| |
| |||||||
Mülltonne: Windows Vista: Wiederholtes Einfrieren und suspekte svchost.exeWindows 7 Beiträge, die gegen unsere Regeln verstoßen haben, solche, die die Welt nicht braucht oder sonstiger Müll landet hier in der Mülltonne... |
30.04.2016, 10:03
| #1 |
 |  Windows Vista: Wiederholtes Einfrieren und suspekte svchost.exe Liebes trojaner-board-Team, Seit einigen Tagen fiel mein Laptop mit wiederholtem Einfrieren und stark verschlechterter Performance auf. Im Task-Manager findet sich in den Prozessen eine mir bisher nicht aufgefallene svchost.exe mit hoher Arbeitsspeicherbeanspruchung (meist zwischen 500 - 800 Mb) und CPU-Auslastung (ca. 50 %) ohne, dass ich dazu irgendetwas getan hätte. Die Probleme treten sofort nach dem Neustart auf. Eine Auffälligkeit besteht darüber hinaus: Nach jedem Neustart sind Windows-Firewall und Antivirenprogramm (Avira Antivir) deaktiviert, lassen sich aber einfach reaktivieren. FRST.txt: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:27-04-2016
durchgeführt von Administrator (Administrator) auf HAL (30-04-2016 10:30:54)
Gestartet von C:\Users\Administrator\Desktop
Geladene Profile: Administrator (Verfügbare Profile: UpdatusUser & Administrator)
Platform: Microsoft® Windows Vista™ Business Service Pack 2 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 9 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avguard.exe
(O2Micro International) C:\Windows\System32\drivers\o2flash.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avshadow.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-03-30] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\Antivirus\avgnt.exe [807392 2016-03-12] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [KeePass 2 PreLoad] => C:\Program Files\KeePass Password Safe 2\KeePass.exe [2756672 2016-03-09] (Dominik Reichl)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-19\...\Winlogon: [Userinit] [[%%INSTALLTIME%%]]
HKU\S-1-5-19\...\Winlogon: [Shell] [[%%INSTALLTIME%%]] <==== ACHTUNG
HKU\S-1-5-20\...\Winlogon: [Userinit] [[%%INSTALLTIME%%]]
HKU\S-1-5-20\...\Winlogon: [Shell] [[%%INSTALLTIME%%]] <==== ACHTUNG
HKU\S-1-5-21-1397528827-1418839280-159149109-500\...\MountPoints2: {12083a0a-84a4-11e5-8f70-9bf26590be9a} - "G:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-21-1397528827-1418839280-159149109-500\...\MountPoints2: {7ee0c92b-563b-11e5-8fb0-f07647e6b42a} - H:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1397528827-1418839280-159149109-500\...\MountPoints2: {8bb26413-2138-11e3-a06a-806e6f6e6963} - I:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1397528827-1418839280-159149109-500\...\MountPoints2: {a0075fd2-64db-11e3-9e9d-f852a0f2242a} - F:\setup.exe
HKU\S-1-5-21-1397528827-1418839280-159149109-500\...\MountPoints2: {ff154bdd-d87f-11e5-860d-b1d5f7d05b10} - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-18\...\Winlogon: [Userinit] [[%%INSTALLTIME%%]]
HKU\S-1-5-18\...\Winlogon: [Shell] [[%%INSTALLTIME%%]] <==== ACHTUNG
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
BootExecute: autocheck autochk * sdnclean.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Winsock: Catalog9 01 C:\Program Files\Avira\Antivirus\avsda.dll [507984 2015-10-28] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Program Files\Avira\Antivirus\avsda.dll [507984 2015-10-28] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 03 C:\Program Files\Avira\Antivirus\avsda.dll [507984 2015-10-28] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 04 C:\Program Files\Avira\Antivirus\avsda.dll [507984 2015-10-28] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 05 C:\Program Files\Avira\Antivirus\avsda.dll [507984 2015-10-28] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 06 C:\Program Files\Avira\Antivirus\avsda.dll [507984 2015-10-28] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 07 C:\Program Files\Avira\Antivirus\avsda.dll [507984 2015-10-28] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 08 C:\Program Files\Avira\Antivirus\avsda.dll [507984 2015-10-28] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 19 C:\Program Files\Avira\Antivirus\avsda.dll [507984 2015-10-28] (Avira Operations GmbH & Co. KG)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8215736F-5127-4938-92B1-C1C02F71EB6B}: [DhcpNameServer] 141.42.1.1
Tcpip\..\Interfaces\{9BF89D0C-B95D-4044-8AD0-6DAC2CFE06CB}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-1397528827-1418839280-159149109-500\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1397528827-1418839280-159149109-500 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1397528827-1418839280-159149109-500 -> {E4171500-0AC3-440B-AD19-3D240E6D0933} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27] (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-21] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-21] (Oracle Corporation)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2008-10-16] (Hewlett-Packard Co.)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\1j26d316.default
FF DefaultSearchEngine: Wikipedia (de)
FF SelectedSearchEngine: Wikipedia (de)
FF Homepage: about:home
FF Session Restore: -> ist aktiviert.
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-08] ()
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-21] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2012-12-29] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2012-12-29] (NVIDIA Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.1 -> C:\Neue Programme\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Neue Programme\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Neue Programme\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-07-27] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\1j26d316.default\user.js [2016-03-04]
FF Extension: Dict.cc Translation - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\1j26d316.default\Extensions\searchdictcc@roughael.xpi [2016-04-29]
FF Extension: Zotero - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\1j26d316.default\Extensions\zotero@chnm.gmu.edu.xpi [2016-04-18]
FF Extension: html5 wizard pro - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\1j26d316.default\Extensions\{66ff16b6-75fb-4dfc-a2ea-04d7c5775cbe}.xpi [2016-02-28] [ist nicht signiert]
FF Extension: Adblock Plus - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\1j26d316.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-29]
FF Extension: QuickTime Manager - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\1j26d316.default\Extensions\{df45044c-ed92-458d-8cc7-e596730ac00e}.xpi [2016-03-12] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-04-20] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [{190bc294-c8e5-471c-9466-3eb945b09542}] - C:\Neue Programme\Firefox\extensions\{190bc294-c8e5-471c-9466-3eb945b09542} => nicht gefunden
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2016-02-07] [ist nicht signiert]
FF HKU\S-1-5-21-1397528827-1418839280-159149109-500\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-08-12] (Adobe Systems) [Datei ist nicht signiert]
S2 AntiVirMailService; C:\Program Files\Avira\Antivirus\avmailc.exe [940304 2016-03-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\Antivirus\sched.exe [466504 2016-03-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\Antivirus\avguard.exe [466504 2016-03-12] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\Antivirus\AVWEBGRD.EXE [1236896 2016-03-12] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [272304 2016-03-30] (Avira Operations GmbH & Co. KG)
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2008-10-16] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [135168 2008-10-16] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2008-07-18] (Hewlett-Packard) [Datei ist nicht signiert]
R2 O2FLASH; C:\Windows\system32\DRIVERS\o2flash.exe [72224 2009-01-21] (O2Micro International)
S3 OpenVPNService; C:\Neue Programme\OpenVPN\bin\openvpnserv.exe [33120 2016-02-01] (The OpenVPN Project) [Datei ist nicht signiert]
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2012-10-08] () [Datei ist nicht signiert]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-07-18] (Hewlett-Packard) [Datei ist nicht signiert]
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [109016 2016-03-12] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136272 2016-03-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37896 2015-10-28] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2013-12-14] (Disc Soft Ltd)
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R3 O2MDGRDR; C:\Windows\System32\DRIVERS\o2mdg.sys [51616 2009-01-21] (O2Micro )
R3 OEM13Vfx; C:\Windows\System32\DRIVERS\OEM13Vfx.sys [7424 2009-01-18] (EyePower Games Pte. Ltd.)
R3 OEM13Vid; C:\Windows\System32\DRIVERS\OEM13Vid.sys [235840 2009-01-18] (Creative Technology Ltd.)
