|
Log-Analyse und Auswertung: Windows 7: Rechner wirkt träge, Betroffener "versendet" Spam-MailsWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
28.01.2016, 10:41 | #1 |
| Windows 7: Rechner wirkt träge, Betroffener "versendet" Spam-Mails Hallo, der Rechner, welchen ich für einen Freund untersuche wirkt sehr träge. Keine ausgewöhnliche CPU/RAM Last zu erkennen. Außerdem ist er Opfer der Telekom-Spam-Welle geworden. Es beklagen sich viele Kontakte von ihm über erhaltene Spammails von ihm. Die genauere Betrachtung der Mails ergab, das nur sein Name als Absender und Kontakte aus seinen Mails angeschrieben wurden. Die Mailadresse des Absenders ist nicht seine eigene. Es wird nur sein Name drüber gelabelt. FRST.txt Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:27-01-2016 durchgeführt von Wolfgang Szyma (Administrator) auf WOLFGANGSZYM-PC (28-01-2016 10:31:42) Gestartet von C:\Users\Wolfgang Szyma\Downloads Geladene Profile: Wolfgang Szyma (Verfügbare Profile: Wolfgang Szyma & UpdatusUser) Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe () C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Packard Bell Services) C:\Windows\System32\HidService.exe (Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe (Prolific Technology Inc.) C:\Windows\System32\IoctlSvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Realtek Semiconductor) C:\Windows\RtHDVCpl.exe (Packard Bell BV) C:\ACER\Preload\Autorun\DRV\Fiji Keyboard\ABoard.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Packard Bell BV) C:\ACER\Preload\Autorun\DRV\Fiji Keyboard\AOSD.exe (Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe (AVM Berlin GmbH) C:\Program Files\avmwlanstick\FRITZWLanMini.exe (© 2015 Microsoft Corporation) C:\Users\Wolfgang Szyma\AppData\Local\Microsoft\BingSvc\BingSvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe (Nero AG) C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [6139904 2008-05-07] (Realtek Semiconductor) HKLM\...\Run: [FijiKeyboard] => c:\Acer\Preload\Autorun\DRV\FIJI Keyboard\ABoard.exe [79416 2008-09-18] (Packard Bell BV) HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [803200 2015-12-01] (Avira Operations GmbH & Co. KG) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-12-08] (Avira Operations GmbH & Co. KG) HKLM\...\Run: [AVMWlanClient] => C:\Program Files\avmwlanstick\FRITZWLANMini.exe [343552 2006-06-23] (AVM Berlin GmbH) HKU\S-1-5-21-123846680-1578171023-879479415-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [144384 2010-11-20] (Microsoft Corporation) HKU\S-1-5-21-123846680-1578171023-879479415-1000\...\Run: [SmpcSys] => C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe HKU\S-1-5-21-123846680-1578171023-879479415-1000\...\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [1828136 2008-04-28] (Nero AG) HKU\S-1-5-21-123846680-1578171023-879479415-1000\...\Run: [BingSvc] => C:\Users\Wolfgang Szyma\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-14] (© 2015 Microsoft Corporation) HKU\S-1-5-21-123846680-1578171023-879479415-1000\...\MountPoints2: E - E:\HTC_Sync_Manager_PC.exe HKU\S-1-5-21-123846680-1578171023-879479415-1000\...\MountPoints2: {3c63213c-25a1-11e5-b57e-0025114539bb} - E:\HTC_Sync_Manager_PC.exe HKU\S-1-5-21-123846680-1578171023-879479415-1000\...\MountPoints2: {3c632140-25a1-11e5-b57e-0025114539bb} - E:\HTC_Sync_Manager_PC.exe HKU\S-1-5-21-123846680-1578171023-879479415-1000\...\MountPoints2: {4af1bb94-3015-11e4-b1f7-0025114539bb} - E:\Startme.exe HKU\S-1-5-21-123846680-1578171023-879479415-1000\...\MountPoints2: {8236d26b-41ad-11e1-b445-0025114539bb} - E:\KODAK_Software_Downloader.exe HKU\S-1-5-21-123846680-1578171023-879479415-1000\...\MountPoints2: {c9b3f895-c52c-11e5-9e54-0025114539bb} - J:\pushinst.exe HKU\S-1-5-21-123846680-1578171023-879479415-1000\...\MountPoints2: {f3504bb2-888f-11de-84af-806e6f6e6963} - D:\Setup.exe HKU\S-1-5-21-123846680-1578171023-879479415-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.179.1 Tcpip\..\Interfaces\{1161A972-44E8-412C-BB0D-76996160B2A2}: [DhcpNameServer] 192.168.2.1 192.168.2.1 Tcpip\..\Interfaces\{84AAFFA6-DC19-43FF-AC30-D980D948B0EB}: [DhcpNameServer] 192.168.179.1 Internet Explorer: ================== HKU\S-1-5-21-123846680-1578171023-879479415-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&s=1&o=vp32&d=0809&m=imedia_d3860_ge HKU\S-1-5-21-123846680-1578171023-879479415-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=de-de URLSearchHook: HKU\S-1-5-21-123846680-1578171023-879479415-1000 - (Kein Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - Keine Datei SearchScopes: HKLM -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW SearchScopes: HKU\S-1-5-21-123846680-1578171023-879479415-1000 -> {478A623C-CFC6-4EA9-84A3-CC740736CCDD} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=60774dae-a59c-41f5-bdb8-51d7b48c3c00&apn_sauid=AC97DF02-04F5-4601-BEA3-6372AB76A202 SearchScopes: HKU\S-1-5-21-123846680-1578171023-879479415-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW SearchScopes: HKU\S-1-5-21-123846680-1578171023-879479415-1000 -> {E4EF7B37-DA67-45AE-9223-C0BDF90E1386} URL = hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q={searchTerms}&src=IE-SearchBox BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems Incorporated) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-01-02] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-01-02] (Oracle Corporation) Toolbar: HKU\S-1-5-21-123846680-1578171023-879479415-1000 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Wolfgang Szyma\AppData\Roaming\Mozilla\Firefox\Profiles\hcaa3gmp.default FF SearchEngineOrder.1: Ask.com FF SearchEngineOrder.3: Bing FF SelectedSearchEngine: Bing FF Homepage: about:home FF Keyword.URL: hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q= FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [2009-07-18] () FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-01-02] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-01-02] (Oracle Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation) FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-01-18] (NVIDIA Corporation) FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-01-18] (NVIDIA Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-09] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-09] (Google Inc.) FF SearchPlugin: C:\Users\Wolfgang Szyma\AppData\Roaming\Mozilla\Firefox\Profiles\hcaa3gmp.default\searchplugins\askcom.xml [2013-02-10] FF SearchPlugin: C:\Users\Wolfgang Szyma\AppData\Roaming\Mozilla\Firefox\Profiles\hcaa3gmp.default\searchplugins\bing-.xml [2015-11-14] FF Extension: Avira Browser Safety - C:\Users\Wolfgang Szyma\AppData\Roaming\Mozilla\Firefox\Profiles\hcaa3gmp.default\Extensions\abs@avira.com [2016-01-27] FF Extension: Bing Search - C:\Users\Wolfgang Szyma\AppData\Roaming\Mozilla\Firefox\Profiles\hcaa3gmp.default\Extensions\bingsearch.full@microsoft.com.xpi [2015-11-14] FF Extension: Microsoft .NET Framework Assistant - C:\Users\Wolfgang Szyma\AppData\Roaming\Mozilla\Firefox\Profiles\hcaa3gmp.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-04-30] [ist nicht signiert] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-11-20] [ist nicht signiert] Chrome: ======= CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=de-de CHR StartupUrls: Default -> "hxxp://www.google.com/" CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms} CHR DefaultSearchKeyword: Default -> bing.com CHR Profile: C:\Users\Wolfgang Szyma\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Avira Browserschutz) - C:\Users\Wolfgang Szyma\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-12-15] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Wolfgang Szyma\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-21] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-123846680-1578171023-879479415-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AdobeActiveFileMonitor6.0; C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [124832 2007-09-11] () S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc7.exe [948392 2015-12-01] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [1418560 2015-12-01] (Avira Operations GmbH & Co. KG) R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [251160 2015-12-08] (Avira Operations GmbH & Co. KG) S2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [129992 2008-02-03] (EasyBits Sofware AS) [Datei ist nicht signiert] S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2009-01-11] (Macrovision Europe Ltd.) [Datei ist nicht signiert] R2 GenericHidService; C:\Windows\system32\HidService.exe [83264 2008-05-29] (Packard Bell Services) R2 PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [Datei ist nicht signiert] S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [106968 2015-12-01] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136272 2015-12-01] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37896 2015-05-07] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [55456 2015-12-01] (Avira Operations GmbH & Co. KG) R3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [264704 2006-04-06] (AVM GmbH) R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [31848 2015-06-16] (Avira Operations GmbH & Co. KG) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-01-28 10:31 - 2016-01-28 10:32 - 00015255 _____ C:\Users\Wolfgang Szyma\Downloads\FRST.txt 2016-01-28 10:31 - 2016-01-28 10:31 - 01721856 _____ (Farbar) C:\Users\Wolfgang Szyma\Downloads\FRST.exe 2016-01-28 10:31 - 2016-01-28 10:31 - 00000000 ____D C:\FRST 2016-01-28 10:15 - 2016-01-28 10:15 - 00000000 ____D C:\Users\Wolfgang Szyma\AppData\Local\ElevatedDiagnostics 2016-01-27 23:44 - 2016-01-27 23:44 - 00032768 ___SH C:\Users\Wolfgang Szyma\AppData\Roaming\Thumbs.db 2016-01-27 23:40 - 2016-01-27 23:40 - 00348208 _____ C:\Windows\system32\FNTCACHE.DAT 2016-01-27 21:47 - 2016-01-27 21:48 - 09662424 _____ (TeamViewer GmbH) C:\Users\Wolfgang Szyma\Downloads\TeamViewer_Setup_de.exe 2016-01-27 21:38 - 2016-01-27 21:38 - 00000000 ____D C:\ProgramData\firebird 2016-01-27 21:10 - 2016-01-27 21:10 - 00000000 ____D C:\Users\Wolfgang Szyma\Desktop\ccsetup514 2016-01-27 21:08 - 2016-01-27 21:09 - 06757721 _____ C:\Users\Wolfgang Szyma\Downloads\ccsetup514.zip 2016-01-27 20:40 - 2016-01-27 20:40 - 00000000 ____D C:\Users\Wolfgang Szyma\AppData\LocalLow\Oracle 2016-01-27 20:36 - 2016-01-27 20:36 - 00000000 ____D C:\Windows\AVM_Driver 2016-01-27 20:36 - 2016-01-27 20:36 - 00000000 ____D C:\Users\Wolfgang Szyma\AVM_Driver 2016-01-27 20:36 - 2016-01-27 20:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!WLAN 2016-01-27 20:36 - 2016-01-27 20:36 - 00000000 ____D C:\Program Files\avmwlanstick 2016-01-27 20:36 - 2006-04-06 01:00 - 00264704 _____ (AVM GmbH) C:\Windows\system32\Drivers\fwlanusb.sys 2016-01-27 20:36 - 2006-04-06 01:00 - 00097312 _____ C:\Windows\system32\Drivers\Fwusb1b.bin 2016-01-27 20:36 - 2006-04-06 01:00 - 00055808 _____ (AVM GmbH) C:\Windows\system32\avmadd32.dll 2016-01-27 20:36 - 2006-04-06 01:00 - 00033792 _____ (AVM GmbH) C:\Windows\system32\avmcowlan.dll 2016-01-27 15:49 - 2016-01-27 15:52 - 00000000 ____D C:\Users\Wolfgang Szyma\Desktop\bilder 2016-01-15 18:26 - 2016-01-15 18:26 - 00096216 _____ C:\Users\Wolfgang Szyma\Desktop\Stundennachweis Corinna.odt 2016-01-14 10:21 - 2015-12-23 23:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2016-01-14 10:21 - 2015-12-12 19:02 - 20367360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2016-01-14 10:21 - 2015-12-12 18:49 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2016-01-14 10:21 - 2015-12-12 18:49 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2016-01-14 10:21 - 2015-12-12 18:37 - 00496640 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2016-01-14 10:21 - 2015-12-12 18:37 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2016-01-14 10:21 - 2015-12-12 18:37 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2016-01-14 10:21 - 2015-12-12 18:36 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2016-01-14 10:21 - 2015-12-12 18:36 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2016-01-14 10:21 - 2015-12-12 18:33 - 02280448 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2016-01-14 10:21 - 2015-12-12 18:31 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2016-01-14 10:21 - 2015-12-12 18:30 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2016-01-14 10:21 - 2015-12-12 18:28 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2016-01-14 10:21 - 2015-12-12 18:27 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2016-01-14 10:21 - 2015-12-12 18:27 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2016-01-14 10:21 - 2015-12-12 18:27 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2016-01-14 10:21 - 2015-12-12 18:27 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2016-01-14 10:21 - 2015-12-12 18:22 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2016-01-14 10:21 - 2015-12-12 18:19 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2016-01-14 10:21 - 2015-12-12 18:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2016-01-14 10:21 - 2015-12-12 18:12 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2016-01-14 10:21 - 2015-12-12 18:10 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2016-01-14 10:21 - 2015-12-12 18:10 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2016-01-14 10:21 - 2015-12-12 18:09 - 04610560 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2016-01-14 10:21 - 2015-12-12 18:08 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2016-01-14 10:21 - 2015-12-12 18:02 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2016-01-14 10:21 - 2015-12-12 18:00 - 12856320 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2016-01-14 10:21 - 2015-12-12 18:00 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2016-01-14 10:21 - 2015-12-12 18:00 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2016-01-14 10:21 - 2015-12-12 18:00 - 00687104 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2016-01-14 10:21 - 2015-12-12 18:00 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2016-01-14 10:21 - 2015-12-12 17:41 - 02011136 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2016-01-14 10:21 - 2015-12-12 17:38 - 01311744 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2016-01-14 10:21 - 2015-12-12 17:36 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2016-01-14 10:21 - 2015-12-08 22:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2016-01-14 10:21 - 2015-11-17 01:45 - 00022464 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2016-01-14 10:21 - 2015-11-17 01:42 - 01230848 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2016-01-14 10:21 - 2015-11-17 01:42 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2016-01-14 10:21 - 2015-11-17 01:42 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2016-01-14 10:21 - 2015-11-17 01:42 - 00425984 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2016-01-14 