporation) Hotfix für Windows XP (KB976098-v2) (HKLM\...\KB976098-v2) (Version: 2 - Microsoft Corporation) Hotfix für Windows XP (KB979306) (HKLM\...\KB979306) (Version: 1 - Microsoft Corporation) Hotfix für Windows XP (KB981793) (HKLM\...\KB981793) (Version: 1 - Microsoft Corporation) hp deskjet 3320 series (HKLM\...\hp deskjet 3320 series_Driver) (Version: - ) hp deskjet 3320 series (nur entfernen) (HKLM\...\hp deskjet 3320 series) (Version: - ) InterVideo DeviceService (HKLM\...\{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}) (Version: 1.0.0 - InterVideo) InterVideo DVDCopy5 (HKLM\...\{C167A588-87AA-47BF-A88E-5B0F9A14480D}) (Version: 5.0-B4.45 - InterVideo Inc.) Media & Office Keyboard (HKLM\...\OfficeKB) (Version: - ) Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation) Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation) Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation) Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Microsoft Office XP Small Business (HKLM\...\{91130407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation) Microsoft PowerPoint Viewer (HKLM\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.6029.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 3.0.40818.0 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Mozilla Firefox 35.0.1 (x86 de) (HKLM\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MySQL Connector/ODBC 3.51 (HKLM\...\{0CB3C535-1171-4A20-B549-E2CB5DEB9723}) (Version: 3.51.12 - MySQL AB) Nero 9 Lite (HKLM\...\{53205192-a183-469b-8d43-7adad9c360cc}) (Version: - Nero AG) NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: - ) NVIDIA GeForce Experience 1.6.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.6.1 - NVIDIA Corporation) NVIDIA Grafiktreiber 327.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.23 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation) NVIDIA nView 140.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 140.62 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation) QuickTime (HKLM\...\{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}) (Version: 7.1.3.100 - Apple Computer, Inc.) RealDownloader (Version: 1.3.3 - RealNetworks, Inc.) Hidden RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks) REALTEK GbE & FE Ethernet PCI-E NIC Driver (HKLM\...\{C9BED750-1211-4480-B1A5-718A3BE15525}) (Version: 1.23.0000 - Realtek) Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.5809 - Realtek Semiconductor Corp.) RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden Reimage Protector (HKLM\...\Reimage Protector) (Version: - Reimage) <==== ATTENTION SAMSUNG USB Mobile Device Software (HKLM\...\SAMSUNG USB Mobile Device) (Version: - ) Sicherheitsupdate für Microsoft Windows (KB2564958) (HKLM\...\KB2564958) (Version: - Microsoft Corporation) Sicherheitsupdate für Windows Internet Explorer 8 (KB2183461) (HKLM\...\KB2183461-IE8) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows Internet Explorer 8 (KB2482017) (HKLM\...\KB2482017-IE8) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows Internet Explorer 8 (KB2510531) (HKLM\...\KB2510531-IE8) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows Internet Explorer 8 (KB2544521) (HKLM\...\KB2544521-IE8) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows Internet Explorer 8 (KB2586448) (HKLM\...\KB2586448-IE8) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows Internet Explorer 8 (KB2909210) (HKLM\...\KB2909210-IE8) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows Internet Explorer 8 (KB2936068) (HKLM\...\KB2936068-IE8) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows Internet Explorer 8 (KB971961) (HKLM\...\KB971961-IE8) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows Internet Explorer 8 (KB976325) (HKLM\...\KB976325-IE8) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows Internet Explorer 8 (KB978207) (HKLM\...\KB978207-IE8) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows Internet Explorer 8 (KB981332) (HKLM\...\KB981332-IE8) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows Internet Explorer 8 (KB982381) (HKLM\...\KB982381-IE8) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows Media Encoder (KB2447961) (HKLM\...\KB2447961_WM9L) (Version: - Microsoft Corporation) Sicherheitsupdate für Windows Media Encoder (KB954156) (HKLM\...\KB954156_WM9L) (Version: - Microsoft Corporation) Sicherheitsupdate für Windows Media Encoder (KB979332) (HKLM\...\KB979332_WM9L) (Version: - Microsoft Corporation) Sicherheitsupdate für Windows Media Player (KB2378111) (HKLM\...\KB2378111_WM9) (Version: - Microsoft Corporation) Sicherheitsupdate für Windows Media Player (KB2834903-v2) (HKLM\...\KB2834903-v2_WM10L) (Version: - Microsoft Corporation) Sicherheitsupdate für Windows Media Player (KB952069) (HKLM\...\KB952069_WM9) (Version: - Microsoft Corporation) Sicherheitsupdate für Windows Media Player (KB954155) (HKLM\...\KB954155_WM9) (Version: - Microsoft Corporation) Sicherheitsupdate für Windows Media Player (KB968816) (HKLM\...\KB968816_WM9) (Version: - Microsoft Corporation) Sicherheitsupdate für Windows Media Player (KB973540) (HKLM\...\KB973540_WM9) (Version: - Microsoft Corporation) Sicherheitsupdate für Windows Media Player (KB975558) (HKLM\...\KB975558_WM8) (Version: - Microsoft Corporation) Sicherheitsupdate für Windows Media Player (KB978695) (HKLM\...\KB978695_WM9) (Version: - Microsoft Corporation) Sicherheitsupdate für Windows Media Player (KB979402) (HKLM\...\KB979402_WM9) (Version: - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB2079403) (HKLM\...\KB2079403) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB2115168) (HKLM\...\KB2115168) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB2121546) (HKLM\...\KB2121546) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB2160329) (HKLM\...\KB2160329) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB2229593) (HKLM\...\KB2229593) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB2259922) (HKLM\...\KB2259922) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB2286198) (HKLM\...\KB2286198) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB2296011) (HKLM\...\KB2296011) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB2347290) (HKLM\...\KB2347290) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB2360937) (HKLM\...\KB2360937) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB2387149) (HKLM\...\KB2387149) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB2393802) (HKLM\...\KB2393802) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB2412687) (HKLM\...\KB2412687) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB2419632) (HKLM\...\KB2419632) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB2423089) (HKLM\...\KB2423089) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB2440591) (HKLM\...\KB2440591) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB2443105) (HKLM\...\KB2443105) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB2476490) (HKLM\...\KB2476490) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB2476687) (HKLM\...\KB2476687) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB2478960) (HKLM\...\KB2478960) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB2478971) (HKLM\...\KB2478971) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB2479628) (HKLM\...\KB2479628) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB2479943) (HKLM\...\KB2479943) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB2481109) (HKLM\...\KB2481109) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB2483185) (HKLM\...\KB2483185) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB2485376) (HKLM\...\KB2485376) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB2485663) (HKLM\...\KB2485663) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB2506212) (HKLM\...\KB2506212) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB2507618) (HKLM\...\KB2507618) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB2507938) (HKLM\...\KB2507938) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB2508272) (HKLM\...\KB2508272) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB2508429) (HKLM\...\KB2508429) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB2509553) (HKLM\...\KB2509553) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB2535512) (HKLM\...\KB2535512) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB2536276-v2) (HKLM\...\KB2536276-v2) (Version: 2 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB2544893-v2) (HKLM\...\KB2544893-v2) (Version: 2 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB2562937) (HKLM\...\KB2562937) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB2566454) (HKLM\...\KB2566454) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB2567053) (HKLM\...\KB2567053) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB2567680) (HKLM\...\KB2567680) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB2570222) (HKLM\...\KB2570222) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB2570947) (HKLM\...\KB2570947) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB2592799) (HKLM\...\KB2592799) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB2603381) (HKLM\...\KB2603381) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB2698365) (HKLM\...\KB2698365) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB2723135-v2) (HKLM\...\KB2723135-v2) (Version: 2 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB2807986) (HKLM\...\KB2807986) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB2862330) (HKLM\...\KB2862330) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB2868038) (HKLM\...\KB2868038) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB2914368) (HKLM\...\KB2914368) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB923561) (HKLM\...\KB923561) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB923789) (HKLM\...\KB923789) (Version: - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB946648) (HKLM\...\KB946648) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB950762) (HKLM\...\KB950762) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB950974) (HKLM\...\KB950974) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB951066) (HKLM\...\KB951066) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB951376-v2) (HKLM\...\KB951376-v2) (Version: 2 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB951748) (HKLM\...\KB951748) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB952004) (HKLM\...\KB952004) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB952954) (HKLM\...\KB952954) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB955069) (HKLM\...\KB955069) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB956572) (HKLM\...\KB956572) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB956744) (HKLM\...\KB956744) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB956802) (HKLM\...\KB956802) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB956803) (HKLM\...\KB956803) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB956844) (HKLM\...\KB956844) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB957097) (HKLM\...\KB957097) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB958644) (HKLM\...\KB958644) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB958687) (HKLM\...\KB958687) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB958869) (HKLM\...\KB958869) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB959426) (HKLM\...\KB959426) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB960225) (HKLM\...\KB960225) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB960803) (HKLM\...\KB960803) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB960859) (HKLM\...\KB960859) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB961501) (HKLM\...\KB961501) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB969059) (HKLM\...\KB969059) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB969947) (HKLM\...\KB969947) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB970238) (HKLM\...\KB970238) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB970430) (HKLM\...\KB970430) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB971468) (HKLM\...\KB971468) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB971486) (HKLM\...\KB971486) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB971557) (HKLM\...\KB971557) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB971633) (HKLM\...\KB971633) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB971657) (HKLM\...\KB971657) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB972270) (HKLM\...\KB972270) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB973354) (HKLM\...\KB973354) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB973507) (HKLM\...\KB973507) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB973525) (HKLM\...\KB973525) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB973869) (HKLM\...\KB973869) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB973904) (HKLM\...\KB973904) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB974112) (HKLM\...\KB974112) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB974318) (HKLM\...\KB974318) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB974392) (HKLM\...\KB974392) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB974571) (HKLM\...\KB974571) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB975025) (HKLM\...\KB975025) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB975467) (HKLM\...\KB975467) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB975560) (HKLM\...\KB975560) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB975561) (HKLM\...\KB975561) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB975562) (HKLM\...\KB975562) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB975713) (HKLM\...\KB975713) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB976325) (Version: 1 - Microsoft Corporation) Hidden Sicherheitsupdate für Windows XP (KB977165-v2) (HKLM\...\KB977165-v2) (Version: 2 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB977816) (HKLM\...\KB977816) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB977914) (HKLM\...\KB977914) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB978037) (HKLM\...\KB978037) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB978251) (HKLM\...\KB978251) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB978262) (HKLM\...\KB978262) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB978338) (HKLM\...\KB978338) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB978542) (HKLM\...\KB978542) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB978601) (HKLM\...\KB978601) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB978706) (HKLM\...\KB978706) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB979309) (HKLM\...\KB979309) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB979482) (HKLM\...\KB979482) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB979559) (HKLM\...\KB979559) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB979683) (HKLM\...\KB979683) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB979687) (HKLM\...\KB979687) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB980195) (HKLM\...\KB980195) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB980218) (HKLM\...\KB980218) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB980232) (HKLM\...\KB980232) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB980436) (HKLM\...\KB980436) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB981322) (HKLM\...\KB981322) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB981852) (HKLM\...\KB981852) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB981997) (HKLM\...\KB981997) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB982132) (HKLM\...\KB982132) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB982214) (HKLM\...\KB982214) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB982665) (HKLM\...\KB982665) (Version: 1 - Microsoft Corporation) Sicherheitsupdate für Windows XP (KB982802) (HKLM\...\KB982802) (Version: 1 - Microsoft Corporation) Skins (Version: 2009.0225.1546.28221 - ATI) Hidden SmartSound Quicktracks Plugin (HKLM\...\InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}) (Version: 3.0.5.0 - SmartSound Software Inc) SmartSound Quicktracks Plugin (Version: 3.0.5.0 - SmartSound Software Inc) Hidden softonic-de3 Toolbar (HKLM\...\softonic-de3 Toolbar) (Version: 5.7.1.1 - softonic-de3) <==== ATTENTION TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15.1 - TeamSpeak Systems GmbH) Ulead VideoStudio 11 (HKLM\...\InstallShield_{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}) (Version: 11.0.0.0000 - InterVideo Digital Technology Corporation) upapp (HKLM\...\{4EF69D40-4DC9-485E-95D3-B1C22F218FC8}) (Version: 0.20.0000 - Hewlett-Packard) Update für Windows Internet Explorer 8 (KB975364) (HKLM\...\KB975364-IE8) (Version: 1 - Microsoft Corporation) Update für Windows Internet Explorer 8 (KB976662) (HKLM\...\KB976662-IE8) (Version: 1 - Microsoft Corporation) Update für Windows Internet Explorer 8 (KB980182) (HKLM\...\KB980182-IE8) (Version: 1 - Microsoft Corporation) Update für Windows XP (KB2141007) (HKLM\...\KB2141007) (Version: 1 - Microsoft Corporation) Update für Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation) Update für Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation) Update für Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation) Update für Windows XP (KB951978) (HKLM\...\KB951978) (Version: 1 - Microsoft Corporation) Update für Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation) Update für Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation) Update für Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation) Update für Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation) Update für Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation) Update für Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation) Update für Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation) VideoStudio (Version: 11.0.0.0000 - InterVideo Digital Technology Corporation) Hidden VLC media player 1.0.3 (HKLM\...\VLC media player) (Version: 1.0.3 - VideoLAN Team) WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation) Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation) Windows Media Encoder 9 Series (HKLM\...\Windows Media Encoder 9) (Version: - ) Windows Media Format Runtime (HKLM\...\Windows Media Format Runtime) (Version: - ) Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031514 - Microsoft Corporation) WinPcap 4.1.2 (HKLM\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies) XMedia Recode 2.2.5.0 (HKLM\...\XMedia Recode) (Version: 2.2.5.0 - Sebastian Dörfler) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-796845957-926492609-839522115-1003_Classes\CLSID\{A863CE12-5BDE-4B93-90DC-16D2078C0317}\InprocServer32 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{64937408-0582-4B1C-9C31-D08E175394CA}\soft (the data entry has 15 more characters). ==================== Restore Points ========================= 21-12-2014 16:30:17 alles gut und aufgeräumt 23-12-2014 12:04:23 Systemprüfpunkt 25-12-2014 11:39:40 Systemprüfpunkt 27-12-2014 11:28:21 Systemprüfpunkt 28-12-2014 17:24:43 Systemprüfpunkt 30-12-2014 06:57:18 Systemprüfpunkt 31-12-2014 11:13:10 Systemprüfpunkt 01-01-2015 16:03:49 Systemprüfpunkt 02-01-2015 16:04:04 Wiederherstellungsvorgang 03-01-2015 19:32:05 Systemprüfpunkt 05-01-2015 07:16:04 Systemprüfpunkt 06-01-2015 14:42:46 Systemprüfpunkt 08-01-2015 17:19:26 Software Distribution Service 3.0 10-01-2015 14:22:50 Systemprüfpunkt 11-01-2015 21:24:08 Systemprüfpunkt 13-01-2015 12:39:34 Systemprüfpunkt 15-01-2015 12:00:53 Systemprüfpunkt 16-01-2015 18:22:35 Systemprüfpunkt 18-01-2015 09:36:59 Systemprüfpunkt 19-01-2015 09:47:37 Systemprüfpunkt 20-01-2015 10:58:43 Systemprüfpunkt 21-01-2015 19:32:02 Systemprüfpunkt 23-01-2015 13:43:07 Systemprüfpunkt 25-01-2015 10:45:21 Systemprüfpunkt 26-01-2015 13:05:49 Systemprüfpunkt 28-01-2015 08:58:51 Systemprüfpunkt 01-02-2015 16:45:40 Systemprüfpunkt 04-02-2015 10:39:51 Systemprüfpunkt 05-02-2015 17:40:21 Systemprüfpunkt 06-02-2015 19:19:06 Systemprüfpunkt 08-02-2015 16:43:34 Systemprüfpunkt 09-02-2015 19:48:18 Systemprüfpunkt 13-02-2015 09:06:57 Systemprüfpunkt 14-02-2015 14:37:16 Systemprüfpunkt 16-02-2015 12:27:12 Systemprüfpunkt 17-02-2015 14:59:27 Systemprüfpunkt 18-02-2015 20:33:43 Systemprüfpunkt 20-02-2015 09:58:46 Systemprüfpunkt 21-02-2015 06:41:35 Wiederherstellungsvorgang 22-02-2015 10:23:25 Systemprüfpunkt 23-02-2015 12:03:52 Systemprüfpunkt 25-02-2015 08:59:20 Systemprüfpunkt 26-02-2015 12:51:19 Systemprüfpunkt 01-03-2015 10:16:00 Systemprüfpunkt 02-03-2015 18:48:27 Systemprüfpunkt 04-03-2015 09:05:07 Systemprüfpunkt 05-03-2015 16:55:36 Systemprüfpunkt 06-03-2015 17:39:59 Systemprüfpunkt 08-03-2015 09:48:11 Systemprüfpunkt 08-03-2015 16:10:23 Software Distribution Service 3.0 08-03-2015 18:38:36 Konfiguriert Ulead VideoStudio ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2006-02-28 13:00 - 2006-02-28 13:00 - 00000820 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Programme\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Programme\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job => C:\Programme\RealNetworks\RealDownloader\recordingmanager.exe Task: C:\WINDOWS\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-796845957-926492609-839522115-1003.job => C:\Programme\RealNetworks\RealDownloader\realupgrade.exe Task: C:\WINDOWS\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job => C:\Programme\RealNetworks\RealDownloader\realupgrade.exe Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-796845957-926492609-839522115-1003.job => C:\Programme\Real\RealUpgrade\realupgrade.exe Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job => C:\Programme\Real\RealUpgrade\realupgrade.exe Task: C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-796845957-926492609-839522115-1003.job => C:\Programme\Real\RealUpgrade\realupgrade.exe Task: C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-796845957-926492609-839522115-1003.job => C:\Programme\Real\RealUpgrade\realupgrade.exe Task: C:\WINDOWS\Tasks\ReimageUpdater.job => C:\Programme\Reimage\Reimage Protector\ReiGuard.exe <==== ATTENTION ==================== Loaded Modules (whitelisted) ============== 2009-02-27 16:41 - 2009-02-27 16:41 - 00311296 _____ () C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU 2013-05-22 19:50 - 2013-05-22 19:50 - 00400704 _____ () C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe 2006-02-28 13:00 - 2008-04-14 07:52 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll 2010-01-13 21:28 - 2010-01-13 21:28 - 00014848 _____ () C:\WINDOWS\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll 2008-10-30 14:39 - 2008-10-30 14:39 - 00016384 ____R () C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll 2010-08-18 11:07 - 2010-03-04 22:38 - 00071096 _____ () C:\Programme\CDBurnerXP\NMSAccessU.exe 2013-08-14 14:19 - 2013-08-14 14:19 - 00039056 _____ () C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\WINDOWS:E29D75DD5045D8C6 AlternateDataStreams: C:\Dokumente und Einstellungen\All Users\Desktop:$SS_DESCRIPTOR_PVX2VCGFMVF9V8N4TKBRVDNGCMPLJ9M9YWPP96MVV4VTJFVVMJVM ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-796845957-926492609-839522115-1003\Control Panel\Desktop\\Wallpaper -> C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp HKU\S-1-5-21-796845957-926492609-839522115-1010\Control Panel\Desktop\\Wallpaper -> (Kein) DNS Servers: 192.168.178.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== Accounts: ============================= Administrator (S-1-5-21-796845957-926492609-839522115-500 - Administrator - Enabled) ASPNET (S-1-5-21-796845957-926492609-839522115-1009 - Limited - Enabled) Gast (S-1-5-21-796845957-926492609-839522115-501 - Limited - Disabled) Hilfeassistent (S-1-5-21-796845957-926492609-839522115-1000 - Limited - Disabled) Slim (S-1-5-21-796845957-926492609-839522115-1003 - Administrator - Enabled) => %SystemDrive%\Dokumente und Einstellungen\Slim SUPPORT_388945a0 (S-1-5-21-796845957-926492609-839522115-1002 - Limited - Disabled) UpdatusUser (S-1-5-21-796845957-926492609-839522115-1010 - Limited - Enabled) => %SystemDrive%\Dokumente und Einstellungen\UpdatusUser ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (03/07/2015 06:25:33 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Fehlgeschlagene Anwendung iexplore.exe, Version 8.0.6001.18702, fehlgeschlagenes Modul mshtml.dll, Version 8.0.6001.19154, Fehleradresse 0x00067a38. Das medienspezifische Ereignis für [iexplore.exe!ws!] wird verarbeitet. Error: (03/07/2015 06:25:11 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Fehlgeschlagene Anwendung iexplore.exe, Version 8.0.6001.18702, fehlgeschlagenes Modul mshtml.dll, Version 8.0.6001.19154, Fehleradresse 0x00067a38. Das medienspezifische Ereignis für [iexplore.exe!ws!] wird verarbeitet. Error: (03/05/2015 04:35:48 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error: (02/27/2015 07:54:16 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Stillstehende Anwendung WINWORD.EXE, Version 10.0.6866.0, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error: (02/27/2015 07:52:22 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Stillstehende Anwendung WINWORD.EXE, Version 10.0.6866.0, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error: (02/22/2015 09:11:07 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error: (02/21/2015 05:20:07 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Fehlgeschlagene Anwendung avguard.exe, Version 14.0.7.462, fehlgeschlagenes Modul unknown, Version 0.0.0.0, Fehleradresse 0x03932136. Das medienspezifische Ereignis für [avguard.exe!ws!] wird verarbeitet. Error: (02/21/2015 05:19:53 PM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT) Description: Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet! Error: (02/21/2015 10:30:03 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Fehlgeschlagene Anwendung avguard.exe, Version 14.0.7.462, fehlgeschlagenes Modul unknown, Version 0.0.0.0, Fehleradresse 0x03932136. Das medienspezifische Ereignis für [avguard.exe!ws!] wird verarbeitet. Error: (02/21/2015 10:29:49 AM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT) Description: Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet! System errors: ============= Error: (03/08/2015 07:52:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Freemake Improver" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (03/08/2015 07:52:49 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Freemake Improver. Error: (03/08/2015 05:16:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Freemake Improver" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (03/08/2015 05:16:39 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Freemake Improver. Error: (03/08/2015 04:47:39 PM) (Source: Windows Update Agent) (EventID: 20) (User: ) Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Update für Microsoft Silverlight (KB2977218) Error: (03/08/2015 07:46:57 AM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet. Error: (03/07/2015 06:12:21 AM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet. Error: (03/06/2015 05:27:03 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet. Error: (03/06/2015 11:00:53 AM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet. Error: (03/06/2015 06:39:28 AM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Der Dienst "Freemake Improver" wurde nicht ordnungsgemäß gestartet. Microsoft Office Sessions: ========================= Error: (03/07/2015 06:25:33 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: iexplore.exe8.0.6001.18702mshtml.dll8.0.6001.1915400067a38 Error: (03/07/2015 06:25:11 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: iexplore.exe8.0.6001.18702mshtml.dll8.0.6001.1915400067a38 Error: (03/05/2015 04:35:48 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000 Error: (02/27/2015 07:54:16 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: WINWORD.EXE10.0.6866.0hungapp0.0.0.000000000 Error: (02/27/2015 07:52:22 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: WINWORD.EXE10.0.6866.0hungapp0.0.0.000000000 Error: (02/22/2015 09:11:07 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000 Error: (02/21/2015 05:20:07 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: avguard.exe14.0.7.462unknown0.0.0.003932136 Error: (02/21/2015 05:19:53 PM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT) Description: 0x0 Error: (02/21/2015 10:30:03 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: avguard.exe14.0.7.462unknown0.0.0.003932136 Error: (02/21/2015 10:29:49 AM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT) Description: 0x0 ==================== Memory info =========================== Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 4000+ Percentage of memory in use: 49% Total physical RAM: 1535.29 MB Available physical RAM: 769.25 MB Total Pagefile: 3431.74 MB Available Pagefile: 2709.44 MB Total Virtual: 2047.88 MB Available Virtual: 1933.08 MB ==================== Drives ================================ Drive c: (Windows) (Fixed) (Total:48.83 GB) (Free:3.22 GB) NTFS ==>[Drive with boot components (Windows XP)] Drive d: (Daten_1) (Fixed) (Total:25.7 GB) (Free:24.41 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 74.5 GB) (Disk ID: E4DFE4DF) Partition 1: (Active) - (Size=48.8 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=25.7 GB) - (Type=07 NTFS) ==================== End Of Log ============================ |
|
09.03.2015, 08:03
| #6 |
| /// the machine /// TB-Ausbilder | Maleware gefunden - was muß ich nun tun? XP? Verschenkst Du gerne Passwörter und Geld?? So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Lade Dir bitte von hier  Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ --> Maleware gefunden - was muß ich nun tun? |