S3 SQTECH930B; C:\Windows\System32\Drivers\Capt930b.sys [305053 2005-11-24] () [Datei ist nicht signiert]
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [31848 2015-10-28] (Avira Operations GmbH & Co. KG)
R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2013-04-10] (Samsung Electronics) [Datei ist nicht signiert]
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [23040 2014-11-05] (The OpenVPN Project)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S0 MBAMSwissArmy; system32\drivers\MBAMSwissArmy.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-04-30 10:30 - 2016-04-30 10:31 - 00016162 _____ C:\Users\Administrator\Desktop\FRST.txt
2016-04-30 10:30 - 2016-04-30 10:30 - 00000000 ____D C:\FRST
2016-04-30 10:29 - 2016-04-30 10:29 - 01728000 _____ (Farbar) C:\Users\Administrator\Desktop\FRST.exe
2016-04-14 13:35 - 2016-04-22 14:53 - 00000076 _____ C:\Users\Administrator\Desktop\KeePass nachtragen.txt
2016-04-14 13:32 - 2016-04-14 13:32 - 00000029 _____ C:\Users\Administrator\Desktop\Produktschlüssel.txt
2016-04-14 13:31 - 2016-04-14 13:31 - 03304640 _____ (Microsoft Corporation) C:\Users\Administrator\Desktop\Setup.x86.de-DE_ProPlusRetail_62NKP-79J2T-CC9DR-Q47B2-3YH7H_act_1_.exe
2016-04-07 19:51 - 2016-04-14 13:37 - 00002782 _____ C:\Users\Administrator\Desktop\KeePass_Database.kdbx
2016-04-06 20:12 - 2016-04-14 13:37 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\KeePass
2016-04-06 20:08 - 2016-04-06 20:08 - 00000914 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk
2016-04-06 20:08 - 2016-04-06 20:08 - 00000000 ____D C:\Program Files\KeePass Password Safe 2
2016-04-04 18:34 - 2016-04-04 18:34 - 00000000 ____D C:\Program Files\Common Files\ResearchSoft
2016-04-04 18:09 - 2016-04-04 18:34 - 00000000 ____D C:\Users\Public\Documents\EndNote
2016-04-04 18:09 - 2016-04-04 18:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EndNote
2016-04-04 18:07 - 2016-04-04 18:35 - 00000000 ____D C:\Program Files\EndNote X7
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-04-30 10:28 - 2012-04-20 13:54 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-30 10:23 - 2012-04-19 22:59 - 00677784 _____ C:\Windows\system32\perfh007.dat
2016-04-30 10:23 - 2012-04-19 22:59 - 00147264 _____ C:\Windows\system32\perfc007.dat
2016-04-30 10:23 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\inf
2016-04-30 10:23 - 2006-11-02 12:33 - 01576088 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-30 10:20 - 2016-02-14 18:25 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-04-30 10:17 - 2015-11-21 19:28 - 00000644 _____ C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2016-04-30 10:16 - 2012-04-27 21:11 - 00000000 ____D C:\ProgramData\NVIDIA
2016-04-30 10:16 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-30 10:16 - 2006-11-02 14:47 - 00003712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-30 10:16 - 2006-11-02 14:47 - 00003712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-30 10:14 - 2006-11-02 15:01 - 00032562 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-04-30 10:05 - 2016-02-08 18:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers
2016-04-30 10:05 - 2014-04-20 19:53 - 00000000 ____D C:\Program Files\Samsung
2016-04-30 10:04 - 2014-09-28 21:54 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2016-04-30 10:04 - 2014-09-28 21:53 - 00000000 ____D C:\Program Files\Common Files\InstallShield
2016-04-30 09:59 - 2014-09-28 21:54 - 00000035 _____ C:\Windows\SIERRA.INI
2016-04-25 21:00 - 2012-10-26 23:06 - 00015915 _____ C:\Users\Administrator\Desktop\Trainingsplan.xlsx
2016-04-20 10:10 - 2015-11-21 19:30 - 00000000 ____D C:\ProgramData\Package Cache
2016-04-20 10:10 - 2015-11-21 19:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-04-08 13:28 - 2012-04-20 13:54 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-04-08 13:28 - 2012-04-20 13:54 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-04-06 20:03 - 2014-02-15 16:04 - 00000000 ____D C:\Users\Administrator\Desktop\Dokumente
2016-04-04 18:35 - 2016-02-24 18:25 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\EndNote
2016-04-04 18:35 - 2016-02-24 18:18 - 00000000 ____D C:\ProgramData\Thomson.ResearchSoft.Installers
2016-04-04 18:09 - 2016-02-24 18:20 - 00000000 ____D C:\Program Files\Common Files\Risxtd
2016-04-04 18:03 - 2012-04-27 21:04 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2016-04-04 17:56 - 2012-04-19 13:52 - 00000000 ____D C:\Users\Administrator\Desktop\Studium
2016-04-04 17:19 - 2015-08-03 15:20 - 00013820 _____ C:\Users\Administrator\Desktop\Ein- und Ausgabenrechnung.xlsx
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-09-25 15:44 - 2015-10-12 11:27 - 0000680 _____ () C:\Users\Administrator\AppData\Local\d3d9caps.dat
2014-05-09 22:20 - 2016-03-25 21:27 - 0071168 _____ () C:\Users\Administrator\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-06-12 15:57 - 2016-02-07 14:35 - 0001115 _____ () C:\ProgramData\hpzinstall.log
2012-04-27 21:12 - 2014-05-15 11:36 - 0088165 _____ () C:\ProgramData\nvModes.001
2012-04-27 21:12 - 2014-05-15 11:36 - 0088165 _____ () C:\ProgramData\nvModes.dat
Einige Dateien in TEMP:
====================
C:\Users\Administrator\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-04-30 10:24
==================== Ende vom FRST.txt ============================
Addition.txt: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:27-04-2016
durchgeführt von Administrator (2016-04-30 10:31:45)
Gestartet von C:\Users\Administrator\Desktop
Microsoft® Windows Vista™ Business Service Pack 2 (X86) (2012-04-19 11:09:38)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1397528827-1418839280-159149109-500 - Administrator - Enabled) => C:\Users\Administrator
Gast (S-1-5-21-1397528827-1418839280-159149109-501 - Limited - Enabled)
UpdatusUser (S-1-5-21-1397528827-1418839280-159149109-1001 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
32 Bit HP CIO Components Installer (Version: 3.1.1 - Hewlett-Packard) Hidden
3DHISTECH's SlideAC redist x86 (HKLM\...\3DHISTECH SlideAC x86) (Version: 1.15.3.42679 - 3DHISTECH Ltd.)
Adobe Flash Player 21 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Illustrator CS2 (HKLM\...\Adobe Illustrator CS2) (Version: 12.000.000 - Adobe Systems Inc.)
Adobe Reader X (10.1.4) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.4 - Adobe Systems Incorporated)
Adobe SVG Viewer 3.0 (HKLM\...\Adobe SVG Viewer) (Version: 3.0 - Adobe Systems, Inc.)
Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.16.282 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM\...\{74d1ef14-dd39-4749-b051-e183a1e27f5e}) (Version: 1.1.58.35540 - Avira Operations GmbH & Co. KG)
Avira Launcher (Version: 1.1.58.35540 - Avira Operations GmbH & Co. KG) Hidden
Benutzerhandbuch anzeigen (HKLM\...\View User Guide) (Version: 3.60.43.0 - )
BufferChm (Version: 120.0.194.000 - Hewlett-Packard) Hidden
CaseCenterClient Redist x86 (HKLM\...\CaseCenterClient Redist x86) (Version: 1.15.3.42983 - 3DHISTECH Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.10 - Piriform)
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
Copy (Version: 120.0.194.000 - Hewlett-Packard) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
Destination Component (Version: 110.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 120.0.194.000 - Hewlett-Packard) Hidden
Die Schlacht um Mittelerde(tm) (HKLM\...\{3F290582-3F4E-4B96-009C-E0BABAA40C42}) (Version: - )
DJ_AIO_03_F4200_Software_Min (Version: 110.0.206.000 - Hewlett-Packard) Hidden
DJ_AIO_04_F735_Software_Min (Version: 120.0.250.000 - Hewlett-Packard) Hidden
Elvenstar Mod 6.0 (HKLM\...\Elvenstar Mod 6.0) (Version: 1.0a - Elvenstar Team)
EndNote X7 (HKLM\...\{86B3F2D6-AC2B-0017-8AE1-F2F77F781B0C}) (Version: 17.5.0.9325 - Thomson Reuters)
F735 (Version: 120.0.250.000 - Hewlett-Packard) Hidden
GPBaseService2 (Version: 120.0.194.000 - Hewlett-Packard) Hidden
HiView (HKLM\...\HiView_is1) (Version: - Lunar and Planetary Laboratory, University of Arizona)
HP Customer Participation Program 12.0 (HKLM\...\HPExtendedCapabilities) (Version: 12.0 - HP)
HP Deskjet F4200 All-In-One Driver 11.0 03 (HKLM\...\{C3B6AEB1-390C-4792-8677-CD87F8B2C959}) (Version: 11.0 - HP)
HP Deskjet F735 All-in-one Driver Software 12.0 Rel .4 (HKLM\...\{7BE02706-B038-4844-8FE0-E7A7C0597023}) (Version: 12.0 - HP)
HP Imaging Device Functions 12.0 (HKLM\...\HP Imaging Device Functions) (Version: 12.0 - HP)
HP Smart Web Printing (HKLM\...\HP Smart Web Printing) (Version: 4.05 - HP)
HP Solution Center 12.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 12.0 - HP)
HP Update (HKLM\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
HPPhotoGadget (Version: 120.0.150.000 - Hewlett-Packard) Hidden
HPProductAssistant (Version: 120.0.194.000 - Hewlett-Packard) Hidden
HPSSupply (Version: 120.0.194.000 - Hewlett-Packard) Hidden
iCam Tracer CCD (HKLM\...\{D0AF1483-31AD-4FEB-A961-C9327185439F}) (Version: 930.0902.1115.05 - )
ImageMagick 6.8.9-3 Q16 (32-bit) (2014-07-15) (HKLM\...\ImageMagick 6.8.9 Q16 (32-bit)_is1) (Version: 6.8.9 - ImageMagick Studio LLC)
IPTInstaller (HKLM\...\{6965F2F4-1CD2-4F42-A8EF-9EF433F9AA72}) (Version: 4.0.4 - HTC)
Java 8 Update 66 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
JP2 WSI Converter (x86) (HKLM\...\{3C412784-C2EB-4C40-BD11-25B40D278181}) (Version: 1.0.2 - BioMediTech)
Kakadu-demo-apps (HKLM\...\{196F57F7-EFD6-4FA4-8956-C54C7ED79513}) (Version: 1.0.0 - The University of New South Wales)
KeePass Password Safe 2.32 (HKLM\...\KeePassPasswordSafe2_is1) (Version: 2.32 - Dominik Reichl)
Laptop Integrated Webcam Driver (1.01.01.0529) (HKLM\...\Creative OEM013) (Version: - )
MarketResearch (Version: 120.0.226.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Minecraft1.7.9 (HKLM\...\Minecraft1.7.9) (Version: - )
Mozilla Firefox 44.0.2 (x86 de) (HKLM\...\Mozilla Firefox 44.0.2 (x86 de)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 44.0.2.5884 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA 3D Vision Treiber 310.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 310.90 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 1.6 - NVIDIA Corporation)
NVIDIA Grafiktreiber 310.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 310.90 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
OpenVPN 2.3.10-I602 (HKLM\...\OpenVPN) (Version: 2.3.10-I602 - )
Pannoramic Viewer (HKLM\...\{3BB40331-A688-4F50-8004-97C8AB1ECDBA}) (Version: 1.15.4.43061 - 3DHISTECH Ltd.)
ResearchSoft Direct Export Helper (HKLM\...\ResearchSoft Direct Export Helper) (Version: - Thomson Reuters)
Risen 2 - Dark Waters (HKLM\...\Steam App 40390) (Version: - Piranha Bytes)
Samsung Easy Printer Manager (HKLM\...\Samsung Easy Printer Manager) (Version: 1.03.60.00(23.07.2013) - Samsung Electronics Co., Ltd.)
Samsung Easy Wireless Setup (HKLM\...\Easy Wireless Setup) (Version: 3.60.38.0 - Samsung Electronics Co., Ltd.)
Samsung M2070 Series (HKLM\...\Samsung M2070 Series) (Version: 1.02 (25.07.2013) - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Scan (Version: 12.0.0.0 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 12 - HP)
Skype™ 7.21 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
SlideDriver Redist x86 (HKLM\...\SlideDriver Redist x86) (Version: 1.15.3.42679 - 3DHISTECH Ltd.)