10:21 - 2015-11-17 01:42 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2016-01-14 10:20 - 2015-12-30 19:47 - 03993536 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe 2016-01-14 10:20 - 2015-12-30 19:47 - 03938240 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2016-01-14 10:20 - 2015-12-30 19:47 - 00138176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2016-01-14 10:20 - 2015-12-30 19:47 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2016-01-14 10:20 - 2015-12-30 19:44 - 01308160 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2016-01-14 10:20 - 2015-12-30 19:41 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2016-01-14 10:20 - 2015-12-30 19:41 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2016-01-14 10:20 - 2015-12-30 19:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2016-01-14 10:20 - 2015-12-30 19:41 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2016-01-14 10:20 - 2015-12-30 19:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2016-01-14 10:20 - 2015-12-30 19:40 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2016-01-14 10:20 - 2015-12-30 19:40 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2016-01-14 10:20 - 2015-12-30 19:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2016-01-14 10:20 - 2015-12-30 19:39 - 01060864 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2016-01-14 10:20 - 2015-12-30 19:39 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2016-01-14 10:20 - 2015-12-30 19:39 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2016-01-14 10:20 - 2015-12-30 19:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2016-01-14 10:20 - 2015-12-30 19:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2016-01-14 10:20 - 2015-12-30 19:38 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2016-01-14 10:20 - 2015-12-30 19:38 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2016-01-14 10:20 - 2015-12-30 19:38 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2016-01-14 10:20 - 2015-12-30 19:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2016-01-14 10:20 - 2015-12-30 19:37 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2016-01-14 10:20 - 2015-12-30 18:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2016-01-14 10:20 - 2015-12-30 18:38 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2016-01-14 10:20 - 2015-12-30 18:32 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2016-01-14 10:20 - 2015-12-30 18:32 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2016-01-14 10:20 - 2015-12-30 18:32 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2016-01-14 10:20 - 2015-12-30 18:30 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2016-01-14 10:20 - 2015-12-30 18:30 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2016-01-14 10:20 - 2015-12-30 18:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2016-01-14 10:20 - 2015-12-30 18:30 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2016-01-14 10:20 - 2015-12-11 19:35 - 00951808 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2016-01-14 10:20 - 2015-12-08 22:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2016-01-14 10:20 - 2015-12-08 22:54 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2016-01-14 10:20 - 2015-12-08 22:54 - 01568768 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL 2016-01-14 10:20 - 2015-12-08 22:54 - 01325056 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL 2016-01-14 10:20 - 2015-12-08 22:54 - 00902144 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL 2016-01-14 10:20 - 2015-12-08 22:54 - 00815616 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL 2016-01-14 10:20 - 2015-12-08 22:54 - 00740352 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll 2016-01-14 10:20 - 2015-12-08 22:54 - 00739328 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL 2016-01-14 10:20 - 2015-12-08 22:54 - 00665088 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL 2016-01-14 10:20 - 2015-12-08 22:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL 2016-01-14 10:20 - 2015-12-08 22:54 - 00358400 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL 2016-01-14 10:20 - 2015-12-08 22:54 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL 2016-01-14 10:20 - 2015-12-08 22:53 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2016-01-14 10:20 - 2015-12-08 22:53 - 01329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2016-01-14 10:20 - 2015-12-08 22:53 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll 2016-01-14 10:20 - 2015-12-08 22:53 - 00829952 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL 2016-01-14 10:20 - 2015-12-08 22:53 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll 2016-01-14 10:20 - 2015-12-08 22:53 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL 2016-01-14 10:20 - 2015-12-08 22:53 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2016-01-14 10:20 - 2015-12-08 22:53 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2016-01-14 10:20 - 2015-12-08 22:53 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2016-01-14 10:20 - 2015-12-08 22:53 - 00415744 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL 2016-01-14 10:20 - 2015-12-08 22:53 - 00354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2016-01-14 10:20 - 2015-12-08 22:53 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll 2016-01-14 10:20 - 2015-12-08 22:53 - 00305664 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2016-01-14 10:20 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL 2016-01-14 10:20 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL 2016-01-14 10:20 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL 2016-01-14 10:20 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll 2016-01-14 10:20 - 2015-12-08 22:53 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax 2016-01-14 10:20 - 2015-12-08 22:53 - 00153600 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL 2016-01-14 10:20 - 2015-12-08 22:53 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2016-01-14 10:20 - 2015-12-08 22:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL 2016-01-14 10:20 - 2015-12-08 22:53 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll 2016-01-14 10:20 - 2015-12-08 22:53 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll 2016-01-14 10:20 - 2015-12-08 22:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2016-01-14 10:20 - 2015-12-08 22:53 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2016-01-14 10:20 - 2015-12-08 22:53 - 00004608 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll 2016-01-14 10:20 - 2015-12-08 22:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2016-01-14 10:20 - 2015-12-08 22:43 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys 2016-01-14 10:20 - 2015-12-08 22:11 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys 2016-01-14 10:20 - 2015-12-08 22:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys 2016-01-14 10:20 - 2015-12-08 22:00 - 02386944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2016-01-14 10:20 - 2015-11-16 21:12 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2016-01-14 10:20 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll 2016-01-14 10:20 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll 2016-01-14 10:20 - 2015-11-13 23:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe 2016-01-12 11:18 - 2016-01-22 10:51 - 00011695 _____ C:\Users\Wolfgang Szyma\Documents\Fahrten ins Revier.odt 2016-01-08 11:48 - 2016-01-27 20:40 - 00000000 ____D C:\Program Files\Mozilla Firefox ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-01-28 10:29 - 2010-03-31 18:25 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-01-28 10:22 - 2009-08-14 06:05 - 00000000 ____D C:\ProgramData\NVIDIA 2016-01-28 10:22 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-01-28 10:15 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf 2016-01-28 10:04 - 2010-03-31 18:25 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-01-28 00:47 - 2009-11-20 14:39 - 00019440 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-01-28 00:47 - 2009-11-20 14:39 - 00019440 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-01-27 21:45 - 2015-07-08 20:32 - 00000000 ____D C:\Users\Wolfgang Szyma\Tracing 2016-01-27 21:42 - 2009-11-20 14:35 - 00000000 ____D C:\Windows\Panther 2016-01-27 21:38 - 2009-10-30 18:02 - 00000000 ____D C:\Phenomedia AG 2016-01-27 21:38 - 2009-01-11 06:53 - 00000000 ___HD C:\Program Files\InstallShield Installation Information 2016-01-27 21:16 - 2015-11-14 17:01 - 00000000 ____D C:\Users\Wolfgang Szyma\AppData\Roaming\Skype 2016-01-27 21:16 - 2015-11-14 17:01 - 00000000 ____D C:\ProgramData\Skype 2016-01-27 21:13 - 2009-07-14 03:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2016-01-27 21:04 - 2009-01-11 14:39 - 00000000 ____D C:\Program Files\PACKARD BELL 2016-01-27 21:01 - 2009-10-30 18:11 - 00000000 ____D C:\Phenomedia 2016-01-27 20:59 - 2009-11-20 15:03 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI 2016-01-27 20:59 - 2009-07-14 09:47 - 00699432 _____ C:\Windows\system32\perfh007.dat 2016-01-27 20:59 - 2009-07-14 09:47 - 00149572 _____ C:\Windows\system32\perfc007.dat 2016-01-27 20:50 - 2009-01-11 07:04 - 00000000 ____D C:\Program Files\Google 2016-01-27 20:48 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF 2016-01-27 20:40 - 2009-10-30 16:27 - 00000000 ____D C:\Users\Wolfgang Szyma\AppData\Local\Google 2016-01-27 20:40 - 2009-10-30 16:15 - 00000000 ____D C:\ProgramData\Google 2016-01-27 20:36 - 2009-11-20 14:40 - 00000000 ____D C:\Users\Wolfgang Szyma 2016-01-25 09:49 - 2015-12-26 09:59 - 00017292 _____ C:\Users\Wolfgang Szyma\Documents\Feuerwehreinsätze 2016.odt 2016-01-22 11:04 - 2009-10-30 17:55 - 00017386 _____ C:\Users\Wolfgang Szyma\AppData\Roaming\wklnhst.dat 2016-01-22 11:02 - 2013-02-15 11:19 - 00429056 _____ C:\Users\Wolfgang Szyma\Documents\Meldebogen Neu.wps 2016-01-21 13:48 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache 2016-01-15 18:25 - 2015-12-02 13:33 - 00096216 _____ C:\Users\Wolfgang Szyma\Desktop\ELO Einladung.odt 2016-01-15 18:05 - 2015-02-02 14:33 - 00002123 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-01-14 17:36 - 2010-09-14 11:27 - 00088576 _____ C:\Users\Wolfgang Szyma\Documents\ELW Personal FF Sehnde und Stabspersonal.wps 2016-01-14 17:21 - 2014-12-14 13:58 - 00000000 ____D C:\Windows\system32\appraiser 2016-01-14 17:21 - 2014-05-06 11:23 - 00000000 ___SD C:\Windows\system32\CompatTel 2016-01-14 15:21 - 2013-07-22 13:35 - 00000000 ____D C:\Windows\system32\MRT 2016-01-14 15:18 - 2011-02-02 18:12 - 141317472 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2016-01-14 10:32 - 2015-09-24 10:49 - 00023589 _____ C:\Users\Wolfgang Szyma\Documents\Neues Feuerwehrhaus.odt 2016-01-14 10:27 - 2015-01-17 11:16 - 00018626 _____ C:\Users\Wolfgang Szyma\Documents\Teilnehmerliste ELW ELO Ausbildung.odt 2016-01-14 10:18 - 2010-09-14 09:19 - 00100352 _____ C:\Users\Wolfgang Szyma\Documents\Teilnehmerliste ELO Ausbildung.wps 2016-01-13 09:21 - 2015-09-02 17:03 - 00001098 _____ C:\Users\Public\Desktop\Avira Launcher.lnk 2016-01-13 09:21 - 2014-08-07 08:59 - 00000000 ____D C:\ProgramData\Package Cache 2016-01-13 09:20 - 2012-11-04 11:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2016-01-10 10:11 - 2015-08-15 18:13 - 00044473 _____ C:\Users\Wolfgang Szyma\Desktop\Kinderflohmarkt.odt 2016-01-09 09:15 - 2013-05-05 20:07 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2015-12-29 19:43 - 2009-12-17 19:22 - 00409088 _____ C:\Users\Wolfgang Szyma\Documents\Einsatzleiterhandbuch.wps ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2016-01-27 23:44 - 2016-01-27 23:44 - 0032768 ___SH () C:\Users\Wolfgang Szyma\AppData\Roaming\Thumbs.db 2009-11-01 07:57 - 2009-11-01 10:23 - 0024206 _____ () C:\Users\Wolfgang Szyma\AppData\Roaming\UserTile.png 2009-10-30 17:55 - 2016-01-22 11:04 - 0017386 _____ () C:\Users\Wolfgang Szyma\AppData\Roaming\wklnhst.dat 2011-07-31 11:47 - 2011-07-31 11:47 - 0000000 ____H () C:\Users\Wolfgang Szyma\AppData\Local\BIT167D.tmp 2011-09-27 06:39 - 2011-09-27 06:39 - 0000000 ____H () C:\Users\Wolfgang Szyma\AppData\Local\BIT587C.tmp 2011-08-06 21:16 - 2011-08-06 21:16 - 0000000 _____ () C:\Users\Wolfgang Szyma\AppData\Local\{03D5D677-848C-4FBA-873E-14B86F5CDA68} 2011-10-15 15:23 - 2011-10-15 15:23 - 0000000 _____ () C:\Users\Wolfgang Szyma\AppData\Local\{0C2FA5DA-5D4B-45F9-9B64-5613D8F408B1} 2011-07-13 04:54 - 2011-07-13 04:54 - 0000000 _____ () C:\Users\Wolfgang Szyma\AppData\Local\{152D7969-AA22-453A-8C7F-526544F27619} 2011-11-10 21:26 - 2011-11-10 21:26 - 0000000 _____ () C:\Users\Wolfgang Szyma\AppData\Local\{1D25F5CB-C496-4D86-98B5-AD12EF01CE1D} 2011-12-08 18:47 - 2011-12-08 18:47 - 0000000 _____ () C:\Users\Wolfgang Szyma\AppData\Local\{2AA57838-CD48-4990-9C88-FC872ADA16B5} 2011-06-03 16:35 - 2011-06-03 16:35 - 0000000 _____ () C:\Users\Wolfgang Szyma\AppData\Local\{440B0C85-607F-409A-834B-03B3E8090E8B} 2011-10-02 13:07 - 2011-10-02 13:07 - 0000000 _____ () C:\Users\Wolfgang Szyma\AppData\Local\{57E9DAF7-BEED-44F1-A88F-3AFCB0282DFA} 2011-08-26 20:27 - 2011-08-26 20:27 - 0000000 _____ () C:\Users\Wolfgang Szyma\AppData\Local\{68F37F81-D9C6-4977-92A6-BE44723A5912} 2011-08-31 08:15 - 2011-08-31 08:15 - 0000000 _____ () C:\Users\Wolfgang Szyma\AppData\Local\{7B93A9D5-B298-4FB5-8447-C6340247FDD2} 2011-10-07 16:57 - 2011-10-07 16:57 - 0000000 _____ () C:\Users\Wolfgang Szyma\AppData\Local\{81B889E4-5F67-4CC7-A1C8-BAA135F7CCA4} 2011-12-31 15:56 - 2011-12-31 15:56 - 0000000 _____ () C:\Users\Wolfgang Szyma\AppData\Local\{8B551721-8AE6-4135-99CD-4F6E02000CD8} 2011-09-27 06:38 - 2011-09-27 06:39 - 0000000 _____ () C:\Users\Wolfgang Szyma\AppData\Local\{A8254DFA-13D9-459B-AF7D-EB0C137DF04E} 2015-10-28 14:34 - 2015-10-28 14:34 - 0000000 _____ () C:\Users\Wolfgang Szyma\AppData\Local\{AD019BB9-1E46-4F14-9715-050FD0FDCFAD} 2011-09-20 08:44 - 2011-09-20 08:44 - 0000000 _____ () C:\Users\Wolfgang Szyma\AppData\Local\{B35B1397-A1EB-447C-BB82-72613B0DCC47} 2011-06-24 07:16 - 2011-06-24 07:17 - 0000000 _____ () C:\Users\Wolfgang Szyma\AppData\Local\{DCB8B399-8DF4-4863-99A7-F47CDB12EEE8} 2011-12-27 19:53 - 2011-12-27 19:53 - 0000000 _____ () C:\Users\Wolfgang Szyma\AppData\Local\{E3EC9C23-12F4-4702-A973-661A2A7E07E6} 2011-07-31 11:47 - 2011-07-31 11:47 - 0000000 _____ () C:\Users\Wolfgang Szyma\AppData\Local\{EBF09999-A29B-4816-9075-F28272D988C9} 2011-05-20 07:27 - 2011-05-20 07:27 - 0000000 _____ () C:\Users\Wolfgang Szyma\AppData\Local\{F163295A-1D2A-40C3-AD47-F03A64F0B4B7} 2011-05-20 10:59 - 2011-05-20 10:59 - 0000000 _____ () C:\Users\Wolfgang Szyma\AppData\Local\{FAB7D46D-4CBE-47A9-81B8-6B2A463E4A88} 2015-02-02 14:30 - 2015-02-02 14:30 - 0000057 _____ () C:\ProgramData\Ament.ini 2012-10-08 14:30 - 2012-10-08 14:30 - 0076348 _____ () C:\ProgramData\ldzgpaantewtvka Einige Dateien in TEMP: ==================== C:\Users\Wolfgang Szyma\AppData\Local\Temp\avgnt.