|
09.03.2015, 15:14
| #7 |
| | Maleware gefunden - was muß ich nun tun?Code:
ATTFilter XP? Verschenkst Du gerne Passwörter und Geld??
Code:
ATTFilter Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit
Oh man bitte hab Geduld mit mir ... Punkt 1: Revo unistaller so wie Du beschrieben hast ausgeführt und entsprechende datei gelöscht... war ganz leicht :-) weiter gehts... So: das Malwarebytes Anti-Rootkit hängt irgendwann und habe es abgebrochen um es erneut zu versuchen. Dort kam die Meldung wie ich es in letzter Zeit öfter bei einigen Dingen/Seiten habe: Das Programm reagiert nicht.... was nun? |
|
09.03.2015, 19:10
| #8 |
| /// the machine /// TB-Ausbilder | Maleware gefunden - was muß ich nun tun? Mach gleich TDSSKiller. zu XP: XP ist seit April 14 tot. Nicht mehr unterstützt von MS. JEdes Passwort was dort benutzt wird, jede Geldtransaktion ist schon so gut wie verschenkt, es werden keine Sicherheitslücken mehr in XP geschlossen.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
10.03.2015, 14:54
| #9 |
| | Maleware gefunden - was muß ich nun tun? ok, werde gleich nach der Arbeit machen wie Du gesagt hast. Soll ich den IE löschen oder einfach nicht mehr darüber reingehen? Ok...eines nach dem anderen...ich denke ich habe sowieso noch das ein oder andere Problem dem ich mich nun PC-mäßig stellen muß... Mal Danke sag für Deine Hilfe :-) So. Habe das Maleware Rootkit nochmal durchlaufen lassen und jetzt ging es Hoffe ich habe diesmal richtig eingegeben. Er sagt er hat nix gefunden Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org
Database version:
main: v2015.03.10.02
rootkit: v2015.02.25.01
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Slim :: SLIM-36FB768E46 [administrator]
10.03.2015 10:18:40
mbar-log-2015-03-10 (10-18-40).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 376861
Time elapsed: 1 hour(s), 54 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 11:34:29.0812 0x0270 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
11:34:33.0953 0x0270 ============================================================
11:34:33.0953 0x0270 Current date / time: 2015/03/10 11:34:33.0953
11:34:33.0953 0x0270 SystemInfo:
11:34:33.0953 0x0270
11:34:33.0953 0x0270 OS Version: 5.1.2600 ServicePack: 3.0
11:34:33.0953 0x0270 Product type: Workstation
11:34:33.0953 0x0270 ComputerName: SLIM-36FB768E46
11:34:33.0953 0x0270 UserName: Slim
11:34:33.0953 0x0270 Windows directory: C:\WINDOWS
11:34:33.0953 0x0270 System windows directory: C:\WINDOWS
11:34:33.0953 0x0270 Processor architecture: Intel x86
11:34:33.0953 0x0270 Number of processors: 2
11:34:33.0953 0x0270 Page size: 0x1000
11:34:33.0953 0x0270 Boot type: Normal boot
11:34:33.0953 0x0270 ============================================================
11:34:36.0828 0x0270 KLMD registered as C:\WINDOWS\system32\drivers\32397460.sys
11:34:37.0734 0x0270 System UUID: {BCCF5BF6-C583-03CB-A2E0-C8C56FD0AB87}
11:34:38.0937 0x0270 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 ( 74.53 Gb ), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
11:34:38.0937 0x0270 ============================================================
11:34:38.0937 0x0270 \Device\Harddisk0\DR0:
11:34:38.0937 0x0270 MBR partitions:
11:34:38.0937 0x0270 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x61A7927
11:34:38.0937 0x0270 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x61A7966, BlocksNum 0x3366B5B
11:34:38.0937 0x0270 ============================================================
11:34:38.0953 0x0270 C: <-> \Device\Harddisk0\DR0\Partition1
11:34:39.0000 0x0270 D: <-> \Device\Harddisk0\DR0\Partition2
11:34:39.0000 0x0270 ============================================================
11:34:39.0000 0x0270 Initialize success
11:34:39.0000 0x0270 ============================================================
11:35:07.0406 0x07b0 ============================================================
11:35:07.0406 0x07b0 Scan started
11:35:07.0406 0x07b0 Mode: Manual; SigCheck; TDLFS;
11:35:07.0406 0x07b0 ============================================================
11:35:07.0406 0x07b0 KSN ping started
11:35:21.0703 0x07b0 KSN ping finished: true
11:35:22.0343 0x07b0 ================ Scan system memory ========================
11:35:22.0359 0x07b0 System memory - ok
11:35:22.0359 0x07b0 ================ Scan services =============================
11:35:22.0437 0x07b0 Abiosdsk - ok
11:35:22.0437 0x07b0 abp480n5 - ok
11:35:22.0484 0x07b0 [ AC407F1A62C3A300B4F2B5A9F1D55B2C, 31F5FC61B37E22100B3A52A590295A7E827FFC581FA9960C64B9032452AAECED ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:35:24.0859 0x07b0 ACPI - ok
11:35:24.0890 0x07b0 [ 9E1CA3160DAFB159CA14F83B1E317F75, 13B3E897B0E819BF734449416D9EC6EBCAC89538EC69BF48C068593B82D57004 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
11:35:25.0046 0x07b0 ACPIEC - ok
11:35:25.0109 0x07b0 [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
11:35:25.0125 0x07b0 AdobeFlashPlayerUpdateSvc - ok
11:35:25.0140 0x07b0 adpu160m - ok
11:35:25.0156 0x07b0 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
11:35:25.0328 0x07b0 aec - ok
11:35:25.0359 0x07b0 [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys
11:35:25.0437 0x07b0 AFD - ok
11:35:25.0437 0x07b0 Aha154x - ok
11:35:25.0437 0x07b0 aic78u2 - ok
11:35:25.0453 0x07b0 aic78xx - ok
11:35:25.0484 0x07b0 [ 738D80CC01D7BC7584BE917B7F544394, DCC17AAEF5CDDF52FAAC3CC6904EF421CD595F66318A2370BEE261D5C3A8E340 ] Alerter C:\WINDOWS\system32\alrsvc.dll
11:35:25.0625 0x07b0 Alerter - ok
11:35:25.0656 0x07b0 [ 190CD73D4984F94D823F9444980513E5, 93A32C2495CCA094F768BA707C74DA5C00B8A88A9236DD1A297439A7C2E6C6FA ] ALG C:\WINDOWS\System32\alg.exe
11:35:25.0718 0x07b0 ALG - ok
11:35:25.0718 0x07b0 AliIde - ok
11:35:25.0859 0x07b0 [ F6AF59D6EEE5E1C304F7F73706AD11D8, F5D39EF40CDB5102A84C8594CFC54DDBD5060E193E6D07421A9003D2ABC63E30 ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys
11:35:26.0015 0x07b0 Ambfilt - ok
11:35:26.0031 0x07b0 amsint - ok
11:35:26.0156 0x07b0 [ 963F57EDF1A5C72AC66173F3B7CB329B, 0934361B0A55F4C082D70F264FAB5D36BAC482C135275AE552D442E64B3D5C1D ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe
11:35:26.0187 0x07b0 AntiVirSchedulerService - ok
11:35:26.0265 0x07b0 [ 963F57EDF1A5C72AC66173F3B7CB329B, 0934361B0A55F4C082D70F264FAB5D36BAC482C135275AE552D442E64B3D5C1D ] AntiVirService C:\Programme\Avira\AntiVir Desktop\avguard.exe
11:35:26.0281 0x07b0 AntiVirService - ok
11:35:26.0328 0x07b0 [ D45960BE52C3C610D361977057F98C54, 9186589B502F46B47672CFB8EBD558D51B0F3CBFE4E0DDBA625A4265236518CE ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
11:35:26.0406 0x07b0 AppMgmt - ok
11:35:26.0406 0x07b0 asc - ok
11:35:26.0421 0x07b0 asc3350p - ok
11:35:26.0421 0x07b0 asc3550 - ok
11:35:26.0531 0x07b0 [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
11:35:26.0546 0x07b0 aspnet_state - ok
11:35:26.0578 0x07b0 [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:35:26.0718 0x07b0 AsyncMac - ok
11:35:26.0750 0x07b0 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
11:35:26.0875 0x07b0 atapi - ok
11:35:26.0890 0x07b0 Atdisk - ok
11:35:27.0000 0x07b0 [ 2A27A3A8634FB9E29F539D6D3ED3646A, 08C5E28BB1A3DC856C6B7956F6F47EE0AEFEB82E7E9474848DDFAFD8A627A281 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
11:35:27.0140 0x07b0 Ati HotKey Poller - ok
11:35:27.0203 0x07b0 [ 72810C6A63076A480ABCE0E0BA0BC981, 8551F6394A64C1270A573C75BC6EF326300FBC3F8E0BCD6F8BDA58874D65C036 ] ATI Smart C:\WINDOWS\system32\ati2sgag.exe
11:35:27.0265 0x07b0 ATI Smart - detected UnsignedFile.Multi.Generic ( 1 )
11:35:29.0609 0x07b0 Detect skipped due to KSN trusted
11:35:29.0609 0x07b0 ATI Smart - ok
11:35:29.0828 0x07b0 [ 8763EDE3E0CD40F5C3450571AC57F205, 8564071956609F679C511B87C0328578824A7C1ED08DE22CFC74DF589E6EEEF2 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
11:35:30.0078 0x07b0 ati2mtag - ok
11:35:30.0125 0x07b0 [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:35:30.0265 0x07b0 Atmarpc - ok
11:35:30.0296 0x07b0 [ 58ED0D5452DF7BE732193E7999C6B9A4, 254E2ECF592DDA2E3E6CA9F6F3E77926E2265586A7937BA95199ED47BCDE69A3 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
11:35:30.0437 0x07b0 AudioSrv - ok
11:35:30.0484 0x07b0 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
11:35:30.0625 0x07b0 audstub - ok
11:35:30.0656 0x07b0 [ AF5DA81B19AFA730F1E5246AD81D140A, 532951071F56896A3B5D47874C14D996C8620EA02F87D4BA21B083EC804FB166 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
11:35:30.0703 0x07b0 avgntflt - ok
11:35:30.0734 0x07b0 [ A5674637BCA212D9FE136ADFA04C9857, 95F3632EBB041C539816D285EBE1F379D46A4187379C69D4683D9F4DECBDB80C ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
11:35:30.0734 0x07b0 avipbb - ok
11:35:30.0750 0x07b0 [ D8C712305F73CD34D1B344810E522728, 49A474FF6CA44E8427D7A8290B47395125B0148AF384CF2B3B1FA495A4718CBA ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
11:35:30.0765 0x07b0 avkmgr - ok
11:35:30.0796 0x07b0 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
11:35:30.0937 0x07b0 Beep - ok
11:35:31.0000 0x07b0 [ D6F603772A789BB3228F310D650B8BD1, A539025C70FD998A9B8703DE05CAE5E99BC721D8852EA561EBC2DD20CB371D2E ] BITS C:\WINDOWS\system32\qmgr.dll
11:35:31.0187 0x07b0 BITS - ok
11:35:31.0234 0x07b0 [ B42057F06BBB98B31876C0B3F2B54E33, 779AF28378E8D37E784BEDBEE23DCFFC6C9C9068180F2A9058C91047E33ED078 ] Browser C:\WINDOWS\System32\browser.dll
11:35:31.0375 0x07b0 Browser - ok
11:35:31.0421 0x07b0 [ 1778EBA872274C1226D869CD9486847E, C76B8E07DD27E038B243A27C9FE6FB168731726638C83ADA29D18EE673D58835 ] Capture Device Service C:\Programme\Gemeinsame Dateien\InterVideo\DeviceService\DevSvc.exe
11:35:31.0437 0x07b0 Capture Device Service - ok
11:35:31.0468 0x07b0 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
11:35:31.0625 0x07b0 cbidf2k - ok
11:35:31.0625 0x07b0 cd20xrnt - ok
11:35:31.0640 0x07b0 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
11:35:31.0781 0x07b0 Cdaudio - ok
11:35:31.0796 0x07b0 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
11:35:31.0937 0x07b0 Cdfs - ok
11:35:31.0968 0x07b0 [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:35:32.0109 0x07b0 Cdrom - ok
11:35:32.0109 0x07b0 Changer - ok
11:35:32.0156 0x07b0 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E, ACB458E8A11AA2143734A5A0281973D95158E6402A6453F98F9832D1E19B01F9 ] CiSvc C:\WINDOWS\system32\cisvc.exe
11:35:32.0296 0x07b0 CiSvc - ok
11:35:32.0328 0x07b0 [ 778A30ED3C134EB7E406AFC407E9997D, 3E6AD115AB2596EB001BC21AEADDBC75F27C42DB90C986B7AD17743CE631234E ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
11:35:32.0468 0x07b0 ClipSrv - ok
11:35:32.0515 0x07b0 [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:35:32.0531 0x07b0 clr_optimization_v2.0.50727_32 - ok
11:35:32.0562 0x07b0 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:35:32.0578 0x07b0 clr_optimization_v4.0.30319_32 - ok
11:35:32.0593 0x07b0 CmdIde - ok
11:35:32.0593 0x07b0 COMSysApp - ok
11:35:32.0609 0x07b0 Cpqarray - ok
11:35:32.0640 0x07b0 [ 611F824E5C703A5A899F84C5F1699E4D, 9EFA5612FE58E9974E4CC13D39D91D7B5DEA3ED66BEFBED3AAE6D2800FD8162A ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
11:35:32.0781 0x07b0 CryptSvc - ok
11:35:32.0781 0x07b0 dac2w2k - ok
11:35:32.0796 0x07b0 dac960nt - ok
11:35:32.0859 0x07b0 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
11:35:32.0937 0x07b0 DcomLaunch - ok
11:35:32.0984 0x07b0 [ C29A1C9B75BA38FA37F8C44405DEC360, 7476D8BC4380CDE56764B2034AF3741DA4ED00F315E41C9A02B5EAD04374F241 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
11:35:33.0125 0x07b0 Dhcp - ok
11:35:33.0171 0x07b0 [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
11:35:33.0296 0x07b0 Disk - ok
11:35:33.0296 0x07b0 dmadmin - ok
11:35:33.0390 0x07b0 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA, 89B0AEE5BE01B9FE4FF2989FF16DB6121721ACDFCE6D9655C0ACD321D8C308BE ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
11:35:33.0562 0x07b0 dmboot - ok
11:35:33.0593 0x07b0 [ 53720AB12B48719D00E327DA470A619A, 800264866A6267C9000A85D00095D57908D059D737E5F28C9C4049B884C46228 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
11:35:33.0718 0x07b0 dmio - ok
11:35:33.0765 0x07b0 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
11:35:33.0875 0x07b0 dmload - ok
11:35:33.0906 0x07b0 [ 25C83FFBBA13B554EB6D59A9B2E2EE78, 9FBD655ED3E9163AE11EC207F283E387EFBA5A23108EC790BAE4846B35E66F16 ] dmserver C:\WINDOWS\System32\dmserver.dll
11:35:34.0031 0x07b0 dmserver - ok
11:35:34.0046 0x07b0 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
11:35:34.0171 0x07b0 DMusic - ok
11:35:34.0218 0x07b0 [ 407F3227AC618FD1CA54B335B083DE07, 96B8E734648FE9A4EBA59C096C8779BD1A11A93A6303AFD438A406C8122D36C6 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
11:35:34.0296 0x07b0 Dnscache - ok
11:35:34.0328 0x07b0 [ 676E36C4FF5BCEA1900F44182B9723E6, 740CF18BD40E00FEA26CF0E6340C5D18F7D0B4390055FAEEC258B3AA790C4AE9 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
11:35:34.0468 0x07b0 Dot3svc - ok
11:35:34.0468 0x07b0 dpti2o - ok
11:35:34.0515 0x07b0 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
11:35:34.0640 0x07b0 drmkaud - ok
11:35:34.0671 0x07b0 [ 4E4F2FDDAB0A0736D7671134DCCE91FB, 8E2C57D1A006856C47CBDD5765A9DD317DB205B26DA8BFC70555A506257A1CD9 ] EapHost C:\WINDOWS\System32\eapsvc.dll
11:35:34.0796 0x07b0 EapHost - ok
11:35:34.0828 0x07b0 [ 178CC9403816C082D22A1D47FA1F9C85, B9AD7199C00D477EBBC15F2DCF78A6BA60C2670DAD0EF0994CEBCCB19111F890 ] ElbyCDIO C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
11:35:34.0843 0x07b0 ElbyCDIO - ok
11:35:34.0890 0x07b0 [ 877C18558D70587AA7823A1A308AC96B, 6B336A62112988D855513F45153F73F8470C41A448E9B7438B4A8EC1813AABF1 ] ERSvc C:\WINDOWS\System32\ersvc.dll
11:35:35.0000 0x07b0 ERSvc - ok
11:35:35.0046 0x07b0 [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] Eventlog C:\WINDOWS\system32\services.exe
11:35:35.0078 0x07b0 Eventlog - ok
11:35:35.0125 0x07b0 [ AF4F6B5739D18CA7972AB53E091CBC74, A399E2CC026730D3A429727AAB48093B9F1E5DD8EB6336519C7F16182FDB3905 ] EventSystem C:\WINDOWS\system32\es.dll
11:35:35.0187 0x07b0 EventSystem - ok
11:35:35.0218 0x07b0 [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
11:35:35.0343 0x07b0 Fastfat - ok
11:35:35.0375 0x07b0 [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
11:35:35.0421 0x07b0 FastUserSwitchingCompatibility - ok
11:35:35.0468 0x07b0 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
11:35:35.0578 0x07b0 Fdc - ok
11:35:35.0609 0x07b0 [ B0678A548587C5F1967B0D70BACAD6C1, 7E49910212ED87313F926E4800EA8D34809C287A686CA69B82B79C1A6451F88C ] Fips C:\WINDOWS\system32\drivers\Fips.sys
11:35:35.0734 0x07b0 Fips - ok
11:35:35.0750 0x07b0 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
11:35:35.0859 0x07b0 Flpydisk - ok
11:35:35.0906 0x07b0 [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
11:35:36.0031 0x07b0 FltMgr - ok
11:35:36.0093 0x07b0 [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
11:35:36.0109 0x07b0 FontCache3.0.0.0 - ok
11:35:36.0218 0x07b0 [ 3C36885FAD477629BE44BDC2D98682D6, 2A7B79E5896CAC37DB2C77C081B77FBD85F73333F4B50FD408CD0A04A2228239 ] Freemake Improver C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
11:35:36.0218 0x07b0 Freemake Improver - detected UnsignedFile.Multi.Generic ( 1 )
11:35:38.0546 0x07b0 Detect skipped due to KSN trusted
11:35:38.0546 0x07b0 Freemake Improver - ok
11:35:38.0609 0x07b0 [ 23BA2103F69C7E12138240C86030F954, 2BDA358530FC776B835B90AC551D3FEBD660A97620EA9724DD3A5741DD3AB66D ] FreemakeVideoCapture C:\Programme\Freemake\CaptureLib\CaptureLibService.exe
11:35:38.0609 0x07b0 FreemakeVideoCapture - detected UnsignedFile.Multi.Generic ( 1 )
11:35:40.0953 0x07b0 Detect skipped due to KSN trusted
11:35:40.0953 0x07b0 FreemakeVideoCapture - ok
11:35:40.0968 0x07b0 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:35:41.0078 0x07b0 Fs_Rec - ok
11:35:41.0093 0x07b0 [ 8F1955CE42E1484714B542F341647778, 8EB3F99625F409D3032561E8AB44BEFBFBFBA4EC873C2151C92A5CAAF7F2AA55 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:35:41.0218 0x07b0 Ftdisk - ok
11:35:41.0281 0x07b0 [ 9599A713E1776B8F69300FC9008F33C1, 8C1836847319D492EA6DC5DE3D4C57DB580B903F8B2AEFCD13B5E6054CE6B722 ] getPlusHelper C:\Programme\NOS\bin\getPlus_Helper.dll
11:35:41.0296 0x07b0 getPlusHelper - ok
11:35:41.0328 0x07b0 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:35:41.0453 0x07b0 Gpc - ok
11:35:41.0515 0x07b0 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Programme\Google\Update\GoogleUpdate.exe
11:35:41.0531 0x07b0 gupdate - ok
11:35:41.0531 0x07b0 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe
11:35:41.0546 0x07b0 gupdatem - ok
11:35:41.0593 0x07b0 [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
11:35:41.0609 0x07b0 gusvc - ok
11:35:41.0656 0x07b0 [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
11:35:41.0781 0x07b0 HDAudBus - ok
11:35:41.0859 0x07b0 [ CB66BF85BF599BEFD6C6A57C2E20357F, 55D3A0F9279FF316766F42548FCB61C452942B08A37590C4892DF110BE4E53C6 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
11:35:41.0968 0x07b0 helpsvc - ok
11:35:42.0015 0x07b0 [ 76E15E6D2E405D5020736A6C912968BA, F87BBF0782A89A3340C3FEC58CF2DEF35BBE11B69BE1B29DB57BF45FF4A592E3 ] HIDKbFlt C:\WINDOWS\system32\drivers\HIDKbFlt.sys
11:35:42.0031 0x07b0 HIDKbFlt - detected UnsignedFile.Multi.Generic ( 1 )
11:35:44.0359 0x07b0 Detect skipped due to KSN trusted
11:35:44.0359 0x07b0 HIDKbFlt - ok
11:35:44.0390 0x07b0 [ B35DA85E60C0103F2E4104532DA2F12B, E13C9F73DF7713554CB614B36123D75014F5121AA1FC9069733E61758751CBE4 ] HidServ C:\WINDOWS\System32\hidserv.dll
11:35:44.0531 0x07b0 HidServ - ok
11:35:44.0578 0x07b0 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
11:35:44.0734 0x07b0 HidUsb - ok
11:35:44.0765 0x07b0 [ ED29F14101523A6E0E808107405D452C, B8FA987637787BEECC2EB06D36293DAC355523392B49A8C5A9491EEE961917E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
11:35:44.0906 0x07b0 hkmsvc - ok
11:35:44.0921 0x07b0 hpn - ok
11:35:44.0968 0x07b0 [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
11:35:45.0015 0x07b0 HTTP - ok
11:35:45.0062 0x07b0 [ 9E4ADB854CEBCFB81A4B36718FEECD16, 677AB64460775686F8366D6BF35D420A2486C3F07338A00A7C2788A5142B9F08 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
11:35:45.0218 0x07b0 HTTPFilter - ok
11:35:45.0218 0x07b0 i2omgmt - ok
11:35:45.0234 0x07b0 i2omp - ok
11:35:45.0265 0x07b0 [ E283B97CFBEB86C1D86BAED5F7846A92, 7664F791D08C80DF1E52B34BE69F073AA645610C4BD975F498254807602374AB ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
11:35:45.0421 0x07b0 i8042prt - ok
11:35:45.0546 0x07b0 [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:35:45.0593 0x07b0 idsvc - ok
11:35:45.0625 0x07b0 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
11:35:45.0750 0x07b0 Imapi - ok
11:35:45.0796 0x07b0 [ D4B413AA210C21E46AEDD2BA5B68D38E, 2309622867AA8FC832A729FA78F48742D4BD6CA0DAFBFB9DDB0772D671E1ED75 ] ImapiService C:\WINDOWS\system32\imapi.exe
11:35:45.0921 0x07b0 ImapiService - ok
11:35:45.0937 0x07b0 ini910u - ok
11:35:46.0250 0x07b0 [ 2B1CDDFE53715372B2677ACE12FC9FE5, 40061A5CC3864A5B5A44212AFC493983087D54C603DCE3E9C291D8F9E846E26B ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
11:35:46.0578 0x07b0 IntcAzAudAddService - ok
11:35:46.0593 0x07b0 IntelIde - ok
11:35:46.0640 0x07b0 [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
11:35:46.0765 0x07b0 Ip6Fw - ok
11:35:46.0796 0x07b0 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:35:46.0921 0x07b0 IpFilterDriver - ok
11:35:46.0937 0x07b0 [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:35:47.0062 0x07b0 IpInIp - ok
11:35:47.0093 0x07b0 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:35:47.0234 0x07b0 IpNat - ok
11:35:47.0250 0x07b0 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:35:47.0375 0x07b0 IPSec - ok
11:35:47.0390 0x07b0 [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
11:35:47.0468 0x07b0 IRENUM - ok
11:35:47.0484 0x07b0 [ 6DFB88F64135C525433E87648BDA30DE, 8233EEFBEF36AAA152F2C55D23D7118F0DE40C9C22EB5D9793405A4770889540 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:35:47.0593 0x07b0 isapnp - ok
11:35:47.0640 0x07b0 [ 4AC11B2250106774F694DF2DB4FFED61, 99D0FF40CE5B6BCB46966770B0BC1C9FED9FF23D2635B2C9B1B148BE83B395AA ] Iviaspi C:\WINDOWS\system32\drivers\iviaspi.sys
11:35:47.0656 0x07b0 Iviaspi - detected UnsignedFile.Multi.Generic ( 1 )
11:35:49.0984 0x07b0 Detect skipped due to KSN trusted
11:35:49.0984 0x07b0 Iviaspi - ok
11:35:50.0015 0x07b0 [ 7BD8FF29FECC1F4EF5B26CE3FFA80AE8, AAA32579A1CF3FE0AB1627F3D7929CA62A3A8D9E27A1CD64F027C1DF999ECBFD ] iviVD C:\WINDOWS\system32\DRIVERS\iviVD.sys
11:35:50.0078 0x07b0 iviVD - ok
11:35:50.0125 0x07b0 [ 1704D8C4C8807B889E43C649B478A452, E854C90CD301F42BE2520CEDAD35E49DF2D43606CF4EEED861B74882118D04D1 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:35:50.0234 0x07b0 Kbdclass - ok
11:35:50.0265 0x07b0 [ B6D6C117D771C98130497265F26D1882, E79CC4EA5C088F988BA61F80764F9CAD9B78BC56A7E17DD54622C75483BC5DF4 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
11:35:50.0375 0x07b0 kbdhid - ok
11:35:50.0390 0x07b0 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
11:35:50.0515 0x07b0 kmixer - ok
11:35:50.0562 0x07b0 [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
11:35:50.0609 0x07b0 KSecDD - ok
11:35:50.0656 0x07b0 [ 2BBDCB79900990F0716DFCB714E72DE7, 6283789201164A9254632D9A3C8A54FE697717D5F8D5A37804D924DC2B70C8E3 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
11:35:50.0703 0x07b0 lanmanserver - ok
11:35:50.0750 0x07b0 [ 1869B14B06B44B44AF70548E1EA3303F, 4D63B4DAF580C86F86837C7D1753E2105B4C52E26D4CA0CAAFE83755EFF7AFBE ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
11:35:50.0781 0x07b0 lanmanworkstation - ok
11:35:50.0781 0x07b0 lbrtfdc - ok
11:35:50.0828 0x07b0 [ 636714B7D43C8D0C80449123FD266920, F06F6C7DC49B26EFCAC3570C67BA9BD934F62C6F382DA4DD2AB302C7B970F414 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
11:35:50.0937 0x07b0 LmHosts - ok
11:35:50.0968 0x07b0 [ 2C137B8C4F4076FDFFBB81E23EC99248, 55952CD3723C3E957E809C1DAD5C5A52F368AE32FBE0A1B12699E5251E74B806 ] mbamchameleon C:\WINDOWS\system32\drivers\mbamchameleon.sys
11:35:50.0984 0x07b0 mbamchameleon - ok
11:35:51.0093 0x07b0 [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1FFB32B2AF9D5D8 ] MDM C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
11:35:51.0109 0x07b0 MDM - ok
11:35:51.0140 0x07b0 [ B7550A7107281D170CE85524B1488C98, A3854B16A65436BEF6BEDE918B43B3BE8F00D303660DB5831DD376271DC43239 ] Messenger C:\WINDOWS\System32\msgsvc.dll
11:35:51.0265 0x07b0 Messenger - ok
11:35:51.0296 0x07b0 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
11:35:51.0406 0x07b0 mnmdd - ok
11:35:51.0437 0x07b0 [ C2F1D365FD96791B037EE504868065D3, 87BD87E08FD00D115524B049F1A3A719AB86557D68968E7090CD0F271F985CAF ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
11:35:51.0546 0x07b0 mnmsrvc - ok
11:35:51.0593 0x07b0 [ 6FB74EBD4EC57A6F1781DE3852CC3362, 0454509D9A31E0202C08AE17294E2682F227D177A3C73B303E4C8332757AFCA1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
11:35:51.0703 0x07b0 Modem - ok
11:35:51.0828 0x07b0 [ 9FA7207D1B1ADEAD88AE8EED9CDBBAA5, 2AC3875B2E7D9B0692253A9867B940CF214DE03574808B42C3702843BC1D5696 ] Monfilt C:\WINDOWS\system32\drivers\Monfilt.sys
11:35:51.0937 0x07b0 Monfilt - ok
11:35:51.0953 0x07b0 [ B24CE8005DEAB254C0251E15CB71D802, 6804A8ABDAD5EC846E7F8077D1EE9BA45D6226ACFF42C70BE3DE7C8980EF9EC4 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:35:52.0062 0x07b0 Mouclass - ok
11:35:52.0093 0x07b0 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
11:35:52.0203 0x07b0 MountMgr - ok
11:35:52.0250 0x07b0 [ 345477F02C308B7480702767218C86A2, 98AFB5CF35BD82BA44B8F52CBC5FA3760506ADD7892C2AA1A77E8DF71FC8523F ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
11:35:52.0265 0x07b0 MozillaMaintenance - ok
11:35:52.0265 0x07b0 mraid35x - ok
11:35:52.0281 0x07b0 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:35:52.0406 0x07b0 MRxDAV - ok
11:35:52.0468 0x07b0 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:35:52.0531 0x07b0 MRxSmb - ok
11:35:52.0578 0x07b0 [ 35A031AF38C55F92D28AA03EE9F12CC9, 97245D204C886EE8DCCC2DEAC80A0E358A7E0C1982F77389DA50DCF091FC9DDC ] MSDTC C:\WINDOWS\system32\msdtc.exe
11:35:52.0671 0x07b0 MSDTC - ok
11:35:52.0703 0x07b0 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
11:35:52.0812 0x07b0 Msfs - ok
11:35:52.0828 0x07b0 MSIServer - ok
11:35:52.0859 0x07b0 [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:35:52.0968 0x07b0 MSKSSRV - ok
11:35:52.0984 0x07b0 [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:35:53.0093 0x07b0 MSPCLOCK - ok
11:35:53.0109 0x07b0 [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
11:35:53.0203 0x07b0 MSPQM - ok
11:35:53.0234 0x07b0 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:35:53.0328 0x07b0 mssmbios - ok
11:35:53.0375 0x07b0 [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
11:35:53.0421 0x07b0 Mup - ok
11:35:53.0468 0x07b0 [ 46BB15AE2AC7D025D6D2567B876817BD, 102A101B96D1078C98FA0F871C801A9A8538E20E5686AB0C7680B2F6C92B3165 ] napagent C:\WINDOWS\System32\qagentrt.dll
11:35:53.0593 0x07b0 napagent - ok
11:35:53.0640 0x07b0 [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
11:35:53.0750 0x07b0 NDIS - ok
11:35:53.0781 0x07b0 [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:35:53.0828 0x07b0 NdisTapi - ok
11:35:53.0843 0x07b0 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:35:53.0937 0x07b0 Ndisuio - ok
11:35:53.0968 0x07b0 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:35:54.0078 0x07b0 NdisWan - ok
11:35:54.0125 0x07b0 [ 9282BD12DFB069D3889EB3FCC1000A9B, 09A46F1712BD9165068D8E153585FE3E6E5CBF4F1DDEC142115555D3A91AEC09 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
11:35:54.0171 0x07b0 NDProxy - ok
11:35:54.0218 0x07b0 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
11:35:54.0328 0x07b0 NetBIOS - ok
11:35:54.0359 0x07b0 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
11:35:54.0468 0x07b0 NetBT - ok
11:35:54.0500 0x07b0 [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDE C:\WINDOWS\system32\netdde.exe
11:35:54.0625 0x07b0 NetDDE - ok
11:35:54.0625 0x07b0 [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
11:35:54.0734 0x07b0 NetDDEdsdm - ok
11:35:54.0781 0x07b0 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] Netlogon C:\WINDOWS\system32\lsass.exe
11:35:54.0875 0x07b0 Netlogon - ok
11:35:54.0906 0x07b0 [ E6D88F1F6745BF00B57E7855A2AB696C, 12A5EDD853600FF5EBF91E127077745AE1E61E66DBC1D4D4306570F171AF4A39 ] Netman C:\WINDOWS\System32\netman.dll
11:35:55.0015 0x07b0 Netman - ok
11:35:55.0062 0x07b0 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:35:55.0078 0x07b0 NetTcpPortSharing - ok
11:35:55.0109 0x07b0 [ F1B67B6B0751AE0E6E964B02821206A3, 3D5A7593ABDEE2047C5738671C85DC8B95A4ECF58D5D7B04EEE13A689839A540 ] Nla C:\WINDOWS\System32\mswsock.dll
11:35:55.0140 0x07b0 Nla - ok
11:35:55.0203 0x07b0 [ 7AEA4DF1CA68FD45DD4BBE1F0243CE7F, 4CCE820F455512C41E4F98109FA6F048907DD3452D5A00D5F885C77F93C9C105 ] NMSAccess C:\Programme\CDBurnerXP\NMSAccessU.exe
11:35:55.0218 0x07b0 NMSAccess - ok
11:35:55.0265 0x07b0 [ B48DC6ABCD3AEFF8618350CCBDC6B09A, 824D8B03E061DDD0D33EF9F03C669B13E7B6E339684009BD44D69178C45E2DE1 ] npf C:\WINDOWS\system32\drivers\npf.sys
11:35:55.0265 0x07b0 npf - ok
11:35:55.0312 0x07b0 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
11:35:55.0421 0x07b0 Npfs - ok
11:35:55.0468 0x07b0 [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
11:35:55.0625 0x07b0 Ntfs - ok
11:35:55.0625 0x07b0 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
11:35:55.0734 0x07b0 NtLmSsp - ok
11:35:55.0796 0x07b0 [ 56AF4064996FA5BAC9C449B1514B4770, 154602EFEC22728503D4ABA025DF711B0F2CFC983F5E3BF25F2A4BCD1AE250EC ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
11:35:55.0953 0x07b0 NtmsSvc - ok
11:35:55.0968 0x07b0 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
11:35:56.0078 0x07b0 Null - ok
11:35:56.0718 0x07b0 [ 5AFC57ED9FE985DE99FC8A37884DAE10, B541C359108CC9D8864FE06AF0D4A77C7052C278AD4225A96180F5F96AD21381 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
11:35:57.0296 0x07b0 nv - ok
11:35:57.0359 0x07b0 [ EFC9A7307691E3C3DB8D2AA81A778356, EC9A04DC1828C3B4478A78F6DD8F702547902B8A12FF50E517D6A16751F6C910 ] NVHDA C:\WINDOWS\system32\drivers\nvhda32.sys
11:35:57.0359 0x07b0 NVHDA - ok
11:35:57.0406 0x07b0 [ F0FA6A2FE9DD2D164208384764110A36, 91F4A4CE9E3E9A5F014BCAD461958C773BC599510A7B7652EA4E2582A3FF52E6 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
11:35:57.0421 0x07b0 NVSvc - ok
11:35:57.0609 0x07b0 [ 005E474630A7AA05A617C574B702FEED, E7B8181232DAA787EE8B98DDB5775E4B33C82B4D2E4A27D3DCD9FBAA6663BD97 ] nvUpdatusService C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
11:35:57.0718 0x07b0 nvUpdatusService - ok
11:35:57.0750 0x07b0 [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:35:57.0859 0x07b0 NwlnkFlt - ok
11:35:57.0890 0x07b0 [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:35:57.0984 0x07b0 NwlnkFwd - ok
11:35:58.0031 0x07b0 [ F84785660305B9B903FB3BCA8BA29837, BDBDE61076800415D98759077E9E039C80B55DBE68E31F8BF44A909C6C3D3276 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
11:35:58.0156 0x07b0 Parport - ok
11:35:58.0171 0x07b0 [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
11:35:58.0281 0x07b0 PartMgr - ok
11:35:58.0312 0x07b0 [ C2BF987829099A3EAA2CA6A0A90ECB4F, 1DF21EA8E43875CFEECD869407429F82FB449707CFB845718499468E699BAAAA ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
11:35:58.0421 0x07b0 ParVdm - ok
11:35:58.0437 0x07b0 [ 387E8DEDC343AA2D1EFBC30580273ACD, 5F3E642BDB759777E570ED5B22AC7E93CDCD362708F281657AD7BAB44EDEC802 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
11:35:58.0546 0x07b0 PCI - ok
11:35:58.0562 0x07b0 PCIDump - ok
11:35:58.0593 0x07b0 [ 59BA86D9A61CBCF4DF8E598C331F5B82, 822D11C5CE77BFD7B2F25350CCBF92B0B9388EEA6D86ED220B768C720976D839 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