SmartWebPrinting (Version: 120.0.194.000 - Hewlett-Packard) Hidden
SolutionCenter (Version: 120.0.194.000 - Hewlett-Packard) Hidden
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Status (Version: 120.0.194.000 - Hewlett-Packard) Hidden
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TAP-Windows 9.21.1 (HKLM\...\TAP-Windows) (Version: 9.21.1 - )
Toolbox (Version: 120.0.194.000 - Hewlett-Packard) Hidden
Total Annihilation (HKLM\...\Total Annihilation) (Version: - )
TrayApp (Version: 120.0.194.000 - Hewlett-Packard) Hidden
UnloadSupport (Version: 11.0.0 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WebReg (Version: 120.0.194.000 - Hewlett-Packard) Hidden
Winamp (HKLM\...\Winamp) (Version: 5.623 - Nullsoft, Inc)
WinRAR 4.11 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
Zotero Standalone 4.0.20 (x86 en-US) (HKLM\...\Zotero Standalone 4.0.20 (x86 en-US)) (Version: 4.0.20 - Zotero)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1397528827-1418839280-159149109-500_Classes\CLSID\{9E21666E-0EA4-4a3d-8619-BCB8D2E0C07B}\InprocServer32 -> C:\Program Files\3DHISTECH\Viewer\Data\DLLs\TDHThumbnailer.dll (3DHISTECH Ltd.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {166070A1-0699-4A5A-80BB-45DF66BE2F0E} - System32\Tasks\Check for updates (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {1B3BBF01-1847-45A2-8FEF-5228FA4511D3} - System32\Tasks\Scan the system (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {1E608819-277D-4902-9CFB-4B2232214E49} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-09-16] (Piriform Ltd)
Task: {5936A082-E593-4AB0-88FE-C89C1E3681E4} - System32\Tasks\Refresh immunization (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {990EA275-82C8-4C53-AFE7-FB5FD0841D30} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-08] (Adobe Systems Incorporated)
Task: {FFA5584F-3327-4EEB-9A78-6EBC96D39E92} - System32\Tasks\{5FF594E3-88C9-4817-A470-50B943139F75} => pcalua.exe -a C:\GAMES\JUNGLE\INSTALL.EXE -d C:\GAMES\JUNGLE
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Minecraft-Server.lnk -> C:\Users\Administrator\AppData\Roaming\.minecraft\Server\start.bat ()
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-11-13 09:12 - 2013-11-13 09:12 - 00024064 _____ () C:\Windows\System32\ssm4mlm.dll
2013-11-13 09:12 - 2013-11-13 09:12 - 01042944 _____ () C:\Windows\system32\spool\DRIVERS\W32X86\3\ssm4mdu.dll
2012-10-08 17:04 - 2012-10-08 17:04 - 00166912 _____ () C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
2015-11-21 19:28 - 2014-05-13 13:04 - 00109400 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-11-21 19:28 - 2014-05-13 13:04 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2015-11-21 19:28 - 2014-05-13 13:04 - 00167768 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-11-21 19:28 - 2012-08-23 11:38 - 00574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
2015-11-21 19:28 - 2012-04-03 18:06 - 00565640 _____ () C:\Program Files\Spybot - Search & Destroy 2\av\BDSmartDB.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
Da befinden sich 7777 mehr Seiten.
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2006-11-02 12:23 - 2012-12-02 00:27 - 00444749 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.10sek.com
127.0.0.1 10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 www.123fporn.info
127.0.0.1 123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
Da befinden sich 15269 zusätzliche Einträge.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1397528827-1418839280-159149109-500\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\img24.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Administrator^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma.lnk => C:\Windows\pss\Adobe Gamma.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Sören^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Sören^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk => C:\Windows\pss\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk.Startup
MSCONFIG\startupreg: 6497d759cd44a3ad6d919de8dbbf6785 => "C:\Users\Administrator\AppData\Local\6497d759cd44a3ad6d919de8dbbf6785.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: avgnt => "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
MSCONFIG\startupreg: Avira Systray => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: CDAServer => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Neue Programme\Daemon Tools\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Facebook Update => "C:\Users\Sören\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: HP Software Update => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: OEM13Mon.exe => C:\Windows\OEM13Mon.exe
MSCONFIG\startupreg: SDTray => "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SpybotPostWindows10UpgradeReInstall => "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
MSCONFIG\startupreg: Steam => "C:\Neue Programme\Steam\Steam.exe" -silent
MSCONFIG\startupreg: STICAP => C:\Windows\Twain_32\iCam Tracer CCD\SnapTrap.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: Windows Defender => %ProgramFiles%\Windows Defender\MSASCui.exe -hide
==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [SLSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\slsvc.exe
FirewallRules: [SLSVC-In-TCP] => (Allow) %SystemRoot%\system32\slsvc.exe
FirewallRules: [{19AC6F5A-8D2B-4BD0-8FD2-C87682B2610D}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{4820CC46-39BD-4A6C-A1BC-DCCE46D39866}C:\neue programme\winamp\winamp.exe] => (Allow) C:\neue programme\winamp\winamp.exe
FirewallRules: [UDP Query User{321B15D9-CCE5-4EC1-8D17-55FF6A34D814}C:\neue programme\winamp\winamp.exe] => (Allow) C:\neue programme\winamp\winamp.exe
FirewallRules: [{8204586B-714B-41BD-AC3A-9DAF54AA20AB}] => (Allow) C:\Neue Programme\utorrent\uTorrent.exe
FirewallRules: [{90E8667C-642C-43AA-AC89-44376E0CB595}] => (Allow) C:\Neue Programme\utorrent\uTorrent.exe
FirewallRules: [TCP Query User{DDF620CB-6622-44A5-9E2D-ADED2D4022B7}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe
FirewallRules: [UDP Query User{DA58124F-9392-4688-B7CF-E51BE65C4F94}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe
FirewallRules: [{1DE23A38-06B3-4D77-9411-D80F6FB94DA6}] => (Allow) LPort=80
FirewallRules: [{DA5A8BD0-BA10-446D-9024-BAE227B23376}] => (Allow) LPort=80
FirewallRules: [{291F703C-FA34-4BB1-B593-AE249A9A50AF}] => (Allow) LPort=80
FirewallRules: [{DFA21B17-5D55-4EF6-9029-6A33187EAD27}] => (Allow) C:\Program Files\EA GAMES\Die Schlacht um Mittelerde(tm)\game.dat
FirewallRules: [{5534FFB0-C0A0-48B0-A3D2-4176DAAABA22}] => (Allow) C:\Program Files\EA GAMES\Die Schlacht um Mittelerde(tm)\game.dat
FirewallRules: [TCP Query User{49BDB96B-C89A-491E-A9C4-E034B08DA951}C:\program files\ea games\die schlacht um mittelerde(tm)\game.dat] => (Allow) C:\program files\ea games\die schlacht um mittelerde(tm)\game.dat
FirewallRules: [UDP Query User{EBD9393D-E43E-4817-98E3-5FA146257331}C:\program files\ea games\die schlacht um mittelerde(tm)\game.dat] => (Allow) C:\program files\ea games\die schlacht um mittelerde(tm)\game.dat
FirewallRules: [TCP Query User{2F2AAA2D-BF4A-40FB-B274-260378E5578F}C:\neue programme\valve\hl.exe] => (Block) C:\neue programme\valve\hl.exe
FirewallRules: [UDP Query User{AF4A2824-FFD4-47A0-B5A1-E3A84041C246}C:\neue programme\valve\hl.exe] => (Block) C:\neue programme\valve\hl.exe
FirewallRules: [TCP Query User{B7EBAF13-A0C5-4507-96DD-7656C2B38B09}C:\neue programme\winamp\winamp.exe] => (Allow) C:\neue programme\winamp\winamp.exe
FirewallRules: [UDP Query User{A781C59D-E0F7-4083-B11F-96698D4669FF}C:\neue programme\winamp\winamp.exe] => (Allow) C:\neue programme\winamp\winamp.exe
FirewallRules: [{0F52A4A1-9BBD-4A36-AB6A-4B527D7E3ADB}] => (Allow) C:\Neue Programme\Steam\Steam.exe
FirewallRules: [{72EB0DC1-28B1-4362-9C32-39550D9CB8CA}] => (Allow) C:\Neue Programme\Steam\Steam.exe
FirewallRules: [{3A26952E-DDCC-4C0E-93AF-DE78471D3C40}] => (Allow) C:\Neue Programme\Steam\SteamApps\common\Risen 2\system\Risen2.exe
FirewallRules: [{5E30B02D-CB26-41B5-A53D-6549F96D3CDA}] => (Allow) C:\Neue Programme\Steam\SteamApps\common\Risen 2\system\Risen2.exe
FirewallRules: [{EF936A89-DC28-4FA8-BEB5-71EF04ADD1FF}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{E51DB12E-F27E-41BE-93FD-A761F179FDA6}] => (Allow) LPort=12975
FirewallRules: [{E701A49D-2619-48B4-832B-D90DB8662FFB}] => (Allow) LPort=32976
FirewallRules: [{9865F695-85E7-4AA6-97BF-95DD77603F23}] => (Allow) C:\Neue Programme\Ahnenblatt\Ahnblatt.exe
FirewallRules: [{BE05A30D-2455-4C22-9378-BB55F05755A6}] => (Allow) C:\Neue Programme\Ahnenblatt\Ahnblatt.exe
FirewallRules: [TCP Query User{65CEB3E2-6F34-406F-BB26-890A4710B4B6}H:\ag harms\fiji\fiji.app\imagej-win32.exe] => (Allow) H:\ag harms\fiji\fiji.app\imagej-win32.exe
FirewallRules: [UDP Query User{A1464BDB-BF3C-440C-9ADC-6F9383B562EA}H:\ag harms\fiji\fiji.app\imagej-win32.exe] => (Allow) H:\ag harms\fiji\fiji.app\imagej-win32.exe
FirewallRules: [TCP Query User{588DFF16-C292-4093-97C4-508E0850CA95}H:\ag harms\fiji\fiji.app\imagej-win32.exe] => (Allow) H:\ag harms\fiji\fiji.app\imagej-win32.exe
FirewallRules: [UDP Query User{4DCA442E-7DEB-4C3A-A461-F7248CE66F31}H:\ag harms\fiji\fiji.app\imagej-win32.exe] => (Allow) H:\ag harms\fiji\fiji.app\imagej-win32.exe
FirewallRules: [TCP Query User{D27D6C30-4B4D-4C9F-B773-0DC3CE516715}C:\neue programme\valve\hl.exe] => (Allow) C:\neue programme\valve\hl.exe
FirewallRules: [UDP Query User{D8EE2827-AD42-4D67-BFBB-B6EAD833DEC6}C:\neue programme\valve\hl.exe] => (Allow) C:\neue programme\valve\hl.exe