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-01-21 13:40 ==================== Ende vom FRST.txt ============================ Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:27-01-2016 durchgeführt von Wolfgang Szyma (2016-01-28 10:32:15) Gestartet von C:\Users\Wolfgang Szyma\Downloads Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2009-11-20 16:17:13) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-123846680-1578171023-879479415-500 - Administrator - Disabled) Gast (S-1-5-21-123846680-1578171023-879479415-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-123846680-1578171023-879479415-1003 - Limited - Enabled) UpdatusUser (S-1-5-21-123846680-1578171023-879479415-1001 - Limited - Enabled) => C:\Users\UpdatusUser Wolfgang Szyma (S-1-5-21-123846680-1578171023-879479415-1000 - Administrator - Enabled) => C:\Users\Wolfgang Szyma ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) Adobe Flash Player 10 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 10.0.32.18 - Adobe Systems Incorporated) Adobe Flash Player ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 9.0.124.0 - Adobe Systems Incorporated) Adobe Photoshop Elements 6.0 (HKLM\...\Adobe Photoshop Elements 6) (Version: 6.0 - Adobe Systems, Inc.) Adobe Reader 9 - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-A90000000001}) (Version: 9.0.0 - Adobe Systems Incorporated) Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG) Avira Launcher (HKLM\...\{eac7da46-2097-4dd4-80a6-8b67cbb2b23f}) (Version: 1.1.53.13962 - Avira Operations GmbH & Co. KG) Avira Launcher (Version: 1.1.53.13962 - Avira Operations GmbH & Co. KG) Hidden Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Google Chrome (HKLM\...\Google Chrome) (Version: 47.0.2526.111 - Google Inc.) Google Update Helper (Version: 1.3.29.1 - Google Inc.) Hidden HP Officejet 4630 series - Grundlegende Software für das Gerät (HKLM\...\{BA105964-9209-4FC9-81D3-15DEE300097F}) (Version: 32.2.188.47710 - Hewlett-Packard Co.) HP Officejet 4630 series Hilfe (HKLM\...\{08B9332C-26DB-4EF3-85D6-6DC62B937681}) (Version: 31.0.0 - Hewlett Packard) HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.7702 - HP) HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) I.R.I.S. OCR (HKLM\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP) Java 7 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle) Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office PowerPoint Viewer 2007 (German) (HKLM\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Works 9.0 SE (HKLM\...\Works9se) (Version: - ) Moorhuhn Kart 2 XS (HKLM\...\{DDABECD7-C579-4477-8B5F-B817AF54B2DC}) (Version: - ) Moorhuhn Kart Extra XXL (HKLM\...\{DE60CAE2-4CA8-4A6A-A557-0668004FE889}) (Version: - ) Moorhuhn Pinball XS (HKLM\...\Moorhuhn Pinball XS) (Version: - ) Moorhuhn Wanted XS (HKLM\...\{3F0DD9B2-A9F2-4D67-B6A1-E4864CBF2E61}) (Version: - ) Moorhuhn WE AYCS (HKLM\...\{F92CDFEB-DB96-4589-B88C-BE181D153445}) (Version: - ) Moorhuhn X - XS (HKLM\...\{21BBAD12-C75F-4F06-A9B0-6F8BEEAF3846}) (Version: - ) Moorhuhnjagd AYCS (HKLM\...\{4266BAFB-E6E6-4FB8-A475-632A1FE8615D}) (Version: - ) Mozilla Firefox 43.0.4 (x86 de) (HKLM\...\Mozilla Firefox 43.0.4 (x86 de)) (Version: 43.0.4 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla) MSI to redistribute MS VS2005 CRT libraries (HKLM\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project) MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Nero 8 Essentials (HKLM\...\{3559CDE0-11FC-4D7B-A65C-D646035B1031}) (Version: 8.3.389 - Nero AG) Norton Internet Security (Version: 16.0.0.125 - Symantec Corporation) Hidden NVIDIA 3D Vision Treiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation) NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.3 - NVIDIA Corporation) NVIDIA Grafiktreiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation) NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation) OpenOffice.org 3.1 (HKLM\...\{99E862CC-6F69-4D39-99AA-DBF71BF3B585}) (Version: 3.1.9420 - OpenOffice.org) Packard Bell ImageWriter (HKLM\...\{F4EA67C9-6748-4C1E-9AFF-04149AC75D95}) (Version: 1.00.0000 - ) Packard Bell Updator (HKLM\...\{CA786CFF-1D31-4804-B436-F3405B14357F}) (Version: 3.00.0000 - ) Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: - Realtek Semiconductor Corp.) Resy2000 (HKLM\...\Resy2000) (Version: - ) sceptros (1.0.4.0) (HKLM\...\sceptros_is1) (Version: - P.Adler) Studie zur Verbesserung von HP Officejet 4630 series (HKLM\...\{2261DB18-5F81-4142-9C67-DD2E047FB93D}) (Version: 32.2.188.47710 - Hewlett-Packard Co.) tiptoi® Manager 3.0.9 (HKLM\...\9978-5763-2995-5228) (Version: 3.0.9 - Ravensburger AG) Upgrade Kit (HKLM\...\{1D0FDD6D-3C5E-4588-8ED0-02DC88014BF2}) (Version: 1.00.3002 - Packard Bell) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM Task: {270CFB52-8627-4618-B659-08FD753E804E} - System32\Tasks\HPCustParticipation HP Officejet 4630 series => C:\Program Files\HP\HP Officejet 4630 series\Bin\HPCustPartic.exe [2014-03-06] (Hewlett-Packard Co.) Task: {27AF4ACB-61C2-4CA6-88BF-7A3403707448} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation) Task: {561375CB-FF5A-417B-B297-BA73DE149581} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs Task: {60B34DAB-676A-4475-B953-9B0E36643947} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation) Task: {6AEF0C98-2CB4-4B67-8C70-4C977C7355CC} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc Task: {8B99CAEE-31D4-4601-8940-D56F7A153DF9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {B40700A1-B251-4133-86E3-1F0CAD94551F} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Wolfgang Szyma => C:\Program Files\Windows Calendar\WinCal.exe Task: {D622195C-D680-4FEA-9C56-59660C7C9E94} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs Task: {ED7003AB-130F-42CE-84DE-CB6DA74DA3B0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ShortcutWithArgument: C:\Users\Wolfgang Szyma\Desktop\Unwichtig\eBay.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://go.packardbell.com/?id=9276 ShortcutWithArgument: C:\Users\Wolfgang Szyma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\eBay.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://go.packardbell.com/?id=9276 ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2012-11-18 11:16 - 2013-01-18 15:20 - 00079648 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll 2007-09-11 00:45 - 2007-09-11 00:45 - 00124832 _____ () C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2006-11-02 11:23 - 2006-09-18 22:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-123846680-1578171023-879479415-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Wolfgang Szyma\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.179.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) MSCONFIG\startupfolder: C:^Users^Wolfgang Szyma^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^ch8l0.exe.lnk => C:\Windows\pss\ch8l0.exe.lnk.Startup MSCONFIG\startupfolder: C:^Users^Wolfgang Szyma^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.1.lnk => C:\Windows\pss\OpenOffice.org 3.1.lnk.Startup MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" MSCONFIG\startupreg: Google Desktop Search => "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup MSCONFIG\startupreg: Skytel => Skytel.exe ==================== FirewallRules (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{9C7609E1-B270-4143-B1FC-DC217D6C45DD}] => (Allow) C:\Program Files\Adobe\Photoshop Elements 6.0\AdobePhotoshopElementsMediaServer.exe FirewallRules: [{FB5F3326-0C72-4348-90B6-33494B3612C1}] => (Allow) C:\Program Files\Adobe\Photoshop Elements 6.0\AdobePhotoshopElementsMediaServer.exe FirewallRules: [{6CFADFD3-3A79-4FED-89CB-AE42B781F398}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{DF8B9203-7FC2-48E2-96B5-27552970AE10}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{E18881C9-62C7-469E-BD8A-2ADDF3BF7EEC}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe FirewallRules: [{52F28387-5F3A-4F14-91D6-7A42A2B7DD5E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{41EE6336-FD06-4F90-AE7B-B8DA4DA95755}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{8A92DB56-2D36-4AFF-B960-54ED956B4791}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\bin\FaxApplications.exe FirewallRules: [{919E0EA2-6902-47F4-9C9C-F887F07C5BE4}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\bin\DigitalWizards.exe FirewallRules: [{4F1FC8C8-447C-439F-B83D-CE678E7B297D}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\bin\SendAFax.exe FirewallRules: [{8624AFAE-D4A5-422D-83FC-6530AAA2343B}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\Bin\DeviceSetup.exe FirewallRules: [{378A84E9-6094-4172-A76F-4EAF3B2095C8}] => (Allow) LPort=5357 FirewallRules: [{FC232D5D-E552-402A-A5A7-525ACA74BAA5}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [TCP Query User{7AB00BAE-D10F-4EE2-AE23-E8B7F823B872}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{6D2F63F8-4211-489B-BD34-96A5A760AF8E}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe FirewallRules: [{059E006B-68C6-4B9C-9AB4-63AD7479AD1F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{CF1C9D53-2998-440F-B778-975F39878159}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{72FAA82C-F115-4F80-A33F-775FD7572A1B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Wiederherstellungspunkte ========================= 14-01-2016 15:16:40 Windows Update 18-01-2016 11:13:29 Windows-Sicherung 25-01-2016 09:49:53 Windows-Sicherung 27-01-2016 20:41:33 Removed Skype Click to Call 27-01-2016 21:04:30 Entfernt MetaBoli 27-01-2016 21:05:49 Removed HDRegDE 27-01-2016 21:06:22 Windows Live Sync wird entfernt 27-01-2016 21:12:44 Windows Live-Uploadtool wird entfernt 27-01-2016 21:13:10 Windows Live Anmelde-Assistent wird entfernt 27-01-2016 21:13:36 Windows 7 Upgrade Advisor wird entfernt 27-01-2016 21:15:40 Removed Skype™ 7.14 27-01-2016 21:17:28 Removed Skype Click to Call 27-01-2016 21:18:24 Entfernt Setup My PC 27-01-2016 21:38:05 Entfernt Der Schatz des Pharao XS 27-01-2016 21:39:21 Removed Japanese Fonts Support For Adobe Reader 9. ==================== Fehlerhafte Geräte im Gerätemanager ============= Name: Microsoft PS/2-Maus Description: Microsoft PS/2-Maus Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: i8042prt Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (01/28/2016 10:23:15 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/27/2016 11:46:46 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/27/2016 11:42:54 PM) (Source: Windows Search Service) (EventID: 7010) (User: ) Description: Der Index kann nicht initialisiert werden. Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) Error: (01/27/2016 11:42:54 PM) (Source: Windows Search Service) (EventID: 3058) (User: ) Description: Die Anwendung kann nicht initialisiert werden. Kontext: Windows Anwendung Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) Error: (01/27/2016 11:42:54 PM) (Source: Windows Search Service) (EventID: 3028) (User: ) Description: Das Gatherer-Objekt kann nicht initialisiert werden. Kontext: Windows Anwendung, SystemIndex Katalog Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) Error: (01/27/2016 11:42:54 PM) (Source: Windows Search Service) (EventID: 3029) (User: ) Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden. Kontext: Windows Anwendung, SystemIndex Katalog Details: Element nicht gefunden. (HRESULT : 0x80070490) (0x80070490) Error: (01/27/2016 11:42:53 PM) (Source: Windows Search Service) (EventID: 3029) (User: ) Description: Plug-In in <Search.JetPropStore> kann nicht initialisiert werden. Kontext: Windows Anwendung, SystemIndex Katalog Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) Error: (01/27/2016 11:42:53 PM) (Source: Windows Search Service) (EventID: 9002) (User: ) Description: Die Eigenschaftenspeicherdaten können von Windows Search nicht geladen werden. Kontext: Windows Anwendung, SystemIndex Katalog Details: Die Inhaltsindexdatenbank ist fehlerhaft. (HRESULT : 0xc0041800) (0xc0041800) Error: (01/27/2016 11:42:53 PM) (Source: Windows Search Service) (EventID: 7042) (User: ) Description: Windows Search wird aufgrund eines Problems bei der Indizierung The catalog is corrupt beendet. Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) Error: (01/27/2016 11:42:53 PM) (Source: Windows Search Service) (EventID: 7040) (User: ) Description: Vom Suchdienst wurden beschädigte Datendateien im Index {id=4700} erkannt. Vom Dienst wird versucht, dieses Problem durch Neuerstellung des Indexes automatisch zu beheben. Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) Systemfehler: ============= Error: (01/28/2016 10:25:15 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: %%1069 Error: (01/28/2016 10:25:15 AM) (Source: Service Control Manager) (EventID: 7038) (User: ) Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: %%1330 Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC). Error: (01/28/2016 10:18:38 AM) (Source: FWLANUSB) (EventID: 5002) (User: ) Description: AVM FRITZ!WLAN USB Stick v1.1 : Fehlfunktion des Netzwerkadapters wurde ermittelt. Error: (01/28/2016 10:18:33 AM) (Source: FWLANUSB) (EventID: 5002) (User: ) Description: AVM FRITZ!WLAN USB Stick v1.1 : Fehlfunktion des Netzwerkadapters wurde ermittelt. Error: (01/28/2016 10:18:25 AM) (Source: FWLANUSB) (EventID: 5002) (User: ) Description: AVM FRITZ!WLAN USB Stick v1.1 : Fehlfunktion des Netzwerkadapters wurde ermittelt. Error: (01/28/2016 10:18:18 AM) (Source: FWLANUSB) (EventID: 5002) (User: ) Description: AVM FRITZ!WLAN USB Stick v1.1 : Fehlfunktion des Netzwerkadapters wurde ermittelt. Error: (01/28/2016 10:18:09 AM) (Source: FWLANUSB) (EventID: 5002) (User: ) Description: AVM FRITZ!WLAN USB Stick v1.1 : Fehlfunktion des Netzwerkadapters wurde ermittelt. Error: (01/28/2016 10:18:02 AM) (Source: FWLANUSB) (EventID: 5002) (User: ) Description: AVM FRITZ!WLAN USB Stick v1.1 : Fehlfunktion des Netzwerkadapters wurde ermittelt. Error: (01/28/2016 10:14:09 AM) (Source: FWLANUSB) (EventID: 5002) (User: ) Description: AVM FRITZ!WLAN USB Stick v1.1 : Fehlfunktion des Netzwerkadapters wurde ermittelt. Error: (01/28/2016 10:14:02 AM) (Source: FWLANUSB) (EventID: 5002) (User: ) Description: AVM FRITZ!WLAN USB Stick v1.1 : Fehlfunktion des Netzwerkadapters wurde ermittelt. ==================== Memory info =========================== Processor: Pentium(R) Dual-Core CPU E5200 @ 2.50GHz Prozentuale Nutzung des RAM: 34% Installierter physikalischer RAM: 3071.24 MB Verfügbarer physikalischer RAM: 2002.64 MB Summe virtueller Speicher: 6142.48 MB Verfügbarer virtueller Speicher: 4756.01 MB ==================== Laufwerke ================================ Drive c: (OS) (Fixed) (Total:284.09 GB) (Free:233.13 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)] ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: D37BFC98) Partition 1: (Not Active) - (Size=14 GB) - (Type=27) Partition 2: (Active) - (Size=284.1 GB) - (Type=07 NTFS) ==================== Ende vom Addition.txt ============================ |