11:35:58.0703 0x07b0 PCIIde - ok
11:35:58.0765 0x07b0 [ A2A966B77D61847D61A3051DF87C8C97, 6CED7CA26DC62B0AAFC83A2E07336DAD25954491201BB8E06103971F3F0B8B51 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
11:35:58.0875 0x07b0 Pcmcia - ok
11:35:58.0875 0x07b0 PDCOMP - ok
11:35:58.0890 0x07b0 PDFRAME - ok
11:35:58.0890 0x07b0 PDRELI - ok
11:35:58.0906 0x07b0 PDRFRAME - ok
11:35:58.0906 0x07b0 perc2 - ok
11:35:58.0906 0x07b0 perc2hib - ok
11:35:58.0953 0x07b0 [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] PlugPlay C:\WINDOWS\system32\services.exe
11:35:58.0968 0x07b0 PlugPlay - ok
11:35:58.0968 0x07b0 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
11:35:59.0078 0x07b0 PolicyAgent - ok
11:35:59.0078 0x07b0 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:35:59.0203 0x07b0 PptpMiniport - ok
11:35:59.0218 0x07b0 [ 2CB55427C58679F49AD600FCCBA76360, 2B5242E9637FCB6A7C16F720C9D8D440AA88B61FB5F108B295A208886C01C4D1 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
11:35:59.0328 0x07b0 Processor - ok
11:35:59.0328 0x07b0 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
11:35:59.0437 0x07b0 ProtectedStorage - ok
11:35:59.0453 0x07b0 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
11:35:59.0562 0x07b0 PSched - ok
11:35:59.0593 0x07b0 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:35:59.0703 0x07b0 Ptilink - ok
11:35:59.0703 0x07b0 ql1080 - ok
11:35:59.0718 0x07b0 Ql10wnt - ok
11:35:59.0718 0x07b0 ql12160 - ok
11:35:59.0734 0x07b0 ql1240 - ok
11:35:59.0734 0x07b0 ql1280 - ok
11:35:59.0765 0x07b0 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:35:59.0875 0x07b0 RasAcd - ok
11:35:59.0890 0x07b0 [ F5BA6CACCDB66C8F048E867563203246, AFEAD8FC02313F7EBC8F9F39E7ED2868852B480BE3902FA7BD0AFD81492AB243 ] RasAuto C:\WINDOWS\System32\rasauto.dll
11:36:00.0015 0x07b0 RasAuto - ok
11:36:00.0031 0x07b0 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:36:00.0140 0x07b0 Rasl2tp - ok
11:36:00.0187 0x07b0 [ F9A7B66EA345726EDB5862A46B1ECCD5, 5D35429D394D36A1692A7E219BA1A85CD8096FEAE0F90BFE036A63118FEDBF57 ] RasMan C:\WINDOWS\System32\rasmans.dll
11:36:00.0296 0x07b0 RasMan - ok
11:36:00.0328 0x07b0 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:36:00.0437 0x07b0 RasPppoe - ok
11:36:00.0453 0x07b0 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
11:36:00.0546 0x07b0 Raspti - ok
11:36:00.0609 0x07b0 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:36:00.0718 0x07b0 Rdbss - ok
11:36:00.0734 0x07b0 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:36:00.0843 0x07b0 RDPCDD - ok
11:36:00.0875 0x07b0 [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
11:36:01.0000 0x07b0 rdpdr - ok
11:36:01.0031 0x07b0 [ FC105DD312ED64EB66BFF111E8EC6EAC, 1B29D928DDD43A1929D5A788648536603EA60AF6D4EC9BF0B20AD7F71BD88ACB ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
11:36:01.0093 0x07b0 RDPWD - ok
11:36:01.0140 0x07b0 [ 263AF18AF0F3DB99F574C95F284CCEC9, 2BFA9952E97EFEB386FC56EC2C125080CD12DAC078DBE43C395CB4D9F22165D3 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
11:36:01.0265 0x07b0 RDSessMgr - ok
11:36:01.0328 0x07b0 [ 96EFEC24346A8EB1157E80523079ADDC, 7F8FC284029856C754E400B6C954369FFE27763C81D8F4AF4E58BFDD44CBC24A ] RealNetworks Downloader Resolver Service C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe
11:36:01.0343 0x07b0 RealNetworks Downloader Resolver Service - ok
11:36:01.0359 0x07b0 [ ED761D453856F795A7FE056E42C36365, EF026585B33415D8FCE94A9F27D7A4396C7C35C88E06A4CF0FEA702401E8597A ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
11:36:01.0468 0x07b0 redbook - ok
11:36:01.0500 0x07b0 [ 0E97EC96D6942CEEC2D188CC2EB69A01, D4253B4420BEF19451A55AB91E4834482181A31A31134F6E2AFE05C8E20C81A5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
11:36:01.0609 0x07b0 RemoteAccess - ok
11:36:01.0640 0x07b0 [ E4CD1F3D84E1C2CA0B8CF7501E201593, 649CC0B04F94D407EB6B4C7FDE2C6E4D2B1531307BC67C5775E44D66EF2E4F8A ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
11:36:01.0750 0x07b0 RemoteRegistry - ok
11:36:01.0781 0x07b0 [ 2A02E21867497DF20B8FC95631395169, D89E2D17ED4E1C727847C0E92D2DF68AEB70BF0B956BD2FE024ED70A961759D2 ] RpcLocator C:\WINDOWS\system32\locator.exe
11:36:01.0890 0x07b0 RpcLocator - ok
11:36:01.0953 0x07b0 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] RpcSs C:\WINDOWS\system32\rpcss.dll
11:36:02.0000 0x07b0 RpcSs - ok
11:36:02.0046 0x07b0 [ 4BDD71B4B521521499DFD14735C4F398, 7B1498D3C67E56D05B58B7DA319ECB0117C37963AABB0E59B42831C087469DA1 ] RSVP C:\WINDOWS\system32\rsvp.exe
11:36:02.0171 0x07b0 RSVP - ok
11:36:02.0218 0x07b0 [ 00FD6811350E175585ABCF7D4A61DD90, 00B54CB6547E47E6A2B8AE4BB220E68BBFECF2188CB7DFE651B50F7FE6AC7E9D ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
11:36:02.0250 0x07b0 RTLE8023xp - ok
11:36:02.0281 0x07b0 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] SamSs C:\WINDOWS\system32\lsass.exe
11:36:02.0375 0x07b0 SamSs - ok
11:36:02.0421 0x07b0 [ DCEC079FAD95D36C8DD5CB6D779DFE32, F8546552D939A225853A0CE4913701A93738DF02C999D16E141E9A828814BBC6 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
11:36:02.0531 0x07b0 SCardSvr - ok
11:36:02.0578 0x07b0 [ A050194A44D7FA8D7186ED2F4E8367AE, BCDF56D5A2F9E202DC67E7FE4BCC617BCC0BDFF2D221A621020068B17B2855BB ] Schedule C:\WINDOWS\system32\schedsvc.dll
11:36:02.0687 0x07b0 Schedule - ok
11:36:02.0718 0x07b0 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:36:02.0765 0x07b0 Secdrv - ok
11:36:02.0812 0x07b0 [ BEE4CFD1D48C23B44CF4B974B0B79B2B, DF3B02D713F8A4602BE75F004074D5DF79AFF2D58FF37110B2A6AC29F680758B ] seclogon C:\WINDOWS\System32\seclogon.dll
11:36:02.0906 0x07b0 seclogon - ok
11:36:02.0953 0x07b0 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3, 95D83F054A6610328D56E56CD948A6618C590231853E56FC20E7557DB61384A4 ] SENS C:\WINDOWS\system32\sens.dll
11:36:03.0062 0x07b0 SENS - ok
11:36:03.0078 0x07b0 [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
11:36:03.0187 0x07b0 serenum - ok
11:36:03.0203 0x07b0 [ CF24EB4F0412C82BCD1F4F35A025E31D, B74CB094126F5C23F601C34D53B2DF5BE3E5918230AC9DCFCFFA8E66B3A0FA25 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
11:36:03.0312 0x07b0 Serial - ok
11:36:03.0343 0x07b0 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
11:36:03.0453 0x07b0 Sfloppy - ok
11:36:03.0515 0x07b0 [ CAD058D5F8B889A87CA3EB3CF624DCEF, A7CDCF44261D1F4D820927253EA8EBB63714B7BAFF8B08DE073507D9A7EEA5BB ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
11:36:03.0656 0x07b0 SharedAccess - ok
11:36:03.0687 0x07b0 [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
11:36:03.0703 0x07b0 ShellHWDetection - ok
11:36:03.0703 0x07b0 Simbad - ok
11:36:03.0718 0x07b0 Sparrow - ok
11:36:03.0750 0x07b0 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
11:36:03.0859 0x07b0 splitter - ok
11:36:03.0890 0x07b0 [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe
11:36:03.0921 0x07b0 Spooler - ok
11:36:03.0937 0x07b0 [ 50FA898F8C032796D3B1B9951BB5A90F, 1C86273EC19EB96D6DB9CE6670C00683B77C99C42CC2F7E75BC50872B93446B1 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
11:36:04.0000 0x07b0 sr - ok
11:36:04.0062 0x07b0 [ FE77A85495065F3AD59C5C65B6C54182, EB4BAF992F961B2FD5D24BFCB6BCB2142BC32933139A818835FEAB190E4283BB ] srservice C:\WINDOWS\system32\srsvc.dll
11:36:04.0125 0x07b0 srservice - ok
11:36:04.0187 0x07b0 [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
11:36:04.0265 0x07b0 Srv - ok
11:36:04.0312 0x07b0 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500, 2971D7D45D6942D310D47DBD19B9680D2D29527E79B86133C72217FD29259465 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
11:36:04.0375 0x07b0 SSDPSRV - ok
11:36:04.0390 0x07b0 [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
11:36:04.0406 0x07b0 ssmdrv - ok
11:36:04.0437 0x07b0 [ 3F0164FBC0BD1ADBD02DF9759181451A, 8BDAA0373BD16B38407F93FE5C697481D4D88C72B1931D6A7B9F80C0276242B9 ] ss_bbus C:\WINDOWS\system32\DRIVERS\ss_bbus.sys
11:36:04.0453 0x07b0 ss_bbus - ok
11:36:04.0484 0x07b0 [ B89D62206034E5FE573C80A24DD55675, 26D12E2A7CB538DDEEA7B764242E9EAE25E0A46293AE3608E6B7DD71AECBA901 ] ss_bmdfl C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys
11:36:04.0500 0x07b0 ss_bmdfl - ok
11:36:04.0546 0x07b0 [ 1ED0FCEA586FE2A416EE15196E5631DD, AF1EBAD7D580BF85ACD6C6287892DE4E7A679852887B9E866A032B1DDCF26183 ] ss_bmdm C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys
11:36:04.0562 0x07b0 ss_bmdm - ok
11:36:04.0593 0x07b0 [ 994D2E5378CC337EC7DD73C1E04FCAA4, 4320B6EFF5CFA40DCD7EF1ED1BB79AC29D5FC34FCFA97BA97333CB5ABD741E05 ] ss_bserd C:\WINDOWS\system32\DRIVERS\ss_bserd.sys
11:36:04.0609 0x07b0 ss_bserd - ok
11:36:04.0640 0x07b0 [ F92254B0BCFCD10CAAC7BCCC7CB7F467, A44B569F658BED53502C9155947759EE67FABEE306DA2A9ABE87141F99B251A3 ] StarOpen C:\WINDOWS\system32\drivers\StarOpen.sys
11:36:04.0656 0x07b0 StarOpen - detected UnsignedFile.Multi.Generic ( 1 )
11:36:07.0000 0x07b0 Detect skipped due to KSN trusted
11:36:07.0000 0x07b0 StarOpen - ok
11:36:07.0046 0x07b0 [ BC2C5985611C5356B24AEB370953DED9, 15CBAB8166827DC098E2B16AB6F49A1441A4CB52AF3588F0AD964CAB596DFE10 ] stisvc C:\WINDOWS\system32\wiaservc.dll
11:36:07.0203 0x07b0 stisvc - ok
11:36:07.0250 0x07b0 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
11:36:07.0343 0x07b0 swenum - ok
11:36:07.0359 0x07b0 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
11:36:07.0468 0x07b0 swmidi - ok
11:36:07.0484 0x07b0 SwPrv - ok
11:36:07.0484 0x07b0 symc810 - ok
11:36:07.0500 0x07b0 symc8xx - ok
11:36:07.0500 0x07b0 sym_hi - ok
11:36:07.0515 0x07b0 sym_u3 - ok
11:36:07.0531 0x07b0 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
11:36:07.0640 0x07b0 sysaudio - ok
11:36:07.0687 0x07b0 [ 2903FFFA2523926D6219428040DCE6B9, 4F13181931B0499F6C3F08138054DBCD1F84CB9806999A9172B80DE79D446F62 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
11:36:07.0796 0x07b0 SysmonLog - ok
11:36:07.0859 0x07b0 [ 05903CAC4B98908D55EA5774775B382E, AC3666CBD894D737874A5998DC7F46A0A51A7B23B1835FC735B9AD503A2191CC ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
11:36:07.0984 0x07b0 TapiSrv - ok
11:36:08.0062 0x07b0 [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:36:08.0125 0x07b0 Tcpip - ok
11:36:08.0156 0x07b0 [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
11:36:08.0250 0x07b0 TDPIPE - ok
11:36:08.0281 0x07b0 [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
11:36:08.0390 0x07b0 TDTCP - ok
11:36:08.0406 0x07b0 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
11:36:08.0500 0x07b0 TermDD - ok
11:36:08.0546 0x07b0 [ B7DE02C863D8F5A005A7BF375375A6A4, 6DE05A7B28CA5A78D58536347FC47F15883EEDBEF487CEA0117CC280FC582DCC ] TermService C:\WINDOWS\System32\termsrv.dll
11:36:08.0687 0x07b0 TermService - ok
11:36:08.0718 0x07b0 [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] Themes C:\WINDOWS\System32\shsvcs.dll
11:36:08.0734 0x07b0 Themes - ok
11:36:08.0765 0x07b0 [ 03681A1CE77F51586903869A5AB1DEAB, E2EC0A481412166B654682C2F3D953E96E757466135CBD2D813B967EDB13C721 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
11:36:08.0843 0x07b0 TlntSvr - ok
11:36:08.0843 0x07b0 TosIde - ok
11:36:08.0875 0x07b0 [ 626504572B175867F30F3215C04B3E2F, 47E87CE9BC666D5CB5953C5D497DC00A7CC28F8EC0A064B3E47700279C5C4B91 ] TrkWks C:\WINDOWS\system32\trkwks.dll
11:36:09.0015 0x07b0 TrkWks - ok
11:36:09.0031 0x07b0 [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
11:36:09.0156 0x07b0 Udfs - ok
11:36:09.0234 0x07b0 [ 4BD2C322118A2470B450492A0C3302F9, 31DD44C09F0165147B6E68F3865AF4EC3CF36C3D637501025076F748475DD38F ] UleadBurningHelper C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe
11:36:09.0250 0x07b0 UleadBurningHelper - ok
11:36:09.0250 0x07b0 ultra - ok
11:36:09.0296 0x07b0 [ AB0A7CA90D9E3D6A193905DC1715DED0, CA764A2B92E727E3398134CD50D5622B4EC387436A3644063DA1D114CE63BD64 ] UMWdf C:\WINDOWS\system32\wdfmgr.exe
11:36:09.0328 0x07b0 UMWdf - ok
11:36:09.0375 0x07b0 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
11:36:09.0531 0x07b0 Update - ok
11:36:09.0562 0x07b0 [ 1DFD8975D8C89214B98D9387C1125B49, 0B6B268487C8E45E9B86BF4A0A9DB669E0E45D600DE3C82B63F9986CA9E01082 ] upnphost C:\WINDOWS\System32\upnphost.dll
11:36:09.0640 0x07b0 upnphost - ok
11:36:09.0671 0x07b0 [ 9B11E6118958E63E1FEF129466E2BDA7, 97168BCE3F4A9BB9E6500F05E34851FB957B219C598944FADC28AC0011C0503B ] UPS C:\WINDOWS\System32\ups.exe
11:36:09.0796 0x07b0 UPS - ok
11:36:09.0828 0x07b0 [ E919708DB44ED8543A7C017953148330, 226D032912D396117213FC29CD0BB5A8B2F872DD91D92F254F2F1FE392481B61 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
11:36:09.0953 0x07b0 usbaudio - ok
11:36:09.0984 0x07b0 [ 173F317CE0DB8E21322E71B7E60A27E8, 7042441BA63AE38AE9D7BE0BC5CA7404FC9EE5BB3F084604A68F01E82769652A ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
11:36:10.0093 0x07b0 usbccgp - ok
11:36:10.0093 0x07b0 [ 65DCF09D0E37D4C6B11B5B0B76D470A7, 90EBA8BAF45932B453D905EDF2BDDDF3A432BFD50B9F7DF58CDEAE98D11C2E2F ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
11:36:10.0203 0x07b0 usbehci - ok
11:36:10.0234 0x07b0 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
11:36:10.0375 0x07b0 usbhub - ok
11:36:10.0390 0x07b0 [ 0DAECCE65366EA32B162F85F07C6753B, 3C33AC2FC95E876933F2016CF0CDA2745491679728684DA8DF95A515CE4804BD ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
11:36:10.0500 0x07b0 usbohci - ok
11:36:10.0531 0x07b0 [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
11:36:10.0656 0x07b0 usbprint - ok
11:36:10.0703 0x07b0 [ A0B8CF9DEB1184FBDD20784A58FA75D4, D8AFD45BD9CF7B02F2554AA6085194DE82893AF794EDF479BC9B9E9C1758DC75 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
11:36:10.0812 0x07b0 usbscan - ok
11:36:10.0859 0x07b0 [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:36:10.0984 0x07b0 USBSTOR - ok
11:36:11.0015 0x07b0 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
11:36:11.0171 0x07b0 VgaSave - ok
11:36:11.0171 0x07b0 ViaIde - ok
11:36:11.0203 0x07b0 [ A5A712F4E880874A477AF790B5186E1D, FE885ED04C3EAFC379787F836738A2769E43D07CF52DD917D90C38E001957A5E ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
11:36:11.0328 0x07b0 VolSnap - ok
11:36:11.0375 0x07b0 [ 68F106273BE29E7B7EF8266977268E78, 1488AB7A654EBC94C73E1D494067189ACB95BC233980110CAC4C0297CDC4115A ] VSS C:\WINDOWS\System32\vssvc.exe
11:36:11.0484 0x07b0 VSS - ok
11:36:11.0515 0x07b0 [ 7B353059E665F8B7AD2BBEAEF597CF45, 84A4311F18A4B8DCB364741DEA7D18E2363F19564B2EF25214965DC729527068 ] W32Time C:\WINDOWS\system32\w32time.dll
11:36:11.0625 0x07b0 W32Time - ok
11:36:11.0671 0x07b0 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:36:11.0796 0x07b0 Wanarp - ok
11:36:11.0796 0x07b0 WDICA - ok
11:36:11.0843 0x07b0 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
11:36:11.0968 0x07b0 wdmaud - ok
11:36:12.0015 0x07b0 [ 81727C9873E3905A2FFC1EBD07265002, 6AC2383A1DCBB7FA3DB90FBB874C8E1819F5B7492717FF41E303EFC7BF72F93E ] WebClient C:\WINDOWS\System32\webclnt.dll
11:36:12.0156 0x07b0 WebClient - ok
11:36:12.0234 0x07b0 [ 6F3F3973D97714CC5F906A19FE883729, 7817118BE94D0F6FAE0F9CE48AD70FFE0AEF886CCE09C666768FAB61047F992F ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
11:36:12.0343 0x07b0 winmgmt - ok
11:36:12.0406 0x07b0 [ 140EF97B64F560FD78643CAE2CDAD838, 1DEA8005220A3EFEC6E32A7DE4386026CCC1E5328E2FDCB82B1FB335905D1962 ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
11:36:12.0468 0x07b0 WmdmPmSN - ok
11:36:12.0531 0x07b0 [ FFA4D901D46D07A5BAB2D8307FBB51A6, 53C6D04D111EDF774C7F7EEB8D032B372E6244774D56B1B34CF1236027EC9450 ] Wmi C:\WINDOWS\System32\advapi32.dll
11:36:12.0609 0x07b0 Wmi - ok
11:36:12.0656 0x07b0 [ 93908111BA57A6E60EC2FA2DE202105C, F395F25F18D15C6B9FEDB45FD31E10295FFE5517E2BC86ACAC11904EA0664BE2 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
11:36:12.0765 0x07b0 WmiApSrv - ok
11:36:12.0796 0x07b0 [ 1385E5AA9C9821790D33A9563B8D2DD0, 35248DA1BBB6E88D6C7706B81A48F7EA4E4F2673228D69E622525D478B8E7220 ] WpdUsb C:\WINDOWS\system32\Drivers\wpdusb.sys
11:36:12.0859 0x07b0 WpdUsb - ok
11:36:12.0953 0x07b0 [ DCF3E3EDF5109EE8BC02FE6E1F045795, 4B8E14B1CFB095982D34DAEC336114F5039D7793080FB787DC95A63B6B945DD0 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
11:36:13.0015 0x07b0 WPFFontCache_v0400 - ok
11:36:13.0062 0x07b0 [ 300B3E84FAF1A5C1F791C159BA28035D, 0194856BDF94C1F274AF70AD558290ACDACDDEA331BD66FEB8E167ABD1E36786 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
11:36:13.0171 0x07b0 wscsvc - ok
11:36:13.0203 0x07b0 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085, A1DB8909FA73337DB613D01824945485186654364A4DF129B8CB913CF87D1D2E ] wuauserv C:\WINDOWS\system32\wuauserv.dll
11:36:13.0312 0x07b0 wuauserv - ok
11:36:13.0390 0x07b0 [ C4F109C005F6725162D2D12CA751E4A7, AC996B44338328BDD4442FE48406F286A64526F0EC77BE00A19FA7FDB0407CFE ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
11:36:13.0531 0x07b0 WZCSVC - ok
11:36:13.0562 0x07b0 [ 0ADA34871A2E1CD2CAAFED1237A47750, 45BEF8649078BD74C1A347B5F2D3A1958E5A7DCD6C6BA8A2E0CAD277A929C64E ] xmlprov C:\WINDOWS\System32\xmlprov.dll
11:36:13.0703 0x07b0 xmlprov - ok
11:36:13.0703 0x07b0 ================ Scan global ===============================
11:36:13.0718 0x07b0 [ 2C60091CA5F67C3032EAB3B30390C27F, 9E205C8E67F4B61FCFA2A82AA1968D522C3B6410D7075BE813F7F1564D61632E ] C:\WINDOWS\system32\basesrv.dll
11:36:13.0765 0x07b0 [ 77A50BBD2A1CD6D54A876BB63570E2A8, 80DBEE5B754952411470B9B8A813C989F7074EF6CC07A081A179E523C10C465E ] C:\WINDOWS\system32\winsrv.dll
11:36:13.0796 0x07b0 [ 77A50BBD2A1CD6D54A876BB63570E2A8, 80DBEE5B754952411470B9B8A813C989F7074EF6CC07A081A179E523C10C465E ] C:\WINDOWS\system32\winsrv.dll
11:36:13.0828 0x07b0 [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] C:\WINDOWS\system32\services.exe
11:36:13.0828 0x07b0 [ Global ] - ok
11:36:13.0828 0x07b0 ================ Scan MBR ==================================
11:36:13.0843 0x07b0 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
11:36:14.0046 0x07b0 \Device\Harddisk0\DR0 - ok
11:36:14.0046 0x07b0 ================ Scan VBR ==================================
11:36:14.0046 0x07b0 [ A7D120127FFBA7CD40328F0D53B5F71F ] \Device\Harddisk0\DR0\Partition1
11:36:14.0062 0x07b0 \Device\Harddisk0\DR0\Partition1 - ok
11:36:14.0062 0x07b0 [ 3B57FFE28F9E55442818CF2382708E72 ] \Device\Harddisk0\DR0\Partition2
11:36:14.0062 0x07b0 \Device\Harddisk0\DR0\Partition2 - ok
11:36:14.0062 0x07b0 ================ Scan generic autorun ======================
11:36:14.0171 0x07b0 [ A00F240E6B250E91536CE18BFE0A350C, 338DD25039D4BA97DF669493F6ED59D8E3448BE1F9E954E98B46B188B6359D45 ] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
11:36:14.0171 0x07b0 StartCCC - detected UnsignedFile.Multi.Generic ( 1 )
11:36:16.0500 0x07b0 Detect skipped due to KSN trusted
11:36:16.0500 0x07b0 StartCCC - ok
11:36:17.0453 0x07b0 [ D37F604F98E1FC2D7AEC8EF3515409D7, 570629023EBBF0D5070A84B33DAC32BAC11CE27E64F5A47B95B5C300AA5C1E15 ] C:\WINDOWS\RTHDCPL.EXE
11:36:18.0515 0x07b0 RTHDCPL - ok
11:36:18.0656 0x07b0 [ 37BF603C3685289CA684C4D3400A9DE7, 242379ED5F485E47897B15A1DC200B44B673147A636ADF640A32C72AEF8ABE40 ] C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe
11:36:18.0671 0x07b0 Adobe Reader Speed Launcher - ok
11:36:18.0781 0x07b0 [ 48BE298F7FD1BEF4D8FBACB04D8D95C4, D375B3F6E850E4B0EC81BAA0E554C356BE2248AA77C6C56F5267CA05460FE4EB ] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe
11:36:18.0828 0x07b0 Adobe ARM - ok
11:36:18.0906 0x07b0 [ 2CEC0358AEAF3D34E7FAEE85ED55E9EB, F682779B67B3BC958DEB0853E49F15EA2342E2CD299E2DFE4874E48559EBB683 ] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
11:36:19.0000 0x07b0 HPDJ Taskbar Utility - ok
11:36:19.0093 0x07b0 [ 2103DE800D67BFDD2EC58AE0F242A359, 8CA6797C6EAE8219FD04DF9F761853A0617AB54E6229F44DD1F186E8A9C360FE ] C:\Programme\Ulead Systems\Ulead VideoStudio 11\uvPL.exe
11:36:19.0125 0x07b0 UVS11 Preload - ok
11:36:19.0203 0x07b0 [ CAF03357DE72F8F19FA099581A685C1A, FD7647ECEB96CDAAC516FD40407C2E191703276DC2967475ED1AAD43544DD2C4 ] C:\Programme\QuickTime\qttask.exe
11:36:19.0234 0x07b0 QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
11:36:21.0562 0x07b0 Detect skipped due to KSN trusted
11:36:21.0562 0x07b0 QuickTime Task - ok
11:36:21.0625 0x07b0 [ CD63BDE3117B69C8B21C21DC348858FD, D061C54F037A3CAA0D954297A82C7CF8C40DD3F5188EE325B1780A75FC519566 ] C:\PROGRA~1\OfficeKB\OfficeKB.EXE
11:36:21.0625 0x07b0 OfficeKB - detected UnsignedFile.Multi.Generic ( 1 )
11:36:31.0687 0x07b0 OfficeKB ( UnsignedFile.Multi.Generic ) - warning
11:36:31.0687 0x07b0 Force sending object to P2P due to detect: C:\PROGRA~1\OfficeKB\OfficeKB.EXE
11:36:36.0125 0x07b0 Object send P2P result: true
11:36:38.0468 0x07b0 [ E1F68E30FFE27E375A331E0C09CC1C43, 55EBC223C7177CE707B9672316E8EC28733AF943C50C6481717DA437147611EF ] C:\PROGRA~1\OfficeKB\KPDrv4XP.exe
11:36:38.0484 0x07b0 KPDrv4XP - detected UnsignedFile.Multi.Generic ( 1 )
11:36:40.0812 0x07b0 KPDrv4XP ( UnsignedFile.Multi.Generic ) - warning
11:36:43.0156 0x07b0 NvCplDaemon - ok
11:36:43.0156 0x07b0 NvMediaCenter - ok
11:36:43.0343 0x07b0 [ A23319A38290D9F495A076254D995499, B78D16FAC286ABBB36F1E7D8732886A793B82346B7BD85A575B70B673059120C ] C:\Programme\NVIDIA Corporation\nview\nwiz.exe
11:36:43.0468 0x07b0 nwiz - ok
11:36:43.0562 0x07b0 [ 1775BDBEF28FD1B0F0AC43F10F483E08, F7E6C3177CFFABF605CC86F585CBF1DE541732DD92F92D1AB97B9BFFB3F2C5A6 ] C:\Programme\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
11:36:43.0609 0x07b0 Nvtmru - ok
11:36:43.0734 0x07b0 [ 085F30DB0B38903940A4141E675BDC08, 3ABFB79C850D2B1976DB4DEF69AA031C4E18B5E240316908DDD16DEA4050365A ] C:\Programme\Avira\AntiVir Desktop\avgnt.exe
11:36:43.0765 0x07b0 avgnt - ok
11:36:43.0890 0x07b0 [ F6158734F1E24C6C510155CF0D363911, 320900BA90AF14E254CFAFA70FB15A0E77506217E47A406FA1ED821D0206FE29 ] C:\Programme\Real\RealPlayer\update\realsched.exe
11:36:43.0906 0x07b0 TkBellExe - ok
11:36:43.0937 0x07b0 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE
11:36:44.0046 0x07b0 CTFMON.EXE - ok
11:36:44.0062 0x07b0 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE
11:36:44.0156 0x07b0 CTFMON.EXE - ok
11:36:44.0156 0x07b0 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE
11:36:44.0265 0x07b0 CTFMON.EXE - ok
11:36:44.0265 0x07b0 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\ctfmon.exe
11:36:44.0359 0x07b0 CTFMON.EXE - ok
11:36:44.0500 0x07b0 [ E2AA953ED6A296B6BF399A783B32CCDE, 123380F79427FB05BB17699B34EF07E38C587A26C6380FA9311EF1F5E4F6A129 ] C:\Programme\Messenger\msmsgs.exe
11:36:44.0640 0x07b0 MSMSGS - ok
11:36:44.0812 0x07b0 [ E8405C87CD06FF5D69BC6F3B24D766D0, C82171BEDBFE593A04D09C2E20B0528AA3CEC722D6919F8A5C70C6EFFB9EFEAE ] C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
11:36:44.0843 0x07b0 AmazonMP3DownloaderHelper - ok
11:36:44.0859 0x07b0 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE
11:36:44.0968 0x07b0 CTFMON.EXE - ok
11:36:44.0968 0x07b0 Waiting for KSN requests completion. In queue: 11
11:36:45.0968 0x07b0 Waiting for KSN requests completion. In queue: 11
11:36:46.0968 0x07b0 Waiting for KSN requests completion. In queue: 11
11:36:47.0984 0x07b0 AV detected via SS1: Avira Desktop, 15.0.8.650, enabled, updated
11:36:47.0984 0x07b0 Win FW state via NFM: enabled
11:36:50.0328 0x07b0 ============================================================
11:36:50.0328 0x07b0 Scan finished
11:36:50.0328 0x07b0 ============================================================
11:36:50.0328 0x0c74 Detected object count: 2
11:36:50.0328 0x0c74 Actual detected object count: 2
11:38:19.0546 0x0c74 OfficeKB ( UnsignedFile.Multi.Generic ) - skipped by user
11:38:19.0546 0x0c74 OfficeKB ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:38:19.0546 0x0c74 KPDrv4XP ( UnsignedFile.Multi.Generic ) - skipped by user
11:38:19.0546 0x0c74 KPDrv4XP ( UnsignedFile.Multi.Generic ) - User select action: Skip
PS: ich weiß nicht ob das wichtig ist für die weitere vorgehensweise, aber ich dachte ich erwähne es mal: Die Schrift bei der Festplatte C sowie 2 andere Dateien sind neuerdings in blau dargestellt statt wie alles andere in Schwarz. Desweiteren bekomme ich die Meldung nach dem hochfahren: Could not load file assembly 'sorttbls.nlp' one of it's dependencies. das System konnte die angegebene Datei nicht finden. |
|
11.03.2015, 06:48
| #10 |
| /// the machine /// TB-Ausbilder | Maleware gefunden - was muß ich nun tun? Starte TDSSkiller.exe mit Doppelklick. Vista und Win7 User mit Rechtsklick "als Administrator starten"
Als Beispiel: C:\TDSSKiller.<version_date_time>log.txt Poste den Inhalt bitte hier in deinen Thread.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
11.03.2015, 07:55
| #11 |
| | Maleware gefunden - was muß ich nun tun? Irgendwas mache ich falsch habs jetzt mehrmals probiert und geguckt: Code:
ATTFilter Gehe sicher das Cure ( default ) angehackt ist !
Drücke Continue --> Reboot.
wenn der bei mir durchläuft habe ich genau das was vorher auch war zum schluß kommt ein fenster wo rechts ein knopf ist wo ich die zwei dateien entweder in Quaranäte kopieren kann oder Skip oder delete und oben in der grünen Leiste steht Copy all in Quaratäne und Restore default action... häckchen für cure = ??? |
|
11.03.2015, 18:10
| #12 |
| /// the machine /// TB-Ausbilder | Maleware gefunden - was muß ich nun tun? Dann wähle Copy to quarantine bitte 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
11.03.2015, 19:10
| #13 |
| | Maleware gefunden - was muß ich nun tun?Code:
ATTFilter 19:04:35.0343 0x0af4 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
19:04:37.0843 0x0af4 ============================================================
19:04:37.0843 0x0af4 Current date / time: 2015/03/11 19:04:37.0843
19:04:37.0843 0x0af4 SystemInfo:
19:04:37.0843 0x0af4
19:04:37.0843 0x0af4 OS Version: 5.1.2600 ServicePack: 3.0
19:04:37.0843 0x0af4 Product type: Workstation
19:04:37.0843 0x0af4 ComputerName: SLIM-36FB768E46
19:04:37.0843 0x0af4 UserName: Slim
19:04:37.0843 0x0af4 Windows directory: C:\WINDOWS
19:04:37.0843 0x0af4 System windows directory: C:\WINDOWS
19:04:37.0843 0x0af4 Processor architecture: Intel x86
19:04:37.0843 0x0af4 Number of processors: 2
19:04:37.0843 0x0af4 Page size: 0x1000
19:04:37.0843 0x0af4 Boot type: Normal boot
19:04:37.0843 0x0af4 ============================================================
19:04:41.0000 0x0af4 KLMD registered as C:\WINDOWS\system32\drivers\80761335.sys
19:04:41.0234 0x0af4 System UUID: {BCCF5BF6-C583-03CB-A2E0-C8C56FD0AB87}
19:04:41.0890 0x0af4 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 ( 74.53 Gb ), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
19:04:41.0890 0x0af4 ============================================================
19:04:41.0890 0x0af4 \Device\Harddisk0\DR0:
19:04:41.0890 0x0af4 MBR partitions:
19:04:41.0890 0x0af4 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x61A7927
19:04:41.0890 0x0af4 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x61A7966, BlocksNum 0x3366B5B
19:04:41.0890 0x0af4 ============================================================
19:04:41.0906 0x0af4 C: <-> \Device\Harddisk0\DR0\Partition1
19:04:41.0953 0x0af4 D: <-> \Device\Harddisk0\DR0\Partition2
19:04:41.0968 0x0af4 ============================================================
19:04:41.0968 0x0af4 Initialize success
19:04:41.0968 0x0af4 ============================================================
19:04:56.0843 0x0e7c ============================================================
19:04:56.0843 0x0e7c Scan started
19:04:56.0843 0x0e7c Mode: Manual; SigCheck; TDLFS;
19:04:56.0843 0x0e7c ============================================================
19:04:56.0843 0x0e7c KSN ping started
19:05:10.0343 0x0e7c KSN ping finished: true
19:05:16.0828 0x0e7c ================ Scan system memory ========================
19:05:16.0828 0x0e7c System memory - ok
19:05:16.0828 0x0e7c ================ Scan services =============================
19:05:17.0015 0x0e7c Abiosdsk - ok
19:05:17.0015 0x0e7c abp480n5 - ok
19:05:17.0093 0x0e7c [ AC407F1A62C3A300B4F2B5A9F1D55B2C, 31F5FC61B37E22100B3A52A590295A7E827FFC581FA9960C64B9032452AAECED ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:05:20.0718 0x0e7c ACPI - ok
19:05:20.0812 0x0e7c [ 9E1CA3160DAFB159CA14F83B1E317F75, 13B3E897B0E819BF734449416D9EC6EBCAC89538EC69BF48C068593B82D57004 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
19:05:21.0031 0x0e7c ACPIEC - ok
19:05:21.0218 0x0e7c [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:05:21.0359 0x0e7c AdobeFlashPlayerUpdateSvc - ok
19:05:21.0437 0x0e7c adpu160m - ok
19:05:21.0609 0x0e7c [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
19:05:21.0937 0x0e7c aec - ok
19:05:21.0984 0x0e7c [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys
19:05:22.0265 0x0e7c AFD - ok
19:05:22.0265 0x0e7c Aha154x - ok
19:05:22.0281 0x0e7c aic78u2 - ok
19:05:22.0296 0x0e7c aic78xx - ok
19:05:22.0437 0x0e7c [ 738D80CC01D7BC7584BE917B7F544394, DCC17AAEF5CDDF52FAAC3CC6904EF421CD595F66318A2370BEE261D5C3A8E340 ] Alerter C:\WINDOWS\system32\alrsvc.dll
19:05:22.0671 0x0e7c Alerter - ok
19:05:22.0859 0x0e7c [ 190CD73D4984F94D823F9444980513E5, 93A32C2495CCA094F768BA707C74DA5C00B8A88A9236DD1A297439A7C2E6C6FA ] ALG C:\WINDOWS\System32\alg.exe
19:05:23.0000 0x0e7c ALG - ok
19:05:23.0000 0x0e7c AliIde - ok
19:05:23.0250 0x0e7c [ F6AF59D6EEE5E1C304F7F73706AD11D8, F5D39EF40CDB5102A84C8594CFC54DDBD5060E193E6D07421A9003D2ABC63E30 ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys
19:05:24.0562 0x0e7c Ambfilt - ok
19:05:24.0578 0x0e7c amsint - ok
19:05:25.0109 0x0e7c [ 963F57EDF1A5C72AC66173F3B7CB329B, 0934361B0A55F4C082D70F264FAB5D36BAC482C135275AE552D442E64B3D5C1D ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe
19:05:25.0218 0x0e7c AntiVirSchedulerService - ok
19:05:25.0359 0x0e7c [ 963F57EDF1A5C72AC66173F3B7CB329B, 0934361B0A55F4C082D70F264FAB5D36BAC482C135275AE552D442E64B3D5C1D ] AntiVirService C:\Programme\Avira\AntiVir Desktop\avguard.exe
19:05:25.0515 0x0e7c AntiVirService - ok