FirewallRules: [TCP Query User{42268999-6FB8-45C1-A8F3-3DB224F78F95}C:\neue programme\warcraft iii\war3.exe] => (Allow) C:\neue programme\warcraft iii\war3.exe
FirewallRules: [UDP Query User{CA8D1B71-C1F6-436B-8F04-B9FF178D1019}C:\neue programme\warcraft iii\war3.exe] => (Allow) C:\neue programme\warcraft iii\war3.exe
FirewallRules: [TCP Query User{CAE189DF-5525-4FCF-8261-87D7EA27ED23}G:\ag harms\fiji\fiji.app\imagej-win32.exe] => (Allow) G:\ag harms\fiji\fiji.app\imagej-win32.exe
FirewallRules: [UDP Query User{3C72FC2C-C8ED-4764-8846-F1A5CEE376F3}G:\ag harms\fiji\fiji.app\imagej-win32.exe] => (Allow) G:\ag harms\fiji\fiji.app\imagej-win32.exe
FirewallRules: [TCP Query User{C8D9DF54-A495-46E4-A7D8-E0D1F0983B70}C:\neue programme\cellprofiler\cellprofiler.exe] => (Allow) C:\neue programme\cellprofiler\cellprofiler.exe
FirewallRules: [UDP Query User{17B80010-5FAB-447E-ABC7-2298BDBAED6A}C:\neue programme\cellprofiler\cellprofiler.exe] => (Allow) C:\neue programme\cellprofiler\cellprofiler.exe
FirewallRules: [TCP Query User{F18A17C4-8983-428D-814C-9EA28736AE17}C:\neue programme\cellprofiler\cellprofiler.exe] => (Allow) C:\neue programme\cellprofiler\cellprofiler.exe
FirewallRules: [UDP Query User{C41D84E1-72DE-4A3F-8756-471BE4FF1CBB}C:\neue programme\cellprofiler\cellprofiler.exe] => (Allow) C:\neue programme\cellprofiler\cellprofiler.exe
FirewallRules: [{70A6B460-1D91-47DD-BD3E-90FDC44484BD}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{B62D6A5D-5131-4924-AB17-145580ED49B7}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{846AABB0-E1BB-4C11-AB9B-05F337C4C443}] => (Allow) C:\Neue Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{9281564D-73F6-4846-88A1-AE2898F0838F}] => (Allow) C:\Neue Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{B69A5F67-AA4F-44B3-B61D-F1AD78AE9D57}C:\neue programme\cavedog\totala\totala.exe] => (Allow) C:\neue programme\cavedog\totala\totala.exe
FirewallRules: [UDP Query User{F1EFA0B4-25CC-419D-A873-540350CCED99}C:\neue programme\cavedog\totala\totala.exe] => (Allow) C:\neue programme\cavedog\totala\totala.exe
FirewallRules: [TCP Query User{57F7E70A-B26E-425C-B91E-964C840E2554}C:\neue programme\cavedog\totala\totala.exe] => (Allow) C:\neue programme\cavedog\totala\totala.exe
FirewallRules: [UDP Query User{D1ED9678-91D5-4DF4-917E-A7374A72AEE1}C:\neue programme\cavedog\totala\totala.exe] => (Allow) C:\neue programme\cavedog\totala\totala.exe
FirewallRules: [TCP Query User{142AE584-21F5-406C-9228-F509996E1694}C:\windows\system32\dplaysvr.exe] => (Allow) C:\windows\system32\dplaysvr.exe
FirewallRules: [UDP Query User{6B79F378-A49C-49E9-B421-34959B2577B1}C:\windows\system32\dplaysvr.exe] => (Allow) C:\windows\system32\dplaysvr.exe
FirewallRules: [TCP Query User{B6ECB59F-B69E-411F-8D1B-5B26A0349EB2}C:\program files\java\jre1.8.0_66\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [UDP Query User{49E867A2-6B39-46CC-BC54-BC138786C6BA}C:\program files\java\jre1.8.0_66\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [{AB82CC5C-BAF9-49CA-81B5-766F0C153768}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{8B4B6D3B-EF52-45AE-A436-3F693C9B7961}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{4C42B037-06E1-4C0A-95B0-C1DFE5EA54D1}C:\neue programme\fiji.app\imagej-win32.exe] => (Allow) C:\neue programme\fiji.app\imagej-win32.exe
FirewallRules: [UDP Query User{7BF40D46-3B2B-44E2-B61C-903F1FAC486F}C:\neue programme\fiji.app\imagej-win32.exe] => (Allow) C:\neue programme\fiji.app\imagej-win32.exe
FirewallRules: [TCP Query User{31234078-B085-4CA9-BDD7-6E76D50A3063}G:\ag harms\fiji\fiji.app\imagej-win32.exe] => (Allow) G:\ag harms\fiji\fiji.app\imagej-win32.exe
FirewallRules: [UDP Query User{52954E50-4CF5-48B5-96FD-7F40815A6B5B}G:\ag harms\fiji\fiji.app\imagej-win32.exe] => (Allow) G:\ag harms\fiji\fiji.app\imagej-win32.exe
FirewallRules: [{E11B1845-52D4-475E-BB04-4710700C54EF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{9DFE1EFA-00CC-4407-905A-13195619020C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{670BF190-3FC0-4E8A-A0EA-6DF9AB61DFFD}C:\program files\java\jre1.8.0_66\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [UDP Query User{710DA444-59FA-4C43-BA4D-8DA6FDF5D6E5}C:\program files\java\jre1.8.0_66\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [{4AD51538-3A76-413F-9C5C-3DE0C4254B9B}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{62CF701C-8944-4BB6-BE6A-3A3F313F3A6F}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{47244DBA-6DFD-4689-A7EB-8CF95BB60620}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{B4A39222-BA30-4F7F-AF3C-280234190B03}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{52BF9CB7-B36F-4610-BC1E-62EB15AC77A7}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{5B86D141-78C7-4791-94D9-8C9EEBFCC3DD}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{3EEB1AE3-BC31-4DC0-A775-C2B57FD924AF}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{58FA1520-33B8-4B51-AEAD-7E9FC0539BFE}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{AC5305D4-1581-4E13-BE67-B1907172B0B2}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{74E5C0DB-D564-46DE-BA40-9A204E71DCE1}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{EC47328E-B597-447A-8C38-D1D3E2EC5C36}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe
FirewallRules: [{3C63BB5D-4F0B-4CC2-B6BC-A6FFB98EAA38}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe
FirewallRules: [{B2F3CFAE-2E5A-41BE-BFB0-232F09409CA7}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{69639052-5CB4-44D9-8789-45F254175FCF}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{3903B973-838A-4513-A23D-136C8479F6A1}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{A3AD73F3-E606-4FC9-8C7D-F983394C71C3}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{20866BCB-794D-4C2F-866E-43192C9247EE}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{076228DB-46B1-4AF7-B20A-37904A599E9C}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{3281BD19-8E19-4DFB-8F4E-DC7B4E364869}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{4A192198-0E76-4128-9522-682D3DEAACAA}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{361D051C-AFF2-4655-8DC8-B1CB77CE52E2}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{C2FF0DEA-50EA-4A12-8EB3-EC1EED3CB484}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Wiederherstellungspunkte =========================
28-03-2016 18:28:47 Geplanter Prüfpunkt
31-03-2016 12:36:10 Geplanter Prüfpunkt
01-04-2016 11:51:02 Geplanter Prüfpunkt
02-04-2016 15:06:49 Geplanter Prüfpunkt
04-04-2016 18:01:00 Removed EndNote X6
04-04-2016 18:06:53 Installed EndNote X7
05-04-2016 10:47:53 Geplanter Prüfpunkt
06-04-2016 10:33:53 Geplanter Prüfpunkt
08-04-2016 14:59:48 Geplanter Prüfpunkt
13-04-2016 11:47:23 Windows Update
30-04-2016 09:55:41 Entfernt EE-ZDE
30-04-2016 09:58:10 Entfernt Empire Earth
30-04-2016 10:00:56 Entfernt ANNO 1602 Königs-Edition
30-04-2016 10:03:52 Entfernt ANNO 1602
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Microsoft-ISATAP-Adapter #3
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Realtek PCIe GBE Family Controller
Description: Realtek PCIe GBE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8169
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (04/30/2016 10:21:14 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\ADMINISTRATOR\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\1J26D316.DEFAULT\SAFEBROWSING-TO_DELETE> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (04/30/2016 10:20:20 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\ADMINISTRATOR\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\1J26D316.DEFAULT\CACHE2> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (04/30/2016 10:20:20 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\ADMINISTRATOR\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\1J26D316.DEFAULT\CACHE2> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (04/30/2016 10:17:13 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/30/2016 10:03:52 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {ecfbada2-f9c7-424c-828d-577ef2328235}
Error: (04/30/2016 10:00:56 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {ecfbada2-f9c7-424c-828d-577ef2328235}
Error: (04/30/2016 09:58:10 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {ecfbada2-f9c7-424c-828d-577ef2328235}
Error: (04/30/2016 09:55:35 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {ecfbada2-f9c7-424c-828d-577ef2328235}
Error: (04/30/2016 09:52:19 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\ADMINISTRATOR\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\1J26D316.DEFAULT\SAFEBROWSING> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (04/30/2016 09:52:19 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\ADMINISTRATOR\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\1J26D316.DEFAULT\SAFEBROWSING> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Systemfehler:
=============
Error: (04/30/2016 10:19:50 AM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT-AUTORITÄT)
Description: 0x80070032
Error: (04/30/2016 10:19:36 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: NVIDIA Update Service Daemon%%1069
Error: (04/30/2016 10:19:36 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: nvUpdatusService.\UpdatusUser%%1330
Error: (04/30/2016 10:18:10 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)
Error: (04/30/2016 10:17:46 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (04/30/2016 10:17:25 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: MBAMSwissArmy
Error: (04/30/2016 10:17:13 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