29.01.2016, 20:53 | #2 |
/// Selecta Jahrusso | Windows 7: Rechner wirkt träge, Betroffener "versendet" Spam-MailsIn der FRST Logfile ist jetzt mal nichts zu finden. Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
31.01.2016, 21:01 | #3 |
| Windows 7: Rechner wirkt träge, Betroffener "versendet" Spam-Mails Hallo,
__________________vielen >Dank für deine Analyse. Das hört sich gut an. Hier der geforderte Log. Entschuldigung vielmals für die Verspätete Abgabe. Code:
ATTFilter 20:58:27.0336 0x17c0 TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12 20:58:32.0328 0x17c0 ============================================================ 20:58:32.0328 0x17c0 Current date / time: 2016/01/31 20:58:32.0328 20:58:32.0328 0x17c0 SystemInfo: 20:58:32.0328 0x17c0 20:58:32.0328 0x17c0 OS Version: 6.1.7601 ServicePack: 1.0 20:58:32.0328 0x17c0 Product type: Workstation 20:58:32.0328 0x17c0 ComputerName: WOLFGANGSZYM-PC 20:58:32.0328 0x17c0 UserName: Wolfgang Szyma 20:58:32.0328 0x17c0 Windows directory: C:\Windows 20:58:32.0328 0x17c0 System windows directory: C:\Windows 20:58:32.0328 0x17c0 Processor architecture: Intel x86 20:58:32.0328 0x17c0 Number of processors: 2 20:58:32.0328 0x17c0 Page size: 0x1000 20:58:32.0328 0x17c0 Boot type: Normal boot 20:58:32.0328 0x17c0 ============================================================ 20:58:32.0562 0x17c0 KLMD registered as C:\Windows\system32\drivers\17338454.sys 20:58:32.0937 0x17c0 System UUID: {6EEC18F2-3A43-96EA-D912-E77158D67817} 20:58:33.0420 0x17c0 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 20:58:33.0483 0x17c0 ============================================================ 20:58:33.0483 0x17c0 \Device\Harddisk0\DR0: 20:58:33.0483 0x17c0 MBR partitions: 20:58:33.0483 0x17c0 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1C00800, BlocksNum 0x2382DAB0 20:58:33.0483 0x17c0 ============================================================ 20:58:33.0514 0x17c0 C: <-> \Device\Harddisk0\DR0\Partition1 20:58:33.0514 0x17c0 ============================================================ 20:58:33.0514 0x17c0 Initialize success 20:58:33.0514 0x17c0 ============================================================ 20:58:38.0085 0x1114 ============================================================ 20:58:38.0085 0x1114 Scan started 20:58:38.0085 0x1114 Mode: Manual; 20:58:38.0085 0x1114 ============================================================ 20:58:38.0085 0x1114 KSN ping started 20:58:52.0483 0x1114 KSN ping finished: true 20:58:53.0700 0x1114 ================ Scan system memory ======================== 20:58:53.0700 0x1114 System memory - ok 20:58:53.0700 0x1114 ================ Scan services ============================= 20:58:53.0903 0x1114 [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 20:58:53.0903 0x1114 1394ohci - ok 20:58:53.0965 0x1114 [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI C:\Windows\system32\drivers\ACPI.sys 20:58:53.0965 0x1114 ACPI - ok 20:58:54.0012 0x1114 [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 20:58:54.0012 0x1114 AcpiPmi - ok 20:58:54.0090 0x1114 [ E8FE4FCE23D2809BD88BCC1D0F8408CE, D744A1052BF104490A8D9BDE2B331F2C0157FCF58B54867E192B62CEE85F697E ] AdobeActiveFileMonitor6.0 C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe 20:58:54.0106 0x1114 AdobeActiveFileMonitor6.0 - ok 20:58:54.0168 0x1114 [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys 20:58:54.0184 0x1114 adp94xx - ok 20:58:54.0231 0x1114 [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys 20:58:54.0246 0x1114 adpahci - ok 20:58:54.0277 0x1114 [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys 20:58:54.0277 0x1114 adpu320 - ok 20:58:54.0324 0x1114 [ 39AEAECE9F42407F176FE130D790BFBE, 19010DF87BDC1884268098CC04B4B15ECB710C94054A57157C0F9B7A795BDB28 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 20:58:54.0324 0x1114 AeLookupSvc - ok 20:58:54.0371 0x1114 [ 93B49FA857F7036A4EFF32371F6E7391, B9B2867D9A80E7F028E9D7C6ABCB9EC5198ACE28CEE101C5A846666B356B2843 ] AFD C:\Windows\system32\drivers\afd.sys 20:58:54.0371 0x1114 AFD - ok 20:58:54.0418 0x1114 [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\Windows\system32\drivers\agp440.sys 20:58:54.0418 0x1114 agp440 - ok 20:58:54.0449 0x1114 [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys 20:58:54.0465 0x1114 aic78xx - ok 20:58:54.0543 0x1114 [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\Windows\System32\alg.exe 20:58:54.0543 0x1114 ALG - ok 20:58:54.0574 0x1114 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\Windows\system32\drivers\aliide.sys 20:58:54.0574 0x1114 aliide - ok 20:58:54.0605 0x1114 [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\Windows\system32\drivers\amdagp.sys 20:58:54.0621 0x1114 amdagp - ok 20:58:54.0730 0x1114 [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\Windows\system32\drivers\amdide.sys 20:58:54.0730 0x1114 amdide - ok 20:58:54.0777 0x1114 [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys 20:58:54.0792 0x1114 AmdK8 - ok 20:58:54.0808 0x1114 [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys 20:58:54.0823 0x1114 AmdPPM - ok 20:58:54.0839 0x1114 [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata C:\Windows\system32\drivers\amdsata.sys 20:58:54.0855 0x1114 amdsata - ok 20:58:54.0870 0x1114 [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys 20:58:54.0886 0x1114 amdsbs - ok 20:58:54.0901 0x1114 [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata C:\Windows\system32\drivers\amdxata.sys 20:58:54.0901 0x1114 amdxata - ok 20:58:54.0995 0x1114 [ 81E02299B534F61E104C1235519C37B3, B389458C13A0E0717365B7CE371A6B768EB2F98C4CDBAA6DCBBBDE3A2B1D8B14 ] AntiVirMailService C:\Program Files\Avira\AntiVir Desktop\avmailc7.exe 20:58:55.0026 0x1114 AntiVirMailService - ok 20:58:55.0089 0x1114 [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe 20:58:55.0104 0x1114 AntiVirSchedulerService - ok 20:58:55.0135 0x1114 [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe 20:58:55.0151 0x1114 AntiVirService - ok 20:58:55.0229 0x1114 [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F, 827400CFB53026757B3D75B6C5AC7BBECE7E62B335160C18CBF6A41047F4A400 ] AntiVirWebService C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe 20:58:55.0276 0x1114 AntiVirWebService - ok 20:58:55.0323 0x1114 [ FE4F2ADE5DBB3B888E9EB0A1FBA1F152, B17053A912C73835A2E80176D79885B530E15240B988125114B6B877C903D61C ] AppID C:\Windows\system32\drivers\appid.sys 20:58:55.0323 0x1114 AppID - ok 20:58:55.0338 0x1114 [ A4DA304773AC1396792C5DE1D1EB601A, ECD23FF67FB1C4B94DBE23F6724E2DA0917CE0E479DE9C9F790A8635A2234950 ] AppIDSvc C:\Windows\System32\appidsvc.dll 20:58:55.0338 0x1114 AppIDSvc - ok 20:58:55.0369 0x1114 [ 133A7896E643D139443B47FDBFA327C7, 371FC602B531DF1EFDCEEC3A2F5497A0D0BE7F558B0583F572862C69A65BD454 ] Appinfo C:\Windows\System32\appinfo.dll 20:58:55.0369 0x1114 Appinfo - ok 20:58:55.0416 0x1114 [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\Windows\system32\DRIVERS\arc.sys 20:58:55.0432 0x1114 arc - ok 20:58:55.0447 0x1114 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys 20:58:55.0463 0x1114 arcsas - ok 20:58:55.0572 0x1114 [ 537B2948976F5D9B5767B74A63EBB395, 1A14F8B582E74AD15B612EDA5B707AA3CB0B2A107ED14572B4232EAA7383B634 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe 20:58:55.0619 0x1114 aspnet_state - ok 20:58:55.0650 0x1114 [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 20:58:55.0650 0x1114 AsyncMac - ok 20:58:55.0697 0x1114 [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\Windows\system32\drivers\atapi.sys 20:58:55.0697 0x1114 atapi - ok 20:58:55.0759 0x1114 [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 20:58:55.0759 0x1114 AudioEndpointBuilder - ok 20:58:55.0791 0x1114 [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] Audiosrv C:\Windows\System32\Audiosrv.dll 20:58:55.0791 0x1114 Audiosrv - ok 20:58:55.0822 0x1114 [ 0F0030B2C9AABCC8D1E70F1A1E9674D8, B4384E3F0BE7E68630212A7D81CD171233BB242F9720893638D0A6B496F98E6C ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys 20:58:55.0837 0x1114 avgntflt - ok 20:58:55.0869 0x1114 [ 48C94CD2D3DC713C2DF1BBA93386F4CB, 20DFAAEAF8F81F84A9F5614ECEBCED0D08BBB6874078BC32D53273F064A0103A ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys 20:58:55.0869 0x1114 avipbb - ok 20:58:55.0978 0x1114 [ BB73DD7B20132FB1A30990E025DEA1E4, 6A474ABB8B2D696ECBC50D717AF11E8F77DA65DEDA4B663E4496B89F624847DE ] Avira.ServiceHost C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe 20:58:55.0993 0x1114 Avira.ServiceHost - ok 20:58:56.0009 0x1114 [ F80F5DCA8A5D9D93CC5BE933D20CAF05, 2AFBB2D62127FACBCABBB3E78F3568A6BA016ED4A97A1490BAA29A1EFB7A4408 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys 20:58:56.0025 0x1114 avkmgr - ok 20:58:56.0087 0x1114 [ 60D8008158CFAB4F76294F1C1C2FF44A, 011F35726F815D0FE18557187439B36C0C906B857FDCED4CE3F4A50737322EBB ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys 20:58:56.0103 0x1114 avnetflt - ok 20:58:56.0165 0x1114 [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV C:\Windows\System32\AxInstSV.dll 20:58:56.0165 0x1114 AxInstSV - ok 20:58:56.0212 0x1114 [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys 20:58:56.0227 0x1114 b06bdrv - ok 20:58:56.0259 0x1114 [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys 20:58:56.0274 0x1114 b57nd60x - ok 20:58:56.0321 0x1114 [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\Windows\System32\bdesvc.dll 20:58:56.0321 0x1114 BDESVC - ok 20:58:56.0337 0x1114 [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\Windows\system32\drivers\Beep.sys 20:58:56.0337 0x1114 Beep - ok 20:58:56.0399 0x1114 [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE C:\Windows\System32\bfe.dll 20:58:56.0399 0x1114 BFE - ok 20:58:56.0430 0x1114 [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS C:\Windows\System32\qmgr.dll 20:58:56.0446 0x1114 BITS - ok 20:58:56.0493 0x1114 [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 20:58:56.0493 0x1114 blbdrive - ok 20:58:56.0524 0x1114 [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 20:58:56.0524 0x1114 bowser - ok 20:58:56.0539 0x1114 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys 20:58:56.0539 0x1114 BrFiltLo - ok 20:58:56.0555 0x1114 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys 20:58:56.0571 0x1114 BrFiltUp - ok 20:58:56.0586 0x1114 [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser C:\Windows\System32\browser.dll 20:58:56.0602 0x1114 Browser - ok 20:58:56.0649 0x1114 [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\Windows\System32\Drivers\Brserid.sys 20:58:56.0664 0x1114 Brserid - ok 20:58:56.0680 0x1114 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 20:58:56.0695 0x1114 BrSerWdm - ok 20:58:56.0695 0x1114 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 20:58:56.0711 0x1114 BrUsbMdm - ok 20:58:56.0711 0x1114 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 20:58:56.0727 0x1114 BrUsbSer - ok 20:58:56.0742 0x1114 [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys 20:58:56.0742 0x1114 BTHMODEM - ok 20:58:56.0789 0x1114 [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\Windows\system32\bthserv.dll 20:58:56.0789 0x1114 bthserv - ok 20:58:56.0820 0x1114 [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 20:58:56.0820 0x1114 cdfs - ok 20:58:56.0851 0x1114 [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 20:58:56.0851 0x1114 cdrom - ok 20:58:56.0898 0x1114 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc C:\Windows\System32\certprop.dll 20:58:56.0914 0x1114 CertPropSvc - ok 20:58:56.0945 0x1114 [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\Windows\system32\DRIVERS\circlass.sys 20:58:56.0961 0x1114 circlass - ok 20:58:56.0992 0x1114 [ 33A60554882FDF59CDA3E1806370BBA1, 3DE5451E1CB84AAEBD03F54BEFC670C401447B4881A8B022748B6ECF0F500F01 ] CLFS C:\Windows\system32\CLFS.sys 20:58:57.0007 0x1114 CLFS - ok 20:58:57.0070 0x1114 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 20:58:57.0070 0x1114 clr_optimization_v2.0.50727_32 - ok 20:58:57.0132 0x1114 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 20:58:57.0210 0x1114 clr_optimization_v4.0.30319_32 - ok 20:58:57.0226 0x1114 [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 20:58:57.0241 0x1114 CmBatt - ok 20:58:57.0273 0x1114 [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\Windows\system32\drivers\cmdide.sys 20:58:57.0273 0x1114 cmdide - ok 20:58:57.0319 0x1114 [ 780FFC005741C9316576086155E55F56, D863E5657F1468410BBDD657D5EA8A2FDDB70FED459CDE3178CB8FDB910058EC ] CNG C:\Windows\system32\Drivers\cng.sys 20:58:57.0335 0x1114 CNG - ok 20:58:57.0351 0x1114 [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 20:58:57.0351 0x1114 Compbatt - ok 20:58:57.0397 0x1114 [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 20:58:57.0397 0x1114 CompositeBus - ok 20:58:57.0413 0x1114 COMSysApp - ok 20:58:57.0460 0x1114 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys 20:58:57.0460 0x1114 crcdisk - ok 20:58:57.0507 0x1114 [ 33F67BBCC3C0499D3F3382473114CFA8, FDDCC41CE005B7C1BEBB6F4ACA9A3F10E5972792ADFD7D294E70A0B781460981 ] CryptSvc C:\Windows\system32\cryptsvc.dll 20:58:57.0507 0x1114 CryptSvc - ok 20:58:57.0553 0x1114 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch C:\Windows\system32\rpcss.dll 20:58:57.0553 0x1114 DcomLaunch - ok 20:58:57.0600 0x1114 [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\Windows\System32\defragsvc.dll 20:58:57.0600 0x1114 defragsvc - ok 20:58:57.0647 0x1114 [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 20:58:57.0647 0x1114 DfsC - ok 20:58:57.0709 0x1114 [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp C:\Windows\system32\dhcpcore.dll 20:58:57.0709 0x1114 Dhcp - ok 20:58:57.0803 0x1114 [ 0A3386E3CF9C5D089D695AC5A35F4C6F, D610071493EB95FCE39E24C457A0B5BBA131193159E43FDC1E8EDABB9C7AB81A ] DiagTrack C:\Windows\system32\diagtrack.dll 20:58:57.0819 0x1114 DiagTrack - ok 20:58:57.0834 0x1114 [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\Windows\system32\drivers\discache.sys 20:58:57.0834 0x1114 discache - ok 20:58:57.0865 0x107c Object required for P2P: [ 81E02299B534F61E104C1235519C37B3 ] AntiVirMailService 20:58:57.0881 0x1114 [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk C:\Windows\system32\DRIVERS\disk.sys 20:58:57.0881 0x1114 Disk - ok 20:58:57.0912 0x1114 [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache C:\Windows\System32\dnsrslvr.dll 20:58:57.0912 0x1114 Dnscache - ok 20:58:57.0959 0x1114 [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc C:\Windows\System32\dot3svc.dll 20:58:57.0959 0x1114 dot3svc - ok 20:58:58.0006 0x1114 [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS C:\Windows\system32\dps.dll 20:58:58.0021 0x1114 DPS - ok 20:58:58.0053 0x1114 [ A3F684B866A7D89AE396276CE7AFD416, 1E4C034B7B106FA403B13842A199D88A33B492A577B58CDDAE0B4706266B9565 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 20:58:58.0053 0x1114 drmkaud - ok 20:58:58.0115 