19:05:25.0703 0x0e7c [ D45960BE52C3C610D361977057F98C54, 9186589B502F46B47672CFB8EBD558D51B0F3CBFE4E0DDBA625A4265236518CE ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
19:05:26.0218 0x0e7c AppMgmt - ok
19:05:26.0218 0x0e7c asc - ok
19:05:26.0234 0x0e7c asc3350p - ok
19:05:26.0234 0x0e7c asc3550 - ok
19:05:26.0343 0x0e7c [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
19:05:26.0531 0x0e7c aspnet_state - ok
19:05:26.0562 0x0e7c [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:05:26.0734 0x0e7c AsyncMac - ok
19:05:26.0765 0x0e7c [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
19:05:26.0906 0x0e7c atapi - ok
19:05:26.0921 0x0e7c Atdisk - ok
19:05:27.0125 0x0e7c [ 2A27A3A8634FB9E29F539D6D3ED3646A, 08C5E28BB1A3DC856C6B7956F6F47EE0AEFEB82E7E9474848DDFAFD8A627A281 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
19:05:27.0390 0x0e7c Ati HotKey Poller - ok
19:05:27.0609 0x0e7c [ 72810C6A63076A480ABCE0E0BA0BC981, 8551F6394A64C1270A573C75BC6EF326300FBC3F8E0BCD6F8BDA58874D65C036 ] ATI Smart C:\WINDOWS\system32\ati2sgag.exe
19:05:27.0765 0x0e7c ATI Smart - detected UnsignedFile.Multi.Generic ( 1 )
19:05:30.0125 0x0e7c Detect skipped due to KSN trusted
19:05:30.0125 0x0e7c ATI Smart - ok
19:05:30.0359 0x0e7c [ 8763EDE3E0CD40F5C3450571AC57F205, 8564071956609F679C511B87C0328578824A7C1ED08DE22CFC74DF589E6EEEF2 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
19:05:30.0765 0x0e7c ati2mtag - ok
19:05:30.0828 0x0e7c [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:05:31.0000 0x0e7c Atmarpc - ok
19:05:31.0062 0x0e7c [ 58ED0D5452DF7BE732193E7999C6B9A4, 254E2ECF592DDA2E3E6CA9F6F3E77926E2265586A7937BA95199ED47BCDE69A3 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
19:05:31.0218 0x0e7c AudioSrv - ok
19:05:31.0265 0x0e7c [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
19:05:31.0500 0x0e7c audstub - ok
19:05:31.0546 0x0e7c [ AF5DA81B19AFA730F1E5246AD81D140A, 532951071F56896A3B5D47874C14D996C8620EA02F87D4BA21B083EC804FB166 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
19:05:31.0625 0x0e7c avgntflt - ok
19:05:31.0656 0x0e7c [ A5674637BCA212D9FE136ADFA04C9857, 95F3632EBB041C539816D285EBE1F379D46A4187379C69D4683D9F4DECBDB80C ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
19:05:31.0703 0x0e7c avipbb - ok
19:05:31.0718 0x0e7c [ D8C712305F73CD34D1B344810E522728, 49A474FF6CA44E8427D7A8290B47395125B0148AF384CF2B3B1FA495A4718CBA ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
19:05:31.0734 0x0e7c avkmgr - ok
19:05:31.0765 0x0e7c [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
19:05:31.0921 0x0e7c Beep - ok
19:05:31.0984 0x0e7c [ D6F603772A789BB3228F310D650B8BD1, A539025C70FD998A9B8703DE05CAE5E99BC721D8852EA561EBC2DD20CB371D2E ] BITS C:\WINDOWS\system32\qmgr.dll
19:05:32.0250 0x0e7c BITS - ok
19:05:32.0281 0x0e7c [ B42057F06BBB98B31876C0B3F2B54E33, 779AF28378E8D37E784BEDBEE23DCFFC6C9C9068180F2A9058C91047E33ED078 ] Browser C:\WINDOWS\System32\browser.dll
19:05:32.0437 0x0e7c Browser - ok
19:05:32.0500 0x0e7c [ 1778EBA872274C1226D869CD9486847E, C76B8E07DD27E038B243A27C9FE6FB168731726638C83ADA29D18EE673D58835 ] Capture Device Service C:\Programme\Gemeinsame Dateien\InterVideo\DeviceService\DevSvc.exe
19:05:32.0546 0x0e7c Capture Device Service - ok
19:05:32.0609 0x0e7c [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
19:05:32.0765 0x0e7c cbidf2k - ok
19:05:32.0765 0x0e7c cd20xrnt - ok
19:05:32.0781 0x0e7c [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
19:05:32.0921 0x0e7c Cdaudio - ok
19:05:32.0937 0x0e7c [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
19:05:33.0109 0x0e7c Cdfs - ok
19:05:33.0140 0x0e7c [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:05:33.0281 0x0e7c Cdrom - ok
19:05:33.0281 0x0e7c Changer - ok
19:05:33.0328 0x0e7c [ 28E3040D1F1CA2008CD6B29DFEBC9A5E, ACB458E8A11AA2143734A5A0281973D95158E6402A6453F98F9832D1E19B01F9 ] CiSvc C:\WINDOWS\system32\cisvc.exe
19:05:33.0453 0x0e7c CiSvc - ok
19:05:33.0484 0x0e7c [ 778A30ED3C134EB7E406AFC407E9997D, 3E6AD115AB2596EB001BC21AEADDBC75F27C42DB90C986B7AD17743CE631234E ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
19:05:33.0609 0x0e7c ClipSrv - ok
19:05:33.0671 0x0e7c [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:05:33.0765 0x0e7c clr_optimization_v2.0.50727_32 - ok
19:05:33.0812 0x0e7c [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:05:33.0875 0x0e7c clr_optimization_v4.0.30319_32 - ok
19:05:33.0890 0x0e7c CmdIde - ok
19:05:33.0890 0x0e7c COMSysApp - ok
19:05:33.0906 0x0e7c Cpqarray - ok
19:05:33.0937 0x0e7c [ 611F824E5C703A5A899F84C5F1699E4D, 9EFA5612FE58E9974E4CC13D39D91D7B5DEA3ED66BEFBED3AAE6D2800FD8162A ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
19:05:34.0078 0x0e7c CryptSvc - ok
19:05:34.0093 0x0e7c dac2w2k - ok
19:05:34.0093 0x0e7c dac960nt - ok
19:05:34.0156 0x0e7c [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
19:05:34.0265 0x0e7c DcomLaunch - ok
19:05:34.0312 0x0e7c [ C29A1C9B75BA38FA37F8C44405DEC360, 7476D8BC4380CDE56764B2034AF3741DA4ED00F315E41C9A02B5EAD04374F241 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
19:05:34.0453 0x0e7c Dhcp - ok
19:05:34.0500 0x0e7c [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
19:05:34.0640 0x0e7c Disk - ok
19:05:34.0640 0x0e7c dmadmin - ok
19:05:34.0718 0x0e7c [ 0DCFC8395A99FECBB1EF771CEC7FE4EA, 89B0AEE5BE01B9FE4FF2989FF16DB6121721ACDFCE6D9655C0ACD321D8C308BE ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
19:05:34.0953 0x0e7c dmboot - ok
19:05:34.0984 0x0e7c [ 53720AB12B48719D00E327DA470A619A, 800264866A6267C9000A85D00095D57908D059D737E5F28C9C4049B884C46228 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
19:05:35.0140 0x0e7c dmio - ok
19:05:35.0171 0x0e7c [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
19:05:35.0343 0x0e7c dmload - ok
19:05:35.0375 0x0e7c [ 25C83FFBBA13B554EB6D59A9B2E2EE78, 9FBD655ED3E9163AE11EC207F283E387EFBA5A23108EC790BAE4846B35E66F16 ] dmserver C:\WINDOWS\System32\dmserver.dll
19:05:35.0546 0x0e7c dmserver - ok
19:05:35.0562 0x0e7c [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
19:05:35.0750 0x0e7c DMusic - ok
19:05:35.0796 0x0e7c [ 407F3227AC618FD1CA54B335B083DE07, 96B8E734648FE9A4EBA59C096C8779BD1A11A93A6303AFD438A406C8122D36C6 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
19:05:35.0921 0x0e7c Dnscache - ok
19:05:35.0984 0x0e7c [ 676E36C4FF5BCEA1900F44182B9723E6, 740CF18BD40E00FEA26CF0E6340C5D18F7D0B4390055FAEEC258B3AA790C4AE9 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
19:05:36.0156 0x0e7c Dot3svc - ok
19:05:36.0156 0x0e7c dpti2o - ok
19:05:36.0187 0x0e7c [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
19:05:36.0343 0x0e7c drmkaud - ok
19:05:36.0406 0x0e7c [ 4E4F2FDDAB0A0736D7671134DCCE91FB, 8E2C57D1A006856C47CBDD5765A9DD317DB205B26DA8BFC70555A506257A1CD9 ] EapHost C:\WINDOWS\System32\eapsvc.dll
19:05:36.0546 0x0e7c EapHost - ok
19:05:36.0625 0x0e7c [ 178CC9403816C082D22A1D47FA1F9C85, B9AD7199C00D477EBBC15F2DCF78A6BA60C2670DAD0EF0994CEBCCB19111F890 ] ElbyCDIO C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
19:05:36.0671 0x0e7c ElbyCDIO - ok
19:05:36.0718 0x0e7c [ 877C18558D70587AA7823A1A308AC96B, 6B336A62112988D855513F45153F73F8470C41A448E9B7438B4A8EC1813AABF1 ] ERSvc C:\WINDOWS\System32\ersvc.dll
19:05:36.0890 0x0e7c ERSvc - ok
19:05:36.0937 0x0e7c [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] Eventlog C:\WINDOWS\system32\services.exe
19:05:37.0000 0x0e7c Eventlog - ok
19:05:37.0062 0x0e7c [ AF4F6B5739D18CA7972AB53E091CBC74, A399E2CC026730D3A429727AAB48093B9F1E5DD8EB6336519C7F16182FDB3905 ] EventSystem C:\WINDOWS\system32\es.dll
19:05:37.0156 0x0e7c EventSystem - ok
19:05:37.0171 0x0e7c [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
19:05:37.0312 0x0e7c Fastfat - ok
19:05:37.0359 0x0e7c [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
19:05:37.0437 0x0e7c FastUserSwitchingCompatibility - ok
19:05:37.0468 0x0e7c [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
19:05:37.0609 0x0e7c Fdc - ok
19:05:37.0640 0x0e7c [ B0678A548587C5F1967B0D70BACAD6C1, 7E49910212ED87313F926E4800EA8D34809C287A686CA69B82B79C1A6451F88C ] Fips C:\WINDOWS\system32\drivers\Fips.sys
19:05:37.0781 0x0e7c Fips - ok
19:05:37.0796 0x0e7c [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
19:05:37.0953 0x0e7c Flpydisk - ok
19:05:37.0984 0x0e7c [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
19:05:38.0109 0x0e7c FltMgr - ok
19:05:38.0187 0x0e7c [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
19:05:38.0234 0x0e7c FontCache3.0.0.0 - ok
19:05:38.0343 0x0e7c [ 3C36885FAD477629BE44BDC2D98682D6, 2A7B79E5896CAC37DB2C77C081B77FBD85F73333F4B50FD408CD0A04A2228239 ] Freemake Improver C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
19:05:38.0406 0x0e7c Freemake Improver - detected UnsignedFile.Multi.Generic ( 1 )
19:05:40.0750 0x0e7c Detect skipped due to KSN trusted
19:05:40.0750 0x0e7c Freemake Improver - ok
19:05:40.0859 0x0e7c [ 23BA2103F69C7E12138240C86030F954, 2BDA358530FC776B835B90AC551D3FEBD660A97620EA9724DD3A5741DD3AB66D ] FreemakeVideoCapture C:\Programme\Freemake\CaptureLib\CaptureLibService.exe
19:05:40.0906 0x0e7c FreemakeVideoCapture - detected UnsignedFile.Multi.Generic ( 1 )
19:05:43.0250 0x0e7c Detect skipped due to KSN trusted
19:05:43.0250 0x0e7c FreemakeVideoCapture - ok
19:05:43.0265 0x0e7c [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:05:43.0390 0x0e7c Fs_Rec - ok
19:05:43.0406 0x0e7c [ 8F1955CE42E1484714B542F341647778, 8EB3F99625F409D3032561E8AB44BEFBFBFBA4EC873C2151C92A5CAAF7F2AA55 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:05:43.0578 0x0e7c Ftdisk - ok
19:05:43.0656 0x0e7c [ 9599A713E1776B8F69300FC9008F33C1, 8C1836847319D492EA6DC5DE3D4C57DB580B903F8B2AEFCD13B5E6054CE6B722 ] getPlusHelper C:\Programme\NOS\bin\getPlus_Helper.dll
19:05:43.0781 0x0e7c getPlusHelper - ok
19:05:44.0125 0x0e7c [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:05:44.0437 0x0e7c Gpc - ok
19:05:44.0640 0x0e7c [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Programme\Google\Update\GoogleUpdate.exe
19:05:44.0734 0x0e7c gupdate - ok
19:05:44.0750 0x0e7c [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe
19:05:44.0765 0x0e7c gupdatem - ok
19:05:44.0984 0x0e7c [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
19:05:45.0140 0x0e7c gusvc - ok
19:05:45.0312 0x0e7c [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
19:05:45.0562 0x0e7c HDAudBus - ok
19:05:45.0703 0x0e7c [ CB66BF85BF599BEFD6C6A57C2E20357F, 55D3A0F9279FF316766F42548FCB61C452942B08A37590C4892DF110BE4E53C6 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
19:05:45.0921 0x0e7c helpsvc - ok
19:05:45.0968 0x0e7c [ 76E15E6D2E405D5020736A6C912968BA, F87BBF0782A89A3340C3FEC58CF2DEF35BBE11B69BE1B29DB57BF45FF4A592E3 ] HIDKbFlt C:\WINDOWS\system32\drivers\HIDKbFlt.sys
19:05:46.0125 0x0e7c HIDKbFlt - detected UnsignedFile.Multi.Generic ( 1 )
19:05:48.0453 0x0e7c Detect skipped due to KSN trusted
19:05:48.0453 0x0e7c HIDKbFlt - ok
19:05:48.0484 0x0e7c [ B35DA85E60C0103F2E4104532DA2F12B, E13C9F73DF7713554CB614B36123D75014F5121AA1FC9069733E61758751CBE4 ] HidServ C:\WINDOWS\System32\hidserv.dll
19:05:48.0640 0x0e7c HidServ - ok
19:05:48.0671 0x0e7c [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:05:48.0828 0x0e7c HidUsb - ok
19:05:48.0906 0x0e7c [ ED29F14101523A6E0E808107405D452C, B8FA987637787BEECC2EB06D36293DAC355523392B49A8C5A9491EEE961917E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
19:05:49.0046 0x0e7c hkmsvc - ok
19:05:49.0062 0x0e7c hpn - ok
19:05:49.0109 0x0e7c [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
19:05:49.0171 0x0e7c HTTP - ok
19:05:49.0218 0x0e7c [ 9E4ADB854CEBCFB81A4B36718FEECD16, 677AB64460775686F8366D6BF35D420A2486C3F07338A00A7C2788A5142B9F08 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
19:05:49.0343 0x0e7c HTTPFilter - ok
19:05:49.0343 0x0e7c i2omgmt - ok
19:05:49.0359 0x0e7c i2omp - ok
19:05:49.0390 0x0e7c [ E283B97CFBEB86C1D86BAED5F7846A92, 7664F791D08C80DF1E52B34BE69F073AA645610C4BD975F498254807602374AB ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:05:49.0531 0x0e7c i8042prt - ok
19:05:49.0656 0x0e7c [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:05:49.0812 0x0e7c idsvc - ok
19:05:49.0843 0x0e7c [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
19:05:50.0000 0x0e7c Imapi - ok
19:05:50.0031 0x0e7c [ D4B413AA210C21E46AEDD2BA5B68D38E, 2309622867AA8FC832A729FA78F48742D4BD6CA0DAFBFB9DDB0772D671E1ED75 ] ImapiService C:\WINDOWS\system32\imapi.exe
19:05:50.0171 0x0e7c ImapiService - ok
19:05:50.0187 0x0e7c ini910u - ok
19:05:50.0500 0x0e7c [ 2B1CDDFE53715372B2677ACE12FC9FE5, 40061A5CC3864A5B5A44212AFC493983087D54C603DCE3E9C291D8F9E846E26B ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
19:05:51.0078 0x0e7c IntcAzAudAddService - ok
19:05:51.0093 0x0e7c IntelIde - ok
19:05:51.0140 0x0e7c [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
19:05:51.0281 0x0e7c Ip6Fw - ok
19:05:51.0312 0x0e7c [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:05:51.0453 0x0e7c IpFilterDriver - ok
19:05:51.0484 0x0e7c [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:05:51.0625 0x0e7c IpInIp - ok
19:05:51.0656 0x0e7c [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:05:51.0812 0x0e7c IpNat - ok
19:05:51.0828 0x0e7c [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:05:51.0953 0x0e7c IPSec - ok
19:05:51.0968 0x0e7c [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
19:05:52.0062 0x0e7c IRENUM - ok
19:05:52.0093 0x0e7c [ 6DFB88F64135C525433E87648BDA30DE, 8233EEFBEF36AAA152F2C55D23D7118F0DE40C9C22EB5D9793405A4770889540 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:05:52.0234 0x0e7c isapnp - ok
19:05:52.0281 0x0e7c [ 4AC11B2250106774F694DF2DB4FFED61, 99D0FF40CE5B6BCB46966770B0BC1C9FED9FF23D2635B2C9B1B148BE83B395AA ] Iviaspi C:\WINDOWS\system32\drivers\iviaspi.sys
19:05:52.0312 0x0e7c Iviaspi - detected UnsignedFile.Multi.Generic ( 1 )
19:05:54.0640 0x0e7c Detect skipped due to KSN trusted
19:05:54.0640 0x0e7c Iviaspi - ok
19:05:54.0671 0x0e7c [ 7BD8FF29FECC1F4EF5B26CE3FFA80AE8, AAA32579A1CF3FE0AB1627F3D7929CA62A3A8D9E27A1CD64F027C1DF999ECBFD ] iviVD C:\WINDOWS\system32\DRIVERS\iviVD.sys
19:05:54.0734 0x0e7c iviVD - ok
19:05:54.0781 0x0e7c [ 1704D8C4C8807B889E43C649B478A452, E854C90CD301F42BE2520CEDAD35E49DF2D43606CF4EEED861B74882118D04D1 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:05:54.0921 0x0e7c Kbdclass - ok
19:05:54.0968 0x0e7c [ B6D6C117D771C98130497265F26D1882, E79CC4EA5C088F988BA61F80764F9CAD9B78BC56A7E17DD54622C75483BC5DF4 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
19:05:55.0093 0x0e7c kbdhid - ok
19:05:55.0140 0x0e7c [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
19:05:55.0265 0x0e7c kmixer - ok
19:05:55.0359 0x0e7c [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
19:05:55.0578 0x0e7c KSecDD - ok
19:05:55.0671 0x0e7c [ 2BBDCB79900990F0716DFCB714E72DE7, 6283789201164A9254632D9A3C8A54FE697717D5F8D5A37804D924DC2B70C8E3 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
19:05:55.0859 0x0e7c lanmanserver - ok
19:05:56.0015 0x0e7c [ 1869B14B06B44B44AF70548E1EA3303F, 4D63B4DAF580C86F86837C7D1753E2105B4C52E26D4CA0CAAFE83755EFF7AFBE ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
19:05:56.0312 0x0e7c lanmanworkstation - ok
19:05:56.0312 0x0e7c lbrtfdc - ok
19:05:56.0562 0x0e7c [ 636714B7D43C8D0C80449123FD266920, F06F6C7DC49B26EFCAC3570C67BA9BD934F62C6F382DA4DD2AB302C7B970F414 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
19:05:56.0875 0x0e7c LmHosts - ok
19:05:57.0000 0x0e7c [ 2C137B8C4F4076FDFFBB81E23EC99248, 55952CD3723C3E957E809C1DAD5C5A52F368AE32FBE0A1B12699E5251E74B806 ] mbamchameleon C:\WINDOWS\system32\drivers\mbamchameleon.sys
19:05:57.0078 0x0e7c mbamchameleon - ok
19:05:57.0359 0x0e7c [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1FFB32B2AF9D5D8 ] MDM C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
19:05:57.0578 0x0e7c MDM - ok
19:05:57.0765 0x0e7c [ B7550A7107281D170CE85524B1488C98, A3854B16A65436BEF6BEDE918B43B3BE8F00D303660DB5831DD376271DC43239 ] Messenger C:\WINDOWS\System32\msgsvc.dll
19:05:58.0093 0x0e7c Messenger - ok
19:05:58.0203 0x0e7c [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
19:05:58.0390 0x0e7c mnmdd - ok
19:05:58.0484 0x0e7c [ C2F1D365FD96791B037EE504868065D3, 87BD87E08FD00D115524B049F1A3A719AB86557D68968E7090CD0F271F985CAF ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
19:05:58.0656 0x0e7c mnmsrvc - ok
19:05:58.0765 0x0e7c [ 6FB74EBD4EC57A6F1781DE3852CC3362, 0454509D9A31E0202C08AE17294E2682F227D177A3C73B303E4C8332757AFCA1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
19:05:58.0968 0x0e7c Modem - ok
19:05:59.0421 0x0e7c [ 9FA7207D1B1ADEAD88AE8EED9CDBBAA5, 2AC3875B2E7D9B0692253A9867B940CF214DE03574808B42C3702843BC1D5696 ] Monfilt C:\WINDOWS\system32\drivers\Monfilt.sys
19:06:00.0578 0x0e7c Monfilt - ok
19:06:00.0656 0x0e7c [ B24CE8005DEAB254C0251E15CB71D802, 6804A8ABDAD5EC846E7F8077D1EE9BA45D6226ACFF42C70BE3DE7C8980EF9EC4 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:06:00.0843 0x0e7c Mouclass - ok
19:06:00.0921 0x0e7c [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
19:06:01.0093 0x0e7c MountMgr - ok
19:06:01.0171 0x0e7c [ 345477F02C308B7480702767218C86A2, 98AFB5CF35BD82BA44B8F52CBC5FA3760506ADD7892C2AA1A77E8DF71FC8523F ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
19:06:01.0218 0x0e7c MozillaMaintenance - ok
19:06:01.0218 0x0e7c mraid35x - ok
19:06:01.0250 0x0e7c [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:06:01.0421 0x0e7c MRxDAV - ok
19:06:01.0484 0x0e7c [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:06:01.0718 0x0e7c MRxSmb - ok
19:06:01.0828 0x0e7c [ 35A031AF38C55F92D28AA03EE9F12CC9, 97245D204C886EE8DCCC2DEAC80A0E358A7E0C1982F77389DA50DCF091FC9DDC ] MSDTC C:\WINDOWS\system32\msdtc.exe
19:06:02.0015 0x0e7c MSDTC - ok
19:06:02.0078 0x0e7c [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
19:06:02.0234 0x0e7c Msfs - ok
19:06:02.0250 0x0e7c MSIServer - ok
19:06:02.0281 0x0e7c [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:06:02.0406 0x0e7c MSKSSRV - ok
19:06:02.0421 0x0e7c [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:06:02.0562 0x0e7c MSPCLOCK - ok
19:06:02.0593 0x0e7c [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
19:06:02.0718 0x0e7c MSPQM - ok
19:06:02.0750 0x0e7c [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:06:02.0859 0x0e7c mssmbios - ok
19:06:02.0906 0x0e7c [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
19:06:02.0984 0x0e7c Mup - ok
19:06:03.0031 0x0e7c [ 46BB15AE2AC7D025D6D2567B876817BD, 102A101B96D1078C98FA0F871C801A9A8538E20E5686AB0C7680B2F6C92B3165 ] napagent C:\WINDOWS\System32\qagentrt.dll
19:06:03.0187 0x0e7c napagent - ok
19:06:03.0234 0x0e7c [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
19:06:03.0390 0x0e7c NDIS - ok
19:06:03.0421 0x0e7c [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:06:03.0515 0x0e7c NdisTapi - ok
19:06:03.0515 0x0e7c [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:06:03.0656 0x0e7c Ndisuio - ok
19:06:03.0671 0x0e7c [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:06:03.0796 0x0e7c NdisWan - ok
19:06:03.0843 0x0e7c [ 9282BD12DFB069D3889EB3FCC1000A9B, 09A46F1712BD9165068D8E153585FE3E6E5CBF4F1DDEC142115555D3A91AEC09 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
19:06:03.0906 0x0e7c NDProxy - ok
19:06:03.0953 0x0e7c [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
19:06:04.0078 0x0e7c NetBIOS - ok
19:06:04.0109 0x0e7c [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
19:06:04.0281 0x0e7c NetBT - ok
19:06:04.0312 0x0e7c [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDE C:\WINDOWS\system32\netdde.exe
19:06:04.0437 0x0e7c NetDDE - ok
19:06:04.0468 0x0e7c [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
19:06:04.0562 0x0e7c NetDDEdsdm - ok
19:06:04.0609 0x0e7c [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] Netlogon C:\WINDOWS\system32\lsass.exe
19:06:04.0718 0x0e7c Netlogon - ok
19:06:04.0750 0x0e7c [ E6D88F1F6745BF00B57E7855A2AB696C, 12A5EDD853600FF5EBF91E127077745AE1E61E66DBC1D4D4306570F171AF4A39 ] Netman C:\WINDOWS\System32\netman.dll
19:06:04.0921 0x0e7c Netman - ok
19:06:04.0968 0x0e7c [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:06:05.0046 0x0e7c NetTcpPortSharing - ok
19:06:05.0078 0x0e7c [ F1B67B6B0751AE0E6E964B02821206A3, 3D5A7593ABDEE2047C5738671C85DC8B95A4ECF58D5D7B04EEE13A689839A540 ] Nla C:\WINDOWS\System32\mswsock.dll
19:06:05.0140 0x0e7c Nla - ok
19:06:05.0203 0x0e7c [ 7AEA4DF1CA68FD45DD4BBE1F0243CE7F, 4CCE820F455512C41E4F98109FA6F048907DD3452D5A00D5F885C77F93C9C105 ] NMSAccess C:\Programme\CDBurnerXP\NMSAccessU.exe
19:06:05.0250 0x0e7c NMSAccess - ok
19:06:05.0281 0x0e7c [ B48DC6ABCD3AEFF8618350CCBDC6B09A, 824D8B03E061DDD0D33EF9F03C669B13E7B6E339684009BD44D69178C45E2DE1 ] npf C:\WINDOWS\system32\drivers\npf.sys
19:06:05.0312 0x0e7c npf - ok
19:06:05.0359 0x0e7c [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
19:06:05.0500 0x0e7c Npfs - ok
19:06:05.0562 0x0e7c [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
19:06:05.0750 0x0e7c Ntfs - ok
19:06:05.0765 0x0e7c [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
19:06:05.0875 0x0e7c NtLmSsp - ok
19:06:05.0937 0x0e7c [ 56AF4064996FA5BAC9C449B1514B4770, 154602EFEC22728503D4ABA025DF711B0F2CFC983F5E3BF25F2A4BCD1AE250EC ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
19:06:06.0140 0x0e7c NtmsSvc - ok
19:06:06.0156 0x0e7c [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
19:06:06.0296 0x0e7c Null - ok
19:06:06.0937 0x0e7c [ 5AFC57ED9FE985DE99FC8A37884DAE10, B541C359108CC9D8864FE06AF0D4A77C7052C278AD4225A96180F5F96AD21381 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
19:06:08.0000 0x0e7c nv - ok
19:06:08.0078 0x0e7c [ EFC9A7307691E3C3DB8D2AA81A778356, EC9A04DC1828C3B4478A78F6DD8F702547902B8A12FF50E517D6A16751F6C910 ] NVHDA C:\WINDOWS\system32\drivers\nvhda32.sys
19:06:08.0140 0x0e7c NVHDA - ok
19:06:08.0171 0x0e7c [ F0FA6A2FE9DD2D164208384764110A36, 91F4A4CE9E3E9A5F014BCAD461958C773BC599510A7B7652EA4E2582A3FF52E6 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
19:06:08.0218 0x0e7c NVSvc - ok
19:06:08.0421 0x0e7c [ 005E474630A7AA05A617C574B702FEED, E7B8181232DAA787EE8B98DDB5775E4B33C82B4D2E4A27D3DCD9FBAA6663BD97 ] nvUpdatusService C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
19:06:08.0968 0x0e7c nvUpdatusService - ok
19:06:09.0000 0x0e7c [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:06:09.0171 0x0e7c NwlnkFlt - ok
19:06:09.0203 0x0e7c [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:06:09.0328 0x0e7c NwlnkFwd - ok
19:06:09.0359 0x0e7c [ F84785660305B9B903FB3BCA8BA29837, BDBDE61076800415D98759077E9E039C80B55DBE68E31F8BF44A909C6C3D3276 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
19:06:09.0515 0x0e7c Parport - ok
19:06:09.0531 0x0e7c [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
19:06:09.0734 0x0e7c PartMgr - ok
19:06:09.0765 0x0e7c [ C2BF987829099A3EAA2CA6A0A90ECB4F, 1DF21EA8E43875CFEECD869407429F82FB449707CFB845718499468E699BAAAA ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
19:06:09.0921 0x0e7c ParVdm - ok
19:06:09.0937 0x0e7c [ 387E8DEDC343AA2D1EFBC30580273ACD, 5F3E642BDB759777E570ED5B22AC7E93CDCD362708F281657AD7BAB44EDEC802 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
19:06:10.0093 0x0e7c PCI - ok
19:06:10.0093 0x0e7c PCIDump - ok
19:06:10.0140 0x0e7c [ 59BA86D9A61CBCF4DF8E598C331F5B82, 822D11C5CE77BFD7B2F25350CCBF92B0B9388EEA6D86ED220B768C720976D839 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
19:06:10.0281 0x0e7c PCIIde - ok
19:06:10.0328 0x0e7c [ A2A966B77D61847D61A3051DF87C8C97, 6CED7CA26DC62B0AAFC83A2E07336DAD25954491201BB8E06103971F3F0B8B51 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
19:06:10.0468 0x0e7c Pcmcia - ok
19:06:10.0468 0x0e7c PDCOMP - ok
19:06:10.0484 0x0e7c PDFRAME - ok
19:06:10.0484 0x0e7c PDRELI - ok
19:06:10.0500 0x0e7c PDRFRAME - ok
19:06:10.0500 0x0e7c perc2 - ok
19:06:10.0515 0x0e7c perc2hib - ok
19:06:10.0546 0x0e7c [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] PlugPlay C:\WINDOWS\system32\services.exe
19:06:10.0578 0x0e7c PlugPlay - ok
19:06:10.0593 0x0e7c [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
19:06:10.0703 0x0e7c PolicyAgent - ok
19:06:10.0734 0x0e7c [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:06:10.0875 0x0e7c PptpMiniport - ok
19:06:10.0890 0x0e7c [ 2CB55427C58679F49AD600FCCBA76360, 2B5242E9637FCB6A7C16F720C9D8D440AA88B61FB5F108B295A208886C01C4D1 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
19:06:11.0031 0x0e7c Processor - ok
19:06:11.0031 0x0e7c [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
19:06:11.0140 0x0e7c ProtectedStorage - ok
19:06:11.0156 0x0e7c [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
19:06:11.0296 0x0e7c PSched - ok
19:06:11.0328 0x0e7c [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:06:11.0453 0x0e7c Ptilink - ok
19:06:11.0453 0x0e7c ql1080 - ok
19:06:11.0468 0x0e7c Ql10wnt - ok
19:06:11.0468 0x0e7c ql12160 - ok
19:06:11.0484 0x0e7c ql1240 - ok
19:06:11.0484 0x0e7c ql1280 - ok
19:06:11.0500 0x0e7c [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:06:11.0656 0x0e7c RasAcd - ok
19:06:11.0687 0x0e7c [ F5BA6CACCDB66C8F048E867563203246, AFEAD8FC02313F7EBC8F9F39E7ED2868852B480BE3902FA7BD0AFD81492AB243 ] RasAuto C:\WINDOWS\System32\rasauto.dll
19:06:11.0828 0x0e7c RasAuto - ok
19:06:11.0859 0x0e7c [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:06:12.0000 0x0e7c Rasl2tp - ok
19:06:12.0046 0x0e7c [ F9A7B66EA345726EDB5862A46B1ECCD5, 5D35429D394D36A1692A7E219BA1A85CD8096FEAE0F90BFE036A63118FEDBF57 ] RasMan C:\WINDOWS\System32\rasmans.dll
19:06:12.0171 0x0e7c RasMan - ok
19:06:12.0187 0x0e7c [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:06:12.0343 0x0e7c RasPppoe - ok
19:06:12.0359 0x0e7c [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
19:06:12.0484 0x0e7c Raspti - ok
19:06:12.0531 0x0e7c [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:06:12.0718 0x0e7c Rdbss - ok
19:06:12.0734 0x0e7c [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:06:12.0906 0x0e7c RDPCDD - ok
19:06:12.0937 0x0e7c [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
19:06:13.0109 0x0e7c rdpdr - ok
19:06:13.0156 0x0e7c [ FC105DD312ED64EB66BFF111E8EC6EAC, 1B29D928DDD43A1929D5A788648536603EA60AF6D4EC9BF0B20AD7F71BD88ACB ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
19:06:13.0250 0x0e7c RDPWD - ok
19:06:13.0296 0x0e7c [ 263AF18AF0F3DB99F574C95F284CCEC9, 2BFA9952E97EFEB386FC56EC2C125080CD12DAC078DBE43C395CB4D9F22165D3 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
19:06:13.0453 0x0e7c RDSessMgr - ok
19:06:13.0546 0x0e7c [ 96EFEC24346A8EB1157E80523079ADDC, 7F8FC284029856C754E400B6C954369FFE27763C81D8F4AF4E58BFDD44CBC24A ] RealNetworks Downloader Resolver Service C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe
19:06:13.0578 0x0e7c RealNetworks Downloader Resolver Service - ok
19:06:13.0609 0x0e7c [ ED761D453856F795A7FE056E42C36365, EF026585B33415D8FCE94A9F27D7A4396C7C35C88E06A4CF0FEA702401E8597A ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
19:06:13.0750 0x0e7c redbook - ok
19:06:13.0796 0x0e7c [ 0E97EC96D6942CEEC2D188CC2EB69A01, D4253B4420BEF19451A55AB91E4834482181A31A31134F6E2AFE05C8E20C81A5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
19:06:13.0921 0x0e7c RemoteAccess - ok
19:06:13.0968 0x0e7c [ E4CD1F3D84E1C2CA0B8CF7501E201593, 649CC0B04F94D407EB6B4C7FDE2C6E4D2B1531307BC67C5775E44D66EF2E4F8A ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
19:06:14.0109 0x0e7c RemoteRegistry - ok
19:06:14.0140 0x0e7c [ 2A02E21867497DF20B8FC95631395169, D89E2D17ED4E1C727847C0E92D2DF68AEB70BF0B956BD2FE024ED70A961759D2 ] RpcLocator C:\WINDOWS\system32\locator.exe
19:06:14.0281 0x0e7c RpcLocator - ok
19:06:14.0328 0x0e7c [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] RpcSs C:\WINDOWS\system32\rpcss.dll
19:06:14.0406 0x0e7c RpcSs - ok
19:06:14.0437 0x0e7c [ 4BDD71B4B521521499DFD14735C4F398, 7B1498D3C67E56D05B58B7DA319ECB0117C37963AABB0E59B42831C087469DA1 ] RSVP C:\WINDOWS\system32\rsvp.exe
19:06:14.0593 0x0e7c RSVP - ok
19:06:14.0625 0x0e7c [ 00FD6811350E175585ABCF7D4A61DD90, 00B54CB6547E47E6A2B8AE4BB220E68BBFECF2188CB7DFE651B50F7FE6AC7E9D ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
19:06:14.0718 0x0e7c RTLE8023xp - ok
19:06:14.0734 0x0e7c [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] SamSs C:\WINDOWS\system32\lsass.exe
19:06:14.0843 0x0e7c SamSs - ok
19:06:14.0890 0x0e7c [ DCEC079FAD95D36C8DD5CB6D779DFE32, F8546552D939A225853A0CE4913701A93738DF02C999D16E141E9A828814BBC6 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
19:06:15.0031 0x0e7c SCardSvr - ok
19:06:15.0078 0x0e7c [ A050194A44D7FA8D7186ED2F4E8367AE, BCDF56D5A2F9E202DC67E7FE4BCC617BCC0BDFF2D221A621020068B17B2855BB ] Schedule C:\WINDOWS\system32\schedsvc.dll
19:06:15.0218 0x0e7c Schedule - ok
19:06:15.0250 0x0e7c [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:06:15.0328 0x0e7c Secdrv - ok
19:06:15.0375 0x0e7c [ BEE4CFD1D48C23B44CF4B974B0B79B2B, DF3B02D713F8A4602BE75F004074D5DF79AFF2D58FF37110B2A6AC29F680758B ] seclogon C:\WINDOWS\System32\seclogon.dll
19:06:15.0515 0x0e7c seclogon - ok
19:06:15.0531 0x0e7c [ 2AAC9B6ED9EDDFFB721D6452E34D67E3, 95D83F054A6610328D56E56CD948A6618C590231853E56FC20E7557DB61384A4 ] SENS C:\WINDOWS\system32\sens.dll
19:06:15.0656 0x0e7c SENS - ok
19:06:15.0687 0x0e7c [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
19:06:15.0828 0x0e7c serenum - ok
19:06:15.0843 0x0e7c [ CF24EB4F0412C82BCD1F4F35A025E31D, B74CB094126F5C23F601C34D53B2DF5BE3E5918230AC9DCFCFFA8E66B3A0FA25 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
19:06:15.0953 0x0e7c Serial - ok
19:06:16.0000 0x0e7c [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
19:06:16.0140 0x0e7c Sfloppy - ok
19:06:16.0203 0x0e7c [ CAD058D5F8B889A87CA3EB3CF624DCEF, A7CDCF44261D1F4D820927253EA8EBB63714B7BAFF8B08DE073507D9A7EEA5BB ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