Error: (04/30/2016 09:49:55 AM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT-AUTORITÄT)
Description: 0x80070032
Error: (04/30/2016 09:49:10 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: NVIDIA Update Service Daemon%%1069
Error: (04/30/2016 09:49:10 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: nvUpdatusService.\UpdatusUser%%1330
CodeIntegrity:
===================================
Date: 2015-04-12 21:12:49.650
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-04-12 21:12:49.120
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-04-12 21:12:48.589
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-04-12 21:12:48.012
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-04-12 21:12:43.410
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-04-12 21:12:42.849
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-04-12 21:12:40.961
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-04-12 21:12:39.729
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-03-22 19:53:48.702
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-03-22 19:53:48.203
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU P8700 @ 2.53GHz
Prozentuale Nutzung des RAM: 62%
Installierter physikalischer RAM: 3065.96 MB
Verfügbarer physikalischer RAM: 1147.63 MB
Summe virtueller Speicher: 6342.98 MB
Verfügbarer virtueller Speicher: 4046.39 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:283.4 GB) (Free:3.8 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (RECOVERY) (Fixed) (Total:14.65 GB) (Free:9.61 GB) NTFS
Drive g: (MyDrive) (Fixed) (Total:931.51 GB) (Free:40.77 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 54E94AB4)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=283.4 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 003DF751)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== Ende vom Addition.txt ============================
PS: TDSSKiller-Report zu lang, s. nächster Post. |
|
30.04.2016, 10:04
| #2 |
| | Windows Vista: Wiederholtes Einfrieren und suspekte svchost.exe TDSSKiller-Report:
__________________Code:
ATTFilter 10:36:53.0500 0x0e00 TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
10:36:58.0804 0x0e00 ============================================================
10:36:58.0804 0x0e00 Current date / time: 2016/04/30 10:36:58.0804
10:36:58.0804 0x0e00 SystemInfo:
10:36:58.0804 0x0e00
10:36:58.0804 0x0e00 OS Version: 6.0.6002 ServicePack: 2.0
10:36:58.0804 0x0e00 Product type: Workstation
10:36:58.0804 0x0e00 ComputerName: HAL
10:36:58.0804 0x0e00 UserName: Administrator
10:36:58.0804 0x0e00 Windows directory: C:\Windows
10:36:58.0804 0x0e00 System windows directory: C:\Windows
10:36:58.0804 0x0e00 Processor architecture: Intel x86
10:36:58.0804 0x0e00 Number of processors: 2
10:36:58.0804 0x0e00 Page size: 0x1000
10:36:58.0804 0x0e00 Boot type: Normal boot
10:36:58.0804 0x0e00 ============================================================
10:37:00.0769 0x0e00 KLMD registered as C:\Windows\system32\drivers\57558887.sys
10:37:00.0957 0x0e00 System UUID: {CCA73D96-F6A6-8383-7DDD-23D26838BCDE}
10:37:01.0627 0x0e00 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
10:37:01.0659 0x0e00 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:37:01.0659 0x0e00 ============================================================
10:37:01.0659 0x0e00 \Device\Harddisk0\DR0:
10:37:01.0659 0x0e00 MBR partitions:
10:37:01.0659 0x0e00 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
10:37:01.0659 0x0e00 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x236CE2B0
10:37:01.0659 0x0e00 \Device\Harddisk1\DR1:
10:37:01.0659 0x0e00 MBR partitions:
10:37:01.0659 0x0e00 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x747051C1
10:37:01.0659 0x0e00 ============================================================
10:37:01.0690 0x0e00 C: <-> \Device\Harddisk0\DR0\Partition2
10:37:01.0721 0x0e00 D: <-> \Device\Harddisk0\DR0\Partition1
10:37:02.0283 0x0e00 G: <-> \Device\Harddisk1\DR1\Partition1
10:37:02.0283 0x0e00 ============================================================
10:37:02.0283 0x0e00 Initialize success
10:37:02.0283 0x0e00 ============================================================
10:37:48.0349 0x05c4 ============================================================
10:37:48.0349 0x05c4 Scan started
10:37:48.0349 0x05c4 Mode: Manual; SigCheck; TDLFS;
10:37:48.0349 0x05c4 ============================================================
10:37:48.0349 0x05c4 KSN ping started
10:37:48.0552 0x05c4 KSN ping finished: true
10:37:49.0956 0x05c4 ================ Scan system memory ========================
10:37:49.0956 0x05c4 System memory - ok
10:37:49.0956 0x05c4 ================ Scan services =============================
10:37:50.0097 0x05c4 [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI C:\Windows\system32\drivers\acpi.sys
10:37:50.0253 0x05c4 ACPI - ok
10:37:50.0393 0x05c4 [ 8B46D5A1D3EF08232C04D0EAFB871FB2, 5306F8452EF675851CB0015F9E5C5EB750137D6D65C9CB7E47F8EF5B10A44D10 ] Adobe LM Service C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
10:37:50.0409 0x05c4 Adobe LM Service - detected UnsignedFile.Multi.Generic ( 1 )
10:37:50.0674 0x05c4 Detect skipped due to KSN trusted
10:37:50.0674 0x05c4 Adobe LM Service - ok
10:37:50.0736 0x05c4 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A, F419E159D3E428A3929A1A983142E7B0783D3F104EE9587585418E51011E4B8F ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
10:37:50.0752 0x05c4 AdobeARMservice - ok
10:37:50.0799 0x05c4 [ 28FFB14117CCEDD7D2F124596AA9B785, 8FC482C6444C904B5536979B3354597FD714634EC7372B464118C42AA9DCB58A ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:37:50.0814 0x05c4 AdobeFlashPlayerUpdateSvc - ok
10:37:50.0892 0x05c4 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303, FBBDD38574A1F66A5AA12B82E34FDE60B870180C4B7100C15757539DC869ED4B ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
10:37:50.0908 0x05c4 adp94xx - ok
10:37:50.0939 0x05c4 [ 60505E0041F7751BDBB80F88BF45C2CE, 1DE16042B8ABD7B643189E836DE273832EE743FD66AFBB641E8049C4E0CD04D8 ] adpahci C:\Windows\system32\drivers\adpahci.sys
10:37:50.0970 0x05c4 adpahci - ok
10:37:50.0986 0x05c4 [ 8A42779B02AEC986EAB64ECFC98F8BD7, B89938EFF4E81FA44197D2D839EBD3340DDE01FBC79605049C088621784C1B91 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
10:37:51.0001 0x05c4 adpu160m - ok
10:37:51.0033 0x05c4 [ 241C9E37F8CE45EF51C3DE27515CA4E5, 1A03E93DD8C1F3640C96124A14A3D0F4E349B06CCA2118CE40B8AE201A4030A7 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
10:37:51.0048 0x05c4 adpu320 - ok
10:37:51.0095 0x05c4 [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:37:51.0142 0x05c4 AeLookupSvc - ok
10:37:51.0189 0x05c4 [ 4A0978779958D8FE8F5849F452BCC812, C57002A721F3DCAFB00CF4DEC57E9E761393BDB471ACEAFFDBD1ABA9AE308598 ] AFD C:\Windows\system32\drivers\afd.sys
10:37:51.0235 0x05c4 AFD - ok
10:37:51.0267 0x05c4 [ 13F9E33747E6B41A3FF305C37DB0D360, 066DD6060B1CF93F85BBAAA52848C801128CD294E8B7EACD912E0EF219DBFBC2 ] agp440 C:\Windows\system32\drivers\agp440.sys
10:37:51.0298 0x05c4 agp440 - ok
10:37:51.0313 0x05c4 [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
10:37:51.0329 0x05c4 aic78xx - ok
10:37:51.0360 0x05c4 [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG C:\Windows\System32\alg.exe
10:37:51.0423 0x05c4 ALG - ok
10:37:51.0454 0x05c4 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91, 0EADB6AE21FEDAB55D41F41B638198B556CC2BE2EE57F6C8B40EB044A318319F ] aliide C:\Windows\system32\drivers\aliide.sys
10:37:51.0469 0x05c4 aliide - ok
10:37:51.0485 0x05c4 [ C47344BC706E5F0B9DCE369516661578, 689C9CDAF6F38227F1C34359CAEB3C7798F318EDFD4B7FE532FBE3C8E4EE3DC8 ] amdagp C:\Windows\system32\drivers\amdagp.sys
10:37:51.0501 0x05c4 amdagp - ok
10:37:51.0547 0x05c4 [ 9B78A39A4C173FDBC1321E0DD659B34C, 2CA66EB68AD7A317D91C13B8CFD4E8CA985926A610D19595B613F5553B145C7B ] amdide C:\Windows\system32\drivers\amdide.sys
10:37:51.0579 0x05c4 amdide - ok
10:37:51.0610 0x05c4 [ 18F29B49AD23ECEE3D2A826C725C8D48, 0FA08882301D218E367E63E1966B6406220EE94BAE7E7DAD6E55EB70BF6FED7F ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
10:37:51.0641 0x05c4 AmdK7 - ok
10:37:51.0657 0x05c4 [ 93AE7F7DD54AB986A6F1A1B37BE7442D, ECE0ABA2DECEED94AC678240A4B604F04022F0740F2295CBD07D25F5917E878A ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
10:37:51.0672 0x05c4 AmdK8 - ok
10:37:51.0828 0x05c4 [ 5E420601E9CD653429A91E11EEE6D44C, 0699B7C09C018B41F0CDB5BEEF5D73F13BB8A529E975C2C35C79BE0AA9A4AD96 ] AntiVirMailService C:\Program Files\Avira\Antivirus\avmailc.exe
10:37:51.0937 0x05c4 AntiVirMailService - ok
10:37:52.0047 0x05c4 [ 98C06275DB53A1E70AB8CB94013B20D4, 5DE48C829A66B0F4C8119E75D985D63C1020FA318696BD19E44E0A07CD6F1ED0 ] AntiVirSchedulerService C:\Program Files\Avira\Antivirus\sched.exe
10:37:52.0109 0x05c4 AntiVirSchedulerService - ok
10:37:52.0156 0x05c4 [ 98C06275DB53A1E70AB8CB94013B20D4, 5DE48C829A66B0F4C8119E75D985D63C1020FA318696BD19E44E0A07CD6F1ED0 ] AntiVirService C:\Program Files\Avira\Antivirus\avguard.exe
10:37:52.0218 0x05c4 AntiVirService - ok
10:37:52.0296 0x05c4 [ 4768863A98FC66BFC74F276A70B4362E, BB9E081F1A545B9A0B8FC98BCE9533281DCB873627C76FC16A6AEFDC21570316 ] AntiVirWebService C:\Program Files\Avira\Antivirus\AVWEBGRD.EXE
10:37:52.0452 0x05c4 AntiVirWebService - ok
10:37:52.0561 0x05c4 [ 8F7D200717A58E9800D391F4C2101577, F07CF0F5636F46D8F3D5133284943E991E8739E5A644BCA5F18BB896B374620D ] Appinfo C:\Windows\System32\appinfo.dll
10:37:52.0624 0x05c4 Appinfo - ok
10:37:52.0686 0x05c4 [ 0FE769CAE5855B53C90E23F85E7E89FF, 7163E364D33EDABCFC1E1B586D28FA906F34A764BF4B3031DF020043EAE0D3BF ] AppMgmt C:\Windows\System32\appmgmts.dll