0x1114 [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 20:58:58.0131 0x1114 DXGKrnl - ok 20:58:58.0177 0x1114 [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\Windows\System32\eapsvc.dll 20:58:58.0177 0x1114 EapHost - ok 20:58:58.0318 0x1114 [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys 20:58:58.0396 0x1114 ebdrv - ok 20:58:58.0458 0x1114 [ 4C8FF1947E9740EA266CEA330496899D, D1B90D880E19982D9AD85753F5E622FEDB097DEF912450646B27C49AEC72E0C7 ] EFS C:\Windows\System32\lsass.exe 20:58:58.0458 0x1114 EFS - ok 20:58:58.0536 0x1114 [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr C:\Windows\ehome\ehRecvr.exe 20:58:58.0536 0x1114 ehRecvr - ok 20:58:58.0583 0x1114 [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\Windows\ehome\ehsched.exe 20:58:58.0583 0x1114 ehSched - ok 20:58:58.0645 0x1114 [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys 20:58:58.0661 0x1114 elxstor - ok 20:58:58.0692 0x1114 [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\Windows\system32\drivers\errdev.sys 20:58:58.0692 0x1114 ErrDev - ok 20:58:58.0739 0x1114 [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\Windows\system32\es.dll 20:58:58.0739 0x1114 EventSystem - ok 20:58:58.0770 0x1114 [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\Windows\system32\drivers\exfat.sys 20:58:58.0770 0x1114 exfat - ok 20:58:58.0801 0x1114 [ 42F721C52EEF2D6DF9372A53813A83EF, 0222DE06A8C0CB257C646870554217C3587215E88EFB32399173106C205FD5CB ] ezSharedSvc C:\Windows\System32\ezsvc7.dll 20:58:58.0817 0x1114 ezSharedSvc - ok 20:58:58.0833 0x1114 [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\Windows\system32\drivers\fastfat.sys 20:58:58.0833 0x1114 fastfat - ok 20:58:58.0879 0x1114 [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax C:\Windows\system32\fxssvc.exe 20:58:58.0895 0x1114 Fax - ok 20:58:58.0942 0x1114 [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\Windows\system32\DRIVERS\fdc.sys 20:58:58.0942 0x1114 fdc - ok 20:58:58.0973 0x1114 [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\Windows\system32\fdPHost.dll 20:58:58.0973 0x1114 fdPHost - ok 20:58:59.0004 0x1114 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\Windows\system32\fdrespub.dll 20:58:59.0004 0x1114 FDResPub - ok 20:58:59.0004 0x1114 [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 20:58:59.0020 0x1114 FileInfo - ok 20:58:59.0020 0x1114 [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 20:58:59.0035 0x1114 Filetrace - ok 20:58:59.0113 0x1114 [ 227846995AFEEFA70D328BF5334A86A5, B8EF22DE552B44E7DC352742C775BB6B4992B653AF4B66B231A60182CE7A7201 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 20:58:59.0145 0x1114 FLEXnet Licensing Service - ok 20:58:59.0160 0x1114 [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 20:58:59.0160 0x1114 flpydisk - ok 20:58:59.0191 0x115c Object required for P2P: [ BB73DD7B20132FB1A30990E025DEA1E4 ] Avira.ServiceHost 20:58:59.0207 0x1114 [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 20:58:59.0207 0x1114 FltMgr - ok 20:58:59.0285 0x1114 [ 23D3F12CA9DEB6EF02DEDC621EC661AC, AA3718715ADFE1666757BCD79D5A8DC591C2C5185802F51A27C119C4C30F360A ] FontCache C:\Windows\system32\FntCache.dll 20:58:59.0301 0x1114 FontCache - ok 20:58:59.0363 0x1114 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 20:58:59.0363 0x1114 FontCache3.0.0.0 - ok 20:58:59.0394 0x1114 [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 20:58:59.0394 0x1114 FsDepends - ok 20:58:59.0410 0x1114 [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 20:58:59.0410 0x1114 Fs_Rec - ok 20:58:59.0457 0x1114 [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 20:58:59.0472 0x1114 fvevol - ok 20:58:59.0519 0x1114 [ B45F1DF1CCE34E2AF422F0ED78CD70EF, 2B0E705B2274B5801FE70C2A44D9B73BB2D5659BBBB03631737EC55E8D90E997 ] FWLANUSB C:\Windows\system32\DRIVERS\fwlanusb.sys 20:58:59.0535 0x1114 FWLANUSB - ok 20:58:59.0581 0x1114 [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys 20:58:59.0581 0x1114 gagp30kx - ok 20:58:59.0581 0x1114 GenericHidService - ok 20:58:59.0644 0x1114 [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc C:\Windows\System32\gpsvc.dll 20:58:59.0659 0x1114 gpsvc - ok 20:58:59.0753 0x1114 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe 20:58:59.0769 0x1114 gupdate - ok 20:58:59.0769 0x1114 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe 20:58:59.0769 0x1114 gupdatem - ok 20:58:59.0815 0x1114 [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 20:58:59.0815 0x1114 hcw85cir - ok 20:58:59.0847 0x1114 [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys 20:58:59.0862 0x1114 HDAudBus - ok 20:58:59.0878 0x1114 [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys 20:58:59.0878 0x1114 HidBatt - ok 20:58:59.0893 0x1114 [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys 20:58:59.0909 0x1114 HidBth - ok 20:58:59.0940 0x1114 [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\Windows\system32\DRIVERS\hidir.sys 20:58:59.0956 0x1114 HidIr - ok 20:58:59.0987 0x1114 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\Windows\system32\hidserv.dll 20:58:59.0987 0x1114 hidserv - ok 20:59:00.0034 0x1114 [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 20:59:00.0034 0x1114 HidUsb - ok 20:59:00.0065 0x1114 [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc C:\Windows\system32\kmsvc.dll 20:59:00.0081 0x1114 hkmsvc - ok 20:59:00.0096 0x1114 [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll 20:59:00.0112 0x1114 HomeGroupListener - ok 20:59:00.0143 0x1114 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 20:59:00.0143 0x1114 HomeGroupProvider - ok 20:59:00.0190 0x1114 [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 20:59:00.0190 0x1114 HpSAMD - ok 20:59:00.0237 0x1114 [ 487569E5DA56A5A432FF8AF6D3599CF9, 7C974D8379C60B4F69A20B01876C49181B0A63AC318C4BD0A21DABFF27A15C9D ] HTTP C:\Windows\system32\drivers\HTTP.sys 20:59:00.0252 0x1114 HTTP - ok 20:59:00.0283 0x1114 [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 20:59:00.0283 0x1114 hwpolicy - ok 20:59:00.0315 0x1114 [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys 20:59:00.0315 0x1114 i8042prt - ok 20:59:00.0361 0x1114 [ D483687EACE0C065EE772481A96E05F5, A22200E90C78DFE73FE0FBEED5331AB43CD7133651FD125595C4DB604AD71B29 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys 20:59:00.0377 0x107c Object send P2P result: true 20:59:00.0377 0x107c Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirSchedulerService 20:59:00.0377 0x1114 iaStor - ok 20:59:00.0408 0x1114 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 20:59:00.0424 0x1114 iaStorV - ok 20:59:00.0502 0x1114 [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 20:59:00.0517 0x1114 idsvc - ok 20:59:00.0549 0x1114 IEEtwCollectorService - ok 20:59:00.0595 0x1114 [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys 20:59:00.0595 0x1114 iirsp - ok 20:59:00.0689 0x1114 [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT C:\Windows\System32\ikeext.dll 20:59:00.0689 0x1114 IKEEXT - ok 20:59:00.0814 0x1114 [ 219CA9A36D6DE2EC04F958C907673436, 44B5501263F5DA324E90D59264F8B39F69F4B3EADAFCFC983196A4CEB2C8F54C ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys 20:59:00.0876 0x1114 IntcAzAudAddService - ok 20:59:00.0923 0x1114 [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\Windows\system32\drivers\intelide.sys 20:59:00.0923 0x1114 intelide - ok 20:59:00.0970 0x1114 [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 20:59:00.0970 0x1114 intelppm - ok 20:59:01.0001 0x1114 [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\Windows\system32\ipbusenum.dll 20:59:01.0001 0x1114 IPBusEnum - ok 20:59:01.0017 0x1114 [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 20:59:01.0017 0x1114 IpFilterDriver - ok 20:59:01.0079 0x1114 [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 20:59:01.0079 0x1114 iphlpsvc - ok 20:59:01.0110 0x1114 [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 20:59:01.0110 0x1114 IPMIDRV - ok 20:59:01.0157 0x1114 [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 20:59:01.0157 0x1114 IPNAT - ok 20:59:01.0173 0x1114 [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\Windows\system32\drivers\irenum.sys 20:59:01.0173 0x1114 IRENUM - ok 20:59:01.0204 0x1114 [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\Windows\system32\drivers\isapnp.sys 20:59:01.0204 0x1114 isapnp - ok 20:59:01.0235 0x1114 [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 20:59:01.0251 0x1114 iScsiPrt - ok 20:59:01.0266 0x1114 [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 20:59:01.0266 0x1114 kbdclass - ok 20:59:01.0313 0x1114 [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 20:59:01.0313 0x1114 kbdhid - ok 20:59:01.0313 0x1114 [ 4C8FF1947E9740EA266CEA330496899D, D1B90D880E19982D9AD85753F5E622FEDB097DEF912450646B27C49AEC72E0C7 ] KeyIso C:\Windows\system32\lsass.exe 20:59:01.0313 0x1114 KeyIso - ok 20:59:01.0375 0x1114 [ E58CFE0F44B9775603BA70813D48D66A, C65EC45F05B3C000D2328FE454A7C3C0D328CB16DF9C197A129E8FF7225480F6 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 20:59:01.0375 0x1114 KSecDD - ok 20:59:01.0391 0x1114 [ 50D1D9B3C24E783B6A8451158215AA55, DDF0D0736097B4F643C8664F2115F860101CA447F6B9D9F2FAE0BBDBA6F25DA4 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 20:59:01.0391 0x1114 KSecPkg - ok 20:59:01.0438 0x1114 [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\Windows\system32\msdtckrm.dll 20:59:01.0453 0x1114 KtmRm - ok 20:59:01.0469 0x1114 [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer C:\Windows\system32\srvsvc.dll 20:59:01.0485 0x1114 LanmanServer - ok 20:59:01.0531 0x1114 [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 20:59:01.0531 0x1114 LanmanWorkstation - ok 20:59:01.0578 0x1114 [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 20:59:01.0578 0x1114 lltdio - ok 20:59:01.0625 0x1114 [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\Windows\System32\lltdsvc.dll 20:59:01.0625 0x1114 lltdsvc - ok 20:59:01.0641 0x1114 [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\Windows\System32\lmhsvc.dll 20:59:01.0641 0x1114 lmhosts - ok 20:59:01.0656 0x1114 [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys 20:59:01.0672 0x1114 LSI_FC - ok 20:59:01.0672 0x115c Object send P2P result: true 20:59:01.0703 0x1114 [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys 20:59:01.0703 0x1114 LSI_SAS - ok 20:59:01.0750 0x1114 [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys 20:59:01.0750 0x1114 LSI_SAS2 - ok 20:59:01.0781 0x1114 [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys 20:59:01.0781 0x1114 LSI_SCSI - ok 20:59:01.0812 0x1114 [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\Windows\system32\drivers\luafv.sys 20:59:01.0812 0x1114 luafv - ok 20:59:01.0843 0x1114 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 20:59:01.0859 0x1114 Mcx2Svc - ok 20:59:01.0890 0x1114 [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\Windows\system32\DRIVERS\megasas.sys 20:59:01.0890 0x1114 megasas - ok 20:59:01.0921 0x1114 [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys 20:59:01.0937 0x1114 MegaSR - ok 20:59:01.0968 0x1114 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\Windows\system32\mmcss.dll 20:59:01.0968 0x1114 MMCSS - ok 20:59:01.0984 0x1114 [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\Windows\system32\drivers\modem.sys 20:59:01.0984 0x1114 Modem - ok 20:59:02.0031 0x1114 [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 20:59:02.0031 0x1114 monitor - ok 20:59:02.0062 0x1114 [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 20:59:02.0062 0x1114 mouclass - ok 20:59:02.0077 0x1114 [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 20:59:02.0077 0x1114 mouhid - ok 20:59:02.0109 0x1114 [ BAD9C0366134BA181514E9263C8CE606, 7976B2D3DC283ACDBC21C7D197C0E2A650E6555F6569283302766B17D736BDB8 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 20:59:02.0109 0x1114 mountmgr - ok 20:59:02.0187 0x1114 [ 98DA127D0AB8B6CB5773546AF60D9217, BB07F34552342CA40E843F80AA32C928C29EF81789605E53C795EFD564F2DA7F ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe 20:59:02.0202 0x1114 MozillaMaintenance - ok 20:59:02.0233 0x1114 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio C:\Windows\system32\drivers\mpio.sys 20:59:02.0233 0x1114 mpio - ok 20:59:02.0280 0x1114 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 20:59:02.0280 0x1114 mpsdrv - ok 20:59:02.0327 0x1114 [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc C:\Windows\system32\mpssvc.dll 20:59:02.0343 0x1114 MpsSvc - ok 20:59:02.0374 0x1114 [ 03F899F521D2AAED1C55008F734DF252, 4E56A51476A13F5630719018037B1F63DF9ACEA1CFE782AF04E669BD696954C5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 20:59:02.0374 0x1114 MRxDAV - ok 20:59:02.0405 0x1114 [ 1D5CC65FECC628397CB72F87DD6A78F3, D011572DA403281DEB211870FA52B3886D2019302079F46E3B52A0A2EC4688E0 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 20:59:02.0405 0x1114 mrxsmb - ok 20:59:02.0467 0x1114 [ D405E63A7FEED75B40ACE03E57B44AB5, 99C109BF745D60B2A1032D4D8C74790B26FD546C200061AEFEF7DBCAD20086E8 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 20:59:02.0467 0x1114 mrxsmb10 - ok 20:59:02.0483 0x1114 [ E688B7D9B5422F23102E1920E19473E9, 762B242B94153C813129F806A4E92BB33DE11C27CA52241D9317FC4B483639BA ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 20:59:02.0483 0x1114 mrxsmb20 - ok 20:59:02.0514 0x1114 [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci C:\Windows\system32\drivers\msahci.sys 20:59:02.0530 0x1114 msahci - ok 20:59:02.0545 0x1114 [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm C:\Windows\system32\drivers\msdsm.sys 20:59:02.0561 0x1114 msdsm - ok 20:59:02.0577 0x1114 [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\Windows\System32\msdtc.exe 20:59:02.0577 0x1114 MSDTC - ok 20:59:02.0623 0x1114 [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\Windows\system32\drivers\Msfs.sys 20:59:02.0623 0x1114 Msfs - ok 20:59:02.0639 0x1114 [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 20:59:02.0639 0x1114 mshidkmdf - ok 20:59:02.0701 0x1114 [ 956741C67ABAA78B19AADC5474936842, 8D0B04E0E03CFF5A004500C8587BDD3C4E7FFACA552CC90C193CAE16F36A96E3 ] MSHUSBVideo C:\Windows\system32\Drivers\nx6000.sys 20:59:02.0701 0x1114 MSHUSBVideo - ok 20:59:02.0748 0x1114 [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 20:59:02.0748 0x1114 msisadrv - ok 20:59:02.0795 0x1114 [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\Windows\system32\iscsiexe.dll 20:59:02.0795 0x1114 MSiSCSI - ok 20:59:02.0811 0x1114 msiserver - ok 20:59:02.0842 0x107c Object send P2P result: true 20:59:02.0842 0x107c Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirService 20:59:02.0842 0x1114 [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 20:59:02.0842 0x1114 MSKSSRV - ok 20:59:02.0857 0x1114 [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 20:59:02.0857 0x1114 MSPCLOCK - ok 20:59:02.0873 0x1114 [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 20:59:02.0873 0x1114 MSPQM - ok 20:59:02.0889 0x1114 [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 20:59:02.0889 0x1114 MsRPC - ok 20:59:02.0935 0x1114 [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 20:59:02.0935 0x1114 mssmbios - ok 20:59:02.0967 0x1114 [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 20:59:02.0967 0x1114 MSTEE - ok 20:59:02.0982 0x1114 [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys 20:59:02.0982 0x1114 MTConfig - ok 20:59:03.0013 0x1114 [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\Windows\system32\Drivers\mup.sys 20:59:03.0013 0x1114 Mup - ok 20:59:03.0060 0x1114 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent C:\Windows\system32\qagentRT.dll 20:59:03.0076 0x1114 napagent - ok 20:59:03.0107 0x1114 [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 20:59:03.0123 0x1114 NativeWifiP - ok 20:59:03.0169 0x1114 [ 9804FB2E46077F2977552347DFCA7E05, A34B703462C6998AB2B3EA6389F4B89616CDC257D44C400C92663E6FB4A8F196 ] NDIS C:\Windows\system32\drivers\ndis.sys 20:59:03.0185 0x1114 NDIS - ok 20:59:03.0201 0x1114 [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 20:59:03.0201 0x1114 NdisCap - ok 20:59:03.0247 0x1114 [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 20:59:03.0247 0x1114 NdisTapi - ok 20:59:03.0279 0x1114 [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 20:59:03.0279 0x1114 Ndisuio - ok 20:59:03.0325 0x1114 [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 20:59:03.0325 0x1114 NdisWan - ok 20:59:03.0357 0x1114 [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 20:59:03.0357 0x1114 NDProxy - ok 20:59:03.0435 0x1114 [ 40D7D0A208EE863BCA8D89E299216F15, 4686E416A80D883B7C6CBE21E8D8D6C814D16DC48495F8ACFE7B4664560CA5E3 ] Nero BackItUp Scheduler 3 C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe 20:59:03.0466 0x1114 Nero BackItUp Scheduler 3 - ok 20:59:03.0513 0x1114 [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 20:59:03.0513 0x1114 NetBIOS - ok 20:59:03.0544 0x1114 [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 20:59:03.0544 0x1114 NetBT - ok 20:59:03.0559 0x1114 [ 4C8FF1947E9740EA266CEA330496899D, D1B90D880E19982D9AD85753F5E622FEDB097DEF912450646B27C49AEC72E0C7 ] Netlogon C:\Windows\system32\lsass.exe 20:59:03.0559 0x1114 Netlogon - ok 20:59:03.0606 0x1114 [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\Windows\System32\netman.dll 20:59:03.0622 0x1114 Netman - ok 20:59:03.0653 0x1114 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 20:59:03.0700 0x1114 NetMsmqActivator - ok 20:59:03.0700 0x1114 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 20:59:03.0700 0x1114 NetPipeActivator - ok 20:59:03.0762 0x1114 [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\Windows\System32\netprofm.dll 20:59:03.0762 0x1114 netprofm - ok 20:59:03.0793 0x1114 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 20:59:03.0809 0x1114 NetTcpActivator - ok 20:59:03.0809 0x1114 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 20:59:03.0809 0x1114 NetTcpPortSharing - ok 20:59:03.0856 0x1114 [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys 20:59:03.0871 0x1114 nfrd960 - ok 20:59:03.0903 0x1114 [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc C:\Windows\System32\nlasvc.dll 20:59:03.0918 0x1114 NlaSvc - ok 20:59:03.0981 0x1114 [ CD4326BC339F98DE21AA07B208A305AE, 9885AEDFACE5B09E313BD3F2958A2936D615F304A2B912B96B888A6B1C135AEB ] NMIndexingService C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe 20:59:04.0012 0x1114 NMIndexingService - ok 20:59:04.0027 0x1114 [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\Windows\system32\drivers\Npfs.sys 20:59:04.0027 0x1114 Npfs - ok 20:59:04.0495 0x1114 [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\Windows\system32\nsisvc.dll 20:59:04.0495 0x1114 nsi - ok 20:59:04.0527 0x1114 [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 20:59:04.0527 0x1114 nsiproxy - ok 20:59:04.0605 0x1114 [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 20:59:04.0636 0x1114 Ntfs - ok 20:59:04.0651 0x1114 [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\Windows\system32\drivers\Null.sys 20:59:04.0667 0x1114 Null - ok 20:59:04.0698 0x1114 [ 8BE8BE53F3A8151E04379DB2D07C53A7, CAB940C91782AE0D899E0F3EFBFE49D4C40DD61837E62EE99DFF998B0B884988 ] NVHDA C:\Windows\system32\drivers\nvhda32v.sys 20:59:04.0714 0x1114 NVHDA - ok 20:59:05.0010 0x1114 [ B69E6F70CE1151C8D62ABC9DEF64DFBE, B7BD731D1CCF4E71EF1CF4AFA9189C1831306483B4BF57B12B89113A5230871B ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys 20:59:05.0275 0x1114 nvlddmkm - ok 20:59:05.0322 0x107c Object send P2P result: true 20:59:05.0322 0x107c Object required for P2P: [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F ] AntiVirWebService 20:59:05.0338 0x1114 [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid C:\Windows\system32\drivers\nvraid.sys 20:59:05.0338 0x1114 nvraid - ok 20:59:05.0353 0x1114 [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor C:\Windows\system32\drivers\nvstor.sys 20:59:05.0369 0x1114 nvstor - ok 20:59:05.0400 0x1114 [ 4876E7C3184BDF50EDE043FEF616B867, 21BB4A7E52651A9FAAF8372014079465AFBAD9BD68CD19EC87ADE1D950C629CA ] nvstor32 C:\Windows\system32\DRIVERS\nvstor32.sys 20:59:05.0400 0x1114 nvstor32 - ok 20:59:05.0447 0x1114 [ E4284FCF99FEA13A7E1836F87AE356F6, 541C40DD3483810632320E8F23427BB52593D156E876C6023BE7F7A8589383E8 ] nvsvc C:\Windows\system32\nvvsvc.exe 20:59:05.0463 0x1114 nvsvc - ok 20:59:05.0556 0x1114 [ 03E60E0BFA53ED15DC984FA34B44BB0F, 50ABF2E303B9A2B6DDD0DB411C24C3CD6CC30AFA664B5682CF9189F96548CC10 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe 20:59:05.0587 0x1114 nvUpdatusService - ok 20:59:05.0619 0x1114 [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 20:59:05.0634 0x1114 nv_agp - ok 20:59:05.0665 0x1114 [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 20:59:05.0665 0x1114 ohci1394 - ok 20:59:05.0697 0x1114 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 20:59:05.0712 0x1114 p2pimsvc - ok 20:59:05.0743 0x1114 [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\Windows\system32\p2psvc.dll 20:59:05.0759 0x1114 p2psvc - ok 20:59:05.0790 0x1114 [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\Windows\system32\DRIVERS\parport.sys 20:59:05.0806 0x1114 Parport - ok 20:59:05.0853 0x1114 [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr C:\Windows\system32\drivers\partmgr.sys 20:59:05.0853 0x1114 partmgr - ok 20:59:05.0868 0x1114 [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys 20:59:05.0868 0x1114 Parvdm - ok 20:59:05.0915 0x1114 [ 52954BE460EC6C54C0ACB2B3B126FFC6, 9F9878EC5ABC74C5A8EE8E1D940F0934F081895B07D844F42F80A638FE713F7B ] PcaSvc C:\Windows\System32\pcasvc.dll 20:59:05.0915 0x1114 PcaSvc - ok 20:59:05.0946 0x1114 [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci C:\Windows\system32\drivers\pci.sys 20:59:05.0946 0x1114 pci - ok 20:59:05.0977 0x1114 [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\Windows\system32\drivers\pciide.sys 20:59:05.0977 0x1114 pciide - ok 20:59:06.0024 0x1114 [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys 20:59:06.0024 0x1114 pcmcia - ok 20:59:06.0055 0x1114 [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\Windows\system32\drivers\pcw.sys 20:59:06.0055 0x1114 pcw - ok 20:59:06.0102 0x1114 [ AEBC369F7DC72AB3F5B9BDF34FA0D43F, 2A819154AC6C23E97C583D90B4D0C112188B7AE9D8D9B3F88811BFCED124E551 ] PEAUTH C:\Windows\system32\drivers\peauth.sys 20:59:06.0118 0x1114 PEAUTH - ok 20:59:06.0227 0x1114 [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla C:\Windows\system32\pla.dll 20:59:06.0258 0x1114 pla - ok 20:59:06.0289 0x1114 [ 875E4E0661F3A5994DF9E5E3A0A4F96B, 7198C02935B3714C455EE94305D2A21D900D72AC67049C11A1E842572AD6C5E1 ] PLFlash DeviceIoControl Service C:\Windows\system32\IoctlSvc.exe 20:59:06.0305 0x1114 PLFlash DeviceIoControl Service - ok 20:59:06.0336 0x1114 [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay C:\Windows\system32\umpnpmgr.dll 20:59:06.0352 0x1114 PlugPlay - ok 20:59:06.0367 0x1114 [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 20:59:06.0367 0x1114 PNRPAutoReg - ok 20:59:06.0383 0x1114 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 20:59:06.0399 0x1114 PNRPsvc - ok 20:59:06.0430 0x1114 [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 20:59:06.0445 0x1114 PolicyAgent - ok 20:59:06.0477 0x1114 [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power C:\Windows\system32\umpo.dll 20:59:06.0477 0x1114 Power - ok 20:59:06.0523 0x1114 [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 20:59:06.0523 0x1114 PptpMiniport - ok 20:59:06.0539 0x1114 [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\Windows\system32\DRIVERS\processr.sys 20:59:06.0555 0x1114 Processor - ok 20:59:06.0586 0x1114 [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc C:\Windows\system32\profsvc.dll 20:59:06.0586 0x1114 ProfSvc - ok 20:59:06.0601 0x1114 [ 4C8FF1947E9740EA266CEA330496899D, D1B90D880E19982D9AD85753F5E622FEDB097DEF912450646B27C49AEC72E0C7 ] ProtectedStorage C:\Windows\system32\lsass.exe 20:59:06.0601 0x1114 ProtectedStorage - ok 20:59:06.0633 0x1114 [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\Windows\system32\DRIVERS\pacer.sys 20:59:06.0633 0x1114 Psched - ok 20:59:06.0664 0x1114 [ D86B4A68565E444D76457F14172C875A, 06B1CF81A62B3DAA8D0C5A8B88C56A504DE8E9278C520F754AF363A6676C58B0 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys 20:59:06.0664 0x1114 PxHelp20 - ok 20:59:06.0726 0x1114 [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys 20:59:06.0773 0x1114 ql2300 - ok 20:59:06.0804 0x1114 [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys 20:59:06.0820 0x1114 ql40xx - ok 20:59:06.0851 0x1114 [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\Windows\system32\qwave.dll 20:59:06.0851 0x1114 QWAVE - ok 20:59:06.0867 0x1114 [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 20:59:06.0867 0x1114 QWAVEdrv - ok 20:59:06.0882 0x1114 [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 20:59:06.0882 0x1114 RasAcd - ok 20:59:06.0929 0x1114 [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 20:59:06.0929 0x1114 RasAgileVpn - ok 20:59:06.0960 0x1114 [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\Windows\System32\rasauto.dll 20:59:06.0976 0x1114 RasAuto - ok 20:59:07.0007 0x1114 [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 20:59:07.0007 0x1114 Rasl2tp - ok 20:59:07.0069 0x1114 [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan C:\Windows\System32\rasmans.dll 20:59:07.0069 0x1114 RasMan - ok 20:59:07.0085 0x1114 [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 20:59:07.0101 0x1114 RasPppoe - ok 20:59:07.0101 0x1114 [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 20:59:07.0116 0x1114 RasSstp - ok 20:59:07.0147 0x1114 [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 20:59:07.0147 0x1114 rdbss - ok 20:59:07.0179 0x1114 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 20:59:07.0194 0x1114 rdpbus - ok 20:59:07.0225 0x1114 [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 20:59:07.0225 0x1114 RDPCDD - ok 20:59:07.0241 0x1114 [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 20:59:07.0241 0x1114 RDPENCDD - ok 20:59:07.0257 0x1114 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 20:59:07.0257 0x1114 RDPREFMP - ok 20:59:07.0288 0x1114 [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 20:59:07.0288 0x1114 RDPWD - ok 20:59:07.0335 0x1114 [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 20:59:07.0335 0x1114 rdyboost - ok 20:59:07.0381 0x1114 [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\Windows\System32\mprdim.dll 20:59:07.0381 0x1114 RemoteAccess - ok 20:59:07.0413 0x1114 [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\Windows\system32\regsvc.dll 20:59:07.0413 0x1114 RemoteRegistry - ok 20:59:07.0459 0x1114 [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 20:59:07.0459 0x1114 RpcEptMapper - ok 20:59:07.0491 0x1114 [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\Windows\system32\locator.exe 20:59:07.0491 0x1114 RpcLocator - ok 20:59:07.0522 0x1114 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs C:\Windows\system32\rpcss.dll 20:59:07.0522 0x1114 RpcSs - ok 20:59:07.0569 0x1114 [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 20:59:07.0584 0x1114 rspndr - ok 20:59:07.0631 0x1114 [ 7DFD48E24479B68B258D8770121155A0, 3B5F7309403C46855DB888CF2058B07C9029690DBC7FB3224BAC7BE5547D2D57 ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys 20:59:07.0631 0x1114 RTL8167 - ok 20:59:07.0662 0x1114 [ 4C8FF1947E9740EA266CEA330496899D, D1B90D880E19982D9AD85753F5E622FEDB097DEF912450646B27C49AEC72E0C7 ] SamSs C:\Windows\system32\lsass.exe 20:59:07.0662 0x1114 SamSs - ok 20:59:07.0693 0x1114 [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 20:59:07.0709 0x1114 sbp2port - ok 20:59:07.0740 0x1114 [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\Windows\System32\SCardSvr.dll 20:59:07.0756 0x1114 SCardSvr - ok 20:59:07.0771 0x1114 [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 20:59:07.0787 0x1114 scfilter - ok 20:59:07.0803 0x107c Object send P2P result: true 20:59:07.0834 0x1114 [ 9060B8D5BCD5F2B019249F85E3D811F3, 7FB32AB7FE118462988321B9230074DAA960B587417EB463187539C3215445AE ] Schedule C:\Windows\system32\schedsvc.dll 20:59:07.0849 0x1114 Schedule - ok 20:59:07.0881 0x1114 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc C:\Windows\System32\certprop.dll 20:59:07.0881 0x1114 SCPolicySvc - ok 20:59:07.0927 0x1114 [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC C:\Windows\System32\SDRSVC.dll 20:59:07.0927 0x1114 SDRSVC - ok 20:59:07.0974 0x1114 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys 20:59:07.0974 0x1114 secdrv - ok 20:59:08.0005 0x1114 [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon C:\Windows\system32\seclogon.dll 20:59:08.0005 0x1114 seclogon - ok 20:59:08.0021 0x1114 [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\Windows\System32\sens.dll 20:59:08.0037 0x1114 SENS - ok 20:59:08.0068 0x1114 [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\Windows\system32\sensrsvc.dll 20:59:08.0068 0x1114 SensrSvc - ok 20:59:08.0099 0x1114 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 20:59:08.0099 0x1114 Serenum - ok 20:59:08.0130 0x1114 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\Windows\system32\DRIVERS\serial.sys 20:59:08.0146 0x1114 Serial - ok 20:59:08.0161 0x1114 [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys 20:59:08.0161 0x1114 sermouse - ok 20:59:08.0208 0x1114 [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv C:\Windows\system32\sessenv.dll 20:59:08.0208 0x1114 SessionEnv - ok 20:59:08.0239 0x1114 [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 20:59:08.0239 0x1114 sffdisk - ok 20:59:08.0255 0x1114 [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 20:59:08.0255 0x1114 sffp_mmc - ok 20:59:08.0271 0x1114 [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 20:59:08.0271 0x1114 sffp_sd - ok 20:59:08.0317 0x1114 [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys 20:59:08.0317 0x1114 sfloppy - ok 20:59:08.0364 0x1114 [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\Windows\System32\ipnathlp.dll 20:59:08.0380 0x1114 SharedAccess - ok 20:59:08.0427 0x1114 [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 20:59:08.0427 0x1114 ShellHWDetection - ok 20:59:08.0442 0x1114 [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\Windows\system32\drivers\sisagp.sys 20:59:08.0458 0x1114 sisagp - ok 20:59:08.0505 0x1114 [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys 20:59:08.0520 0x1114 SiSRaid2 - ok 20:59:08.0536 0x1114 [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys 20:59:08.0536 0x1114 SiSRaid4 - ok 20:59:08.0567 0x1114 [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\Windows\system32\DRIVERS\smb.sys 20:59:08.0567 0x1114 Smb - ok 20:59:08.0614 0x1114 [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 20:59:08.0614 0x1114 SNMPTRAP - ok 20:59:08.0645 0x1114 [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\Windows\system32\drivers\spldr.sys 20:59:08.0645 0x1114 spldr - ok 20:59:08.0676 0x1114 [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler C:\Windows\System32\spoolsv.exe 20:59:08.0692 0x1114 Spooler - ok 20:59:08.0817 0x1114 [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc C:\Windows\system32\sppsvc.exe 20:59:08.0879 0x1114 sppsvc - ok 20:59:08.0926 0x1114 [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify C:\Windows\system32\sppuinotify.dll 20:59:08.0926 0x1114 sppuinotify - ok 20:59:08.0957 0x1114 [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv C:\Windows\system32\DRIVERS\srv.sys 20:59:08.0973 0x1114 srv - ok 20:59:08.0988 0x1114 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 20:59:08.0988 0x1114 srv2 - ok 20:59:09.0019 0x1114 [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 20:59:09.0019 0x1114 srvnet - ok 20:59:09.0051 0x1114 [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 20:59:09.0051 0x1114 SSDPSRV - ok 20:59:09.0097 0x1114 [ 424566865D82AA4BD8D6546C1F2065FA, 37B4C04C7C0EE0F3347A9E9F35B095478299F7324CA87AAE487BF989B0E6AE03 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys 20:59:09.0097 0x1114 ssmdrv - ok 20:59:09.0113 0x1114 [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\Windows\system32\sstpsvc.dll 20:59:09.0129 0x1114 SstpSvc - ok 20:59:09.0175 0x1114 [ 5A19667A580B1CE886EAF968B9743F45, 0A9EBE4057A0A6EF4732623794C2416A6BD8B87356DA46652BD92762505F57C7 ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 20:59:09.0191 0x1114 Stereo Service - ok 20:59:09.0222 0x1114 [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys 20:59:09.0238 0x1114 stexstor - ok 20:59:09.0285 0x1114 [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc C:\Windows\System32\wiaservc.dll 20:59:09.0300 0x1114 StiSvc - ok 20:59:09.0331 0x1114 [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\Windows\system32\drivers\swenum.sys 20:59:09.0331 0x1114 swenum - ok 20:59:09.0378 0x1114 [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\Windows\System32\swprv.dll 20:59:09.0394 0x1114 swprv - ok 20:59:09.0456 0x1114 [ 4EE25AC85AFC3FD67D9F57ECDF566FF2, F1BFF1FB655F31B97FA9C6A49D433EFD33D8A35F6B28B4D83E45C27A05A86228 ] SysMain C:\Windows\system32\sysmain.dll 20:59:09.0472 0x1114 SysMain - ok 20:59:09.0519 0x1114 [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll 20:59:09.0534 0x1114 TabletInputService - ok 20:59:09.0565 0x1114 [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv C:\Windows\System32\tapisrv.dll 20:59:09.0581 0x1114 TapiSrv - ok 20:59:09.0612 0x1114 [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS C:\Windows\System32\tbssvc.dll 20:59:09.0612 0x1114 TBS - ok 20:59:09.0690 0x1114 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 20:59:09.0721 0x1114 Tcpip - ok 20:59:09.0768 0x1114 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 20:59:09.0784 0x1114 TCPIP6 - ok 20:59:09.0831 0x1114 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 20:59:09.0831 0x1114 tcpipreg - ok 20:59:09.0862 0x1114 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 20:59:09.0862 0x1114 TDPIPE - ok 20:59:09.0877 0x1114 [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 20:59:09.0877 0x1114 TDTCP - ok 20:59:09.0909 0x1114 [ BB8817D0508DD5EA69C770C8DEF5AB67, C55671524EEF6E16BBCC92556E83FD1D6457E707EA9330FC1CDD28FB11D99B77 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 20:59:09.0909 0x1114 tdx - ok 20:59:09.0924 0x1114 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD C:\Windows\system32\drivers\termdd.sys 20:59:09.0924 0x1114 TermDD - ok 20:59:09.0987 0x1114 [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService C:\Windows\System32\termsrv.dll 20:59:10.0002 0x1114 TermService - ok 20:59:10.0033 0x1114 [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\Windows\system32\themeservice.dll 20:59:10.0033 0x1114 Themes - ok 20:59:10.0065 0x1114 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\Windows\system32\mmcss.dll 20:59:10.0065 0x1114 THREADORDER - ok 20:59:10.0096 0x1114 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\Windows\System32\trkwks.dll 20:59:10.0096 0x1114 TrkWks - ok 20:59:10.0189 0x1114 [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 20:59:10.0189 0x1114 TrustedInstaller - ok 20:59:10.0236 0x1114 [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 20:59:10.0236 0x1114 tssecsrv - ok 20:59:10.0299 0x1114 [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 20:59:10.0299 0x1114 TsUsbFlt - ok 20:59:10.0361 0x1114 [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 20:59:10.0361 0x1114 tunnel - ok 20:59:10.0392 0x1114 [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys 20:59:10.0408 0x1114 uagp35 - ok 20:59:10.0439 0x1114 [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 20:59:10.0439 0x1114 udfs - ok 20:59:10.0486 0x1114 [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\Windows\system32\UI0Detect.exe 20:59:10.0486 0x1114 UI0Detect - ok 20:59:10.0517 0x1114 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 20:59:10.0517 0x1114 uliagpkx - ok 20:59:10.0564 0x1114 [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus C:\Windows\system32\drivers\umbus.sys 20:59:10.0564 0x1114 umbus - ok 20:59:10.0611 0x1114 [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys 20:59:10.0611 0x1114 UmPass - ok 20:59:10.0657 0x1114 [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\Windows\System32\upnphost.dll 20:59:10.0657 0x1114 upnphost - ok 20:59:10.0720 0x1114 [ A1977C315BF5691DA99235AA4A6907AF, 34B52FBA83F0E1C6B001D0AD1808B00152F731D18AAECC3C53B9918AA89BACEC ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 20:59:10.0720 0x1114 usbaudio - ok 20:59:10.0767 0x1114 [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 20:59:10.0767 0x1114 usbccgp - ok 20:59:10.0813 0x1114 [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir C:\Windows\system32\drivers\usbcir.sys 20:59:10.0829 0x1114 usbcir - ok 20:59:10.0845 0x1114 [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 20:59:10.0845 0x1114 usbehci - ok 20:59:10.0891 0x1114 [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 20:59:10.0907 0x1114 usbhub - ok 20:59:10.0923 0x1114 [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys 20:59:10.0923 0x1114 usbohci - ok 20:59:10.0954 0x1114 [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 20:59:10.0954 0x1114 usbprint - ok 20:59:11.0001 0x1114 [ FC6B21DB4B5B398AB93DBE59CBF11036, A94094C208F376405C07822A6143001EF1B12AE93205CD8002E87F6EB45F6374 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 20:59:11.0001 0x1114 usbscan - ok 20:59:11.0032 0x1114 [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 20:59:11.0032 0x1114 USBSTOR - ok 20:59:11.0079 0x1114 [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 20:59:11.0079 0x1114 usbuhci - ok 20:59:11.0110 0x1114 [ DE014425522610BEDCA3821BB8C0F1D5, D6FEA0DF07F89834AEEE8C02CC7FD41068D758B6CCECE2EEE5CF4B9DB646FA1E ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 20:59:11.0110 0x1114 usbvideo - ok 20:59:11.0157 0x1114 [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\Windows\System32\uxsms.dll 20:59:11.0157 0x1114 UxSms - ok 20:59:11.0172 0x1114 [ 4C8FF1947E9740EA266CEA330496899D, D1B90D880E19982D9AD85753F5E622FEDB097DEF912450646B27C49AEC72E0C7 ] VaultSvc C:\Windows\system32\lsass.exe 20:59:11.0172 0x1114 VaultSvc - ok 20:59:11.0188 0x1114 [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 20:59:11.0188 0x1114 vdrvroot - ok 20:59:11.0235 0x1114 [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds C:\Windows\System32\vds.exe 20:59:11.0250 0x1114 vds - ok 20:59:11.0281 0x1114 [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 20:59:11.0281 0x1114 vga - ok 20:59:11.0297 0x1114 [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave C:\Windows\System32\drivers\vga.sys 20:59:11.0297 0x1114 VgaSave - ok 20:59:11.0328 0x1114 [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 20:59:11.0328 0x1114 vhdmp - ok 20:59:11.0344 0x1114 [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp C:\Windows\system32\drivers\viaagp.sys 20:59:11.0359 0x1114 viaagp - ok 20:59:11.0391 0x1114 [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys 20:59:11.0391 0x1114 ViaC7 - ok 20:59:11.0422 0x1114 [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide C:\Windows\system32\drivers\viaide.sys 20:59:11.0437 0x1114 viaide - ok 20:59:11.0437 0x1114 [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr C:\Windows\system32\drivers\volmgr.sys 20:59:11.0453 0x1114 volmgr - ok 20:59:11.0469 0x1114 [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 20:59:11.0469 0x1114 volmgrx - ok 20:59:11.0484 0x1114 [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap C:\Windows\system32\drivers\volsnap.sys 20:59:11.0500 0x1114 volsnap - ok 20:59:11.0547 0x1114 [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys 20:59:11.0547 0x1114 vsmraid - ok 20:59:11.0609 0x1114 [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS C:\Windows\system32\vssvc.exe 20:59:11.0640 0x1114 VSS - ok 20:59:11.0656 0x1114 [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys 20:59:11.0656 0x1114 vwifibus - ok 20:59:11.0703 0x1114 [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\Windows\system32\w32time.dll 20:59:11.0718 0x1114 W32Time - ok 20:59:11.0749 0x1114 [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys 20:59:11.0765 0x1114 WacomPen - ok 20:59:11.0781 0x1114 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 20:59:11.0781 0x1114 WANARP - ok 20:59:11.0781 0x1114 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 20:59:11.0781 0x1114 Wanarpv6 - ok 20:59:11.0827 0x1114 [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine C:\Windows\system32\wbengine.exe 20:59:11.0859 0x1114 wbengine - ok 20:59:11.0905 0x1114 [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 20:59:11.0905 0x1114 WbioSrvc - ok 20:59:11.0952 0x1114 [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc C:\Windows\System32\wcncsvc.dll 20:59:11.0952 0x1114 wcncsvc - ok 20:59:11.0968 0x1114 [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 20:59:11.0968 0x1114 WcsPlugInService - ok 20:59:12.0015 0x1114 [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\Windows\system32\DRIVERS\wd.sys 20:59:12.0015 0x1114 Wd - ok 20:59:12.0061 0x1114 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 20:59:12.0061 0x1114 Wdf01000 - ok 20:59:12.0108 0x1114 [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiServiceHost C:\Windows\system32\wdi.dll 20:59:12.0108 0x1114 WdiServiceHost - ok 20:59:12.0108 0x1114 [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiSystemHost C:\Windows\system32\wdi.dll 20:59:12.0124 0x1114 WdiSystemHost - ok 20:59:12.0155 0x1114 [ 55C70654420DBF429604FD567E6F3CD3, 22191B049BCA76EF13AEDF8078E452E6B35E998A75AD63F14C542B541EA9F67D ] WebClient C:\Windows\System32\webclnt.dll 20:59:12.0155 0x1114 WebClient - ok 20:59:12.0202 0x1114 [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\Windows\system32\wecsvc.dll 20:59:12.0202 0x1114 Wecsvc - ok 20:59:12.0217 0x1114 [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\Windows\System32\wercplsupport.dll 20:59:12.0217 0x1114 wercplsupport - ok 20:59:12.0233 0x1114 [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\Windows\System32\WerSvc.dll 20:59:12.0249 0x1114 WerSvc - ok 20:59:12.0295 0x1114 [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 20:59:12.0295 0x1114 WfpLwf - ok 20:59:12.0311 0x1114 [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\Windows\system32\drivers\wimmount.sys 20:59:12.0311 0x1114 WIMMount - ok 20:59:12.0389 0x1114 [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll 20:59:12.0405 0x1114 WinDefend - ok 20:59:12.0420 0x1114 WinHttpAutoProxySvc - ok 20:59:12.0483 0x1114 [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 20:59:12.0483 0x1114 Winmgmt - ok 20:59:12.0561 0x1114 [ 1DE9BD23AFA36150586C732D876D9B74, 32CF2C8EC18CFDA677AB72A182EB4B839DCC72BFCD6CA309BE2F434991CAE973 ] WinRM C:\Windows\system32\WsmSvc.dll 20:59:12.0576 0x1114 WinRM - ok 20:59:12.0654 0x1114 [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 20:59:12.0654 0x1114 WinUsb - ok 20:59:12.0732 0x1114 [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\Windows\System32\wlansvc.dll 20:59:12.0763 0x1114 Wlansvc - ok 20:59:12.0795 0x1114 [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 20:59:12.0795 0x1114 WmiAcpi - ok 20:59:12.0826 0x1114 [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 20:59:12.0841 0x1114 wmiApSrv - ok 20:59:12.0935 0x1114 [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe 20:59:12.0951 0x1114 WMPNetworkSvc - ok 20:59:12.0997 0x1114 [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\Windows\System32\wpcsvc.dll 20:59:12.0997 0x1114 WPCSvc - ok 20:59:13.0044 0x1114 [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 20:59:13.0044 0x1114 WPDBusEnum - ok 20:59:13.0075 0x1114 [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 20:59:13.0075 0x1114 ws2ifsl - ok 20:59:13.0091 0x1114 [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc C:\Windows\System32\wscsvc.dll 20:59:13.0091 0x1114 wscsvc - ok 20:59:13.0107 0x1114 WSearch - ok 20:59:13.0216 0x1114 [ 8F145DC71B87BB4D6829FF6ECC9FB8CE, 7841671FAF9EEF326B6A5F2E63C65DB2F54D15357527EBAD2ADDA1BB1FE0479E ] wuauserv C:\Windows\system32\wuaueng.dll 20:59:13.0263 0x1114 wuauserv - ok 20:59:13.0294 0x1114 [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 20:59:13.0294 0x1114 WudfPf - ok 20:59:13.0325 0x1114 [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 20:59:13.0325 0x1114 WUDFRd - ok 20:59:13.0356 0x1114 [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll 20:59:13.0356 0x1114 wudfsvc - ok 20:59:13.0403 0x1114 [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc C:\Windows\System32\wwansvc.dll 20:59:13.0403 0x1114 