19:06:16.0375 0x0e7c SharedAccess - ok
19:06:16.0390 0x0e7c [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:06:16.0406 0x0e7c ShellHWDetection - ok
19:06:16.0421 0x0e7c Simbad - ok
19:06:16.0437 0x0e7c Sparrow - ok
19:06:16.0468 0x0e7c [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
19:06:16.0593 0x0e7c splitter - ok
19:06:16.0640 0x0e7c [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe
19:06:16.0734 0x0e7c Spooler - ok
19:06:16.0750 0x0e7c [ 50FA898F8C032796D3B1B9951BB5A90F, 1C86273EC19EB96D6DB9CE6670C00683B77C99C42CC2F7E75BC50872B93446B1 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
19:06:16.0859 0x0e7c sr - ok
19:06:16.0906 0x0e7c [ FE77A85495065F3AD59C5C65B6C54182, EB4BAF992F961B2FD5D24BFCB6BCB2142BC32933139A818835FEAB190E4283BB ] srservice C:\WINDOWS\system32\srsvc.dll
19:06:17.0015 0x0e7c srservice - ok
19:06:17.0078 0x0e7c [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
19:06:17.0203 0x0e7c Srv - ok
19:06:17.0250 0x0e7c [ 4DF5B05DFAEC29E13E1ED6F6EE12C500, 2971D7D45D6942D310D47DBD19B9680D2D29527E79B86133C72217FD29259465 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
19:06:17.0328 0x0e7c SSDPSRV - ok
19:06:17.0359 0x0e7c [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
19:06:17.0390 0x0e7c ssmdrv - ok
19:06:17.0437 0x0e7c [ 3F0164FBC0BD1ADBD02DF9759181451A, 8BDAA0373BD16B38407F93FE5C697481D4D88C72B1931D6A7B9F80C0276242B9 ] ss_bbus C:\WINDOWS\system32\DRIVERS\ss_bbus.sys
19:06:17.0468 0x0e7c ss_bbus - ok
19:06:17.0500 0x0e7c [ B89D62206034E5FE573C80A24DD55675, 26D12E2A7CB538DDEEA7B764242E9EAE25E0A46293AE3608E6B7DD71AECBA901 ] ss_bmdfl C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys
19:06:17.0562 0x0e7c ss_bmdfl - ok
19:06:17.0625 0x0e7c [ 1ED0FCEA586FE2A416EE15196E5631DD, AF1EBAD7D580BF85ACD6C6287892DE4E7A679852887B9E866A032B1DDCF26183 ] ss_bmdm C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys
19:06:17.0671 0x0e7c ss_bmdm - ok
19:06:17.0703 0x0e7c [ 994D2E5378CC337EC7DD73C1E04FCAA4, 4320B6EFF5CFA40DCD7EF1ED1BB79AC29D5FC34FCFA97BA97333CB5ABD741E05 ] ss_bserd C:\WINDOWS\system32\DRIVERS\ss_bserd.sys
19:06:17.0734 0x0e7c ss_bserd - ok
19:06:17.0781 0x0e7c [ F92254B0BCFCD10CAAC7BCCC7CB7F467, A44B569F658BED53502C9155947759EE67FABEE306DA2A9ABE87141F99B251A3 ] StarOpen C:\WINDOWS\system32\drivers\StarOpen.sys
19:06:17.0812 0x0e7c StarOpen - detected UnsignedFile.Multi.Generic ( 1 )
19:06:27.0875 0x0e7c StarOpen ( UnsignedFile.Multi.Generic ) - warning
19:06:27.0875 0x0e7c Force sending object to P2P due to detect: StarOpen
19:06:46.0812 0x0e7c Object send P2P result: true
19:06:49.0437 0x0e7c [ BC2C5985611C5356B24AEB370953DED9, 15CBAB8166827DC098E2B16AB6F49A1441A4CB52AF3588F0AD964CAB596DFE10 ] stisvc C:\WINDOWS\system32\wiaservc.dll
19:06:49.0765 0x0e7c stisvc - ok
19:06:50.0140 0x0e7c [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
19:06:50.0328 0x0e7c swenum - ok
19:06:50.0359 0x0e7c [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
19:06:50.0625 0x0e7c swmidi - ok
19:06:50.0640 0x0e7c SwPrv - ok
19:06:50.0656 0x0e7c symc810 - ok
19:06:50.0671 0x0e7c symc8xx - ok
19:06:50.0687 0x0e7c sym_hi - ok
19:06:50.0703 0x0e7c sym_u3 - ok
19:06:50.0812 0x0e7c [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
19:06:51.0078 0x0e7c sysaudio - ok
19:06:51.0250 0x0e7c [ 2903FFFA2523926D6219428040DCE6B9, 4F13181931B0499F6C3F08138054DBCD1F84CB9806999A9172B80DE79D446F62 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
19:06:51.0468 0x0e7c SysmonLog - ok
19:06:51.0546 0x0e7c [ 05903CAC4B98908D55EA5774775B382E, AC3666CBD894D737874A5998DC7F46A0A51A7B23B1835FC735B9AD503A2191CC ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
19:06:51.0843 0x0e7c TapiSrv - ok
19:06:52.0000 0x0e7c [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:06:52.0375 0x0e7c Tcpip - ok
19:06:52.0468 0x0e7c [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
19:06:52.0671 0x0e7c TDPIPE - ok
19:06:52.0843 0x0e7c [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
19:06:53.0109 0x0e7c TDTCP - ok
19:06:53.0234 0x0e7c [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
19:06:53.0468 0x0e7c TermDD - ok
19:06:53.0562 0x0e7c [ B7DE02C863D8F5A005A7BF375375A6A4, 6DE05A7B28CA5A78D58536347FC47F15883EEDBEF487CEA0117CC280FC582DCC ] TermService C:\WINDOWS\System32\termsrv.dll
19:06:53.0734 0x0e7c TermService - ok
19:06:53.0875 0x0e7c [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] Themes C:\WINDOWS\System32\shsvcs.dll
19:06:53.0906 0x0e7c Themes - ok
19:06:54.0062 0x0e7c [ 03681A1CE77F51586903869A5AB1DEAB, E2EC0A481412166B654682C2F3D953E96E757466135CBD2D813B967EDB13C721 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
19:06:54.0265 0x0e7c TlntSvr - ok
19:06:54.0281 0x0e7c TosIde - ok
19:06:54.0406 0x0e7c [ 626504572B175867F30F3215C04B3E2F, 47E87CE9BC666D5CB5953C5D497DC00A7CC28F8EC0A064B3E47700279C5C4B91 ] TrkWks C:\WINDOWS\system32\trkwks.dll
19:06:54.0640 0x0e7c TrkWks - ok
19:06:54.0796 0x0e7c [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
19:06:54.0968 0x0e7c Udfs - ok
19:06:55.0187 0x0e7c [ 4BD2C322118A2470B450492A0C3302F9, 31DD44C09F0165147B6E68F3865AF4EC3CF36C3D637501025076F748475DD38F ] UleadBurningHelper C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe
19:06:55.0250 0x0e7c UleadBurningHelper - ok
19:06:55.0265 0x0e7c ultra - ok
19:06:55.0359 0x0e7c [ AB0A7CA90D9E3D6A193905DC1715DED0, CA764A2B92E727E3398134CD50D5622B4EC387436A3644063DA1D114CE63BD64 ] UMWdf C:\WINDOWS\system32\wdfmgr.exe
19:06:55.0562 0x0e7c UMWdf - ok
19:06:55.0703 0x0e7c [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
19:06:56.0078 0x0e7c Update - ok
19:06:56.0156 0x0e7c [ 1DFD8975D8C89214B98D9387C1125B49, 0B6B268487C8E45E9B86BF4A0A9DB669E0E45D600DE3C82B63F9986CA9E01082 ] upnphost C:\WINDOWS\System32\upnphost.dll
19:06:56.0359 0x0e7c upnphost - ok
19:06:56.0421 0x0e7c [ 9B11E6118958E63E1FEF129466E2BDA7, 97168BCE3F4A9BB9E6500F05E34851FB957B219C598944FADC28AC0011C0503B ] UPS C:\WINDOWS\System32\ups.exe
19:06:56.0609 0x0e7c UPS - ok
19:06:56.0781 0x0e7c [ E919708DB44ED8543A7C017953148330, 226D032912D396117213FC29CD0BB5A8B2F872DD91D92F254F2F1FE392481B61 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
19:06:57.0125 0x0e7c usbaudio - ok
19:06:57.0250 0x0e7c [ 173F317CE0DB8E21322E71B7E60A27E8, 7042441BA63AE38AE9D7BE0BC5CA7404FC9EE5BB3F084604A68F01E82769652A ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:06:57.0484 0x0e7c usbccgp - ok
19:06:57.0531 0x0e7c [ 65DCF09D0E37D4C6B11B5B0B76D470A7, 90EBA8BAF45932B453D905EDF2BDDDF3A432BFD50B9F7DF58CDEAE98D11C2E2F ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:06:58.0109 0x0e7c usbehci - ok
19:06:58.0171 0x0e7c [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:06:58.0359 0x0e7c usbhub - ok
19:06:58.0468 0x0e7c [ 0DAECCE65366EA32B162F85F07C6753B, 3C33AC2FC95E876933F2016CF0CDA2745491679728684DA8DF95A515CE4804BD ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
19:06:58.0656 0x0e7c usbohci - ok
19:06:58.0703 0x0e7c [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
19:06:58.0890 0x0e7c usbprint - ok
19:06:58.0921 0x0e7c [ A0B8CF9DEB1184FBDD20784A58FA75D4, D8AFD45BD9CF7B02F2554AA6085194DE82893AF794EDF479BC9B9E9C1758DC75 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
19:06:59.0062 0x0e7c usbscan - ok
19:06:59.0093 0x0e7c [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:06:59.0265 0x0e7c USBSTOR - ok
19:06:59.0312 0x0e7c [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
19:06:59.0468 0x0e7c VgaSave - ok
19:06:59.0468 0x0e7c ViaIde - ok
19:06:59.0500 0x0e7c [ A5A712F4E880874A477AF790B5186E1D, FE885ED04C3EAFC379787F836738A2769E43D07CF52DD917D90C38E001957A5E ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
19:06:59.0718 0x0e7c VolSnap - ok
19:07:00.0109 0x0e7c [ 68F106273BE29E7B7EF8266977268E78, 1488AB7A654EBC94C73E1D494067189ACB95BC233980110CAC4C0297CDC4115A ] VSS C:\WINDOWS\System32\vssvc.exe
19:07:00.0218 0x0e7c VSS - ok
19:07:00.0250 0x0e7c [ 7B353059E665F8B7AD2BBEAEF597CF45, 84A4311F18A4B8DCB364741DEA7D18E2363F19564B2EF25214965DC729527068 ] W32Time C:\WINDOWS\system32\w32time.dll
19:07:00.0453 0x0e7c W32Time - ok
19:07:00.0515 0x0e7c [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:07:00.0671 0x0e7c Wanarp - ok
19:07:00.0687 0x0e7c WDICA - ok
19:07:00.0734 0x0e7c [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
19:07:00.0906 0x0e7c wdmaud - ok
19:07:00.0968 0x0e7c [ 81727C9873E3905A2FFC1EBD07265002, 6AC2383A1DCBB7FA3DB90FBB874C8E1819F5B7492717FF41E303EFC7BF72F93E ] WebClient C:\WINDOWS\System32\webclnt.dll
19:07:01.0109 0x0e7c WebClient - ok
19:07:01.0234 0x0e7c [ 6F3F3973D97714CC5F906A19FE883729, 7817118BE94D0F6FAE0F9CE48AD70FFE0AEF886CCE09C666768FAB61047F992F ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
19:07:01.0453 0x0e7c winmgmt - ok
19:07:01.0531 0x0e7c [ 140EF97B64F560FD78643CAE2CDAD838, 1DEA8005220A3EFEC6E32A7DE4386026CCC1E5328E2FDCB82B1FB335905D1962 ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
19:07:01.0656 0x0e7c WmdmPmSN - ok
19:07:01.0718 0x0e7c [ FFA4D901D46D07A5BAB2D8307FBB51A6, 53C6D04D111EDF774C7F7EEB8D032B372E6244774D56B1B34CF1236027EC9450 ] Wmi C:\WINDOWS\System32\advapi32.dll
19:07:01.0921 0x0e7c Wmi - ok
19:07:01.0953 0x0e7c [ 93908111BA57A6E60EC2FA2DE202105C, F395F25F18D15C6B9FEDB45FD31E10295FFE5517E2BC86ACAC11904EA0664BE2 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
19:07:02.0078 0x0e7c WmiApSrv - ok
19:07:02.0109 0x0e7c [ 1385E5AA9C9821790D33A9563B8D2DD0, 35248DA1BBB6E88D6C7706B81A48F7EA4E4F2673228D69E622525D478B8E7220 ] WpdUsb C:\WINDOWS\system32\Drivers\wpdusb.sys
19:07:02.0125 0x0e7c WpdUsb - ok
19:07:02.0250 0x0e7c [ DCF3E3EDF5109EE8BC02FE6E1F045795, 4B8E14B1CFB095982D34DAEC336114F5039D7793080FB787DC95A63B6B945DD0 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:07:02.0312 0x0e7c WPFFontCache_v0400 - ok
19:07:02.0343 0x0e7c [ 300B3E84FAF1A5C1F791C159BA28035D, 0194856BDF94C1F274AF70AD558290ACDACDDEA331BD66FEB8E167ABD1E36786 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
19:07:02.0500 0x0e7c wscsvc - ok
19:07:02.0531 0x0e7c [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085, A1DB8909FA73337DB613D01824945485186654364A4DF129B8CB913CF87D1D2E ] wuauserv C:\WINDOWS\system32\wuauserv.dll
19:07:02.0687 0x0e7c wuauserv - ok
19:07:02.0750 0x0e7c [ C4F109C005F6725162D2D12CA751E4A7, AC996B44338328BDD4442FE48406F286A64526F0EC77BE00A19FA7FDB0407CFE ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
19:07:02.0968 0x0e7c WZCSVC - ok
19:07:03.0000 0x0e7c [ 0ADA34871A2E1CD2CAAFED1237A47750, 45BEF8649078BD74C1A347B5F2D3A1958E5A7DCD6C6BA8A2E0CAD277A929C64E ] xmlprov C:\WINDOWS\System32\xmlprov.dll
19:07:03.0218 0x0e7c xmlprov - ok
19:07:03.0218 0x0e7c ================ Scan global ===============================
19:07:03.0234 0x0e7c [ 2C60091CA5F67C3032EAB3B30390C27F, 9E205C8E67F4B61FCFA2A82AA1968D522C3B6410D7075BE813F7F1564D61632E ] C:\WINDOWS\system32\basesrv.dll
19:07:03.0296 0x0e7c [ 77A50BBD2A1CD6D54A876BB63570E2A8, 80DBEE5B754952411470B9B8A813C989F7074EF6CC07A081A179E523C10C465E ] C:\WINDOWS\system32\winsrv.dll
19:07:03.0359 0x0e7c [ 77A50BBD2A1CD6D54A876BB63570E2A8, 80DBEE5B754952411470B9B8A813C989F7074EF6CC07A081A179E523C10C465E ] C:\WINDOWS\system32\winsrv.dll
19:07:03.0375 0x0e7c [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] C:\WINDOWS\system32\services.exe
19:07:03.0375 0x0e7c [ Global ] - ok
19:07:03.0375 0x0e7c ================ Scan MBR ==================================
19:07:03.0406 0x0e7c [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
19:07:03.0656 0x0e7c \Device\Harddisk0\DR0 - ok
19:07:03.0656 0x0e7c ================ Scan VBR ==================================
19:07:03.0656 0x0e7c [ A7D120127FFBA7CD40328F0D53B5F71F ] \Device\Harddisk0\DR0\Partition1
19:07:03.0656 0x0e7c \Device\Harddisk0\DR0\Partition1 - ok
19:07:03.0671 0x0e7c [ 3B57FFE28F9E55442818CF2382708E72 ] \Device\Harddisk0\DR0\Partition2
19:07:03.0671 0x0e7c \Device\Harddisk0\DR0\Partition2 - ok
19:07:03.0671 0x0e7c ================ Scan generic autorun ======================
19:07:03.0765 0x0e7c [ A00F240E6B250E91536CE18BFE0A350C, 338DD25039D4BA97DF669493F6ED59D8E3448BE1F9E954E98B46B188B6359D45 ] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
19:07:03.0796 0x0e7c StartCCC - detected UnsignedFile.Multi.Generic ( 1 )
19:07:06.0218 0x0e7c Detect skipped due to KSN trusted
19:07:06.0218 0x0e7c StartCCC - ok
19:07:07.0171 0x0e7c [ D37F604F98E1FC2D7AEC8EF3515409D7, 570629023EBBF0D5070A84B33DAC32BAC11CE27E64F5A47B95B5C300AA5C1E15 ] C:\WINDOWS\RTHDCPL.EXE
19:07:10.0109 0x0e7c RTHDCPL - ok
19:07:10.0234 0x0e7c [ 37BF603C3685289CA684C4D3400A9DE7, 242379ED5F485E47897B15A1DC200B44B673147A636ADF640A32C72AEF8ABE40 ] C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe
19:07:10.0250 0x0e7c Adobe Reader Speed Launcher - ok
19:07:10.0375 0x0e7c [ 48BE298F7FD1BEF4D8FBACB04D8D95C4, D375B3F6E850E4B0EC81BAA0E554C356BE2248AA77C6C56F5267CA05460FE4EB ] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe
19:07:10.0500 0x0e7c Adobe ARM - ok
19:07:10.0609 0x0e7c [ 2CEC0358AEAF3D34E7FAEE85ED55E9EB, F682779B67B3BC958DEB0853E49F15EA2342E2CD299E2DFE4874E48559EBB683 ] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
19:07:10.0750 0x0e7c HPDJ Taskbar Utility - ok
19:07:10.0843 0x0e7c [ 2103DE800D67BFDD2EC58AE0F242A359, 8CA6797C6EAE8219FD04DF9F761853A0617AB54E6229F44DD1F186E8A9C360FE ] C:\Programme\Ulead Systems\Ulead VideoStudio 11\uvPL.exe
19:07:10.0984 0x0e7c UVS11 Preload - ok
19:07:11.0078 0x0e7c [ CAF03357DE72F8F19FA099581A685C1A, FD7647ECEB96CDAAC516FD40407C2E191703276DC2967475ED1AAD43544DD2C4 ] C:\Programme\QuickTime\qttask.exe
19:07:11.0125 0x0e7c QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
19:07:13.0453 0x0e7c Detect skipped due to KSN trusted
19:07:13.0453 0x0e7c QuickTime Task - ok
19:07:13.0500 0x0e7c [ CD63BDE3117B69C8B21C21DC348858FD, D061C54F037A3CAA0D954297A82C7CF8C40DD3F5188EE325B1780A75FC519566 ] C:\PROGRA~1\OfficeKB\OfficeKB.EXE
19:07:13.0546 0x0e7c OfficeKB - detected UnsignedFile.Multi.Generic ( 1 )
19:07:15.0875 0x0e7c OfficeKB ( UnsignedFile.Multi.Generic ) - warning
19:07:18.0281 0x0e7c [ E1F68E30FFE27E375A331E0C09CC1C43, 55EBC223C7177CE707B9672316E8EC28733AF943C50C6481717DA437147611EF ] C:\PROGRA~1\OfficeKB\KPDrv4XP.exe
19:07:18.0312 0x0e7c KPDrv4XP - detected UnsignedFile.Multi.Generic ( 1 )
19:07:20.0640 0x0e7c KPDrv4XP ( UnsignedFile.Multi.Generic ) - warning
19:07:23.0015 0x0e7c NvCplDaemon - ok
19:07:23.0015 0x0e7c NvMediaCenter - ok
19:07:23.0187 0x0e7c [ A23319A38290D9F495A076254D995499, B78D16FAC286ABBB36F1E7D8732886A793B82346B7BD85A575B70B673059120C ] C:\Programme\NVIDIA Corporation\nview\nwiz.exe
19:07:23.0437 0x0e7c nwiz - ok
19:07:23.0531 0x0e7c [ 1775BDBEF28FD1B0F0AC43F10F483E08, F7E6C3177CFFABF605CC86F585CBF1DE541732DD92F92D1AB97B9BFFB3F2C5A6 ] C:\Programme\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
19:07:23.0687 0x0e7c Nvtmru - ok
19:07:23.0812 0x0e7c [ 085F30DB0B38903940A4141E675BDC08, 3ABFB79C850D2B1976DB4DEF69AA031C4E18B5E240316908DDD16DEA4050365A ] C:\Programme\Avira\AntiVir Desktop\avgnt.exe
19:07:23.0875 0x0e7c avgnt - ok
19:07:24.0000 0x0e7c [ F6158734F1E24C6C510155CF0D363911, 320900BA90AF14E254CFAFA70FB15A0E77506217E47A406FA1ED821D0206FE29 ] C:\Programme\Real\RealPlayer\update\realsched.exe
19:07:24.0046 0x0e7c TkBellExe - ok
19:07:24.0078 0x0e7c [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE
19:07:24.0203 0x0e7c CTFMON.EXE - ok
19:07:24.0203 0x0e7c [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE
19:07:24.0296 0x0e7c CTFMON.EXE - ok
19:07:24.0312 0x0e7c [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE
19:07:24.0406 0x0e7c CTFMON.EXE - ok
19:07:24.0406 0x0e7c [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\ctfmon.exe
19:07:24.0515 0x0e7c CTFMON.EXE - ok
19:07:24.0671 0x0e7c [ E2AA953ED6A296B6BF399A783B32CCDE, 123380F79427FB05BB17699B34EF07E38C587A26C6380FA9311EF1F5E4F6A129 ] C:\Programme\Messenger\msmsgs.exe
19:07:24.0875 0x0e7c MSMSGS - ok
19:07:25.0046 0x0e7c [ E8405C87CD06FF5D69BC6F3B24D766D0, C82171BEDBFE593A04D09C2E20B0528AA3CEC722D6919F8A5C70C6EFFB9EFEAE ] C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
19:07:25.0125 0x0e7c AmazonMP3DownloaderHelper - ok
19:07:25.0140 0x0e7c [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE
19:07:25.0234 0x0e7c CTFMON.EXE - ok
19:07:25.0234 0x0e7c Waiting for KSN requests completion. In queue: 11
19:07:26.0234 0x0e7c Waiting for KSN requests completion. In queue: 11
19:07:27.0234 0x0e7c Waiting for KSN requests completion. In queue: 11
19:07:28.0281 0x0e7c AV detected via SS1: Avira Desktop, 15.0.8.650, enabled, updated
19:07:28.0281 0x0e7c Win FW state via NFM: enabled
19:07:30.0656 0x0e7c ============================================================
19:07:30.0656 0x0e7c Scan finished
19:07:30.0656 0x0e7c ============================================================
19:07:30.0687 0x0d9c Detected object count: 3
19:07:30.0687 0x0d9c Actual detected object count: 3
19:08:03.0046 0x0d9c C:\WINDOWS\system32\drivers\StarOpen.sys - copied to quarantine
19:08:03.0046 0x0d9c StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
19:08:03.0125 0x0d9c C:\PROGRA~1\OfficeKB\OfficeKB.EXE - copied to quarantine
19:08:03.0125 0x0d9c OfficeKB ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
19:08:03.0156 0x0d9c C:\PROGRA~1\OfficeKB\KPDrv4XP.exe - copied to quarantine
19:08:03.0156 0x0d9c KPDrv4XP ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
19:08:38.0046 0x0b44 Deinitialize success
|
|
11.03.2015, 19:19
| #14 |
| | Maleware gefunden - was muß ich nun tun?Code:
ATTFilter 19:11:06.0390 0x06b8 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
19:11:08.0812 0x06b8 ============================================================
19:11:08.0812 0x06b8 Current date / time: 2015/03/11 19:11:08.0812
19:11:08.0812 0x06b8 SystemInfo:
19:11:08.0812 0x06b8
19:11:08.0812 0x06b8 OS Version: 5.1.2600 ServicePack: 3.0
19:11:08.0812 0x06b8 Product type: Workstation
19:11:08.0812 0x06b8 ComputerName: SLIM-36FB768E46
19:11:08.0812 0x06b8 UserName: Slim
19:11:08.0812 0x06b8 Windows directory: C:\WINDOWS
19:11:08.0812 0x06b8 System windows directory: C:\WINDOWS
19:11:08.0812 0x06b8 Processor architecture: Intel x86
19:11:08.0812 0x06b8 Number of processors: 2
19:11:08.0812 0x06b8 Page size: 0x1000
19:11:08.0812 0x06b8 Boot type: Normal boot
19:11:08.0812 0x06b8 ============================================================
19:11:12.0015 0x06b8 KLMD registered as C:\WINDOWS\system32\drivers\49980631.sys
19:11:12.0156 0x06b8 System UUID: {BCCF5BF6-C583-03CB-A2E0-C8C56FD0AB87}
19:11:12.0921 0x06b8 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 ( 74.53 Gb ), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
19:11:12.0921 0x06b8 ============================================================
19:11:12.0921 0x06b8 \Device\Harddisk0\DR0:
19:11:12.0921 0x06b8 MBR partitions:
19:11:12.0921 0x06b8 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x61A7927
19:11:12.0921 0x06b8 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x61A7966, BlocksNum 0x3366B5B
19:11:12.0921 0x06b8 ============================================================
19:11:12.0953 0x06b8 C: <-> \Device\Harddisk0\DR0\Partition1
19:11:12.0984 0x06b8 D: <-> \Device\Harddisk0\DR0\Partition2
19:11:12.0984 0x06b8 ============================================================
19:11:12.0984 0x06b8 Initialize success
19:11:12.0984 0x06b8 ============================================================
19:11:22.0500 0x07b4 ============================================================
19:11:22.0500 0x07b4 Scan started
19:11:22.0500 0x07b4 Mode: Manual; SigCheck; TDLFS;
19:11:22.0500 0x07b4 ============================================================
19:11:22.0500 0x07b4 KSN ping started
19:11:35.0843 0x07b4 KSN ping finished: true
19:11:36.0437 0x07b4 ================ Scan system memory ========================
19:11:36.0437 0x07b4 System memory - ok
19:11:36.0437 0x07b4 ================ Scan services =============================
19:11:36.0531 0x07b4 Abiosdsk - ok
19:11:36.0531 0x07b4 abp480n5 - ok
19:11:36.0609 0x07b4 [ AC407F1A62C3A300B4F2B5A9F1D55B2C, 31F5FC61B37E22100B3A52A590295A7E827FFC581FA9960C64B9032452AAECED ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:11:36.0859 0x07b4 ACPI - ok
19:11:36.0906 0x07b4 [ 9E1CA3160DAFB159CA14F83B1E317F75, 13B3E897B0E819BF734449416D9EC6EBCAC89538EC69BF48C068593B82D57004 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
19:11:37.0031 0x07b4 ACPIEC - ok
19:11:37.0109 0x07b4 [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:11:37.0125 0x07b4 AdobeFlashPlayerUpdateSvc - ok
19:11:37.0125 0x07b4 adpu160m - ok
19:11:37.0156 0x07b4 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
19:11:37.0281 0x07b4 aec - ok
19:11:37.0328 0x07b4 [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys
19:11:37.0359 0x07b4 AFD - ok
19:11:37.0359 0x07b4 Aha154x - ok
19:11:37.0375 0x07b4 aic78u2 - ok
19:11:37.0375 0x07b4 aic78xx - ok
19:11:37.0406 0x07b4 [ 738D80CC01D7BC7584BE917B7F544394, DCC17AAEF5CDDF52FAAC3CC6904EF421CD595F66318A2370BEE261D5C3A8E340 ] Alerter C:\WINDOWS\system32\alrsvc.dll
19:11:37.0546 0x07b4 Alerter - ok
19:11:37.0593 0x07b4 [ 190CD73D4984F94D823F9444980513E5, 93A32C2495CCA094F768BA707C74DA5C00B8A88A9236DD1A297439A7C2E6C6FA ] ALG C:\WINDOWS\System32\alg.exe
19:11:37.0656 0x07b4 ALG - ok
19:11:37.0671 0x07b4 AliIde - ok
19:11:37.0796 0x07b4 [ F6AF59D6EEE5E1C304F7F73706AD11D8, F5D39EF40CDB5102A84C8594CFC54DDBD5060E193E6D07421A9003D2ABC63E30 ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys
19:11:37.0953 0x07b4 Ambfilt - ok
19:11:37.0968 0x07b4 amsint - ok
19:11:38.0109 0x07b4 [ 963F57EDF1A5C72AC66173F3B7CB329B, 0934361B0A55F4C082D70F264FAB5D36BAC482C135275AE552D442E64B3D5C1D ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe
19:11:38.0125 0x07b4 AntiVirSchedulerService - ok
19:11:38.0203 0x07b4 [ 963F57EDF1A5C72AC66173F3B7CB329B, 0934361B0A55F4C082D70F264FAB5D36BAC482C135275AE552D442E64B3D5C1D ] AntiVirService C:\Programme\Avira\AntiVir Desktop\avguard.exe
19:11:38.0218 0x07b4 AntiVirService - ok
19:11:38.0265 0x07b4 [ D45960BE52C3C610D361977057F98C54, 9186589B502F46B47672CFB8EBD558D51B0F3CBFE4E0DDBA625A4265236518CE ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
19:11:38.0343 0x07b4 AppMgmt - ok
19:11:38.0359 0x07b4 asc - ok
19:11:38.0359 0x07b4 asc3350p - ok
19:11:38.0359 0x07b4 asc3550 - ok
19:11:38.0484 0x07b4 [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
19:11:38.0484 0x07b4 aspnet_state - ok
19:11:38.0531 0x07b4 [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:11:38.0656 0x07b4 AsyncMac - ok
19:11:38.0687 0x07b4 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
19:11:38.0812 0x07b4 atapi - ok
19:11:38.0828 0x07b4 Atdisk - ok
19:11:38.0906 0x07b4 [ 2A27A3A8634FB9E29F539D6D3ED3646A, 08C5E28BB1A3DC856C6B7956F6F47EE0AEFEB82E7E9474848DDFAFD8A627A281 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
19:11:39.0000 0x07b4 Ati HotKey Poller - ok
19:11:39.0078 0x07b4 [ 72810C6A63076A480ABCE0E0BA0BC981, 8551F6394A64C1270A573C75BC6EF326300FBC3F8E0BCD6F8BDA58874D65C036 ] ATI Smart C:\WINDOWS\system32\ati2sgag.exe
19:11:39.0140 0x07b4 ATI Smart - detected UnsignedFile.Multi.Generic ( 1 )
19:11:41.0468 0x07b4 Detect skipped due to KSN trusted
19:11:41.0468 0x07b4 ATI Smart - ok
19:11:41.0687 0x07b4 [ 8763EDE3E0CD40F5C3450571AC57F205, 8564071956609F679C511B87C0328578824A7C1ED08DE22CFC74DF589E6EEEF2 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
19:11:41.0921 0x07b4 ati2mtag - ok
19:11:41.0984 0x07b4 [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:11:42.0109 0x07b4 Atmarpc - ok
19:11:42.0156 0x07b4 [ 58ED0D5452DF7BE732193E7999C6B9A4, 254E2ECF592DDA2E3E6CA9F6F3E77926E2265586A7937BA95199ED47BCDE69A3 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
19:11:42.0296 0x07b4 AudioSrv - ok
19:11:42.0343 0x07b4 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
19:11:42.0484 0x07b4 audstub - ok
19:11:42.0515 0x07b4 [ AF5DA81B19AFA730F1E5246AD81D140A, 532951071F56896A3B5D47874C14D996C8620EA02F87D4BA21B083EC804FB166 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
19:11:42.0546 0x07b4 avgntflt - ok
19:11:42.0593 0x07b4 [ A5674637BCA212D9FE136ADFA04C9857, 95F3632EBB041C539816D285EBE1F379D46A4187379C69D4683D9F4DECBDB80C ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
19:11:42.0609 0x07b4 avipbb - ok
19:11:42.0640 0x07b4 [ D8C712305F73CD34D1B344810E522728, 49A474FF6CA44E8427D7A8290B47395125B0148AF384CF2B3B1FA495A4718CBA ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
19:11:42.0656 0x07b4 avkmgr - ok
19:11:42.0687 0x07b4 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
19:11:42.0828 0x07b4 Beep - ok
19:11:42.0890 0x07b4 [ D6F603772A789BB3228F310D650B8BD1, A539025C70FD998A9B8703DE05CAE5E99BC721D8852EA561EBC2DD20CB371D2E ] BITS C:\WINDOWS\system32\qmgr.dll
19:11:43.0093 0x07b4 BITS - ok
19:11:43.0125 0x07b4 [ B42057F06BBB98B31876C0B3F2B54E33, 779AF28378E8D37E784BEDBEE23DCFFC6C9C9068180F2A9058C91047E33ED078 ] Browser C:\WINDOWS\System32\browser.dll
19:11:43.0265 0x07b4 Browser - ok
19:11:43.0312 0x07b4 [ 1778EBA872274C1226D869CD9486847E, C76B8E07DD27E038B243A27C9FE6FB168731726638C83ADA29D18EE673D58835 ] Capture Device Service C:\Programme\Gemeinsame Dateien\InterVideo\DeviceService\DevSvc.exe
19:11:43.0328 0x07b4 Capture Device Service - ok
19:11:43.0375 0x07b4 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
19:11:43.0515 0x07b4 cbidf2k - ok
19:11:43.0515 0x07b4 cd20xrnt - ok
19:11:43.0531 0x07b4 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
19:11:43.0656 0x07b4 Cdaudio - ok
19:11:43.0687 0x07b4 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
19:11:43.0828 0x07b4 Cdfs - ok
19:11:43.0859 0x07b4 [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:11:44.0000 0x07b4 Cdrom - ok
19:11:44.0000 0x07b4 Changer - ok
19:11:44.0031 0x07b4 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E, ACB458E8A11AA2143734A5A0281973D95158E6402A6453F98F9832D1E19B01F9 ] CiSvc C:\WINDOWS\system32\cisvc.exe
19:11:44.0171 0x07b4 CiSvc - ok
19:11:44.0187 0x07b4 [ 778A30ED3C134EB7E406AFC407E9997D, 3E6AD115AB2596EB001BC21AEADDBC75F27C42DB90C986B7AD17743CE631234E ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
19:11:44.0343 0x07b4 ClipSrv - ok
19:11:44.0390 0x07b4 [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:11:44.0406 0x07b4 clr_optimization_v2.0.50727_32 - ok
19:11:44.0453 0x07b4 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:11:44.0453 0x07b4 clr_optimization_v4.0.30319_32 - ok
19:11:44.0468 0x07b4 CmdIde - ok
19:11:44.0468 0x07b4 COMSysApp - ok
19:11:44.0484 0x07b4 Cpqarray - ok
19:11:44.0515 0x07b4 [ 611F824E5C703A5A899F84C5F1699E4D, 9EFA5612FE58E9974E4CC13D39D91D7B5DEA3ED66BEFBED3AAE6D2800FD8162A ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
19:11:44.0656 0x07b4 CryptSvc - ok
19:11:44.0656 0x07b4 dac2w2k - ok
19:11:44.0671 0x07b4 dac960nt - ok
19:11:44.0734 0x07b4 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
19:11:44.0781 0x07b4 DcomLaunch - ok
19:11:44.0828 0x07b4 [ C29A1C9B75BA38FA37F8C44405DEC360, 7476D8BC4380CDE56764B2034AF3741DA4ED00F315E41C9A02B5EAD04374F241 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
19:11:44.0984 0x07b4 Dhcp - ok
19:11:45.0015 0x07b4 [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
19:11:45.0156 0x07b4 Disk - ok
19:11:45.0156 0x07b4 dmadmin - ok
19:11:45.0234 0x07b4 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA, 89B0AEE5BE01B9FE4FF2989FF16DB6121721ACDFCE6D9655C0ACD321D8C308BE ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
19:11:45.0437 0x07b4 dmboot - ok
19:11:45.0453 0x07b4 [ 53720AB12B48719D00E327DA470A619A, 800264866A6267C9000A85D00095D57908D059D737E5F28C9C4049B884C46228 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
19:11:45.0609 0x07b4 dmio - ok
19:11:45.0640 0x07b4 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
19:11:45.0750 0x07b4 dmload - ok
19:11:45.0796 0x07b4 [ 25C83FFBBA13B554EB6D59A9B2E2EE78, 9FBD655ED3E9163AE11EC207F283E387EFBA5A23108EC790BAE4846B35E66F16 ] dmserver C:\WINDOWS\System32\dmserver.dll
19:11:45.0906 0x07b4 dmserver - ok
19:11:45.0921 0x07b4 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
19:11:46.0046 0x07b4 DMusic - ok
19:11:46.0093 0x07b4 [ 407F3227AC618FD1CA54B335B083DE07, 96B8E734648FE9A4EBA59C096C8779BD1A11A93A6303AFD438A406C8122D36C6 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
19:11:46.0109 0x07b4 Dnscache - ok
19:11:46.0156 0x07b4 [ 676E36C4FF5BCEA1900F44182B9723E6, 740CF18BD40E00FEA26CF0E6340C5D18F7D0B4390055FAEEC258B3AA790C4AE9 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
19:11:46.0296 0x07b4 Dot3svc - ok
19:11:46.0312 0x07b4 dpti2o - ok
19:11:46.0343 0x07b4 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
19:11:46.0453 0x07b4 drmkaud - ok
19:11:46.0484 0x07b4 [ 4E4F2FDDAB0A0736D7671134DCCE91FB, 8E2C57D1A006856C47CBDD5765A9DD317DB205B26DA8BFC70555A506257A1CD9 ] EapHost C:\WINDOWS\System32\eapsvc.dll
19:11:46.0625 0x07b4 EapHost - ok
19:11:46.0656 0x07b4 [ 178CC9403816C082D22A1D47FA1F9C85, B9AD7199C00D477EBBC15F2DCF78A6BA60C2670DAD0EF0994CEBCCB19111F890 ] ElbyCDIO C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
19:11:46.0671 0x07b4 ElbyCDIO - ok
19:11:46.0718 0x07b4 [ 877C18558D70587AA7823A1A308AC96B, 6B336A62112988D855513F45153F73F8470C41A448E9B7438B4A8EC1813AABF1 ] ERSvc C:\WINDOWS\System32\ersvc.dll
19:11:46.0828 0x07b4 ERSvc - ok
19:11:46.0859 0x07b4 [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] Eventlog C:\WINDOWS\system32\services.exe
19:11:46.0890 0x07b4 Eventlog - ok
19:11:46.0921 0x07b4 [ AF4F6B5739D18CA7972AB53E091CBC74, A399E2CC026730D3A429727AAB48093B9F1E5DD8EB6336519C7F16182FDB3905 ] EventSystem C:\WINDOWS\system32\es.dll
19:11:46.0968 0x07b4 EventSystem - ok
19:11:46.0984 0x07b4 [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
19:11:47.0109 0x07b4 Fastfat - ok
19:11:47.0156 0x07b4 [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
19:11:47.0171 0x07b4 FastUserSwitchingCompatibility - ok