10:37:52.0717 0x05c4 AppMgmt - ok
10:37:52.0749 0x05c4 [ 5D2888182FB46632511ACEE92FDAD522, 2E53231ACAF9B2FB7993DBC1CD15C06D7B0CCE0D08DAFF7B0CC13A2040028A75 ] arc C:\Windows\system32\drivers\arc.sys
10:37:52.0764 0x05c4 arc - ok
10:37:52.0795 0x05c4 [ 5E2A321BD7C8B3624E41FDEC3E244945, 9D47FF6C823868F2267FEFAB5851D3CD2BC3F619A2D6EFF803EA22DB0509C450 ] arcsas C:\Windows\system32\drivers\arcsas.sys
10:37:52.0811 0x05c4 arcsas - ok
10:37:52.0936 0x05c4 [ 537B2948976F5D9B5767B74A63EBB395, 1A14F8B582E74AD15B612EDA5B707AA3CB0B2A107ED14572B4232EAA7383B634 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
10:37:52.0983 0x05c4 aspnet_state - ok
10:37:53.0029 0x05c4 [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:37:53.0061 0x05c4 AsyncMac - ok
10:37:53.0076 0x05c4 [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi C:\Windows\system32\drivers\atapi.sys
10:37:53.0092 0x05c4 atapi - ok
10:37:53.0139 0x05c4 [ 8E98A99187FF17FC1D48E6FAFFD870BE, 7C935191A0A2BA95CA9A9E450F7C8802E6184F73BC297E91908B59F34C22AB06 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:37:53.0201 0x05c4 AudioEndpointBuilder - ok
10:37:53.0248 0x05c4 [ 8E98A99187FF17FC1D48E6FAFFD870BE, 7C935191A0A2BA95CA9A9E450F7C8802E6184F73BC297E91908B59F34C22AB06 ] Audiosrv C:\Windows\System32\Audiosrv.dll
10:37:53.0263 0x05c4 Audiosrv - ok
10:37:53.0326 0x05c4 [ 59A3BAB83D9B71C1A9066B918589A94C, C796F9EB03F6A43635358DC675C8FA100218286475C44D53C1329BF20089B345 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
10:37:53.0357 0x05c4 avgntflt - ok
10:37:53.0373 0x05c4 [ BC6FA9C5D9253ECB020DF1AB6E46DFD2, 820A0A60EBA5514B6C98EA0CA5CBF775CA0ACABF7E7E035DF10459C60F07A992 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
10:37:53.0388 0x05c4 avipbb - ok
10:37:53.0513 0x05c4 [ 8B86696A7030DDBD85B64621BD5B9C44, 9C22C8C5AC39A7138A669A6C4CA9753A6D2F21CFDFB8A1F1A34CB0AFC9DA9F0D ] Avira.ServiceHost C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
10:37:53.0529 0x05c4 Avira.ServiceHost - ok
10:37:53.0560 0x05c4 [ F80F5DCA8A5D9D93CC5BE933D20CAF05, 2AFBB2D62127FACBCABBB3E78F3568A6BA016ED4A97A1490BAA29A1EFB7A4408 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
10:37:53.0560 0x05c4 avkmgr - ok
10:37:53.0653 0x05c4 [ 3DA0CA1A7497B3AB3ACBB94632C996E8, 74CAB9113DC07022C4A23E1E20A67B5F68064A7F00755DEAC8FB827BF85FE1D8 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl6.sys
10:37:53.0763 0x05c4 BCM43XX - ok
10:37:53.0794 0x05c4 [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep C:\Windows\system32\drivers\Beep.sys
10:37:53.0809 0x05c4 Beep - ok
10:37:53.0887 0x05c4 [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE C:\Windows\System32\bfe.dll
10:37:53.0934 0x05c4 BFE - ok
10:37:54.0012 0x05c4 [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS C:\Windows\System32\qmgr.dll
10:37:54.0075 0x05c4 BITS - ok
10:37:54.0106 0x05c4 [ D4DF28447741FD3D953526E33A617397, E7239BA432090F8AC7DF453DB876507CD4419ECA964D289408A1B2B353618693 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
10:37:54.0121 0x05c4 blbdrive - ok
10:37:54.0153 0x05c4 [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:37:54.0199 0x05c4 bowser - ok
10:37:54.0231 0x05c4 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
10:37:54.0246 0x05c4 BrFiltLo - ok
10:37:54.0262 0x05c4 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
10:37:54.0277 0x05c4 BrFiltUp - ok
10:37:54.0293 0x05c4 [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser C:\Windows\System32\browser.dll
10:37:54.0324 0x05c4 Browser - ok
10:37:54.0355 0x05c4 [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid C:\Windows\system32\drivers\brserid.sys
10:37:54.0387 0x05c4 Brserid - ok
10:37:54.0418 0x05c4 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
10:37:54.0465 0x05c4 BrSerWdm - ok
10:37:54.0465 0x05c4 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
10:37:54.0511 0x05c4 BrUsbMdm - ok
10:37:54.0527 0x05c4 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
10:37:54.0589 0x05c4 BrUsbSer - ok
10:37:54.0621 0x05c4 [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
10:37:54.0652 0x05c4 BTHMODEM - ok
10:37:54.0667 0x05c4 [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:37:54.0699 0x05c4 cdfs - ok
10:37:54.0730 0x05c4 [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
10:37:54.0761 0x05c4 cdrom - ok
10:37:54.0792 0x05c4 [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc C:\Windows\System32\certprop.dll
10:37:54.0808 0x05c4 CertPropSvc - ok
10:37:54.0823 0x05c4 [ E5D4133F37219DBCFE102BC61072589D, 74C7F8C53D9C71CE3C8B33BC0331948571318402B0A8E1AC4552360504092A46 ] circlass C:\Windows\system32\drivers\circlass.sys
10:37:54.0855 0x05c4 circlass - ok
10:37:54.0886 0x05c4 [ 5D9311526801643000D7032A83B18B12, C5A98868A41446617B3A27C6C4AAFA4E7C093E253E8C1DD5DBFE6FAE21991209 ] CLFS C:\Windows\system32\CLFS.sys
10:37:54.0901 0x05c4 CLFS - ok
10:37:54.0995 0x05c4 [ 6B6943A0CA56B47D6FB2EE476890854F, 6DA779879487F4A187DF54B0362642643D7871AA8F7E30992D781F558C50F052 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:37:54.0995 0x05c4 clr_optimization_v2.0.50727_32 - ok
10:37:55.0042 0x05c4 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:37:55.0151 0x05c4 clr_optimization_v4.0.30319_32 - ok
10:37:55.0198 0x05c4 [ 99AFC3795B58CC478FBBBCDC658FCB56, 0D1B27C42A058C5D56A0157B5ECA9A054254F6B9C8015D0321021A7EFCE10CE2 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
10:37:55.0229 0x05c4 CmBatt - ok
10:37:55.0245 0x05c4 [ 0CA25E686A4928484E9FDABD168AB629, C2CB2333CAB40CDF93219870E66700F957188C86A1B1A004BC4652953091E5C5 ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:37:55.0260 0x05c4 cmdide - ok
10:37:55.0260 0x05c4 [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
10:37:55.0276 0x05c4 Compbatt - ok
10:37:55.0291 0x05c4 COMSysApp - ok
10:37:55.0291 0x05c4 [ 741E9DFF4F42D2D8477D0FC1DC0DF871, 06EA43D771E3455F943AB624CC00C2259FE5E561164908630755E933EF44A522 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
10:37:55.0307 0x05c4 crcdisk - ok
10:37:55.0323 0x05c4 [ 1F07BECDCA750766A96CDA811BA86410, F4E36F0003184BCB36D59B23AC903421AD8C0A1FD2D6315E06375235ABC9A0AD ] Crusoe C:\Windows\system32\drivers\crusoe.sys
10:37:55.0354 0x05c4 Crusoe - ok
10:37:55.0385 0x05c4 [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:37:55.0416 0x05c4 CryptSvc - ok
10:37:55.0479 0x05c4 [ 9BDB2E89BE8D0EF37B1F25C3D3FC192C, 95E3AA76DAF3F9EDE1AAE9B85C779F2716097266F492E0A8D361C6ED9A9AC8CC ] CSC C:\Windows\system32\drivers\csc.sys
10:37:55.0525 0x05c4 CSC - ok
10:37:55.0572 0x05c4 [ 0A2095F92F6AE4FE6484D911B0C21E95, 52E2E08107FEBD6B46E1C71B39ECA8AB1A0ECF18CA248D9172F831B6FAB99139 ] CscService C:\Windows\System32\cscsvc.dll
10:37:55.0619 0x05c4 CscService - ok
10:37:55.0666 0x05c4 [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch C:\Windows\system32\rpcss.dll
10:37:55.0713 0x05c4 DcomLaunch - ok
10:37:55.0744 0x05c4 [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:37:55.0775 0x05c4 DfsC - ok
10:37:55.0884 0x05c4 [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR C:\Windows\system32\DFSR.exe
10:37:56.0040 0x05c4 DFSR - ok
10:37:56.0087 0x05c4 [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp C:\Windows\System32\dhcpcsvc.dll
10:37:56.0118 0x05c4 Dhcp - ok
10:37:56.0134 0x05c4 [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk C:\Windows\system32\drivers\disk.sys
10:37:56.0149 0x05c4 disk - ok
10:37:56.0181 0x05c4 [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:37:56.0212 0x05c4 Dnscache - ok
10:37:56.0259 0x05c4 [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc C:\Windows\System32\dot3svc.dll
10:37:56.0274 0x05c4 dot3svc - ok
10:37:56.0337 0x05c4 [ 4F59C172C094E1A1D46463A8DC061CBD, CE09A4ED1F8BA6242E152C384AFF5C3C95FBB8556DAE23765272F13BF158D8F9 ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
10:37:56.0368 0x05c4 Dot4 - ok
10:37:56.0399 0x05c4 [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5, 69BB5B07D03FA9F28591012F2AA4A583D3F086644C136D63A56D1A827121CC19 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
10:37:56.0415 0x05c4 Dot4Print - ok
10:37:56.0446 0x05c4 [ C55004CA6B419B6695970DFE849B122F, 6E0C4A9E24DD09E9389E097AF63E7F5040A0658DDCEBBE963968B7118CFE9AB8 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
10:37:56.0477 0x05c4 dot4usb - ok
10:37:56.0524 0x05c4 [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS C:\Windows\system32\dps.dll
10:37:56.0555 0x05c4 DPS - ok
10:37:56.0586 0x05c4 [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:37:56.0602 0x05c4 drmkaud - ok
10:37:56.0649 0x05c4 [ E6B7D1B24E16FB24CE1FEA964E144EBC, 30F81E0A017163A1AB463FE3A13B5CC2905B973E782AEBC1EB63759BF2470658 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
10:37:56.0664 0x05c4 dtsoftbus01 - ok
10:37:56.0727 0x05c4 [ 5C2C209CDEFBC51D83D66E8A53B2BE89, 7AE68672A6BEEF601017BE28AA0BF3673318EFE97AA08E70F58A9391C54DF71F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:37:56.0836 0x05c4 DXGKrnl - ok
10:37:56.0867 0x05c4 [ 5425F74AC0C1DBD96A1E04F17D63F94C, AD133CEDCDEA75420C75A91BB4CF7152475D46ED7B7703E3BAE5F9946D610292 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
10:37:56.0898 0x05c4 E1G60 - ok
10:37:56.0914 0x05c4 [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost C:\Windows\System32\eapsvc.dll
10:37:56.0929 0x05c4 EapHost - ok
10:37:56.0976 0x05c4 [ 9BAB89DBB27891DEEF6E1F1B589A6ED4, 61BE4A6394ED5C99CB84B720F6AA6B97C7FE71A7A04D822F6EE99AB084C55606 ] Ecache C:\Windows\system32\drivers\ecache.sys
10:37:56.0992 0x05c4 Ecache - ok
10:37:57.0023 0x05c4 [ 23B62471681A124889978F6295B3F4C6, A90C521F06125B86A26EA625B0E7F811AF7D328E1313165E7AD4A83596A23819 ] elxstor C:\Windows\system32\drivers\elxstor.sys