WwanSvc - ok 20:59:13.0434 0x1114 ================ Scan global =============================== 20:59:13.0465 0x1114 [ 5E7C5DE85AF978495C3A9A0B720B9811, 142CDEBED78E3BAEE8D2DBF6A97CE26313932024010548EC2E570CAE480AF7C3 ] C:\Windows\system32\basesrv.dll 20:59:13.0512 0x1114 [ A83DD77AC941A8B1B2652035EA589149, 8F879178E154B3F9F367FB3D6F9A21B129F36796CD3B6A76A9E7CFDD0F63332C ] C:\Windows\system32\winsrv.dll 20:59:13.0512 0x1114 [ A83DD77AC941A8B1B2652035EA589149, 8F879178E154B3F9F367FB3D6F9A21B129F36796CD3B6A76A9E7CFDD0F63332C ] C:\Windows\system32\winsrv.dll 20:59:13.0543 0x1114 [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll 20:59:13.0590 0x1114 [ 0780A42DBD7D9969F9BF4A19AA4285B5, 8EA41124A4E97732C5DAA616457FBA7111CB38986F3427FA776ED00BC1407171 ] C:\Windows\system32\services.exe 20:59:13.0590 0x1114 [ Global ] - ok 20:59:13.0590 0x1114 ================ Scan MBR ================================== 20:59:13.0606 0x1114 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 20:59:13.0824 0x1114 \Device\Harddisk0\DR0 - ok 20:59:13.0824 0x1114 ================ Scan VBR ================================== 20:59:13.0824 0x1114 [ 00CDA8B2B889F36C04639C866118E81F ] \Device\Harddisk0\DR0\Partition1 20:59:13.0824 0x1114 \Device\Harddisk0\DR0\Partition1 - ok 20:59:13.0824 0x1114 ================ Scan generic autorun ====================== 20:59:14.0027 0x1114 [ E6CB83FF2C098C6FFCF2D43A4AAC9B54, 8F8166A4B19D30AF31913C90E077DF9171685B0ECBA2F8790BDB19DCB0912A1D ] C:\Windows\RtHDVCpl.exe 20:59:14.0214 0x1114 RtHDVCpl - ok 20:59:14.0292 0x1114 [ E273A48CB6D61990E7E7F040CD606F1D, 150F88BD3A93BD3956F88443218857B6ADC8E02DB4EB0A9F67E2C47302891D04 ] c:\Acer\Preload\Autorun\DRV\FIJI Keyboard\ABoard.exe 20:59:14.0292 0x1114 FijiKeyboard - ok 20:59:14.0355 0x1114 [ 5668994A6AE925189C7D7F03BFE19C66, 269146783422D06BE2BA5D358D22B03339C102D0D5970894625C9C03BFCCB773 ] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe 20:59:14.0370 0x1114 avgnt - ok 20:59:14.0401 0x1114 [ 5B6E8E09BE6401A7E022F52FDFCB2FF8, 471C556CF9405BBB380A8CEFE945C126B954B7C94F79CC72441B51F80141FC5E ] C:\Program Files\Common Files\Java\Java Update\jusched.exe 20:59:14.0433 0x1114 SunJavaUpdateSched - ok 20:59:14.0495 0x1114 [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe 20:59:14.0495 0x1114 HP Software Update - ok 20:59:14.0573 0x1114 [ 7733088C1C9AF0D59A2E18095687AD0A, 79F82FEB231BACB849DD1D95B84B40731E3276202B489003038DE15AA765B65F ] C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe 20:59:14.0589 0x1114 Avira SystrayStartTrigger - ok 20:59:14.0635 0x1114 [ A7B6664E18BA5BA7090A58C6C31FB2C6, 0CA743CF8487CC9A861CB253294076452A5CE4D3395CEA20475A09B8638F7AED ] C:\Program Files\avmwlanstick\FRITZWLANMini.exe 20:59:14.0651 0x1114 AVMWlanClient - ok 20:59:14.0745 0x1114 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe 20:59:14.0776 0x1114 Sidebar - ok 20:59:14.0807 0x1114 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe 20:59:14.0807 0x1114 mctadmin - ok 20:59:14.0838 0x1114 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe 20:59:14.0854 0x1114 Sidebar - ok 20:59:14.0869 0x1114 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe 20:59:14.0869 0x1114 mctadmin - ok 20:59:14.0932 0x1114 [ A7DC47DBBE3C0384BA719DC4188AFA7E, FCC8F68A8E55AE2AB9B877A6E46DFC28411B68D09AEACA4792625B5150EFDCFD ] C:\Windows\ehome\ehTray.exe 20:59:14.0932 0x1114 ehTray.exe - ok 20:59:14.0994 0x1114 SmpcSys - ok 20:59:15.0057 0x1114 [ 922320B4C3ECAACCD0D92BE23C5E5D0A, F9DDED65F3FF111BCFEA5021D2CA49F002D6FBB3D20E82BA0787ED1629808BBC ] C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe 20:59:15.0103 0x1114 IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - ok 20:59:15.0197 0x1114 [ CC436BB2A26391F3DEBE316F6FB0474F, 2DA63827AD1449CA5F2888ADFA9645F1EAF8B39D26EC214441EE80F3A56E6E72 ] C:\Users\Wolfgang Szyma\AppData\Local\Microsoft\BingSvc\BingSvc.exe 20:59:15.0213 0x1114 BingSvc - ok 20:59:15.0244 0x1114 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe 20:59:15.0275 0x1114 Sidebar - ok 20:59:15.0291 0x1114 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe 20:59:15.0291 0x1114 mctadmin - ok 20:59:15.0291 0x1114 Waiting for KSN requests completion. In queue: 304 20:59:16.0305 0x1114 Waiting for KSN requests completion. In queue: 304 20:59:17.0319 0x1114 Waiting for KSN requests completion. In queue: 304 20:59:18.0348 0x1114 AV detected via SS2: Avira Antivirus, C:\Program Files\Avira\AntiVir Desktop\wsctool.exe ( 15.0.15.106 ), 0x41000 ( enabled : updated ) 20:59:18.0364 0x1114 Win FW state via NFP2: enabled ( trusted ) 20:59:20.0797 0x1114 ============================================================ 20:59:20.0797 0x1114 Scan finished 20:59:20.0797 0x1114 ============================================================ 20:59:20.0797 0x0ec4 Detected object count: 0 20:59:20.0797 0x0ec4 Actual detected object count: 0 20:59:26.0694 0x0bf4 Deinitialize |
01.02.2016, 19:13 | #4 |
/// Selecta Jahrusso | Windows 7: Rechner wirkt träge, Betroffener "versendet" Spam-Mails Hy Sieht auch gut aus. ESET Online Scanner
__________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie |
02.02.2016, 18:46 | #5 |
| Windows 7: Rechner wirkt träge, Betroffener "versendet" Spam-Mails Hallo, 3 Sachen hat er gefunden. Code:
ATTFilter ESETSmartInstaller@High as downloader log: all ok # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=2f69f30e2703834ea311d55d81de4297 # end=init # utc_time=2016-02-01 09:52:18 # local_time=2016-02-01 10:52:18 (+0100, Mitteleuropäische Zeit) # country="Germany" # osver=6.1.7601 NT Service Pack 1 Update Init Update Download Update Finalize Updated modules version: 27925 # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=2f69f30e2703834ea311d55d81de4297 # end=updated # utc_time=2016-02-01 09:58:21 # local_time=2016-02-01 10:58:21 (+0100, Mitteleuropäische Zeit) # country="Germany" # osver=6.1.7601 NT Service Pack 1 # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.7777 # api_version=3.1.1 # EOSSerial=2f69f30e2703834ea311d55d81de4297 # engine=27925 # end=stopped # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2016-02-01 09:58:26 # local_time=2016-02-01 10:58:26 (+0100, Mitteleuropäische Zeit) # country="Germany" # lang=1031 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode_1='' # compatibility_mode=5893 16776574 100 94 80835495 205995097 0 0 # scanned=101 # found=0 # cleaned=0 # scan_time=5 ESETSmartInstaller@High as downloader log: all ok # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=2f69f30e2703834ea311d55d81de4297 # end=init # utc_time=2016-02-02 06:16:38 # local_time=2016-02-02 07:16:38 (+0100, Mitteleuropäische Zeit) # country="Germany" # osver=6.1.7601 NT Service Pack 1 Update Init Update Download Update Finalize Updated modules version: 27931 # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=2f69f30e2703834ea311d55d81de4297 # end=updated # utc_time=2016-02-02 06:22:30 # local_time=2016-02-02 07:22:30 (+0100, Mitteleuropäische Zeit) # country="Germany" # osver=6.1.7601 NT Service Pack 1 # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.7777 # api_version=3.1.1 # EOSSerial=2f69f30e2703834ea311d55d81de4297 # engine=27931 # end=finished # remove_checked=true # archives_checked=false # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2016-02-02 07:15:00 # local_time=2016-02-02 08:15:00 (+0100, Mitteleuropäische Zeit) # country="Germany" # lang=1031 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode_1='' # compatibility_mode=5893 16776574 100 94 80868889 206028491 0 0 # scanned=171202 # found=3 # cleaned=2 # scan_time=3149 sh=658F4F0C59C6030878ED56DD7CE0F9DA47E079EA ft=0 fh=0000000000000000 vn="HTML/Ransom.B Trojaner" ac=I fn="C:\Users\All Users\expzajsilnvewlq\main.html" sh=658F4F0C59C6030878ED56DD7CE0F9DA47E079EA ft=0 fh=0000000000000000 vn="HTML/Ransom.B Trojaner (Gesäubert durch Löschen)" ac=C fn="C:\ProgramData\expzajsilnvewlq\main.html" sh=38E17842BBC08B70E37295E1D293B813B9416D87 ft=0 fh=0000000000000000 vn="LNK/Agent.BS Trojaner (Gesäubert durch Löschen)" ac=C fn="C:\Windows\pss\ch8l0.exe.lnk.Startup" |
04.02.2016, 08:11 | #6 |
/// Selecta Jahrusso | Windows 7: Rechner wirkt träge, Betroffener "versendet" Spam-Mails Hy. So sehe ich jetzt eigentlich nichts und er hatte zudem noch Glück, weil sich ne Ransomware auf dem System befunden hat. Wurden Dateien auf dem Rechner verschlüsselt ? Code:
ATTFilter C:\Users\All Users\expzajsilnvewlq\main.html" Sonst zeigen die Logs eigentlich keine Auffälligkeiten, möchte dennoch ein paar Routine Scans durchführen. Downloade Dir bitte Malwarebytes Anti-Malware
Downloade Dir bitte AdwCleaner auf deinen Desktop.
__________________ --> Windows 7: Rechner wirkt träge, Betroffener "versendet" Spam-Mails |
05.02.2016, 13:23 | #7 |
| Windows 7: Rechner wirkt träge, Betroffener "versendet" Spam-Mails Hallo, nach Rücksprache wurde nix verschlüsselt. MBAM: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 05.02.2016 Suchlaufzeit: 12:45 Protokolldatei: Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2016.02.05.02 Rootkit-Datenbank: v2016.01.20.01 Lizenz: Testversion Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x86 Dateisystem: NTFS Benutzer: Wolfgang Szyma Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 339881 Abgelaufene Zeit: 17 Min., 26 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 1 PUP.Optional.ASK.Gen, C:\Users\Wolfgang Szyma\AppData\Roaming\Mozilla\Firefox\Profiles\hcaa3gmp.default\searchplugins\askcom.xml, In Quarantäne, [21f5df7ebadf82b42235b64bb4512cd4], Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) ADWCleaner: Code:
ATTFilter # AdwCleaner v5.032 - Bericht erstellt am 05/02/2016 um 13:09:39 # Aktualisiert am 31/01/2016 von Xplode # Datenbank : 2016-02-02.1 [Server] # Betriebssystem : Windows 7 Home Premium Service Pack 1 (x86) # Benutzername : Wolfgang Szyma - WOLFGANGSZYM-PC # Gestartet von : C:\Users\Wolfgang Szyma\Desktop\AdwCleaner_5.032.exe # Option : Löschen # Unterstützung : hxxp://toolslib.net/forum ***** [ Dienste ] ***** ***** [ Ordner ] ***** [-] Ordner Gelöscht : C:\ProgramData\Ask ***** [ Dateien ] ***** [-] Datei Gelöscht : C:\Users\Wolfgang Szyma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\eBay.lnk [-] Datei Gelöscht : C:\Users\Wolfgang Szyma\AppData\Roaming\Mozilla\Firefox\Profiles\hcaa3gmp.default\invalidprefs.js ***** [ DLLs ] ***** ***** [ Verknüpfungen ] ***** ***** [ Aufgabenplanung ] ***** ***** [ Registrierungsdatenbank ] ***** [-] Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd [-] Schlüssel Gelöscht : HKCU\Software\APN [-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\AskToolbar [!] Schlüssel Nicht Gelöscht : HKU\S-1-5-21-123846680-1578171023-879479415-1000\Software\APN [!] Schlüssel Nicht Gelöscht : HKU\S-1-5-21-123846680-1578171023-879479415-1000\Software\AppDataLow\Software\AskToolbar [-] Schlüssel Gelöscht : HKU\S-1-5-21-123846680-1578171023-879479415-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\APN [-] Schlüssel Gelöscht : HKU\S-1-5-21-123846680-1578171023-879479415-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\AppDataLow\Software\AskToolbar [-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{478A623C-CFC6-4EA9-84A3-CC740736CCDD} [!] Schlüssel Nicht Gelöscht : HKU\S-1-5-21-123846680-1578171023-879479415-1000\Software\Microsoft\Internet Explorer\SearchScopes\{478A623C-CFC6-4EA9-84A3-CC740736CCDD} [-] Schlüssel Gelöscht : HKU\S-1-5-21-123846680-1578171023-879479415-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{478A623C-CFC6-4EA9-84A3-CC740736CCDD} ***** [ Internetbrowser ] ***** [-] [C:\Users\Wolfgang Szyma\AppData\Roaming\Mozilla\Firefox\Profiles\hcaa3gmp.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.defaultengine", "Ask.com"); [-] [C:\Users\Wolfgang Szyma\AppData\Roaming\Mozilla\Firefox\Profiles\hcaa3gmp.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.order.1", "Ask.com"); ************************* :: "Tracing" Schlüssel gelöscht :: Proxy Einstellungen zurückgesetzt :: Winsock Einstellungen zurückgesetzt :: Chrome Richtlinien gelöscht ########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [2697 Bytes] ########## |
07.02.2016, 18:45 | #8 |
/// Selecta Jahrusso | Windows 7: Rechner wirkt träge, Betroffener "versendet" Spam-Mails Hallo und sorry. Hatte gestern die letzte Klausur für das Semester und wir mussten natürlich feiern gehen So sehe ich jetzt nichts mehr in den Logfiles. Sonst noch Probleme ?
__________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie |
07.02.2016, 18:50 | #9 |
| Windows 7: Rechner wirkt träge, Betroffener "versendet" Spam-Mails Totales Verständnis! ;-) … Ne alles gut! Ist deutlich besser geworden, wenn sogar nicht sau schnell für die Hardware. Danke für deine Top Hilfe! Vielen Dank auch im Namen des Besitzers! Viele Grüße Fabian |
08.02.2016, 09:22 | #10 |
/// Selecta Jahrusso | Windows 7: Rechner wirkt träge, Betroffener "versendet" Spam-MailsBitte lese dir folgendes genau durch. Wir sind hier sehr bemüht, euch eine Wiederinfektion zu ersparen und arbeiten hart an einem Sicherheitskonzept. Update von Software
Browser Der Internet Explorer ist ein häufiges Angriffsziel, da er auf jeden System vorhanden ist. Du solltest also eine Alternative verwenden. Meine Empfehlung: Firefox
Firewalls Bei diesem Thema scheiden sich die Geister. Wir aber sagen, dass die Interne Firewall von Windows, für den Normaluser, vollkommen ausreicht. Wichtig ist aber, dass sie aktiviert ist. Jetzt ist der richtige Zeitpunkt, dies zu prüfen. Firewall aktivieren Anti-Virus-Programm Stelle sicher, dass du immer nur ein Anti Virus Programm installiert hast. Hier ist weniger mehr, da sich 2 AVPs in die Quere kommen können. Die Auswahl an Freeware, welcher wir noch trauen, ist hier sehr rar. Wir raten zu Microsoft Security Essentials. Eventuell von Interesse: 25% auf Emsisoft Produkte. Ergänzungen für die Sicherheit Ein Anti Virus Programm ist unerlässlich. Dennoch ist dies nicht genug um dein System effektiv zu schützen. Die Auswahl an zusätzlichen Programmen ist enorm aber wir empfehlen hier nur das Beste.
Note: Diese Liste ist ausgelegt, wenn du ein Freeware AVP verwendest. Verhalten im Internet Alle diese Programme helfen dir nur soweit, wie du deinen Verstand einsetzt.
Abschließend noch ein paar grundsätzliche Bemerkungen: Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems. Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden. Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...und/oder das Forum mit einer kleinen Spende unterstützen.
__________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie |
Themen zu Windows 7: Rechner wirkt träge, Betroffener "versendet" Spam-Mails |
antivir, antivirus, autorun, avira, ccsetup, desktop, dnsapi.dll, firefox, flash player, helper, home, iexplore.exe, installation, langsam, mozilla, officejet, realtek, registry, rundll, scan, secur, security, software, spammail, stick, super, svchost.exe, symantec, system, telekom, träge, usb, windows, windows 7 |