19:11:47.0203 0x07b4 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
19:11:47.0312 0x07b4 Fdc - ok
19:11:47.0328 0x07b4 [ B0678A548587C5F1967B0D70BACAD6C1, 7E49910212ED87313F926E4800EA8D34809C287A686CA69B82B79C1A6451F88C ] Fips C:\WINDOWS\system32\drivers\Fips.sys
19:11:47.0437 0x07b4 Fips - ok
19:11:47.0453 0x07b4 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
19:11:47.0562 0x07b4 Flpydisk - ok
19:11:47.0609 0x07b4 [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
19:11:47.0734 0x07b4 FltMgr - ok
19:11:47.0796 0x07b4 [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
19:11:47.0812 0x07b4 FontCache3.0.0.0 - ok
19:11:47.0921 0x07b4 [ 3C36885FAD477629BE44BDC2D98682D6, 2A7B79E5896CAC37DB2C77C081B77FBD85F73333F4B50FD408CD0A04A2228239 ] Freemake Improver C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
19:11:47.0921 0x07b4 Freemake Improver - detected UnsignedFile.Multi.Generic ( 1 )
19:11:50.0250 0x07b4 Detect skipped due to KSN trusted
19:11:50.0250 0x07b4 Freemake Improver - ok
19:11:50.0312 0x07b4 [ 23BA2103F69C7E12138240C86030F954, 2BDA358530FC776B835B90AC551D3FEBD660A97620EA9724DD3A5741DD3AB66D ] FreemakeVideoCapture C:\Programme\Freemake\CaptureLib\CaptureLibService.exe
19:11:50.0312 0x07b4 FreemakeVideoCapture - detected UnsignedFile.Multi.Generic ( 1 )
19:11:52.0671 0x07b4 Detect skipped due to KSN trusted
19:11:52.0671 0x07b4 FreemakeVideoCapture - ok
19:11:52.0687 0x07b4 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:11:52.0812 0x07b4 Fs_Rec - ok
19:11:52.0843 0x07b4 [ 8F1955CE42E1484714B542F341647778, 8EB3F99625F409D3032561E8AB44BEFBFBFBA4EC873C2151C92A5CAAF7F2AA55 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:11:52.0953 0x07b4 Ftdisk - ok
19:11:53.0000 0x07b4 [ 9599A713E1776B8F69300FC9008F33C1, 8C1836847319D492EA6DC5DE3D4C57DB580B903F8B2AEFCD13B5E6054CE6B722 ] getPlusHelper C:\Programme\NOS\bin\getPlus_Helper.dll
19:11:53.0015 0x07b4 getPlusHelper - ok
19:11:53.0062 0x07b4 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:11:53.0171 0x07b4 Gpc - ok
19:11:53.0250 0x07b4 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Programme\Google\Update\GoogleUpdate.exe
19:11:53.0265 0x07b4 gupdate - ok
19:11:53.0265 0x07b4 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe
19:11:53.0281 0x07b4 gupdatem - ok
19:11:53.0328 0x07b4 [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
19:11:53.0343 0x07b4 gusvc - ok
19:11:53.0390 0x07b4 [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
19:11:53.0500 0x07b4 HDAudBus - ok
19:11:53.0609 0x07b4 [ CB66BF85BF599BEFD6C6A57C2E20357F, 55D3A0F9279FF316766F42548FCB61C452942B08A37590C4892DF110BE4E53C6 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
19:11:53.0750 0x07b4 helpsvc - ok
19:11:53.0781 0x07b4 [ 76E15E6D2E405D5020736A6C912968BA, F87BBF0782A89A3340C3FEC58CF2DEF35BBE11B69BE1B29DB57BF45FF4A592E3 ] HIDKbFlt C:\WINDOWS\system32\drivers\HIDKbFlt.sys
19:11:53.0796 0x07b4 HIDKbFlt - detected UnsignedFile.Multi.Generic ( 1 )
19:11:56.0125 0x07b4 Detect skipped due to KSN trusted
19:11:56.0125 0x07b4 HIDKbFlt - ok
19:11:56.0140 0x07b4 [ B35DA85E60C0103F2E4104532DA2F12B, E13C9F73DF7713554CB614B36123D75014F5121AA1FC9069733E61758751CBE4 ] HidServ C:\WINDOWS\System32\hidserv.dll
19:11:56.0265 0x07b4 HidServ - ok
19:11:56.0312 0x07b4 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:11:56.0421 0x07b4 HidUsb - ok
19:11:56.0500 0x07b4 [ ED29F14101523A6E0E808107405D452C, B8FA987637787BEECC2EB06D36293DAC355523392B49A8C5A9491EEE961917E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
19:11:56.0609 0x07b4 hkmsvc - ok
19:11:56.0625 0x07b4 hpn - ok
19:11:56.0671 0x07b4 [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
19:11:56.0687 0x07b4 HTTP - ok
19:11:56.0734 0x07b4 [ 9E4ADB854CEBCFB81A4B36718FEECD16, 677AB64460775686F8366D6BF35D420A2486C3F07338A00A7C2788A5142B9F08 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
19:11:56.0843 0x07b4 HTTPFilter - ok
19:11:56.0859 0x07b4 i2omgmt - ok
19:11:56.0859 0x07b4 i2omp - ok
19:11:56.0906 0x07b4 [ E283B97CFBEB86C1D86BAED5F7846A92, 7664F791D08C80DF1E52B34BE69F073AA645610C4BD975F498254807602374AB ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:11:57.0015 0x07b4 i8042prt - ok
19:11:57.0125 0x07b4 [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:11:57.0171 0x07b4 idsvc - ok
19:11:57.0203 0x07b4 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
19:11:57.0328 0x07b4 Imapi - ok
19:11:57.0375 0x07b4 [ D4B413AA210C21E46AEDD2BA5B68D38E, 2309622867AA8FC832A729FA78F48742D4BD6CA0DAFBFB9DDB0772D671E1ED75 ] ImapiService C:\WINDOWS\system32\imapi.exe
19:11:57.0484 0x07b4 ImapiService - ok
19:11:57.0500 0x07b4 ini910u - ok
19:11:57.0843 0x07b4 [ 2B1CDDFE53715372B2677ACE12FC9FE5, 40061A5CC3864A5B5A44212AFC493983087D54C603DCE3E9C291D8F9E846E26B ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
19:11:58.0156 0x07b4 IntcAzAudAddService - ok
19:11:58.0171 0x07b4 IntelIde - ok
19:11:58.0218 0x07b4 [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
19:11:58.0328 0x07b4 Ip6Fw - ok
19:11:58.0375 0x07b4 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:11:58.0484 0x07b4 IpFilterDriver - ok
19:11:58.0515 0x07b4 [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:11:58.0625 0x07b4 IpInIp - ok
19:11:58.0656 0x07b4 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:11:58.0781 0x07b4 IpNat - ok
19:11:58.0796 0x07b4 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:11:58.0921 0x07b4 IPSec - ok
19:11:58.0937 0x07b4 [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
19:11:59.0015 0x07b4 IRENUM - ok
19:11:59.0031 0x07b4 [ 6DFB88F64135C525433E87648BDA30DE, 8233EEFBEF36AAA152F2C55D23D7118F0DE40C9C22EB5D9793405A4770889540 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:11:59.0140 0x07b4 isapnp - ok
19:11:59.0171 0x07b4 [ 4AC11B2250106774F694DF2DB4FFED61, 99D0FF40CE5B6BCB46966770B0BC1C9FED9FF23D2635B2C9B1B148BE83B395AA ] Iviaspi C:\WINDOWS\system32\drivers\iviaspi.sys
19:11:59.0187 0x07b4 Iviaspi - detected UnsignedFile.Multi.Generic ( 1 )
19:12:01.0515 0x07b4 Detect skipped due to KSN trusted
19:12:01.0515 0x07b4 Iviaspi - ok
19:12:01.0531 0x07b4 [ 7BD8FF29FECC1F4EF5B26CE3FFA80AE8, AAA32579A1CF3FE0AB1627F3D7929CA62A3A8D9E27A1CD64F027C1DF999ECBFD ] iviVD C:\WINDOWS\system32\DRIVERS\iviVD.sys
19:12:01.0562 0x07b4 iviVD - ok
19:12:01.0609 0x07b4 [ 1704D8C4C8807B889E43C649B478A452, E854C90CD301F42BE2520CEDAD35E49DF2D43606CF4EEED861B74882118D04D1 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:12:01.0718 0x07b4 Kbdclass - ok
19:12:01.0750 0x07b4 [ B6D6C117D771C98130497265F26D1882, E79CC4EA5C088F988BA61F80764F9CAD9B78BC56A7E17DD54622C75483BC5DF4 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
19:12:01.0859 0x07b4 kbdhid - ok
19:12:01.0875 0x07b4 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
19:12:01.0984 0x07b4 kmixer - ok
19:12:02.0031 0x07b4 [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
19:12:02.0062 0x07b4 KSecDD - ok
19:12:02.0093 0x07b4 [ 2BBDCB79900990F0716DFCB714E72DE7, 6283789201164A9254632D9A3C8A54FE697717D5F8D5A37804D924DC2B70C8E3 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
19:12:02.0125 0x07b4 lanmanserver - ok
19:12:02.0171 0x07b4 [ 1869B14B06B44B44AF70548E1EA3303F, 4D63B4DAF580C86F86837C7D1753E2105B4C52E26D4CA0CAAFE83755EFF7AFBE ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
19:12:02.0187 0x07b4 lanmanworkstation - ok
19:12:02.0203 0x07b4 lbrtfdc - ok
19:12:02.0234 0x07b4 [ 636714B7D43C8D0C80449123FD266920, F06F6C7DC49B26EFCAC3570C67BA9BD934F62C6F382DA4DD2AB302C7B970F414 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
19:12:02.0343 0x07b4 LmHosts - ok
19:12:02.0375 0x07b4 [ 2C137B8C4F4076FDFFBB81E23EC99248, 55952CD3723C3E957E809C1DAD5C5A52F368AE32FBE0A1B12699E5251E74B806 ] mbamchameleon C:\WINDOWS\system32\drivers\mbamchameleon.sys
19:12:02.0390 0x07b4 mbamchameleon - ok
19:12:02.0500 0x07b4 [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1FFB32B2AF9D5D8 ] MDM C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
19:12:02.0515 0x07b4 MDM - ok
19:12:02.0546 0x07b4 [ B7550A7107281D170CE85524B1488C98, A3854B16A65436BEF6BEDE918B43B3BE8F00D303660DB5831DD376271DC43239 ] Messenger C:\WINDOWS\System32\msgsvc.dll
19:12:02.0656 0x07b4 Messenger - ok
19:12:02.0703 0x07b4 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
19:12:02.0796 0x07b4 mnmdd - ok
19:12:02.0828 0x07b4 [ C2F1D365FD96791B037EE504868065D3, 87BD87E08FD00D115524B049F1A3A719AB86557D68968E7090CD0F271F985CAF ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
19:12:02.0937 0x07b4 mnmsrvc - ok
19:12:02.0984 0x07b4 [ 6FB74EBD4EC57A6F1781DE3852CC3362, 0454509D9A31E0202C08AE17294E2682F227D177A3C73B303E4C8332757AFCA1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
19:12:03.0093 0x07b4 Modem - ok
19:12:03.0203 0x07b4 [ 9FA7207D1B1ADEAD88AE8EED9CDBBAA5, 2AC3875B2E7D9B0692253A9867B940CF214DE03574808B42C3702843BC1D5696 ] Monfilt C:\WINDOWS\system32\drivers\Monfilt.sys
19:12:03.0296 0x07b4 Monfilt - ok
19:12:03.0328 0x07b4 [ B24CE8005DEAB254C0251E15CB71D802, 6804A8ABDAD5EC846E7F8077D1EE9BA45D6226ACFF42C70BE3DE7C8980EF9EC4 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:12:03.0437 0x07b4 Mouclass - ok
19:12:03.0453 0x07b4 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
19:12:03.0562 0x07b4 MountMgr - ok
19:12:03.0609 0x07b4 [ 345477F02C308B7480702767218C86A2, 98AFB5CF35BD82BA44B8F52CBC5FA3760506ADD7892C2AA1A77E8DF71FC8523F ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
19:12:03.0625 0x07b4 MozillaMaintenance - ok
19:12:03.0640 0x07b4 mraid35x - ok
19:12:03.0640 0x07b4 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:12:03.0765 0x07b4 MRxDAV - ok
19:12:03.0828 0x07b4 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:12:03.0890 0x07b4 MRxSmb - ok
19:12:03.0937 0x07b4 [ 35A031AF38C55F92D28AA03EE9F12CC9, 97245D204C886EE8DCCC2DEAC80A0E358A7E0C1982F77389DA50DCF091FC9DDC ] MSDTC C:\WINDOWS\system32\msdtc.exe
19:12:04.0031 0x07b4 MSDTC - ok
19:12:04.0046 0x07b4 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
19:12:04.0171 0x07b4 Msfs - ok
19:12:04.0187 0x07b4 MSIServer - ok
19:12:04.0203 0x07b4 [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:12:04.0312 0x07b4 MSKSSRV - ok
19:12:04.0328 0x07b4 [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:12:04.0421 0x07b4 MSPCLOCK - ok
19:12:04.0437 0x07b4 [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
19:12:04.0531 0x07b4 MSPQM - ok
19:12:04.0593 0x07b4 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:12:04.0687 0x07b4 mssmbios - ok
19:12:04.0718 0x07b4 [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
19:12:04.0750 0x07b4 Mup - ok
19:12:04.0781 0x07b4 [ 46BB15AE2AC7D025D6D2567B876817BD, 102A101B96D1078C98FA0F871C801A9A8538E20E5686AB0C7680B2F6C92B3165 ] napagent C:\WINDOWS\System32\qagentrt.dll
19:12:04.0906 0x07b4 napagent - ok
19:12:04.0953 0x07b4 [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
19:12:05.0078 0x07b4 NDIS - ok
19:12:05.0109 0x07b4 [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:12:05.0125 0x07b4 NdisTapi - ok
19:12:05.0140 0x07b4 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:12:05.0234 0x07b4 Ndisuio - ok
19:12:05.0250 0x07b4 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:12:05.0359 0x07b4 NdisWan - ok
19:12:05.0390 0x07b4 [ 9282BD12DFB069D3889EB3FCC1000A9B, 09A46F1712BD9165068D8E153585FE3E6E5CBF4F1DDEC142115555D3A91AEC09 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
19:12:05.0406 0x07b4 NDProxy - ok
19:12:05.0453 0x07b4 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
19:12:05.0562 0x07b4 NetBIOS - ok
19:12:05.0609 0x07b4 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
19:12:05.0718 0x07b4 NetBT - ok
19:12:05.0750 0x07b4 [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDE C:\WINDOWS\system32\netdde.exe
19:12:05.0875 0x07b4 NetDDE - ok
19:12:05.0875 0x07b4 [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
19:12:05.0968 0x07b4 NetDDEdsdm - ok
19:12:06.0015 0x07b4 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] Netlogon C:\WINDOWS\system32\lsass.exe
19:12:06.0109 0x07b4 Netlogon - ok
19:12:06.0140 0x07b4 [ E6D88F1F6745BF00B57E7855A2AB696C, 12A5EDD853600FF5EBF91E127077745AE1E61E66DBC1D4D4306570F171AF4A39 ] Netman C:\WINDOWS\System32\netman.dll
19:12:06.0265 0x07b4 Netman - ok
19:12:06.0312 0x07b4 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:12:06.0312 0x07b4 NetTcpPortSharing - ok
19:12:06.0343 0x07b4 [ F1B67B6B0751AE0E6E964B02821206A3, 3D5A7593ABDEE2047C5738671C85DC8B95A4ECF58D5D7B04EEE13A689839A540 ] Nla C:\WINDOWS\System32\mswsock.dll
19:12:06.0375 0x07b4 Nla - ok
19:12:06.0453 0x07b4 [ 7AEA4DF1CA68FD45DD4BBE1F0243CE7F, 4CCE820F455512C41E4F98109FA6F048907DD3452D5A00D5F885C77F93C9C105 ] NMSAccess C:\Programme\CDBurnerXP\NMSAccessU.exe
19:12:06.0453 0x07b4 NMSAccess - ok
19:12:06.0500 0x07b4 [ B48DC6ABCD3AEFF8618350CCBDC6B09A, 824D8B03E061DDD0D33EF9F03C669B13E7B6E339684009BD44D69178C45E2DE1 ] npf C:\WINDOWS\system32\drivers\npf.sys
19:12:06.0515 0x07b4 npf - ok
19:12:06.0546 0x07b4 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
19:12:06.0703 0x07b4 Npfs - ok
19:12:06.0750 0x07b4 [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
19:12:06.0906 0x07b4 Ntfs - ok
19:12:06.0906 0x07b4 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
19:12:07.0015 0x07b4 NtLmSsp - ok
19:12:07.0078 0x07b4 [ 56AF4064996FA5BAC9C449B1514B4770, 154602EFEC22728503D4ABA025DF711B0F2CFC983F5E3BF25F2A4BCD1AE250EC ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
19:12:07.0218 0x07b4 NtmsSvc - ok
19:12:07.0250 0x07b4 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
19:12:07.0343 0x07b4 Null - ok
19:12:07.0968 0x07b4 [ 5AFC57ED9FE985DE99FC8A37884DAE10, B541C359108CC9D8864FE06AF0D4A77C7052C278AD4225A96180F5F96AD21381 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
19:12:08.0546 0x07b4 nv - ok
19:12:08.0625 0x07b4 [ EFC9A7307691E3C3DB8D2AA81A778356, EC9A04DC1828C3B4478A78F6DD8F702547902B8A12FF50E517D6A16751F6C910 ] NVHDA C:\WINDOWS\system32\drivers\nvhda32.sys
19:12:08.0640 0x07b4 NVHDA - ok
19:12:08.0687 0x07b4 [ F0FA6A2FE9DD2D164208384764110A36, 91F4A4CE9E3E9A5F014BCAD461958C773BC599510A7B7652EA4E2582A3FF52E6 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
19:12:08.0703 0x07b4 NVSvc - ok
19:12:08.0890 0x07b4 [ 005E474630A7AA05A617C574B702FEED, E7B8181232DAA787EE8B98DDB5775E4B33C82B4D2E4A27D3DCD9FBAA6663BD97 ] nvUpdatusService C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
19:12:09.0000 0x07b4 nvUpdatusService - ok
19:12:09.0015 0x07b4 [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:12:09.0140 0x07b4 NwlnkFlt - ok
19:12:09.0156 0x07b4 [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:12:09.0265 0x07b4 NwlnkFwd - ok
19:12:09.0312 0x07b4 [ F84785660305B9B903FB3BCA8BA29837, BDBDE61076800415D98759077E9E039C80B55DBE68E31F8BF44A909C6C3D3276 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
19:12:09.0406 0x07b4 Parport - ok
19:12:09.0421 0x07b4 [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
19:12:09.0531 0x07b4 PartMgr - ok
19:12:09.0562 0x07b4 [ C2BF987829099A3EAA2CA6A0A90ECB4F, 1DF21EA8E43875CFEECD869407429F82FB449707CFB845718499468E699BAAAA ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
19:12:09.0656 0x07b4 ParVdm - ok
19:12:09.0687 0x07b4 [ 387E8DEDC343AA2D1EFBC30580273ACD, 5F3E642BDB759777E570ED5B22AC7E93CDCD362708F281657AD7BAB44EDEC802 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
19:12:09.0796 0x07b4 PCI - ok
19:12:09.0796 0x07b4 PCIDump - ok
19:12:09.0843 0x07b4 [ 59BA86D9A61CBCF4DF8E598C331F5B82, 822D11C5CE77BFD7B2F25350CCBF92B0B9388EEA6D86ED220B768C720976D839 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
19:12:09.0937 0x07b4 PCIIde - ok
19:12:10.0000 0x07b4 [ A2A966B77D61847D61A3051DF87C8C97, 6CED7CA26DC62B0AAFC83A2E07336DAD25954491201BB8E06103971F3F0B8B51 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
19:12:10.0093 0x07b4 Pcmcia - ok
19:12:10.0093 0x07b4 PDCOMP - ok
19:12:10.0109 0x07b4 PDFRAME - ok
19:12:10.0109 0x07b4 PDRELI - ok
19:12:10.0125 0x07b4 PDRFRAME - ok
19:12:10.0125 0x07b4 perc2 - ok
19:12:10.0125 0x07b4 perc2hib - ok
19:12:10.0156 0x07b4 [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] PlugPlay C:\WINDOWS\system32\services.exe
19:12:10.0171 0x07b4 PlugPlay - ok
19:12:10.0187 0x07b4 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
19:12:10.0281 0x07b4 PolicyAgent - ok
19:12:10.0296 0x07b4 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:12:10.0406 0x07b4 PptpMiniport - ok
19:12:10.0421 0x07b4 [ 2CB55427C58679F49AD600FCCBA76360, 2B5242E9637FCB6A7C16F720C9D8D440AA88B61FB5F108B295A208886C01C4D1 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
19:12:10.0531 0x07b4 Processor - ok
19:12:10.0531 0x07b4 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
19:12:10.0625 0x07b4 ProtectedStorage - ok
19:12:10.0656 0x07b4 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
19:12:10.0765 0x07b4 PSched - ok
19:12:10.0796 0x07b4 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:12:10.0890 0x07b4 Ptilink - ok
19:12:10.0906 0x07b4 ql1080 - ok
19:12:10.0906 0x07b4 Ql10wnt - ok
19:12:10.0921 0x07b4 ql12160 - ok
19:12:10.0921 0x07b4 ql1240 - ok
19:12:10.0937 0x07b4 ql1280 - ok
19:12:10.0953 0x07b4 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:12:11.0062 0x07b4 RasAcd - ok
19:12:11.0093 0x07b4 [ F5BA6CACCDB66C8F048E867563203246, AFEAD8FC02313F7EBC8F9F39E7ED2868852B480BE3902FA7BD0AFD81492AB243 ] RasAuto C:\WINDOWS\System32\rasauto.dll
19:12:11.0203 0x07b4 RasAuto - ok
19:12:11.0218 0x07b4 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:12:11.0328 0x07b4 Rasl2tp - ok
19:12:11.0375 0x07b4 [ F9A7B66EA345726EDB5862A46B1ECCD5, 5D35429D394D36A1692A7E219BA1A85CD8096FEAE0F90BFE036A63118FEDBF57 ] RasMan C:\WINDOWS\System32\rasmans.dll
19:12:11.0500 0x07b4 RasMan - ok
19:12:11.0515 0x07b4 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:12:11.0625 0x07b4 RasPppoe - ok
19:12:11.0656 0x07b4 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
19:12:11.0765 0x07b4 Raspti - ok
19:12:11.0812 0x07b4 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:12:11.0921 0x07b4 Rdbss - ok
19:12:11.0937 0x07b4 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:12:12.0046 0x07b4 RDPCDD - ok
19:12:12.0078 0x07b4 [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
19:12:12.0187 0x07b4 rdpdr - ok
19:12:12.0234 0x07b4 [ FC105DD312ED64EB66BFF111E8EC6EAC, 1B29D928DDD43A1929D5A788648536603EA60AF6D4EC9BF0B20AD7F71BD88ACB ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
19:12:12.0265 0x07b4 RDPWD - ok
19:12:12.0296 0x07b4 [ 263AF18AF0F3DB99F574C95F284CCEC9, 2BFA9952E97EFEB386FC56EC2C125080CD12DAC078DBE43C395CB4D9F22165D3 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
19:12:12.0421 0x07b4 RDSessMgr - ok
19:12:12.0484 0x07b4 [ 96EFEC24346A8EB1157E80523079ADDC, 7F8FC284029856C754E400B6C954369FFE27763C81D8F4AF4E58BFDD44CBC24A ] RealNetworks Downloader Resolver Service C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe
19:12:12.0500 0x07b4 RealNetworks Downloader Resolver Service - ok
19:12:12.0515 0x07b4 [ ED761D453856F795A7FE056E42C36365, EF026585B33415D8FCE94A9F27D7A4396C7C35C88E06A4CF0FEA702401E8597A ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
19:12:12.0609 0x07b4 redbook - ok
19:12:12.0640 0x07b4 [ 0E97EC96D6942CEEC2D188CC2EB69A01, D4253B4420BEF19451A55AB91E4834482181A31A31134F6E2AFE05C8E20C81A5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
19:12:12.0750 0x07b4 RemoteAccess - ok
19:12:12.0796 0x07b4 [ E4CD1F3D84E1C2CA0B8CF7501E201593, 649CC0B04F94D407EB6B4C7FDE2C6E4D2B1531307BC67C5775E44D66EF2E4F8A ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
19:12:12.0906 0x07b4 RemoteRegistry - ok
19:12:12.0921 0x07b4 [ 2A02E21867497DF20B8FC95631395169, D89E2D17ED4E1C727847C0E92D2DF68AEB70BF0B956BD2FE024ED70A961759D2 ] RpcLocator C:\WINDOWS\system32\locator.exe
19:12:13.0046 0x07b4 RpcLocator - ok
19:12:13.0078 0x07b4 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] RpcSs C:\WINDOWS\system32\rpcss.dll
19:12:13.0109 0x07b4 RpcSs - ok
19:12:13.0140 0x07b4 [ 4BDD71B4B521521499DFD14735C4F398, 7B1498D3C67E56D05B58B7DA319ECB0117C37963AABB0E59B42831C087469DA1 ] RSVP C:\WINDOWS\system32\rsvp.exe
19:12:13.0250 0x07b4 RSVP - ok
19:12:13.0296 0x07b4 [ 00FD6811350E175585ABCF7D4A61DD90, 00B54CB6547E47E6A2B8AE4BB220E68BBFECF2188CB7DFE651B50F7FE6AC7E9D ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
19:12:13.0328 0x07b4 RTLE8023xp - ok
19:12:13.0328 0x07b4 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] SamSs C:\WINDOWS\system32\lsass.exe
19:12:13.0421 0x07b4 SamSs - ok
19:12:13.0468 0x07b4 [ DCEC079FAD95D36C8DD5CB6D779DFE32, F8546552D939A225853A0CE4913701A93738DF02C999D16E141E9A828814BBC6 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
19:12:13.0578 0x07b4 SCardSvr - ok
19:12:13.0625 0x07b4 [ A050194A44D7FA8D7186ED2F4E8367AE, BCDF56D5A2F9E202DC67E7FE4BCC617BCC0BDFF2D221A621020068B17B2855BB ] Schedule C:\WINDOWS\system32\schedsvc.dll
19:12:13.0734 0x07b4 Schedule - ok
19:12:13.0750 0x07b4 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:12:13.0812 0x07b4 Secdrv - ok
19:12:13.0843 0x07b4 [ BEE4CFD1D48C23B44CF4B974B0B79B2B, DF3B02D713F8A4602BE75F004074D5DF79AFF2D58FF37110B2A6AC29F680758B ] seclogon C:\WINDOWS\System32\seclogon.dll
19:12:13.0953 0x07b4 seclogon - ok
19:12:13.0968 0x07b4 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3, 95D83F054A6610328D56E56CD948A6618C590231853E56FC20E7557DB61384A4 ] SENS C:\WINDOWS\system32\sens.dll
19:12:14.0093 0x07b4 SENS - ok
19:12:14.0109 0x07b4 [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
19:12:14.0218 0x07b4 serenum - ok
19:12:14.0234 0x07b4 [ CF24EB4F0412C82BCD1F4F35A025E31D, B74CB094126F5C23F601C34D53B2DF5BE3E5918230AC9DCFCFFA8E66B3A0FA25 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
19:12:14.0343 0x07b4 Serial - ok
19:12:14.0375 0x07b4 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
19:12:14.0484 0x07b4 Sfloppy - ok
19:12:14.0546 0x07b4 [ CAD058D5F8B889A87CA3EB3CF624DCEF, A7CDCF44261D1F4D820927253EA8EBB63714B7BAFF8B08DE073507D9A7EEA5BB ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
19:12:14.0687 0x07b4 SharedAccess - ok
19:12:14.0718 0x07b4 [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:12:14.0734 0x07b4 ShellHWDetection - ok
19:12:14.0750 0x07b4 Simbad - ok
19:12:14.0750 0x07b4 Sparrow - ok
19:12:14.0796 0x07b4 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
19:12:14.0890 0x07b4 splitter - ok
19:12:14.0921 0x07b4 [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe
19:12:14.0953 0x07b4 Spooler - ok
19:12:14.0968 0x07b4 [ 50FA898F8C032796D3B1B9951BB5A90F, 1C86273EC19EB96D6DB9CE6670C00683B77C99C42CC2F7E75BC50872B93446B1 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
19:12:15.0031 0x07b4 sr - ok
19:12:15.0078 0x07b4 [ FE77A85495065F3AD59C5C65B6C54182, EB4BAF992F961B2FD5D24BFCB6BCB2142BC32933139A818835FEAB190E4283BB ] srservice C:\WINDOWS\system32\srsvc.dll
19:12:15.0156 0x07b4 srservice - ok
19:12:15.0218 0x07b4 [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
19:12:15.0265 0x07b4 Srv - ok
19:12:15.0312 0x07b4 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500, 2971D7D45D6942D310D47DBD19B9680D2D29527E79B86133C72217FD29259465 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
19:12:15.0375 0x07b4 SSDPSRV - ok
19:12:15.0390 0x07b4 [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
19:12:15.0390 0x07b4 ssmdrv - ok
19:12:15.0437 0x07b4 [ 3F0164FBC0BD1ADBD02DF9759181451A, 8BDAA0373BD16B38407F93FE5C697481D4D88C72B1931D6A7B9F80C0276242B9 ] ss_bbus C:\WINDOWS\system32\DRIVERS\ss_bbus.sys
19:12:15.0453 0x07b4 ss_bbus - ok
19:12:15.0484 0x07b4 [ B89D62206034E5FE573C80A24DD55675, 26D12E2A7CB538DDEEA7B764242E9EAE25E0A46293AE3608E6B7DD71AECBA901 ] ss_bmdfl C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys
19:12:15.0500 0x07b4 ss_bmdfl - ok
19:12:15.0546 0x07b4 [ 1ED0FCEA586FE2A416EE15196E5631DD, AF1EBAD7D580BF85ACD6C6287892DE4E7A679852887B9E866A032B1DDCF26183 ] ss_bmdm C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys
19:12:15.0562 0x07b4 ss_bmdm - ok
19:12:15.0625 0x07b4 [ 994D2E5378CC337EC7DD73C1E04FCAA4, 4320B6EFF5CFA40DCD7EF1ED1BB79AC29D5FC34FCFA97BA97333CB5ABD741E05 ] ss_bserd C:\WINDOWS\system32\DRIVERS\ss_bserd.sys
19:12:15.0640 0x07b4 ss_bserd - ok
19:12:15.0671 0x07b4 [ F92254B0BCFCD10CAAC7BCCC7CB7F467, A44B569F658BED53502C9155947759EE67FABEE306DA2A9ABE87141F99B251A3 ] StarOpen C:\WINDOWS\system32\drivers\StarOpen.sys
19:12:15.0687 0x07b4 StarOpen - detected UnsignedFile.Multi.Generic ( 1 )
19:12:18.0000 0x07b4 Detect skipped due to KSN trusted
19:12:18.0015 0x07b4 StarOpen - ok
19:12:18.0062 0x07b4 [ BC2C5985611C5356B24AEB370953DED9, 15CBAB8166827DC098E2B16AB6F49A1441A4CB52AF3588F0AD964CAB596DFE10 ] stisvc C:\WINDOWS\system32\wiaservc.dll
19:12:18.0203 0x07b4 stisvc - ok
19:12:18.0234 0x07b4 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
19:12:18.0343 0x07b4 swenum - ok
19:12:18.0359 0x07b4 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
19:12:18.0468 0x07b4 swmidi - ok
19:12:18.0484 0x07b4 SwPrv - ok
19:12:18.0484 0x07b4 symc810 - ok
19:12:18.0500 0x07b4 symc8xx - ok
19:12:18.0500 0x07b4 sym_hi - ok
19:12:18.0500 0x07b4 sym_u3 - ok
19:12:18.0515 0x07b4 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
19:12:18.0640 0x07b4 sysaudio - ok
19:12:18.0671 0x07b4 [ 2903FFFA2523926D6219428040DCE6B9, 4F13181931B0499F6C3F08138054DBCD1F84CB9806999A9172B80DE79D446F62 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
19:12:18.0781 0x07b4 SysmonLog - ok
19:12:18.0828 0x07b4 [ 05903CAC4B98908D55EA5774775B382E, AC3666CBD894D737874A5998DC7F46A0A51A7B23B1835FC735B9AD503A2191CC ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
19:12:18.0953 0x07b4 TapiSrv - ok
19:12:19.0015 0x07b4 [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:12:19.0078 0x07b4 Tcpip - ok
19:12:19.0109 0x07b4 [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
19:12:19.0203 0x07b4 TDPIPE - ok
19:12:19.0218 0x07b4 [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
19:12:19.0328 0x07b4 TDTCP - ok
19:12:19.0328 0x07b4 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
19:12:19.0437 0x07b4 TermDD - ok
19:12:19.0484 0x07b4 [ B7DE02C863D8F5A005A7BF375375A6A4, 6DE05A7B28CA5A78D58536347FC47F15883EEDBEF487CEA0117CC280FC582DCC ] TermService C:\WINDOWS\System32\termsrv.dll
19:12:19.0593 0x07b4 TermService - ok
19:12:19.0625 0x07b4 [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] Themes C:\WINDOWS\System32\shsvcs.dll
19:12:19.0640 0x07b4 Themes - ok
19:12:19.0687 0x07b4 [ 03681A1CE77F51586903869A5AB1DEAB, E2EC0A481412166B654682C2F3D953E96E757466135CBD2D813B967EDB13C721 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
19:12:19.0750 0x07b4 TlntSvr - ok
19:12:19.0765 0x07b4 TosIde - ok
19:12:19.0812 0x07b4 [ 626504572B175867F30F3215C04B3E2F, 47E87CE9BC666D5CB5953C5D497DC00A7CC28F8EC0A064B3E47700279C5C4B91 ] TrkWks C:\WINDOWS\system32\trkwks.dll
19:12:19.0906 0x07b4 TrkWks - ok
19:12:19.0921 0x07b4 [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
19:12:20.0046 0x07b4 Udfs - ok
19:12:20.0125 0x07b4 [ 4BD2C322118A2470B450492A0C3302F9, 31DD44C09F0165147B6E68F3865AF4EC3CF36C3D637501025076F748475DD38F ] UleadBurningHelper C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe
19:12:20.0125 0x07b4 UleadBurningHelper - ok
19:12:20.0140 0x07b4 ultra - ok
19:12:20.0171 0x07b4 [ AB0A7CA90D9E3D6A193905DC1715DED0, CA764A2B92E727E3398134CD50D5622B4EC387436A3644063DA1D114CE63BD64 ] UMWdf C:\WINDOWS\system32\wdfmgr.exe
19:12:20.0187 0x07b4 UMWdf - ok
19:12:20.0250 0x07b4 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
19:12:20.0390 0x07b4 Update - ok
19:12:20.0437 0x07b4 [ 1DFD8975D8C89214B98D9387C1125B49, 0B6B268487C8E45E9B86BF4A0A9DB669E0E45D600DE3C82B63F9986CA9E01082 ] upnphost C:\WINDOWS\System32\upnphost.dll
19:12:20.0515 0x07b4 upnphost - ok
19:12:20.0546 0x07b4 [ 9B11E6118958E63E1FEF129466E2BDA7, 97168BCE3F4A9BB9E6500F05E34851FB957B219C598944FADC28AC0011C0503B ] UPS C:\WINDOWS\System32\ups.exe
19:12:20.0656 0x07b4 UPS - ok
19:12:20.0687 0x07b4 [ E919708DB44ED8543A7C017953148330, 226D032912D396117213FC29CD0BB5A8B2F872DD91D92F254F2F1FE392481B61 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
19:12:20.0796 0x07b4 usbaudio - ok
19:12:20.0843 0x07b4 [ 173F317CE0DB8E21322E71B7E60A27E8, 7042441BA63AE38AE9D7BE0BC5CA7404FC9EE5BB3F084604A68F01E82769652A ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:12:20.0953 0x07b4 usbccgp - ok
19:12:20.0968 0x07b4 [ 65DCF09D0E37D4C6B11B5B0B76D470A7, 90EBA8BAF45932B453D905EDF2BDDDF3A432BFD50B9F7DF58CDEAE98D11C2E2F ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:12:21.0078 0x07b4 usbehci - ok
19:12:21.0109 0x07b4 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:12:21.0218 0x07b4 usbhub - ok
19:12:21.0218 0x07b4 [ 0DAECCE65366EA32B162F85F07C6753B, 3C33AC2FC95E876933F2016CF0CDA2745491679728684DA8DF95A515CE4804BD ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
19:12:21.0328 0x07b4 usbohci - ok
19:12:21.0343 0x07b4 [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
19:12:21.0453 0x07b4 usbprint - ok
19:12:21.0500 0x07b4 [ A0B8CF9DEB1184FBDD20784A58FA75D4, D8AFD45BD9CF7B02F2554AA6085194DE82893AF794EDF479BC9B9E9C1758DC75 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
19:12:21.0609 0x07b4 usbscan - ok
19:12:21.0640 0x07b4 [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:12:21.0765 0x07b4 USBSTOR - ok
19:12:21.0796 0x07b4 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
19:12:21.0906 0x07b4 VgaSave - ok
19:12:21.0906 0x07b4 ViaIde - ok
19:12:21.0921 0x07b4 [ A5A712F4E880874A477AF790B5186E1D, FE885ED04C3EAFC379787F836738A2769E43D07CF52DD917D90C38E001957A5E ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
19:12:22.0031 0x07b4 VolSnap - ok
19:12:22.0093 0x07b4 [ 68F106273BE29E7B7EF8266977268E78, 1488AB7A654EBC94C73E1D494067189ACB95BC233980110CAC4C0297CDC4115A ] VSS C:\WINDOWS\System32\vssvc.exe
19:12:22.0171 0x07b4 VSS - ok