10:37:57.0054 0x05c4 elxstor - ok
10:37:57.0085 0x05c4 [ E798C0BDFA4913CCF8A646D29BB34796, 7CDB2BCCDD8A8A70C6248C327A357EA3488C7ADED32D4F89B933ED72AE12B73B ] EMDMgmt C:\Windows\system32\emdmgmt.dll
10:37:57.0163 0x05c4 EMDMgmt - ok
10:37:57.0195 0x05c4 [ 3DB974F3935483555D7148663F726C61, C288CFC04213B0340ABEC752C0A7B308B29122B5F51E68387BA1D9E9D7166FDD ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:37:57.0226 0x05c4 ErrDev - ok
10:37:57.0257 0x05c4 [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem C:\Windows\system32\es.dll
10:37:57.0288 0x05c4 EventSystem - ok
10:37:57.0319 0x05c4 [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat C:\Windows\system32\drivers\exfat.sys
10:37:57.0351 0x05c4 exfat - ok
10:37:57.0397 0x05c4 [ 4E404505B3F62ECFBDBCBBCF0A72DBC5, 9F446ED06A31BFE52C4F1E8ACC400B8E3F47A3CC02FFC950DB861B2B3BA4C5B9 ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:37:57.0429 0x05c4 fastfat - ok
10:37:57.0491 0x05c4 [ DFBA0F60FA301E5B1BFB1403A93EE23E, 727A01AA77BFD6B6FEB394A4C4CCBDB785987A1904F8EED3739A5F6D03C15965 ] Fax C:\Windows\system32\fxssvc.exe
10:37:57.0569 0x05c4 Fax - ok
10:37:57.0616 0x05c4 [ AFE1E8B9782A0DD7FB46BBD88E43F89A, B4CBE1DC3430F2F3485F49007C71293D5B86E9C405741EA00A67B00A38BE1F8D ] fdc C:\Windows\system32\DRIVERS\fdc.sys
10:37:57.0631 0x05c4 fdc - ok
10:37:57.0647 0x05c4 [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost C:\Windows\system32\fdPHost.dll
10:37:57.0678 0x05c4 fdPHost - ok
10:37:57.0694 0x05c4 [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub C:\Windows\system32\fdrespub.dll
10:37:57.0725 0x05c4 FDResPub - ok
10:37:57.0741 0x05c4 [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:37:57.0756 0x05c4 FileInfo - ok
10:37:57.0787 0x05c4 [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:37:57.0819 0x05c4 Filetrace - ok
10:37:57.0850 0x05c4 [ 85B7CF99D532820495D68D747FDA9EBD, 682D35D219D1AFBE51CF0AB03F2D3E15C940F5AF291C1A611A19F4D279143F3C ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
10:37:57.0865 0x05c4 flpydisk - ok
10:37:57.0897 0x05c4 [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:37:57.0912 0x05c4 FltMgr - ok
10:37:57.0990 0x05c4 [ 61AC5BF24A155C95F865290F046F91EF, 89F6A96F5CBD04390CF0509DDC22E4FDC1F8AB862F23957D583A757C1E51C20B ] FontCache C:\Windows\system32\FntCache.dll
10:37:58.0099 0x05c4 FontCache - ok
10:37:58.0177 0x05c4 [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
10:37:58.0193 0x05c4 FontCache3.0.0.0 - ok
10:37:58.0209 0x05c4 [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:37:58.0240 0x05c4 Fs_Rec - ok
10:37:58.0318 0x05c4 [ 34582A6E6573D54A07ECE5FE24A126B5, 5F45DC38F8015AD90616EAD3B57820CCD284938A96B2C4E1FF5FC7BDEE8A848D ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
10:37:58.0333 0x05c4 gagp30kx - ok
10:37:58.0380 0x05c4 [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc C:\Windows\System32\gpsvc.dll
10:37:58.0427 0x05c4 gpsvc - ok
10:37:58.0489 0x05c4 [ 833051C6C6C42117191935F734CFBD97, 5EB5672ABC7994A4AFF855A572158B8BE4FC6E541CFD4B9BE4FF2739A9A6AFB8 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
10:37:58.0489 0x05c4 hamachi - ok
10:37:58.0645 0x05c4 [ 3F90E001369A07243763BD5A523D8722, 25907F85787D879E75C3FE74C93567382AFB2D528BEEC61D71E3A6BE2D71DFBE ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:37:58.0677 0x05c4 HdAudAddService - ok
10:37:58.0692 0x05c4 [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
10:37:58.0755 0x05c4 HDAudBus - ok
10:37:58.0801 0x05c4 [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth C:\Windows\system32\drivers\hidbth.sys
10:37:58.0833 0x05c4 HidBth - ok
10:37:58.0848 0x05c4 [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr C:\Windows\system32\drivers\hidir.sys
10:37:58.0895 0x05c4 HidIr - ok
10:37:58.0911 0x05c4 [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv C:\Windows\system32\hidserv.dll
10:37:58.0942 0x05c4 hidserv - ok
10:37:58.0957 0x05c4 [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
10:37:58.0989 0x05c4 HidUsb - ok
10:37:59.0020 0x05c4 [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc C:\Windows\system32\kmsvc.dll
10:37:59.0051 0x05c4 hkmsvc - ok
10:37:59.0067 0x05c4 [ 16EE7B23A009E00D835CDB79574A91A6, 964AFE7D2F7E48C7DE7FDAB48F57ADC4AD44A0B2A9A03071E0E8D334007E5572 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
10:37:59.0082 0x05c4 HpCISSs - ok
10:37:59.0191 0x05c4 [ CE0FCEC4D4D860F36D972759B11EAF0F, 81F9E391A71D9FB9DD41BC35BD5136B3A851C231BE5A6E936B84E49CDAAF0B67 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
10:37:59.0207 0x05c4 hpqcxs08 - detected UnsignedFile.Multi.Generic ( 1 )
10:37:59.0379 0x05c4 Detect skipped due to KSN trusted
10:37:59.0379 0x05c4 hpqcxs08 - ok
10:37:59.0441 0x05c4 [ 7DA3211AC63EDD90B8ECA1CA1ABFD43B, D3D1EA40833157386E83EAC3B730E043BE0ED831106972625E285263ADB968C3 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
10:37:59.0488 0x05c4 hpqddsvc - detected UnsignedFile.Multi.Generic ( 1 )
10:37:59.0737 0x05c4 Detect skipped due to KSN trusted
10:37:59.0737 0x05c4 hpqddsvc - ok
10:37:59.0800 0x05c4 [ CBD09ED9CF6822177EE85AEA4D8816A2, 369897B4609B3FE55F9A82F19E38116E2E6527E349D48A956607EDED71F664D2 ] HTCAND32 C:\Windows\system32\Drivers\ANDROIDUSB.sys
10:37:59.0831 0x05c4 HTCAND32 - ok
10:37:59.0847 0x05c4 [ 52395A94C127C0266D1C0F3CCE8A4345, A5477CD488291C0F31DBF104E67E5FB41D45ADC85ABFD03059FF27BCCF07CFD8 ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys
10:37:59.0878 0x05c4 htcnprot - ok
10:37:59.0909 0x05c4 [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:37:59.0971 0x05c4 HTTP - ok
10:38:00.0003 0x05c4 [ C6B032D69650985468160FC9937CF5B4, 4D5A944C70037F35A9DBA4F49F174455FA80ED7EAEDAA143F0A2C0E05AE585D8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
10:38:00.0018 0x05c4 i2omp - ok
10:38:00.0049 0x05c4 [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
10:38:00.0065 0x05c4 i8042prt - ok
10:38:00.0096 0x05c4 [ 54155EA1B0DF185878E0FC9EC3AC3A14, 344A0793499261D2E4FF2FCCC70501329485F8E299EBC68953D07BA86F0D4729 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
10:38:00.0112 0x05c4 iaStorV - ok
10:38:00.0252 0x05c4 [ DD386C45D2B5863740166783448A2E7A, 10B912BA70306644BE73A53AF4DCDFF63880C4C5860FF6DBA92B0914EB566718 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:38:00.0330 0x05c4 idsvc - ok
10:38:00.0393 0x05c4 [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp C:\Windows\system32\drivers\iirsp.sys
10:38:00.0408 0x05c4 iirsp - ok
10:38:00.0471 0x05c4 [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT C:\Windows\System32\ikeext.dll
10:38:00.0533 0x05c4 IKEEXT - ok
10:38:00.0580 0x05c4 [ 83AA759F3189E6370C30DE5DC5590718, 7406FE41EA8FB80052517318CB72E2641E92E579FAFAF5E8DDDFF0BF8DAE773A ] intelide C:\Windows\system32\drivers\intelide.sys
10:38:00.0595 0x05c4 intelide - ok
10:38:00.0611 0x05c4 [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:38:00.0642 0x05c4 intelppm - ok
10:38:00.0658 0x05c4 [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:38:00.0689 0x05c4 IPBusEnum - ok
10:38:00.0720 0x05c4 [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:38:00.0736 0x05c4 IpFilterDriver - ok
10:38:00.0767 0x05c4 [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
10:38:00.0814 0x05c4 iphlpsvc - ok
10:38:00.0814 0x05c4 IpInIp - ok
10:38:00.0845 0x05c4 [ B25AAF203552B7B3491139D582B39AD1, EA9C38F512F40FF12975A6719E6FE4D7EA93A4B2497103E0FDA5A4CD6033C0A6 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
10:38:00.0861 0x05c4 IPMIDRV - ok
10:38:00.0892 0x05c4 [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
10:38:00.0923 0x05c4 IPNAT - ok
10:38:00.0954 0x05c4 [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:38:00.0970 0x05c4 IRENUM - ok
10:38:00.0985 0x05c4 [ 6C70698A3E5C4376C6AB5C7C17FB0614, 10FBCBA5A74AF5D136B152FD4D3DFA2A1F2CEBC3F979D5BA6DB98B3DCB2F7A07 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:38:01.0001 0x05c4 isapnp - ok
10:38:01.0032 0x05c4 [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
10:38:01.0048 0x05c4 iScsiPrt - ok
10:38:01.0079 0x05c4 [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
10:38:01.0095 0x05c4 iteatapi - ok
10:38:01.0126 0x05c4 [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid C:\Windows\system32\drivers\iteraid.sys
10:38:01.0141 0x05c4 iteraid - ok
10:38:01.0157 0x05c4 [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
10:38:01.0173 0x05c4 kbdclass - ok
10:38:01.0219 0x05c4 [ EDE59EC70E25C24581ADD1FBEC7325F7, 41B37778E9A12675FC0DF74606AAF18C652EB88513B3C4889C5C512E14587CEE ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
10:38:01.0235 0x05c4 kbdhid - ok
10:38:01.0251 0x05c4 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso C:\Windows\system32\lsass.exe
10:38:01.0282 0x05c4 KeyIso - ok
10:38:01.0360 0x05c4 [ C89E473697B67F0E3AE9211ADBD43278, DECC1CA1E0FB0CDE384F29F5FC5D234C2C923999EB98FE1F88CDCA37859116A3 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:38:01.0391 0x05c4 KSecDD - ok
10:38:01.0438 0x05c4 [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm C:\Windows\system32\msdtckrm.dll
10:38:01.0485 0x05c4 KtmRm - ok
10:38:01.0531 0x05c4 [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer C:\Windows\system32\srvsvc.dll
10:38:01.0563 0x05c4 LanmanServer - ok
10:38:01.0609 0x05c4 [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:38:01.0641 0x05c4 LanmanWorkstation - ok
10:38:01.0687 0x05c4 [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:38:01.0719 0x05c4 lltdio - ok
10:38:01.0765 0x05c4 [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:38:01.0797 0x05c4 lltdsvc - ok