19:12:22.0203 0x07b4 [ 7B353059E665F8B7AD2BBEAEF597CF45, 84A4311F18A4B8DCB364741DEA7D18E2363F19564B2EF25214965DC729527068 ] W32Time C:\WINDOWS\system32\w32time.dll
19:12:22.0312 0x07b4 W32Time - ok
19:12:22.0359 0x07b4 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:12:22.0453 0x07b4 Wanarp - ok
19:12:22.0468 0x07b4 WDICA - ok
19:12:22.0515 0x07b4 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
19:12:22.0609 0x07b4 wdmaud - ok
19:12:22.0656 0x07b4 [ 81727C9873E3905A2FFC1EBD07265002, 6AC2383A1DCBB7FA3DB90FBB874C8E1819F5B7492717FF41E303EFC7BF72F93E ] WebClient C:\WINDOWS\System32\webclnt.dll
19:12:22.0765 0x07b4 WebClient - ok
19:12:22.0843 0x07b4 [ 6F3F3973D97714CC5F906A19FE883729, 7817118BE94D0F6FAE0F9CE48AD70FFE0AEF886CCE09C666768FAB61047F992F ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
19:12:22.0953 0x07b4 winmgmt - ok
19:12:23.0015 0x07b4 [ 140EF97B64F560FD78643CAE2CDAD838, 1DEA8005220A3EFEC6E32A7DE4386026CCC1E5328E2FDCB82B1FB335905D1962 ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
19:12:23.0031 0x07b4 WmdmPmSN - ok
19:12:23.0078 0x07b4 [ FFA4D901D46D07A5BAB2D8307FBB51A6, 53C6D04D111EDF774C7F7EEB8D032B372E6244774D56B1B34CF1236027EC9450 ] Wmi C:\WINDOWS\System32\advapi32.dll
19:12:23.0125 0x07b4 Wmi - ok
19:12:23.0171 0x07b4 [ 93908111BA57A6E60EC2FA2DE202105C, F395F25F18D15C6B9FEDB45FD31E10295FFE5517E2BC86ACAC11904EA0664BE2 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
19:12:23.0281 0x07b4 WmiApSrv - ok
19:12:23.0312 0x07b4 [ 1385E5AA9C9821790D33A9563B8D2DD0, 35248DA1BBB6E88D6C7706B81A48F7EA4E4F2673228D69E622525D478B8E7220 ] WpdUsb C:\WINDOWS\system32\Drivers\wpdusb.sys
19:12:23.0328 0x07b4 WpdUsb - ok
19:12:23.0453 0x07b4 [ DCF3E3EDF5109EE8BC02FE6E1F045795, 4B8E14B1CFB095982D34DAEC336114F5039D7793080FB787DC95A63B6B945DD0 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:12:23.0484 0x07b4 WPFFontCache_v0400 - ok
19:12:23.0531 0x07b4 [ 300B3E84FAF1A5C1F791C159BA28035D, 0194856BDF94C1F274AF70AD558290ACDACDDEA331BD66FEB8E167ABD1E36786 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
19:12:23.0640 0x07b4 wscsvc - ok
19:12:23.0656 0x07b4 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085, A1DB8909FA73337DB613D01824945485186654364A4DF129B8CB913CF87D1D2E ] wuauserv C:\WINDOWS\system32\wuauserv.dll
19:12:23.0765 0x07b4 wuauserv - ok
19:12:23.0828 0x07b4 [ C4F109C005F6725162D2D12CA751E4A7, AC996B44338328BDD4442FE48406F286A64526F0EC77BE00A19FA7FDB0407CFE ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
19:12:23.0968 0x07b4 WZCSVC - ok
19:12:24.0015 0x07b4 [ 0ADA34871A2E1CD2CAAFED1237A47750, 45BEF8649078BD74C1A347B5F2D3A1958E5A7DCD6C6BA8A2E0CAD277A929C64E ] xmlprov C:\WINDOWS\System32\xmlprov.dll
19:12:24.0125 0x07b4 xmlprov - ok
19:12:24.0125 0x07b4 ================ Scan global ===============================
19:12:24.0156 0x07b4 [ 2C60091CA5F67C3032EAB3B30390C27F, 9E205C8E67F4B61FCFA2A82AA1968D522C3B6410D7075BE813F7F1564D61632E ] C:\WINDOWS\system32\basesrv.dll
19:12:24.0218 0x07b4 [ 77A50BBD2A1CD6D54A876BB63570E2A8, 80DBEE5B754952411470B9B8A813C989F7074EF6CC07A081A179E523C10C465E ] C:\WINDOWS\system32\winsrv.dll
19:12:24.0234 0x07b4 [ 77A50BBD2A1CD6D54A876BB63570E2A8, 80DBEE5B754952411470B9B8A813C989F7074EF6CC07A081A179E523C10C465E ] C:\WINDOWS\system32\winsrv.dll
19:12:24.0250 0x07b4 [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] C:\WINDOWS\system32\services.exe
19:12:24.0265 0x07b4 [ Global ] - ok
19:12:24.0265 0x07b4 ================ Scan MBR ==================================
19:12:24.0281 0x07b4 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
19:12:24.0484 0x07b4 \Device\Harddisk0\DR0 - ok
19:12:24.0484 0x07b4 ================ Scan VBR ==================================
19:12:24.0484 0x07b4 [ A7D120127FFBA7CD40328F0D53B5F71F ] \Device\Harddisk0\DR0\Partition1
19:12:24.0484 0x07b4 \Device\Harddisk0\DR0\Partition1 - ok
19:12:24.0500 0x07b4 [ 3B57FFE28F9E55442818CF2382708E72 ] \Device\Harddisk0\DR0\Partition2
19:12:24.0500 0x07b4 \Device\Harddisk0\DR0\Partition2 - ok
19:12:24.0500 0x07b4 ================ Scan generic autorun ======================
19:12:24.0640 0x07b4 [ A00F240E6B250E91536CE18BFE0A350C, 338DD25039D4BA97DF669493F6ED59D8E3448BE1F9E954E98B46B188B6359D45 ] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
19:12:24.0640 0x07b4 StartCCC - detected UnsignedFile.Multi.Generic ( 1 )
19:12:26.0953 0x07b4 Detect skipped due to KSN trusted
19:12:26.0953 0x07b4 StartCCC - ok
19:12:27.0906 0x07b4 [ D37F604F98E1FC2D7AEC8EF3515409D7, 570629023EBBF0D5070A84B33DAC32BAC11CE27E64F5A47B95B5C300AA5C1E15 ] C:\WINDOWS\RTHDCPL.EXE
19:12:28.0984 0x07b4 RTHDCPL - ok
19:12:29.0093 0x07b4 [ 37BF603C3685289CA684C4D3400A9DE7, 242379ED5F485E47897B15A1DC200B44B673147A636ADF640A32C72AEF8ABE40 ] C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe
19:12:29.0109 0x07b4 Adobe Reader Speed Launcher - ok
19:12:29.0234 0x07b4 [ 48BE298F7FD1BEF4D8FBACB04D8D95C4, D375B3F6E850E4B0EC81BAA0E554C356BE2248AA77C6C56F5267CA05460FE4EB ] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe
19:12:29.0281 0x07b4 Adobe ARM - ok
19:12:29.0359 0x07b4 [ 2CEC0358AEAF3D34E7FAEE85ED55E9EB, F682779B67B3BC958DEB0853E49F15EA2342E2CD299E2DFE4874E48559EBB683 ] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
19:12:29.0390 0x07b4 HPDJ Taskbar Utility - ok
19:12:29.0484 0x07b4 [ 2103DE800D67BFDD2EC58AE0F242A359, 8CA6797C6EAE8219FD04DF9F761853A0617AB54E6229F44DD1F186E8A9C360FE ] C:\Programme\Ulead Systems\Ulead VideoStudio 11\uvPL.exe
19:12:29.0515 0x07b4 UVS11 Preload - ok
19:12:29.0609 0x07b4 [ CAF03357DE72F8F19FA099581A685C1A, FD7647ECEB96CDAAC516FD40407C2E191703276DC2967475ED1AAD43544DD2C4 ] C:\Programme\QuickTime\qttask.exe
19:12:29.0671 0x07b4 QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
19:12:32.0000 0x07b4 Detect skipped due to KSN trusted
19:12:32.0000 0x07b4 QuickTime Task - ok
19:12:32.0046 0x07b4 [ CD63BDE3117B69C8B21C21DC348858FD, D061C54F037A3CAA0D954297A82C7CF8C40DD3F5188EE325B1780A75FC519566 ] C:\PROGRA~1\OfficeKB\OfficeKB.EXE
19:12:32.0062 0x07b4 OfficeKB - detected UnsignedFile.Multi.Generic ( 1 )
19:12:34.0437 0x07b4 OfficeKB ( UnsignedFile.Multi.Generic ) - warning
19:12:48.0843 0x07b4 [ E1F68E30FFE27E375A331E0C09CC1C43, 55EBC223C7177CE707B9672316E8EC28733AF943C50C6481717DA437147611EF ] C:\PROGRA~1\OfficeKB\KPDrv4XP.exe
19:12:48.0843 0x07b4 KPDrv4XP - detected UnsignedFile.Multi.Generic ( 1 )
19:12:55.0859 0x07b4 KPDrv4XP ( UnsignedFile.Multi.Generic ) - warning
19:12:58.0234 0x07b4 NvCplDaemon - ok
19:12:58.0234 0x07b4 NvMediaCenter - ok
19:12:58.0406 0x07b4 [ A23319A38290D9F495A076254D995499, B78D16FAC286ABBB36F1E7D8732886A793B82346B7BD85A575B70B673059120C ] C:\Programme\NVIDIA Corporation\nview\nwiz.exe
19:12:58.0531 0x07b4 nwiz - ok
19:12:58.0656 0x07b4 [ 1775BDBEF28FD1B0F0AC43F10F483E08, F7E6C3177CFFABF605CC86F585CBF1DE541732DD92F92D1AB97B9BFFB3F2C5A6 ] C:\Programme\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
19:12:58.0703 0x07b4 Nvtmru - ok
19:12:58.0812 0x07b4 [ 085F30DB0B38903940A4141E675BDC08, 3ABFB79C850D2B1976DB4DEF69AA031C4E18B5E240316908DDD16DEA4050365A ] C:\Programme\Avira\AntiVir Desktop\avgnt.exe
19:12:58.0859 0x07b4 avgnt - ok
19:12:58.0968 0x07b4 [ F6158734F1E24C6C510155CF0D363911, 320900BA90AF14E254CFAFA70FB15A0E77506217E47A406FA1ED821D0206FE29 ] C:\Programme\Real\RealPlayer\update\realsched.exe
19:12:58.0984 0x07b4 TkBellExe - ok
19:12:59.0031 0x07b4 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE
19:12:59.0140 0x07b4 CTFMON.EXE - ok
19:12:59.0140 0x07b4 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE
19:12:59.0234 0x07b4 CTFMON.EXE - ok
19:12:59.0250 0x07b4 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE
19:12:59.0343 0x07b4 CTFMON.EXE - ok
19:12:59.0343 0x07b4 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\ctfmon.exe
19:12:59.0437 0x07b4 CTFMON.EXE - ok
19:12:59.0562 0x07b4 [ E2AA953ED6A296B6BF399A783B32CCDE, 123380F79427FB05BB17699B34EF07E38C587A26C6380FA9311EF1F5E4F6A129 ] C:\Programme\Messenger\msmsgs.exe
19:12:59.0718 0x07b4 MSMSGS - ok
19:12:59.0906 0x07b4 [ E8405C87CD06FF5D69BC6F3B24D766D0, C82171BEDBFE593A04D09C2E20B0528AA3CEC722D6919F8A5C70C6EFFB9EFEAE ] C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
19:12:59.0921 0x07b4 AmazonMP3DownloaderHelper - ok
19:12:59.0953 0x07b4 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE
|
|
11.03.2015, 19:20
| #15 |
| | Maleware gefunden - was muß ich nun tun?Code:
ATTFilter 19:13:00.0046 0x07b4 CTFMON.EXE - ok
19:13:00.0046 0x07b4 Waiting for KSN requests completion. In queue: 11
19:13:01.0046 0x07b4 Waiting for KSN requests completion. In queue: 11
19:13:02.0046 0x07b4 Waiting for KSN requests completion. In queue: 11
19:13:03.0062 0x07b4 AV detected via SS1: Avira Desktop, 15.0.8.650, enabled, updated
19:13:03.0062 0x07b4 Win FW state via NFM: enabled
19:13:05.0453 0x07b4 ============================================================
19:13:05.0453 0x07b4 Scan finished
19:13:05.0453 0x07b4 ============================================================
19:13:05.0453 0x069c Detected object count: 2
19:13:05.0453 0x069c Actual detected object count: 2
19:13:16.0203 0x069c C:\PROGRA~1\OfficeKB\OfficeKB.EXE - copied to quarantine
19:13:16.0203 0x069c OfficeKB ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
19:13:16.0265 0x069c C:\PROGRA~1\OfficeKB\KPDrv4XP.exe - copied to quarantine
19:13:16.0265 0x069c KPDrv4XP ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
19:13:20.0937 0x0c10 ============================================================
19:13:20.0937 0x0c10 Scan started
19:13:20.0937 0x0c10 Mode: Manual; SigCheck; TDLFS;
19:13:20.0937 0x0c10 ============================================================
19:13:20.0937 0x0c10 KSN ping started
19:13:23.0250 0x0c10 KSN ping finished: true
19:13:23.0640 0x0c10 ================ Scan system memory ========================
19:13:23.0640 0x0c10 System memory - ok
19:13:23.0640 0x0c10 ================ Scan services =============================
19:13:23.0734 0x0c10 Abiosdsk - ok
19:13:23.0734 0x0c10 abp480n5 - ok
19:13:23.0781 0x0c10 [ AC407F1A62C3A300B4F2B5A9F1D55B2C, 31F5FC61B37E22100B3A52A590295A7E827FFC581FA9960C64B9032452AAECED ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:13:23.0906 0x0c10 ACPI - ok
19:13:23.0937 0x0c10 [ 9E1CA3160DAFB159CA14F83B1E317F75, 13B3E897B0E819BF734449416D9EC6EBCAC89538EC69BF48C068593B82D57004 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
19:13:24.0062 0x0c10 ACPIEC - ok
19:13:24.0125 0x0c10 [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:13:24.0156 0x0c10 AdobeFlashPlayerUpdateSvc - ok
19:13:24.0156 0x0c10 adpu160m - ok
19:13:24.0187 0x0c10 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
19:13:24.0281 0x0c10 aec - ok
19:13:24.0328 0x0c10 [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys
19:13:24.0359 0x0c10 AFD - ok
19:13:24.0359 0x0c10 Aha154x - ok
19:13:24.0359 0x0c10 aic78u2 - ok
19:13:24.0375 0x0c10 aic78xx - ok
19:13:24.0406 0x0c10 [ 738D80CC01D7BC7584BE917B7F544394, DCC17AAEF5CDDF52FAAC3CC6904EF421CD595F66318A2370BEE261D5C3A8E340 ] Alerter C:\WINDOWS\system32\alrsvc.dll
19:13:24.0515 0x0c10 Alerter - ok
19:13:24.0531 0x0c10 [ 190CD73D4984F94D823F9444980513E5, 93A32C2495CCA094F768BA707C74DA5C00B8A88A9236DD1A297439A7C2E6C6FA ] ALG C:\WINDOWS\System32\alg.exe
19:13:24.0593 0x0c10 ALG - ok
19:13:24.0609 0x0c10 AliIde - ok
19:13:24.0734 0x0c10 [ F6AF59D6EEE5E1C304F7F73706AD11D8, F5D39EF40CDB5102A84C8594CFC54DDBD5060E193E6D07421A9003D2ABC63E30 ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys
19:13:24.0875 0x0c10 Ambfilt - ok
19:13:24.0890 0x0c10 amsint - ok
19:13:25.0031 0x0c10 [ 963F57EDF1A5C72AC66173F3B7CB329B, 0934361B0A55F4C082D70F264FAB5D36BAC482C135275AE552D442E64B3D5C1D ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe
19:13:25.0062 0x0c10 AntiVirSchedulerService - ok
19:13:25.0125 0x0c10 [ 963F57EDF1A5C72AC66173F3B7CB329B, 0934361B0A55F4C082D70F264FAB5D36BAC482C135275AE552D442E64B3D5C1D ] AntiVirService C:\Programme\Avira\AntiVir Desktop\avguard.exe
19:13:25.0156 0x0c10 AntiVirService - ok
19:13:25.0203 0x0c10 [ D45960BE52C3C610D361977057F98C54, 9186589B502F46B47672CFB8EBD558D51B0F3CBFE4E0DDBA625A4265236518CE ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
19:13:25.0281 0x0c10 AppMgmt - ok
19:13:25.0281 0x0c10 asc - ok
19:13:25.0296 0x0c10 asc3350p - ok
19:13:25.0296 0x0c10 asc3550 - ok
19:13:25.0406 0x0c10 [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
19:13:25.0421 0x0c10 aspnet_state - ok
19:13:25.0453 0x0c10 [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:13:25.0562 0x0c10 AsyncMac - ok
19:13:25.0593 0x0c10 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
19:13:25.0734 0x0c10 atapi - ok
19:13:25.0734 0x0c10 Atdisk - ok
19:13:25.0812 0x0c10 [ 2A27A3A8634FB9E29F539D6D3ED3646A, 08C5E28BB1A3DC856C6B7956F6F47EE0AEFEB82E7E9474848DDFAFD8A627A281 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
19:13:25.0906 0x0c10 Ati HotKey Poller - ok
19:13:25.0968 0x0c10 [ 72810C6A63076A480ABCE0E0BA0BC981, 8551F6394A64C1270A573C75BC6EF326300FBC3F8E0BCD6F8BDA58874D65C036 ] ATI Smart C:\WINDOWS\system32\ati2sgag.exe
19:13:26.0015 0x0c10 ATI Smart - detected UnsignedFile.Multi.Generic ( 1 )
19:13:26.0015 0x0c10 Detect skipped due to KSN trusted
19:13:26.0015 0x0c10 ATI Smart - ok
19:13:26.0250 0x0c10 [ 8763EDE3E0CD40F5C3450571AC57F205, 8564071956609F679C511B87C0328578824A7C1ED08DE22CFC74DF589E6EEEF2 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
19:13:26.0484 0x0c10 ati2mtag - ok
19:13:26.0531 0x0c10 [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:13:26.0640 0x0c10 Atmarpc - ok
19:13:26.0671 0x0c10 [ 58ED0D5452DF7BE732193E7999C6B9A4, 254E2ECF592DDA2E3E6CA9F6F3E77926E2265586A7937BA95199ED47BCDE69A3 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
19:13:26.0781 0x0c10 AudioSrv - ok
19:13:26.0828 0x0c10 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
19:13:26.0921 0x0c10 audstub - ok
19:13:26.0953 0x0c10 [ AF5DA81B19AFA730F1E5246AD81D140A, 532951071F56896A3B5D47874C14D996C8620EA02F87D4BA21B083EC804FB166 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
19:13:26.0968 0x0c10 avgntflt - ok
19:13:26.0984 0x0c10 [ A5674637BCA212D9FE136ADFA04C9857, 95F3632EBB041C539816D285EBE1F379D46A4187379C69D4683D9F4DECBDB80C ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
19:13:27.0000 0x0c10 avipbb - ok
19:13:27.0015 0x0c10 [ D8C712305F73CD34D1B344810E522728, 49A474FF6CA44E8427D7A8290B47395125B0148AF384CF2B3B1FA495A4718CBA ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
19:13:27.0015 0x0c10 avkmgr - ok
19:13:27.0046 0x0c10 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
19:13:27.0156 0x0c10 Beep - ok
19:13:27.0234 0x0c10 [ D6F603772A789BB3228F310D650B8BD1, A539025C70FD998A9B8703DE05CAE5E99BC721D8852EA561EBC2DD20CB371D2E ] BITS C:\WINDOWS\system32\qmgr.dll
19:13:27.0375 0x0c10 BITS - ok
19:13:27.0421 0x0c10 [ B42057F06BBB98B31876C0B3F2B54E33, 779AF28378E8D37E784BEDBEE23DCFFC6C9C9068180F2A9058C91047E33ED078 ] Browser C:\WINDOWS\System32\browser.dll
19:13:27.0515 0x0c10 Browser - ok
19:13:27.0578 0x0c10 [ 1778EBA872274C1226D869CD9486847E, C76B8E07DD27E038B243A27C9FE6FB168731726638C83ADA29D18EE673D58835 ] Capture Device Service C:\Programme\Gemeinsame Dateien\InterVideo\DeviceService\DevSvc.exe
19:13:27.0593 0x0c10 Capture Device Service - ok
19:13:27.0609 0x0c10 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
19:13:27.0718 0x0c10 cbidf2k - ok
19:13:27.0734 0x0c10 cd20xrnt - ok
19:13:27.0750 0x0c10 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
19:13:27.0843 0x0c10 Cdaudio - ok
19:13:27.0859 0x0c10 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
19:13:27.0984 0x0c10 Cdfs - ok
19:13:28.0015 0x0c10 [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:13:28.0125 0x0c10 Cdrom - ok
19:13:28.0125 0x0c10 Changer - ok
19:13:28.0171 0x0c10 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E, ACB458E8A11AA2143734A5A0281973D95158E6402A6453F98F9832D1E19B01F9 ] CiSvc C:\WINDOWS\system32\cisvc.exe
19:13:28.0265 0x0c10 CiSvc - ok
19:13:28.0296 0x0c10 [ 778A30ED3C134EB7E406AFC407E9997D, 3E6AD115AB2596EB001BC21AEADDBC75F27C42DB90C986B7AD17743CE631234E ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
19:13:28.0406 0x0c10 ClipSrv - ok
19:13:28.0453 0x0c10 [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:13:28.0468 0x0c10 clr_optimization_v2.0.50727_32 - ok
19:13:28.0500 0x0c10 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:13:28.0515 0x0c10 clr_optimization_v4.0.30319_32 - ok
19:13:28.0531 0x0c10 CmdIde - ok
19:13:28.0531 0x0c10 COMSysApp - ok
19:13:28.0546 0x0c10 Cpqarray - ok
19:13:28.0609 0x0c10 [ 611F824E5C703A5A899F84C5F1699E4D, 9EFA5612FE58E9974E4CC13D39D91D7B5DEA3ED66BEFBED3AAE6D2800FD8162A ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
19:13:28.0703 0x0c10 CryptSvc - ok
19:13:28.0718 0x0c10 dac2w2k - ok
19:13:28.0718 0x0c10 dac960nt - ok
19:13:28.0781 0x0c10 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
19:13:28.0812 0x0c10 DcomLaunch - ok
19:13:28.0859 0x0c10 [ C29A1C9B75BA38FA37F8C44405DEC360, 7476D8BC4380CDE56764B2034AF3741DA4ED00F315E41C9A02B5EAD04374F241 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
19:13:28.0968 0x0c10 Dhcp - ok
19:13:29.0015 0x0c10 [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
19:13:29.0109 0x0c10 Disk - ok
19:13:29.0109 0x0c10 dmadmin - ok
19:13:29.0218 0x0c10 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA, 89B0AEE5BE01B9FE4FF2989FF16DB6121721ACDFCE6D9655C0ACD321D8C308BE ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
19:13:29.0375 0x0c10 dmboot - ok
19:13:29.0390 0x0c10 [ 53720AB12B48719D00E327DA470A619A, 800264866A6267C9000A85D00095D57908D059D737E5F28C9C4049B884C46228 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
19:13:29.0500 0x0c10 dmio - ok
19:13:29.0531 0x0c10 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
19:13:29.0640 0x0c10 dmload - ok
19:13:29.0671 0x0c10 [ 25C83FFBBA13B554EB6D59A9B2E2EE78, 9FBD655ED3E9163AE11EC207F283E387EFBA5A23108EC790BAE4846B35E66F16 ] dmserver C:\WINDOWS\System32\dmserver.dll
19:13:29.0765 0x0c10 dmserver - ok
19:13:29.0781 0x0c10 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
19:13:29.0875 0x0c10 DMusic - ok
19:13:29.0921 0x0c10 [ 407F3227AC618FD1CA54B335B083DE07, 96B8E734648FE9A4EBA59C096C8779BD1A11A93A6303AFD438A406C8122D36C6 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
19:13:29.0937 0x0c10 Dnscache - ok
19:13:29.0968 0x0c10 [ 676E36C4FF5BCEA1900F44182B9723E6, 740CF18BD40E00FEA26CF0E6340C5D18F7D0B4390055FAEEC258B3AA790C4AE9 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
19:13:30.0078 0x0c10 Dot3svc - ok
19:13:30.0078 0x0c10 dpti2o - ok
19:13:30.0109 0x0c10 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
19:13:30.0203 0x0c10 drmkaud - ok
19:13:30.0250 0x0c10 [ 4E4F2FDDAB0A0736D7671134DCCE91FB, 8E2C57D1A006856C47CBDD5765A9DD317DB205B26DA8BFC70555A506257A1CD9 ] EapHost C:\WINDOWS\System32\eapsvc.dll
19:13:30.0343 0x0c10 EapHost - ok
19:13:30.0375 0x0c10 [ 178CC9403816C082D22A1D47FA1F9C85, B9AD7199C00D477EBBC15F2DCF78A6BA60C2670DAD0EF0994CEBCCB19111F890 ] ElbyCDIO C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
19:13:30.0390 0x0c10 ElbyCDIO - ok
19:13:30.0421 0x0c10 [ 877C18558D70587AA7823A1A308AC96B, 6B336A62112988D855513F45153F73F8470C41A448E9B7438B4A8EC1813AABF1 ] ERSvc C:\WINDOWS\System32\ersvc.dll
19:13:30.0531 0x0c10 ERSvc - ok
19:13:30.0562 0x0c10 [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] Eventlog C:\WINDOWS\system32\services.exe
19:13:30.0578 0x0c10 Eventlog - ok
19:13:30.0625 0x0c10 [ AF4F6B5739D18CA7972AB53E091CBC74, A399E2CC026730D3A429727AAB48093B9F1E5DD8EB6336519C7F16182FDB3905 ] EventSystem C:\WINDOWS\system32\es.dll
19:13:30.0656 0x0c10 EventSystem - ok
19:13:30.0671 0x0c10 [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
19:13:30.0765 0x0c10 Fastfat - ok
19:13:30.0812 0x0c10 [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
19:13:30.0828 0x0c10 FastUserSwitchingCompatibility - ok
19:13:30.0859 0x0c10 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
19:13:30.0968 0x0c10 Fdc - ok
19:13:30.0968 0x0c10 [ B0678A548587C5F1967B0D70BACAD6C1, 7E49910212ED87313F926E4800EA8D34809C287A686CA69B82B79C1A6451F88C ] Fips C:\WINDOWS\system32\drivers\Fips.sys
19:13:31.0062 0x0c10 Fips - ok
19:13:31.0078 0x0c10 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
19:13:31.0171 0x0c10 Flpydisk - ok
19:13:31.0203 0x0c10 [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
19:13:31.0312 0x0c10 FltMgr - ok
19:13:31.0375 0x0c10 [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
19:13:31.0390 0x0c10 FontCache3.0.0.0 - ok
19:13:31.0500 0x0c10 [ 3C36885FAD477629BE44BDC2D98682D6, 2A7B79E5896CAC37DB2C77C081B77FBD85F73333F4B50FD408CD0A04A2228239 ] Freemake Improver C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
19:13:31.0500 0x0c10 Freemake Improver - detected UnsignedFile.Multi.Generic ( 1 )
19:13:31.0500 0x0c10 Detect skipped due to KSN trusted
19:13:31.0500 0x0c10 Freemake Improver - ok
19:13:31.0609 0x0c10 [ 23BA2103F69C7E12138240C86030F954, 2BDA358530FC776B835B90AC551D3FEBD660A97620EA9724DD3A5741DD3AB66D ] FreemakeVideoCapture C:\Programme\Freemake\CaptureLib\CaptureLibService.exe
19:13:31.0609 0x0c10 FreemakeVideoCapture - detected UnsignedFile.Multi.Generic ( 1 )
19:13:31.0609 0x0c10 Detect skipped due to KSN trusted
19:13:31.0609 0x0c10 FreemakeVideoCapture - ok
19:13:31.0625 0x0c10 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:13:31.0718 0x0c10 Fs_Rec - ok
19:13:31.0734 0x0c10 [ 8F1955CE42E1484714B542F341647778, 8EB3F99625F409D3032561E8AB44BEFBFBFBA4EC873C2151C92A5CAAF7F2AA55 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:13:31.0828 0x0c10 Ftdisk - ok
19:13:31.0890 0x0c10 [ 9599A713E1776B8F69300FC9008F33C1, 8C1836847319D492EA6DC5DE3D4C57DB580B903F8B2AEFCD13B5E6054CE6B722 ] getPlusHelper C:\Programme\NOS\bin\getPlus_Helper.dll
19:13:31.0906 0x0c10 getPlusHelper - ok
19:13:31.0921 0x0c10 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:13:32.0031 0x0c10 Gpc - ok
19:13:32.0093 0x0c10 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Programme\Google\Update\GoogleUpdate.exe
19:13:32.0109 0x0c10 gupdate - ok
19:13:32.0109 0x0c10 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Programme\Google\Update\GoogleUpdate.exe
19:13:32.0125 0x0c10 gupdatem - ok
19:13:32.0171 0x0c10 [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
19:13:32.0187 0x0c10 gusvc - ok
19:13:32.0234 0x0c10 [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
19:13:32.0343 0x0c10 HDAudBus - ok
19:13:32.0406 0x0c10 [ CB66BF85BF599BEFD6C6A57C2E20357F, 55D3A0F9279FF316766F42548FCB61C452942B08A37590C4892DF110BE4E53C6 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
19:13:32.0500 0x0c10 helpsvc - ok
19:13:32.0546 0x0c10 [ 76E15E6D2E405D5020736A6C912968BA, F87BBF0782A89A3340C3FEC58CF2DEF35BBE11B69BE1B29DB57BF45FF4A592E3 ] HIDKbFlt C:\WINDOWS\system32\drivers\HIDKbFlt.sys
19:13:32.0546 0x0c10 HIDKbFlt - detected UnsignedFile.Multi.Generic ( 1 )
19:13:32.0546 0x0c10 Detect skipped due to KSN trusted
19:13:32.0546 0x0c10 HIDKbFlt - ok
19:13:32.0593 0x0c10 [ B35DA85E60C0103F2E4104532DA2F12B, E13C9F73DF7713554CB614B36123D75014F5121AA1FC9069733E61758751CBE4 ] HidServ C:\WINDOWS\System32\hidserv.dll
19:13:32.0703 0x0c10 HidServ - ok
19:13:32.0734 0x0c10 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:13:32.0828 0x0c10 HidUsb - ok
19:13:32.0906 0x0c10 [ ED29F14101523A6E0E808107405D452C, B8FA987637787BEECC2EB06D36293DAC355523392B49A8C5A9491EEE961917E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
19:13:33.0000 0x0c10 hkmsvc - ok
19:13:33.0015 0x0c10 hpn - ok
19:13:33.0062 0x0c10 [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
19:13:33.0078 0x0c10 HTTP - ok
19:13:33.0125 0x0c10 [ 9E4ADB854CEBCFB81A4B36718FEECD16, 677AB64460775686F8366D6BF35D420A2486C3F07338A00A7C2788A5142B9F08 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
19:13:33.0218 0x0c10 HTTPFilter - ok
19:13:33.0234 0x0c10 i2omgmt - ok
19:13:33.0234 0x0c10 i2omp - ok
19:13:33.0265 0x0c10 [ E283B97CFBEB86C1D86BAED5F7846A92, 7664F791D08C80DF1E52B34BE69F073AA645610C4BD975F498254807602374AB ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:13:33.0359 0x0c10 i8042prt - ok
19:13:33.0484 0x0c10 [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:13:33.0531 0x0c10 idsvc - ok
19:13:33.0546 0x0c10 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
19:13:33.0640 0x0c10 Imapi - ok
19:13:33.0687 0x0c10 [ D4B413AA210C21E46AEDD2BA5B68D38E, 2309622867AA8FC832A729FA78F48742D4BD6CA0DAFBFB9DDB0772D671E1ED75 ] ImapiService C:\WINDOWS\system32\imapi.exe
19:13:33.0781 0x0c10 ImapiService - ok
19:13:33.0796 0x0c10 ini910u - ok
19:13:34.0109 0x0c10 [ 2B1CDDFE53715372B2677ACE12FC9FE5, 40061A5CC3864A5B5A44212AFC493983087D54C603DCE3E9C291D8F9E846E26B ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
19:13:34.0421 0x0c10 IntcAzAudAddService - ok
19:13:34.0453 0x0c10 IntelIde - ok
19:13:34.0468 0x0c10 [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
19:13:34.0562 0x0c10 Ip6Fw - ok
19:13:34.0593 0x0c10 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:13:34.0703 0x0c10 IpFilterDriver - ok
19:13:34.0703 0x0c10 [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:13:34.0796 0x0c10 IpInIp - ok
19:13:34.0843 0x0c10 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:13:34.0937 0x0c10 IpNat - ok
19:13:34.0953 0x0c10 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:13:35.0046 0x0c10 IPSec - ok
19:13:35.0062 0x0c10 [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
19:13:35.0125 0x0c10 IRENUM - ok
19:13:35.0156 0x0c10 [ 6DFB88F64135C525433E87648BDA30DE, 8233EEFBEF36AAA152F2C55D23D7118F0DE40C9C22EB5D9793405A4770889540 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:13:35.0250 0x0c10 isapnp - ok
19:13:35.0281 0x0c10 [ 4AC11B2250106774F694DF2DB4FFED61, 99D0FF40CE5B6BCB46966770B0BC1C9FED9FF23D2635B2C9B1B148BE83B395AA ] Iviaspi C:\WINDOWS\system32\drivers\iviaspi.sys
19:13:35.0281 0x0c10 Iviaspi - detected UnsignedFile.Multi.Generic ( 1 )
19:13:35.0281 0x0c10 Detect skipped due to KSN trusted
19:13:35.0281 0x0c10 Iviaspi - ok
19:13:35.0312 0x0c10 [ 7BD8FF29FECC1F4EF5B26CE3FFA80AE8, AAA32579A1CF3FE0AB1627F3D7929CA62A3A8D9E27A1CD64F027C1DF999ECBFD ] iviVD C:\WINDOWS\system32\DRIVERS\iviVD.sys
19:13:35.0328 0x0c10 iviVD - ok
19:13:35.0343 0x0c10 [ 1704D8C4C8807B889E43C649B478A452, E854C90CD301F42BE2520CEDAD35E49DF2D43606CF4EEED861B74882118D04D1 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:13:35.0437 0x0c10 Kbdclass - ok
19:13:35.0484 0x0c10 [ B6D6C117D771C98130497265F26D1882, E79CC4EA5C088F988BA61F80764F9CAD9B78BC56A7E17DD54622C75483BC5DF4 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
19:13:35.0578 0x0c10 kbdhid - ok
19:13:35.0609 0x0c10 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
19:13:35.0703 0x0c10 kmixer - ok
19:13:35.0750 0x0c10 [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
19:13:35.0765 0x0c10 KSecDD - ok
19:13:35.0812 0x0c10 [ 2BBDCB79900990F0716DFCB714E72DE7, 6283789201164A9254632D9A3C8A54FE697717D5F8D5A37804D924DC2B70C8E3 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
19:13:35.0828 0x0c10 lanmanserver - ok
19:13:35.0859 0x0c10 [ 1869B14B06B44B44AF70548E1EA3303F, 4D63B4DAF580C86F86837C7D1753E2105B4C52E26D4CA0CAAFE83755EFF7AFBE ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
19:13:35.0890 0x0c10 lanmanworkstation - ok
19:13:35.0890 0x0c10 lbrtfdc - ok
19:13:35.0937 0x0c10 [ 636714B7D43C8D0C80449123FD266920, F06F6C7DC49B26EFCAC3570C67BA9BD934F62C6F382DA4DD2AB302C7B970F414 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
19:13:36.0031 0x0c10 LmHosts - ok
19:13:36.0062 0x0c10 [ 2C137B8C4F4076FDFFBB81E23EC99248, 55952CD3723C3E957E809C1DAD5C5A52F368AE32FBE0A1B12699E5251E74B806 ] mbamchameleon C:\WINDOWS\system32\drivers\mbamchameleon.sys
19:13:36.0078 0x0c10 mbamchameleon - ok
19:13:36.0171 0x0c10 [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1FFB32B2AF9D5D8 ] MDM C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
19:13:36.0203 0x0c10 MDM - ok
19:13:36.0218 0x0c10 [ B7550A7107281D170CE85524B1488C98, A3854B16A65436BEF6BEDE918B43B3BE8F00D303660DB5831DD376271DC43239 ] Messenger C:\WINDOWS\System32\msgsvc.dll
19:13:36.0312 0x0c10 Messenger - ok
19:13:36.0343 0x0c10 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
19:13:36.0437 0x0c10 mnmdd - ok
19:13:36.0468 0x0c10 [ C2F1D365FD96791B037EE504868065D3, 87BD87E08FD00D115524B049F1A3A719AB86557D68968E7090CD0F271F985CAF ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
19:13:36.0562 0x0c10 mnmsrvc - ok
19:13:36.0593 0x0c10 [ 6FB74EBD4EC57A6F1781DE3852CC3362, 0454509D9A31E0202C08AE17294E2682F227D177A3C73B303E4C8332757AFCA1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
19:13:36.0687 0x0c10 Modem - ok
19:13:36.0812 0x0c10 [ 9FA7207D1B1ADEAD88AE8EED9CDBBAA5, 2AC3875B2E7D9B0692253A9867B940CF214DE03574808B42C3702843BC1D5696 ] Monfilt C:\WINDOWS\system32\drivers\Monfilt.sys
19:13:36.0906 0x0c10 Monfilt - ok
19:13:36.0937 0x0c10 [ B24CE8005DEAB254C0251E15CB71D802, 6804A8ABDAD5EC846E7F8077D1EE9BA45D6226ACFF42C70BE3DE7C8980EF9EC4 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:13:37.0031 0x0c10 Mouclass - ok
19:13:37.0046 0x0c10 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
19:13:37.0140 0x0c10 MountMgr - ok
19:13:37.0187 0x0c10 [ 345477F02C308B7480702767218C86A2, 98AFB5CF35BD82BA44B8F52CBC5FA3760506ADD7892C2AA1A77E8DF71FC8523F ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
19:13:37.0203 0x0c10 MozillaMaintenance - ok
19:13:37.0203 0x0c10 mraid35x - ok
19:13:37.0218 0x0c10 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:13:37.0328 0x0c10 MRxDAV - ok
19:13:37.0375 0x0c10 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:13:37.0421 0x0c10 MRxSmb - ok
19:13:37.0453 0x0c10 [ 35A031AF38C55F92D28AA03EE9F12CC9, 97245D204C886EE8DCCC2DEAC80A0E358A7E0C1982F77389DA50DCF091FC9DDC ] MSDTC C:\WINDOWS\system32\msdtc.exe
19:13:37.0546 0x0c10 MSDTC - ok
19:13:37.0593 0x0c10 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
19:13:37.0703 0x0c10 Msfs - ok
19:13:37.0703 0x0c10 MSIServer - ok
19:13:37.0734 0x0c10 [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:13:37.0828 0x0c10 MSKSSRV - ok
19:13:37.0843 0x0c10 [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:13:37.0937 0x0c10 MSPCLOCK - ok
19:13:37.0953 0x0c10 [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
19:13:38.0046 0x0c10 MSPQM - ok
19:13:38.0078 0x0c10 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:13:38.0171 0x0c10 mssmbios - ok
19:13:38.0234 0x0c10 [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
19:13:38.0234 0x0c10 Mup - ok
19:13:38.0281 0x0c10 [ 46BB15AE2AC7D025D6D2567B876817BD, 102A101B96D1078C98FA0F871C801A9A8538E20E5686AB0C7680B2F6C92B3165 ] napagent C:\WINDOWS\System32\qagentrt.dll
19:13:38.0390 0x0c10 napagent - ok
19:13:38.0421 0x0c10 [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
19:13:38.0515 0x0c10 NDIS - ok
19:13:38.0562 0x0c10 [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:13:38.0578 0x0c10 NdisTapi - ok
19:13:38.0609 0x0c10 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:13:38.0703 0x0c10 Ndisuio - ok
19:13:38.0718 0x0c10 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:13:38.0812 0x0c10 NdisWan - ok
19:13:38.0859 0x0c10 [ 9282BD12DFB069D3889EB3FCC1000A9B, 09A46F1712BD9165068D8E153585FE3E6E5CBF4F1DDEC142115555D3A91AEC09 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
19:13:38.0875 0x0c10 NDProxy - ok
19:13:38.0906 0x0c10 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
19:13:39.0015 0x0c10 NetBIOS - ok
19:13:39.0031 0x0c10 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
19:13:39.0140 0x0c10 NetBT - ok
19:13:39.0171 0x0c10 [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDE C:\WINDOWS\system32\netdde.exe
19:13:39.0265 0x0c10 NetDDE - ok
19:13:39.0281 0x0c10 [ 8ACE4251BFFD09CE75679FE940E996CC, 81969521B5EAEA09ECA63058BE9697BB69AF2596339CA9DF0CFEDC031DCFDC7E ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
19:13:39.0375 0x0c10 NetDDEdsdm - ok
19:13:39.0406 0x0c10 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] Netlogon C:\WINDOWS\system32\lsass.exe
19:13:39.0500 0x0c10 Netlogon - ok
19:13:39.0531 0x0c10 [ E6D88F1F6745BF00B57E7855A2AB696C, 12A5EDD853600FF5EBF91E127077745AE1E61E66DBC1D4D4306570F171AF4A39 ] Netman C:\WINDOWS\System32\netman.dll
19:13:39.0640 0x0c10 Netman - ok
19:13:39.0671 0x0c10 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:13:39.0687 0x0c10 NetTcpPortSharing - ok
19:13:39.0718 0x0c10 [ F1B67B6B0751AE0E6E964B02821206A3, 3D5A7593ABDEE2047C5738671C85DC8B95A4ECF58D5D7B04EEE13A689839A540 ] Nla C:\WINDOWS\System32\mswsock.dll
19:13:39.0734 0x0c10 Nla - ok
19:13:39.0812 0x0c10 [ 7AEA4DF1CA68FD45DD4BBE1F0243CE7F, 4CCE820F455512C41E4F98109FA6F048907DD3452D5A00D5F885C77F93C9C105 ] NMSAccess C:\Programme\CDBurnerXP\NMSAccessU.exe
19:13:39.0812 0x0c10 NMSAccess - ok
19:13:39.0859 0x0c10 [ B48DC6ABCD3AEFF8618350CCBDC6B09A, 824D8B03E061DDD0D33EF9F03C669B13E7B6E339684009BD44D69178C45E2DE1 ] npf C:\WINDOWS\system32\drivers\npf.sys
19:13:39.0859 0x0c10 npf - ok
19:13:39.0906 0x0c10 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
19:13:40.0000 0x0c10 Npfs - ok
19:13:40.0046 0x0c10 [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
19:13:40.0171 0x0c10 Ntfs - ok
19:13:40.0187 0x0c10 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
19:13:40.0296 0x0c10 NtLmSsp - ok
19:13:40.0359 0x0c10 [ 56AF4064996FA5BAC9C449B1514B4770, 154602EFEC22728503D4ABA025DF711B0F2CFC983F5E3BF25F2A4BCD1AE250EC ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
19:13:40.0468 0x0c10 NtmsSvc - ok
19:13:40.0500 0x0c10 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
19:13:40.0593 0x0c10 Null - ok
19:13:41.0203 0x0c10 [ 5AFC57ED9FE985DE99FC8A37884DAE10, B541C359108CC9D8864FE06AF0D4A77C7052C278AD4225A96180F5F96AD21381 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
19:13:41.0812 0x0c10 nv - ok
19:13:41.0875 0x0c10 [ EFC9A7307691E3C3DB8D2AA81A778356, EC9A04DC1828C3B4478A78F6DD8F702547902B8A12FF50E517D6A16751F6C910 ] NVHDA C:\WINDOWS\system32\drivers\nvhda32.sys
19:13:41.0890 0x0c10 NVHDA - ok
19:13:41.0937 0x0c10 [ F0FA6A2FE9DD2D164208384764110A36, 91F4A4CE9E3E9A5F014BCAD461958C773BC599510A7B7652EA4E2582A3FF52E6 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
19:13:41.0953 0x0c10 NVSvc - ok
19:13:42.0140 0x0c10 [ 005E474630A7AA05A617C574B702FEED, E7B8181232DAA787EE8B98DDB5775E4B33C82B4D2E4A27D3DCD9FBAA6663BD97 ] nvUpdatusService C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
19:13:42.0250 0x0c10 nvUpdatusService - ok
19:13:42.0265 0x0c10 [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:13:42.0359 0x0c10 NwlnkFlt - ok
19:13:42.0390 0x0c10 [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:13:42.0484 0x0c10 NwlnkFwd - ok
19:13:42.0515 0x0c10 [ F84785660305B9B903FB3BCA8BA29837, BDBDE61076800415D98759077E9E039C80B55DBE68E31F8BF44A909C6C3D3276 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
19:13:42.0625 0x0c10 Parport - ok
19:13:42.0640 0x0c10 [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
19:13:42.0734 0x0c10 PartMgr - ok
19:13:42.0781 0x0c10 [ C2BF987829099A3EAA2CA6A0A90ECB4F, 1DF21EA8E43875CFEECD869407429F82FB449707CFB845718499468E699BAAAA ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
19:13:42.0875 0x0c10 ParVdm - ok
19:13:42.0875 0x0c10 [ 387E8DEDC343AA2D1EFBC30580273ACD, 5F3E642BDB759777E570ED5B22AC7E93CDCD362708F281657AD7BAB44EDEC802 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
19:13:42.0984 0x0c10 PCI - ok
19:13:42.0984 0x0c10 PCIDump - ok
19:13:43.0031 0x0c10 [ 59BA86D9A61CBCF4DF8E598C331F5B82, 822D11C5CE77BFD7B2F25350CCBF92B0B9388EEA6D86ED220B768C720976D839 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
19:13:43.0125 0x0c10 PCIIde - ok
19:13:43.0140 0x0c10 [ A2A966B77D61847D61A3051DF87C8C97, 6CED7CA26DC62B0AAFC83A2E07336DAD25954491201BB8E06103971F3F0B8B51 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
19:13:43.0234 0x0c10 Pcmcia - ok
19:13:43.0250 0x0c10 PDCOMP - ok
19:13:43.0250 0x0c10 PDFRAME - ok
19:13:43.0265 0x0c10 PDRELI - ok
19:13:43.0265 0x0c10 PDRFRAME - ok
19:13:43.0281 0x0c10 perc2 - ok
19:13:43.0281 0x0c10 perc2hib - ok
19:13:43.0312 0x0c10 [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] PlugPlay C:\WINDOWS\system32\services.exe
19:13:43.0328 0x0c10 PlugPlay - ok
19:13:43.0343 0x0c10 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
19:13:43.0437 0x0c10 PolicyAgent - ok
19:13:43.0453 0x0c10 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:13:43.0546 0x0c10 PptpMiniport - ok
19:13:43.0593 0x0c10 [ 2CB55427C58679F49AD600FCCBA76360, 2B5242E9637FCB6A7C16F720C9D8D440AA88B61FB5F108B295A208886C01C4D1 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
19:13:43.0687 0x0c10 Processor - ok
19:13:43.0703 0x0c10 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
19:13:43.0796 0x0c10 ProtectedStorage - ok
19:13:43.0812 0x0c10 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
19:13:43.0906 0x0c10 PSched - ok
19:13:43.0937 0x0c10 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:13:44.0031 0x0c10 Ptilink - ok
19:13:44.0046 0x0c10 ql1080 - ok
19:13:44.0046 0x0c10 Ql10wnt - ok
19:13:44.0062 0x0c10 ql12160 - ok
19:13:44.0062 0x0c10 ql1240 - ok
19:13:44.0078 0x0c10 ql1280 - ok
19:13:44.0078 0x0c10 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:13:44.0171 0x0c10 RasAcd - ok
19:13:44.0203 0x0c10 [ F5BA6CACCDB66C8F048E867563203246, AFEAD8FC02313F7EBC8F9F39E7ED2868852B480BE3902FA7BD0AFD81492AB243 ] RasAuto C:\WINDOWS\System32\rasauto.dll
19:13:44.0296 0x0c10 RasAuto - ok
19:13:44.0328 0x0c10 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:13:44.0421 0x0c10 Rasl2tp - ok
19:13:44.0468 0x0c10 [ F9A7B66EA345726EDB5862A46B1ECCD5, 5D35429D394D36A1692A7E219BA1A85CD8096FEAE0F90BFE036A63118FEDBF57 ] RasMan C:\WINDOWS\System32\rasmans.dll
19:13:44.0578 0x0c10 RasMan - ok
19:13:44.0609 0x0c10 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:13:44.0703 0x0c10 RasPppoe - ok
19:13:44.0718 0x0c10 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
19:13:44.0812 0x0c10 Raspti - ok
19:13:44.0859 0x0c10 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:13:44.0953 0x0c10 Rdbss - ok
19:13:44.0968 0x0c10 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:13:45.0062 0x0c10 RDPCDD - ok
19:13:45.0078 0x0c10 [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
19:13:45.0187 0x0c10 rdpdr - ok
19:13:45.0218 0x0c10 [ FC105DD312ED64EB66BFF111E8EC6EAC, 1B29D928DDD43A1929D5A788648536603EA60AF6D4EC9BF0B20AD7F71BD88ACB ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
19:13:45.0234 0x0c10 RDPWD - ok
19:13:45.0281 0x0c10 [ 263AF18AF0F3DB99F574C95F284CCEC9, 2BFA9952E97EFEB386FC56EC2C125080CD12DAC078DBE43C395CB4D9F22165D3 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
19:13:45.0375 0x0c10 RDSessMgr - ok
19:13:45.0437 0x0c10 [ 96EFEC24346A8EB1157E80523079ADDC, 7F8FC284029856C754E400B6C954369FFE27763C81D8F4AF4E58BFDD44CBC24A ] RealNetworks Downloader Resolver Service C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe
19:13:45.0453 0x0c10 RealNetworks Downloader Resolver Service - ok
19:13:45.0468 0x0c10 [ ED761D453856F795A7FE056E42C36365, EF026585B33415D8FCE94A9F27D7A4396C7C35C88E06A4CF0FEA702401E8597A ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
19:13:45.0562 0x0c10 redbook - ok
19:13:45.0609 0x0c10 [ 0E97EC96D6942CEEC2D188CC2EB69A01, D4253B4420BEF19451A55AB91E4834482181A31A31134F6E2AFE05C8E20C81A5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
19:13:45.0703 0x0c10 RemoteAccess - ok
19:13:45.0734 0x0c10 [ E4CD1F3D84E1C2CA0B8CF7501E201593, 649CC0B04F94D407EB6B4C7FDE2C6E4D2B1531307BC67C5775E44D66EF2E4F8A ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
19:13:45.0843 0x0c10 RemoteRegistry - ok
19:13:45.0859 0x0c10 [ 2A02E21867497DF20B8FC95631395169, D89E2D17ED4E1C727847C0E92D2DF68AEB70BF0B956BD2FE024ED70A961759D2 ] RpcLocator C:\WINDOWS\system32\locator.exe
19:13:45.0953 0x0c10 RpcLocator - ok
19:13:46.0000 0x0c10 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B, ECFBACE3CBF2384948EA1C445BDA3955EB4F44A9874286E6537C67DC1283E5B0 ] RpcSs C:\WINDOWS\system32\rpcss.dll
19:13:46.0031 0x0c10 RpcSs - ok
19:13:46.0062 0x0c10 [ 4BDD71B4B521521499DFD14735C4F398, 7B1498D3C67E56D05B58B7DA319ECB0117C37963AABB0E59B42831C087469DA1 ] RSVP C:\WINDOWS\system32\rsvp.exe
19:13:46.0171 0x0c10 RSVP - ok
19:13:46.0203 0x0c10 [ 00FD6811350E175585ABCF7D4A61DD90, 00B54CB6547E47E6A2B8AE4BB220E68BBFECF2188CB7DFE651B50F7FE6AC7E9D ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
19:13:46.0234 0x0c10 RTLE8023xp - ok
19:13:46.0234 0x0c10 [ AFB8261B56CBA0D86AEB6DF682AF9785, 104D96F1F19DD4CE492064ACC9634406A019EAE20B42D03198E400E661897127 ] SamSs C:\WINDOWS\system32\lsass.exe
19:13:46.0328 0x0c10 SamSs - ok
19:13:46.0375 0x0c10 [ DCEC079FAD95D36C8DD5CB6D779DFE32, F8546552D939A225853A0CE4913701A93738DF02C999D16E141E9A828814BBC6 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
19:13:46.0468 0x0c10 SCardSvr - ok
19:13:46.0531 0x0c10 [ A050194A44D7FA8D7186ED2F4E8367AE, BCDF56D5A2F9E202DC67E7FE4BCC617BCC0BDFF2D221A621020068B17B2855BB ] Schedule C:\WINDOWS\system32\schedsvc.dll
19:13:46.0625 0x0c10 Schedule - ok
19:13:46.0656 0x0c10 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:13:46.0718 0x0c10 Secdrv - ok
19:13:46.0750 0x0c10 [ BEE4CFD1D48C23B44CF4B974B0B79B2B, DF3B02D713F8A4602BE75F004074D5DF79AFF2D58FF37110B2A6AC29F680758B ] seclogon C:\WINDOWS\System32\seclogon.dll
19:13:46.0843 0x0c10 seclogon - ok
19:13:46.0859 0x0c10 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3, 95D83F054A6610328D56E56CD948A6618C590231853E56FC20E7557DB61384A4 ] SENS C:\WINDOWS\system32\sens.dll
19:13:46.0968 0x0c10 SENS - ok
19:13:46.0968 0x0c10 [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
19:13:47.0078 0x0c10 serenum - ok
19:13:47.0078 0x0c10 [ CF24EB4F0412C82BCD1F4F35A025E31D, B74CB094126F5C23F601C34D53B2DF5BE3E5918230AC9DCFCFFA8E66B3A0FA25 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
19:13:47.0187 0x0c10 Serial - ok
19:13:47.0218 0x0c10 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
19:13:47.0312 0x0c10 Sfloppy - ok
19:13:47.0390 0x0c10 [ CAD058D5F8B889A87CA3EB3CF624DCEF, A7CDCF44261D1F4D820927253EA8EBB63714B7BAFF8B08DE073507D9A7EEA5BB ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
19:13:47.0500 0x0c10 SharedAccess - ok
19:13:47.0531 0x0c10 [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:13:47.0546 0x0c10 ShellHWDetection - ok
19:13:47.0562 0x0c10 Simbad - ok
19:13:47.0578 0x0c10 Sparrow - ok
19:13:47.0609 0x0c10 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
19:13:47.0703 0x0c10 splitter - ok
19:13:47.0750 0x0c10 [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe
19:13:47.0765 0x0c10 Spooler - ok
19:13:47.0781 0x0c10 [ 50FA898F8C032796D3B1B9951BB5A90F, 1C86273EC19EB96D6DB9CE6670C00683B77C99C42CC2F7E75BC50872B93446B1 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
19:13:47.0828 0x0c10 sr - ok
19:13:47.0890 0x0c10 [ FE77A85495065F3AD59C5C65B6C54182, EB4BAF992F961B2FD5D24BFCB6BCB2142BC32933139A818835FEAB190E4283BB ] srservice C:\WINDOWS\system32\srsvc.dll
19:13:47.0953 0x0c10 srservice - ok
19:13:48.0015 0x0c10 [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
19:13:48.0046 0x0c10 Srv - ok
19:13:48.0062 0x0c10 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500, 2971D7D45D6942D310D47DBD19B9680D2D29527E79B86133C72217FD29259465 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
19:13:48.0125 0x0c10 SSDPSRV - ok
19:13:48.0140 0x0c10 [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
19:13:48.0140 0x0c10 ssmdrv - ok
19:13:48.0203 0x0c10 [ 3F0164FBC0BD1ADBD02DF9759181451A, 8BDAA0373BD16B38407F93FE5C697481D4D88C72B1931D6A7B9F80C0276242B9 ] ss_bbus C:\WINDOWS\system32\DRIVERS\ss_bbus.sys
19:13:48.0218 0x0c10 ss_bbus - ok
19:13:48.0250 0x0c10 [ B89D62206034E5FE573C80A24DD55675, 26D12E2A7CB538DDEEA7B764242E9EAE25E0A46293AE3608E6B7DD71AECBA901 ] ss_bmdfl C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys
19:13:48.0265 0x0c10 ss_bmdfl - ok
19:13:48.0312 0x0c10 [ 1ED0FCEA586FE2A416EE15196E5631DD, AF1EBAD7D580BF85ACD6C6287892DE4E7A679852887B9E866A032B1DDCF26183 ] ss_bmdm C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys
19:13:48.0328 0x0c10 ss_bmdm - ok
19:13:48.0375 0x0c10 [ 994D2E5378CC337EC7DD73C1E04FCAA4, 4320B6EFF5CFA40DCD7EF1ED1BB79AC29D5FC34FCFA97BA97333CB5ABD741E05 ] ss_bserd C:\WINDOWS\system32\DRIVERS\ss_bserd.sys
19:13:48.0375 0x0c10 ss_bserd - ok
19:13:48.0421 0x0c10 [ F92254B0BCFCD10CAAC7BCCC7CB7F467, A44B569F658BED53502C9155947759EE67FABEE306DA2A9ABE87141F99B251A3 ] StarOpen C:\WINDOWS\system32\drivers\StarOpen.sys
19:13:48.0421 0x0c10 StarOpen - detected UnsignedFile.Multi.Generic ( 1 )
19:13:48.0421 0x0c10 Detect skipped due to KSN trusted
19:13:48.0421 0x0c10 StarOpen - ok
19:13:48.0484 0x0c10 [ BC2C5985611C5356B24AEB370953DED9, 15CBAB8166827DC098E2B16AB6F49A1441A4CB52AF3588F0AD964CAB596DFE10 ] stisvc C:\WINDOWS\system32\wiaservc.dll
19:13:48.0593 0x0c10 stisvc - ok
19:13:48.0625 0x0c10 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
19:13:48.0734 0x0c10 swenum - ok
19:13:48.0734 0x0c10 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
19:13:48.0843 0x0c10 swmidi - ok
19:13:48.0843 0x0c10 SwPrv - ok
19:13:48.0859 0x0c10 symc810 - ok
19:13:48.0859 0x0c10 symc8xx - ok
19:13:48.0859 0x0c10 sym_hi - ok
19:13:48.0875 0x0c10 sym_u3 - ok
19:13:48.0890 0x0c10 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
19:13:48.0984 0x0c10 sysaudio - ok
19:13:49.0031 0x0c10 [ 2903FFFA2523926D6219428040DCE6B9, 4F13181931B0499F6C3F08138054DBCD1F84CB9806999A9172B80DE79D446F62 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
19:13:49.0125 0x0c10 SysmonLog - ok
19:13:49.0171 0x0c10 [ 05903CAC4B98908D55EA5774775B382E, AC3666CBD894D737874A5998DC7F46A0A51A7B23B1835FC735B9AD503A2191CC ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
19:13:49.0281 0x0c10 TapiSrv - ok
19:13:49.0328 0x0c10 [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:13:49.0359 0x0c10 Tcpip - ok
19:13:49.0390 0x0c10 [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
19:13:49.0484 0x0c10 TDPIPE - ok
19:13:49.0500 0x0c10 [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
19:13:49.0609 0x0c10 TDTCP - ok
19:13:49.0625 0x0c10 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
19:13:49.0718 0x0c10 TermDD - ok
19:13:49.0781 0x0c10 [ B7DE02C863D8F5A005A7BF375375A6A4, 6DE05A7B28CA5A78D58536347FC47F15883EEDBEF487CEA0117CC280FC582DCC ] TermService C:\WINDOWS\System32\termsrv.dll
19:13:49.0875 0x0c10 TermService - ok
19:13:49.0906 0x0c10 [ 2DB7D303C36DDD055215052F118E8E75, BE6E7BBE12A7A4EDF1F1C2935350603970C7426BBCA7A1A6644BB8999123AF17 ] Themes C:\WINDOWS\System32\shsvcs.dll
19:13:49.0921 0x0c10 Themes - ok
19:13:49.0953 0x0c10 [ 03681A1CE77F51586903869A5AB1DEAB, E2EC0A481412166B654682C2F3D953E96E757466135CBD2D813B967EDB13C721 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
19:13:50.0015 0x0c10 TlntSvr - ok
19:13:50.0015 0x0c10 TosIde - ok
19:13:50.0046 0x0c10 [ 626504572B175867F30F3215C04B3E2F, 47E87CE9BC666D5CB5953C5D497DC00A7CC28F8EC0A064B3E47700279C5C4B91 ] TrkWks C:\WINDOWS\system32\trkwks.dll
19:13:50.0140 0x0c10 TrkWks - ok
19:13:50.0187 0x0c10 [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
19:13:50.0281 0x0c10 Udfs - ok
19:13:50.0359 0x0c10 [ 4BD2C322118A2470B450492A0C3302F9, 31DD44C09F0165147B6E68F3865AF4EC3CF36C3D637501025076F748475DD38F ] UleadBurningHelper C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe
19:13:50.0359 0x0c10 UleadBurningHelper - ok
19:13:50.0375 0x0c10 ultra - ok
19:13:50.0406 0x0c10 [ AB0A7CA90D9E3D6A193905DC1715DED0, CA764A2B92E727E3398134CD50D5622B4EC387436A3644063DA1D114CE63BD64 ] UMWdf C:\WINDOWS\system32\wdfmgr.exe
19:13:50.0421 0x0c10 UMWdf - ok
19:13:50.0484 0x0c10 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
19:13:50.0609 0x0c10 Update - ok
19:13:50.0640 0x0c10 [ 1DFD8975D8C89214B98D9387C1125B49, 0B6B268487C8E45E9B86BF4A0A9DB669E0E45D600DE3C82B63F9986CA9E01082 ] upnphost C:\WINDOWS\System32\upnphost.dll
19:13:50.0703 0x0c10 upnphost - ok
19:13:50.0734 0x0c10 [ 9B11E6118958E63E1FEF129466E2BDA7, 97168BCE3F4A9BB9E6500F05E34851FB957B219C598944FADC28AC0011C0503B ] UPS C:\WINDOWS\System32\ups.exe
19:13:50.0828 0x0c10 UPS - ok
19:13:50.0875 0x0c10 [ E919708DB44ED8543A7C017953148330, 226D032912D396117213FC29CD0BB5A8B2F872DD91D92F254F2F1FE392481B61 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
19:13:50.0968 0x0c10 usbaudio - ok
19:13:51.0015 0x0c10 [ 173F317CE0DB8E21322E71B7E60A27E8, 7042441BA63AE38AE9D7BE0BC5CA7404FC9EE5BB3F084604A68F01E82769652A ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:13:51.0109 0x0c10 usbccgp - ok
19:13:51.0125 0x0c10 [ 65DCF09D0E37D4C6B11B5B0B76D470A7, 90EBA8BAF45932B453D905EDF2BDDDF3A432BFD50B9F7DF58CDEAE98D11C2E2F ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:13:51.0218 0x0c10 usbehci - ok
19:13:51.0250 0x0c10 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:13:51.0343 0x0c10 usbhub - ok
19:13:51.0359 0x0c10 [ 0DAECCE65366EA32B162F85F07C6753B, 3C33AC2FC95E876933F2016CF0CDA2745491679728684DA8DF95A515CE4804BD ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
19:13:51.0453 0x0c10 usbohci - ok
19:13:51.0484 0x0c10 [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
19:13:51.0578 0x0c10 usbprint - ok
19:13:51.0609 0x0c10 [ A0B8CF9DEB1184FBDD20784A58FA75D4, D8AFD45BD9CF7B02F2554AA6085194DE82893AF794EDF479BC9B9E9C1758DC75 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
19:13:51.0703 0x0c10 usbscan - ok
19:13:51.0734 0x0c10 [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:13:51.0828 0x0c10 USBSTOR - ok
19:13:51.0875 0x0c10 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
19:13:51.0968 0x0c10 VgaSave - ok
19:13:51.0968 0x0c10 ViaIde - ok
19:13:51.0984 0x0c10 [ A5A712F4E880874A477AF790B5186E1D, FE885ED04C3EAFC379787F836738A2769E43D07CF52DD917D90C38E001957A5E ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
19:13:52.0078 0x0c10 VolSnap - ok
19:13:52.0140 0x0c10 [ 68F106273BE29E7B7EF8266977268E78, 1488AB7A654EBC94C73E1D494067189ACB95BC233980110CAC4C0297CDC4115A ] VSS C:\WINDOWS\System32\vssvc.exe
19:13:52.0218 0x0c10 VSS - ok
19:13:52.0250 0x0c10 [ 7B353059E665F8B7AD2BBEAEF597CF45, 84A4311F18A4B8DCB364741DEA7D18E2363F19564B2EF25214965DC729527068 ] W32Time C:\WINDOWS\system32\w32time.dll
19:13:52.0343 0x0c10 W32Time - ok
19:13:52.0359 0x0c10 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:13:52.0453 0x0c10 Wanarp - ok
19:13:52.0468 0x0c10 WDICA - ok
19:13:52.0500 0x0c10 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
19:13:52.0593 0x0c10 wdmaud - ok
19:13:52.0625 0x0c10 [ 81727C9873E3905A2FFC1EBD07265002, 6AC2383A1DCBB7FA3DB90FBB874C8E1819F5B7492717FF41E303EFC7BF72F93E ] WebClient C:\WINDOWS\System32\webclnt.dll
19:13:52.0734 0x0c10 WebClient - ok
19:13:52.0812 0x0c10 [ 6F3F3973D97714CC5F906A19FE883729, 7817118BE94D0F6FAE0F9CE48AD70FFE0AEF886CCE09C666768FAB61047F992F ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
19:13:52.0921 0x0c10 winmgmt - ok
19:13:52.0968 0x0c10 [ 140EF97B64F560FD78643CAE2CDAD838, 1DEA8005220A3EFEC6E32A7DE4386026CCC1E5328E2FDCB82B1FB335905D1962 ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
19:13:52.0984 0x0c10 WmdmPmSN - ok
19:13:53.0046 0x0c10 [ FFA4D901D46D07A5BAB2D8307FBB51A6, 53C6D04D111EDF774C7F7EEB8D032B372E6244774D56B1B34CF1236027EC9450 ] Wmi C:\WINDOWS\System32\advapi32.dll
19:13:53.0093 0x0c10 Wmi - ok
19:13:53.0125 0x0c10 [ 93908111BA57A6E60EC2FA2DE202105C, F395F25F18D15C6B9FEDB45FD31E10295FFE5517E2BC86ACAC11904EA0664BE2 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
19:13:53.0234 0x0c10 WmiApSrv - ok
19:13:53.0265 0x0c10 [ 1385E5AA9C9821790D33A9563B8D2DD0, 35248DA1BBB6E88D6C7706B81A48F7EA4E4F2673228D69E622525D478B8E7220 ] WpdUsb C:\WINDOWS\system32\Drivers\wpdusb.sys
19:13:53.0281 0x0c10 WpdUsb - ok
19:13:53.0390 0x0c10 [ DCF3E3EDF5109EE8BC02FE6E1F045795, 4B8E14B1CFB095982D34DAEC336114F5039D7793080FB787DC95A63B6B945DD0 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:13:53.0421 0x0c10 WPFFontCache_v0400 - ok
19:13:53.0468 0x0c10 [ 300B3E84FAF1A5C1F791C159BA28035D, 0194856BDF94C1F274AF70AD558290ACDACDDEA331BD66FEB8E167ABD1E36786 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
19:13:53.0562 0x0c10 wscsvc - ok
19:13:53.0593 0x0c10 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085, A1DB8909FA73337DB613D01824945485186654364A4DF129B8CB913CF87D1D2E ] wuauserv C:\WINDOWS\system32\wuauserv.dll
19:13:53.0703 0x0c10 wuauserv - ok
19:13:53.0765 0x0c10 [ C4F109C005F6725162D2D12CA751E4A7, AC996B44338328BDD4442FE48406F286A64526F0EC77BE00A19FA7FDB0407CFE ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
19:13:53.0890 0x0c10 WZCSVC - ok
19:13:53.0921 0x0c10 [ 0ADA34871A2E1CD2CAAFED1237A47750, 45BEF8649078BD74C1A347B5F2D3A1958E5A7DCD6C6BA8A2E0CAD277A929C64E ] xmlprov C:\WINDOWS\System32\xmlprov.dll
19:13:54.0031 0x0c10 xmlprov - ok
19:13:54.0031 0x0c10 ================ Scan global ===============================
19:13:54.0046 0x0c10 [ 2C60091CA5F67C3032EAB3B30390C27F, 9E205C8E67F4B61FCFA2A82AA1968D522C3B6410D7075BE813F7F1564D61632E ] C:\WINDOWS\system32\basesrv.dll
19:13:54.0109 0x0c10 [ 77A50BBD2A1CD6D54A876BB63570E2A8, 80DBEE5B754952411470B9B8A813C989F7074EF6CC07A081A179E523C10C465E ] C:\WINDOWS\system32\winsrv.dll
19:13:54.0140 0x0c10 [ 77A50BBD2A1CD6D54A876BB63570E2A8, 80DBEE5B754952411470B9B8A813C989F7074EF6CC07A081A179E523C10C465E ] C:\WINDOWS\system32\winsrv.dll
19:13:54.0171 0x0c10 [ A3EDBE9053889FB24AB22492472B39DC, 6F2ED6E04BDE2FCA2A8BF9BD2D1D6923DE6EAECB46F582B6C0BD1CF364D65C9E ] C:\WINDOWS\system32\services.exe
19:13:54.0171 0x0c10 [ Global ] - ok
19:13:54.0171 0x0c10 ================ Scan MBR ==================================
19:13:54.0203 0x0c10 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
19:13:54.0390 0x0c10 \Device\Harddisk0\DR0 - ok
19:13:54.0390 0x0c10 ================ Scan VBR ==================================
19:13:54.0406 0x0c10 [ A7D120127FFBA7CD40328F0D53B5F71F ] \Device\Harddisk0\DR0\Partition1
19:13:54.0406 0x0c10 \Device\Harddisk0\DR0\Partition1 - ok
19:13:54.0406 0x0c10 [ 3B57FFE28F9E55442818CF2382708E72 ] \Device\Harddisk0\DR0\Partition2
19:13:54.0406 0x0c10 \Device\Harddisk0\DR0\Partition2 - ok
19:13:54.0406 0x0c10 ================ Scan generic autorun ======================
19:13:54.0500 0x0c10 [ A00F240E6B250E91536CE18BFE0A350C, 338DD25039D4BA97DF669493F6ED59D8E3448BE1F9E954E98B46B188B6359D45 ] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
19:13:54.0515 0x0c10 StartCCC - detected UnsignedFile.Multi.Generic ( 1 )
19:13:54.0515 0x0c10 Detect skipped due to KSN trusted
19:13:54.0515 0x0c10 StartCCC - ok
19:13:55.0468 0x0c10 [ D37F604F98E1FC2D7AEC8EF3515409D7, 570629023EBBF0D5070A84B33DAC32BAC11CE27E64F5A47B95B5C300AA5C1E15 ] C:\WINDOWS\RTHDCPL.EXE
19:13:56.0531 0x0c10 RTHDCPL - ok
19:13:56.0656 0x0c10 [ 37BF603C3685289CA684C4D3400A9DE7, 242379ED5F485E47897B15A1DC200B44B673147A636ADF640A32C72AEF8ABE40 ] C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe
19:13:56.0671 0x0c10 Adobe Reader Speed Launcher - ok
19:13:56.0765 0x0c10 [ 48BE298F7FD1BEF4D8FBACB04D8D95C4, D375B3F6E850E4B0EC81BAA0E554C356BE2248AA77C6C56F5267CA05460FE4EB ] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe
19:13:56.0812 0x0c10 Adobe ARM - ok
19:13:56.0906 0x0c10 [ 2CEC0358AEAF3D34E7FAEE85ED55E9EB, F682779B67B3BC958DEB0853E49F15EA2342E2CD299E2DFE4874E48559EBB683 ] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
19:13:56.0921 0x0c10 HPDJ Taskbar Utility - ok
19:13:57.0031 0x0c10 [ 2103DE800D67BFDD2EC58AE0F242A359, 8CA6797C6EAE8219FD04DF9F761853A0617AB54E6229F44DD1F186E8A9C360FE ] C:\Programme\Ulead Systems\Ulead VideoStudio 11\uvPL.exe
19:13:57.0062 0x0c10 UVS11 Preload - ok
19:13:57.0140 0x0c10 [ CAF03357DE72F8F19FA099581A685C1A, FD7647ECEB96CDAAC516FD40407C2E191703276DC2967475ED1AAD43544DD2C4 ] C:\Programme\QuickTime\qttask.exe
19:13:57.0156 0x0c10 QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
19:13:57.0156 0x0c10 Detect skipped due to KSN trusted
19:13:57.0156 0x0c10 QuickTime Task - ok
19:13:57.0218 0x0c10 [ CD63BDE3117B69C8B21C21DC348858FD, D061C54F037A3CAA0D954297A82C7CF8C40DD3F5188EE325B1780A75FC519566 ] C:\PROGRA~1\OfficeKB\OfficeKB.EXE
19:13:57.0234 0x0c10 OfficeKB - detected UnsignedFile.Multi.Generic ( 1 )
19:13:57.0234 0x0c10 OfficeKB ( UnsignedFile.Multi.Generic ) - warning
19:14:10.0625 0x0c10 [ E1F68E30FFE27E375A331E0C09CC1C43, 55EBC223C7177CE707B9672316E8EC28733AF943C50C6481717DA437147611EF ] C:\PROGRA~1\OfficeKB\KPDrv4XP.exe
19:14:10.0625 0x0c10 KPDrv4XP - detected UnsignedFile.Multi.Generic ( 1 )
19:14:10.0625 0x0c10 KPDrv4XP ( UnsignedFile.Multi.Generic ) - warning
19:14:10.0625 0x0c10 Force sending object to P2P due to detect: C:\PROGRA~1\OfficeKB\KPDrv4XP.exe
19:14:13.0156 0x0c10 Object send P2P result: true
19:14:15.0531 0x0c10 NvCplDaemon - ok
19:14:15.0531 0x0c10 NvMediaCenter - ok
19:14:15.0734 0x0c10 [ A23319A38290D9F495A076254D995499, B78D16FAC286ABBB36F1E7D8732886A793B82346B7BD85A575B70B673059120C ] C:\Programme\NVIDIA Corporation\nview\nwiz.exe
19:14:15.0859 0x0c10 nwiz - ok
19:14:15.0968 0x0c10 [ 1775BDBEF28FD1B0F0AC43F10F483E08, F7E6C3177CFFABF605CC86F585CBF1DE541732DD92F92D1AB97B9BFFB3F2C5A6 ] C:\Programme\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
19:14:16.0015 0x0c10 Nvtmru - ok
19:14:16.0125 0x0c10 [ 085F30DB0B38903940A4141E675BDC08, 3ABFB79C850D2B1976DB4DEF69AA031C4E18B5E240316908DDD16DEA4050365A ] C:\Programme\Avira\AntiVir Desktop\avgnt.exe
19:14:16.0171 0x0c10 avgnt - ok
19:14:16.0296 0x0c10 [ F6158734F1E24C6C510155CF0D363911, 320900BA90AF14E254CFAFA70FB15A0E77506217E47A406FA1ED821D0206FE29 ] C:\Programme\Real\RealPlayer\update\realsched.exe
19:14:16.0312 0x0c10 TkBellExe - ok
19:14:16.0343 0x0c10 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE
19:14:16.0453 0x0c10 CTFMON.EXE - ok
19:14:16.0453 0x0c10 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE
19:14:16.0546 0x0c10 CTFMON.EXE - ok
19:14:16.0546 0x0c10 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE
19:14:16.0656 0x0c10 CTFMON.EXE - ok
19:14:16.0656 0x0c10 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\ctfmon.exe
19:14:16.0750 0x0c10 CTFMON.EXE - ok
19:14:16.0890 0x0c10 [ E2AA953ED6A296B6BF399A783B32CCDE, 123380F79427FB05BB17699B34EF07E38C587A26C6380FA9311EF1F5E4F6A129 ] C:\Programme\Messenger\msmsgs.exe
19:14:17.0000 0x0c10 MSMSGS - ok
19:14:17.0171 0x0c10 [ E8405C87CD06FF5D69BC6F3B24D766D0, C82171BEDBFE593A04D09C2E20B0528AA3CEC722D6919F8A5C70C6EFFB9EFEAE ] C:\Dokumente und Einstellungen\Slim\Lokale Einstellungen\Anwendungsdaten\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
19:14:17.0203 0x0c10 AmazonMP3DownloaderHelper - ok
19:14:17.0218 0x0c10 [ 01B4E6E990B6C5EA8856D96C7FD044B2, 2266296FD3C8E0DFA657F21406EE4E494477870DFAF7C65BEBCB6FBA8CADC7C6 ] C:\WINDOWS\system32\CTFMON.EXE
19:14:17.0328 0x0c10 CTFMON.EXE - ok
19:14:17.0343 0x0c10 AV detected via SS1: Avira Desktop, 15.0.8.650, enabled, updated
19:14:17.0343 0x0c10 Win FW state via NFM: enabled
19:14:19.0718 0x0c10 ============================================================
19:14:19.0718 0x0c10 Scan finished
19:14:19.0718 0x0c10 ============================================================
19:14:19.0718 0x051c Detected object count: 2
19:14:19.0718 0x051c Actual detected object count: 2
19:14:30.0625 0x051c C:\PROGRA~1\OfficeKB\OfficeKB.EXE - copied to quarantine
19:14:30.0625 0x051c OfficeKB ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
19:14:30.0640 0x051c C:\PROGRA~1\OfficeKB\KPDrv4XP.exe - copied to quarantine
19:14:30.0640 0x051c KPDrv4XP ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
19:14:35.0015 0x06c4 Deinitialize success
|
|
| Themen zu Maleware gefunden - was muß ich nun tun? |
| andere, anderen, antivirusprogramm, avira, dahinter, einfach, emails, erneut, frage, freue, herausfinden, hoffe, klicke, korrekt, links, maleware, nummer, nummern, ordner, quarantäne, richtig, rubrik, verschoben, wirklich, worte, ändern |
dann auf 
und dann auf 
. 
Linear-Darstellung