10:38:01.0812 0x05c4 [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:38:01.0859 0x05c4 lmhosts - ok
10:38:01.0875 0x05c4 [ C7E15E82879BF3235B559563D4185365, 98C9268ADF6BAEB0522BB84BE6C98D0D6D5EB4BD27BB61412D208232164C8435 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
10:38:01.0890 0x05c4 LSI_FC - ok
10:38:01.0921 0x05c4 [ EE01EBAE8C9BF0FA072E0FF68718920A, 655924440E611278998226299645BC72B3627A8A057286DC8D65A162CFBBE484 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
10:38:01.0937 0x05c4 LSI_SAS - ok
10:38:01.0953 0x05c4 [ 912A04696E9CA30146A62AFA1463DD5C, 1D336D47B9D1C8449F29CDB776C092235E3D70CE53D9440970533E376EB004D3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
10:38:01.0968 0x05c4 LSI_SCSI - ok
10:38:01.0984 0x05c4 [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv C:\Windows\system32\drivers\luafv.sys
10:38:02.0015 0x05c4 luafv - ok
10:38:02.0031 0x05c4 MBAMSwissArmy - ok
10:38:02.0062 0x05c4 [ 0001CE609D66632FA17B84705F658879, D5F9758BDC2B733307B565A74B33F5581FB425A5A9F32CCFA307DA1569EBD6CD ] megasas C:\Windows\system32\drivers\megasas.sys
10:38:02.0077 0x05c4 megasas - ok
10:38:02.0124 0x05c4 [ C252F32CD9A49DBFC25ECF26EBD51A99, 47EC8F475AB62A00FAF989CD2C3ABDF2922588F75CC15C83CD99A62EF6400FB0 ] MegaSR C:\Windows\system32\drivers\megasr.sys
10:38:02.0171 0x05c4 MegaSR - ok
10:38:02.0249 0x05c4 [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
10:38:02.0265 0x05c4 Microsoft Office Groove Audit Service - ok
10:38:02.0296 0x05c4 [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS C:\Windows\system32\mmcss.dll
10:38:02.0327 0x05c4 MMCSS - ok
10:38:02.0358 0x05c4 [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem C:\Windows\system32\drivers\modem.sys
10:38:02.0374 0x05c4 Modem - ok
10:38:02.0405 0x05c4 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:38:02.0436 0x05c4 monitor - ok
10:38:02.0452 0x05c4 [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
10:38:02.0452 0x05c4 mouclass - ok
10:38:02.0467 0x05c4 [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:38:02.0483 0x05c4 mouhid - ok
10:38:02.0499 0x05c4 [ 3EAE06B0D9E32A3D45DC3E07F1FBFA97, 0C56D92C5131D60AF2FCCF071976F2932A2C544C5EC4C2A5476E99CDE17FF08C ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
10:38:02.0514 0x05c4 MountMgr - ok
10:38:02.0577 0x05c4 [ 5961C5D8EDD2E2A3B99F1782AE1AC21F, C383A4724A335737C4C7C3211AFCFB82D373267EC634BC47EE078A1C66E1F62A ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
10:38:02.0592 0x05c4 MozillaMaintenance - ok
10:38:02.0639 0x05c4 [ 511D011289755DD9F9A7579FB0B064E6, 1FD0D0D5B6E08FE06F7A5D0821BCD859B0F98A6DEA58AAB7FB6C95B64212FFC8 ] mpio C:\Windows\system32\drivers\mpio.sys
10:38:02.0655 0x05c4 mpio - ok
10:38:02.0686 0x05c4 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:38:02.0701 0x05c4 mpsdrv - ok
10:38:02.0733 0x05c4 [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc C:\Windows\system32\mpssvc.dll
10:38:02.0764 0x05c4 MpsSvc - ok
10:38:02.0795 0x05c4 [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
10:38:02.0795 0x05c4 Mraid35x - ok
10:38:02.0857 0x05c4 [ DADF6D90942C198CD15D345A9F6CF4CD, 993240684DA9EC5B45B28EEEB36B4676A0ADE5CA385C231DF7F94B81F6A69DD3 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:38:02.0889 0x05c4 MRxDAV - ok
10:38:02.0920 0x05c4 [ 1B864548B2ACEC1C0BB29B615CC42978, E1DA3E6764A2C7072D99F2F093E5F40DB6DC809701B59C155C6B4EE327AB9E41 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:38:02.0951 0x05c4 mrxsmb - ok
10:38:02.0998 0x05c4 [ 3F39B02EEDC5B8A0ED896EA1CDF7245F, 41C1DCD82F964A398B7C3D44178DBF7C8AF1C2DBC5F2D944BE6B00E909FE083B ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:38:03.0029 0x05c4 mrxsmb10 - ok
10:38:03.0045 0x05c4 [ D0670EC8E5AD3FA5BE372BF70AC0EABF, BD2D1BA151FD5409EAA41ECCBEB863FE52FF7C2D92349961FEE736D66970748E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:38:03.0060 0x05c4 mrxsmb20 - ok
10:38:03.0091 0x05c4 [ 5457DCFA7C0DA43522F4D9D4049C1472, C8B0FD8F96E4FC5CB4B74D5968E808F44B4371F0A797B1D368E6A6080CB862FD ] msahci C:\Windows\system32\drivers\msahci.sys
10:38:03.0107 0x05c4 msahci - ok
10:38:03.0123 0x05c4 [ 4468B0F385A86ECDDAF8D3CA662EC0E7, EAEDC9CDD2EEC5000AF8190A4BE7729282576C3F88E64FDF57F455F5CECC81C9 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:38:03.0138 0x05c4 msdsm - ok
10:38:03.0154 0x05c4 [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC C:\Windows\System32\msdtc.exe
10:38:03.0185 0x05c4 MSDTC - ok
10:38:03.0185 0x05c4 [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:38:03.0216 0x05c4 Msfs - ok
10:38:03.0232 0x05c4 [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:38:03.0247 0x05c4 msisadrv - ok
10:38:03.0279 0x05c4 [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:38:03.0294 0x05c4 MSiSCSI - ok
10:38:03.0310 0x05c4 msiserver - ok
10:38:03.0325 0x05c4 [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:38:03.0357 0x05c4 MSKSSRV - ok
10:38:03.0388 0x05c4 [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:38:03.0419 0x05c4 MSPCLOCK - ok
10:38:03.0435 0x05c4 [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:38:03.0450 0x05c4 MSPQM - ok
10:38:03.0481 0x05c4 [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:38:03.0497 0x05c4 MsRPC - ok
10:38:03.0513 0x05c4 [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
10:38:03.0528 0x05c4 mssmbios - ok
10:38:03.0544 0x05c4 [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:38:03.0575 0x05c4 MSTEE - ok
10:38:03.0591 0x05c4 [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup C:\Windows\system32\Drivers\mup.sys
10:38:03.0606 0x05c4 Mup - ok
10:38:03.0637 0x05c4 [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent C:\Windows\system32\qagentRT.dll
10:38:03.0669 0x05c4 napagent - ok
10:38:03.0715 0x05c4 [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:38:03.0731 0x05c4 NativeWifiP - ok
10:38:03.0809 0x05c4 [ DEC4B200C459FA929B0A764E79904B79, 40261D7D0BEE45E6E3F4F25D7ACAB00744BAF5D515B6D84B41A25ED22380DC13 ] NDIS C:\Windows\system32\drivers\ndis.sys
10:38:03.0856 0x05c4 NDIS - ok
10:38:03.0871 0x05c4 [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:38:03.0903 0x05c4 NdisTapi - ok
10:38:03.0918 0x05c4 [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:38:03.0949 0x05c4 Ndisuio - ok
10:38:03.0965 0x05c4 [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:38:03.0981 0x05c4 NdisWan - ok
10:38:03.0996 0x05c4 [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:38:04.0012 0x05c4 NDProxy - ok
10:38:04.0074 0x05c4 [ 2969D26EEE289BE7422AA46FC55F4E38, 0128C6C764C9BE01E9C5B272385524361C46C051D9D371D8E06B8493A49250AF ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
10:38:04.0074 0x05c4 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
10:38:04.0230 0x05c4 Detect skipped due to KSN trusted
10:38:04.0230 0x05c4 Net Driver HPZ12 - ok
10:38:04.0246 0x05c4 [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:38:04.0261 0x05c4 NetBIOS - ok
10:38:04.0277 0x05c4 [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt C:\Windows\system32\DRIVERS\netbt.sys
10:38:04.0308 0x05c4 netbt - ok
10:38:04.0308 0x05c4 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon C:\Windows\system32\lsass.exe
10:38:04.0324 0x05c4 Netlogon - ok
10:38:04.0355 0x05c4 [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman C:\Windows\System32\netman.dll
10:38:04.0386 0x05c4 Netman - ok
10:38:04.0433 0x05c4 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:38:04.0464 0x05c4 NetMsmqActivator - ok
10:38:04.0480 0x05c4 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:38:04.0495 0x05c4 NetPipeActivator - ok
10:38:04.0527 0x05c4 [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm C:\Windows\System32\netprofm.dll
10:38:04.0558 0x05c4 netprofm - ok
10:38:04.0558 0x05c4 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:38:04.0573 0x05c4 NetTcpActivator - ok
10:38:04.0589 0x05c4 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:38:04.0605 0x05c4 NetTcpPortSharing - ok
10:38:04.0620 0x05c4 [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
10:38:04.0636 0x05c4 nfrd960 - ok
10:38:04.0698 0x05c4 [ C96411DD46AABC0D6F3CF06D0E0E7E14, 0D36F322AF1B923D96735BFFCAC3FDB0B282E59220BADAB8B49AC178A6765380 ] NlaSvc C:\Windows\System32\nlasvc.dll
10:38:04.0729 0x05c4 NlaSvc - ok
10:38:04.0761 0x05c4 [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:38:04.0792 0x05c4 Npfs - ok
10:38:04.0807 0x05c4 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi C:\Windows\system32\nsisvc.dll
10:38:04.0823 0x05c4 nsi - ok
10:38:04.0839 0x05c4 [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:38:04.0854 0x05c4 nsiproxy - ok
10:38:04.0917 0x05c4 [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:38:04.0979 0x05c4 Ntfs - ok
10:38:04.0995 0x05c4 [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
10:38:05.0041 0x05c4 ntrigdigi - ok
10:38:05.0057 0x05c4 [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null C:\Windows\system32\drivers\Null.sys
10:38:05.0088 0x05c4 Null - ok
10:38:05.0385 0x05c4 [ 2FA5434344AF84D73F66BA402FF78690, D244C9BA5C9A582C17AA5DE3BE78A2C177AC2CEE5EE6C0E62A52AED7C51B0FB1 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
10:38:05.0790 0x05c4 nvlddmkm - ok
10:38:05.0853 0x05c4 [ 2EDF9E7751554B42CBB60116DE727101, 37A0AA78E83DBB5A788F7F067EB71DDF6CCC72A66BB41B209E1A5E2F68F8AF9B ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:38:05.0868 0x05c4 nvraid - ok
10:38:05.0915 0x05c4 [ ABED0C09758D1D97DB0042DBB2688177, 84B9BF886EF9181915E8AB6D971446BC681E6DE4485DBECD62838EAFA10E7F46 ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:38:05.0915 0x05c4 nvstor - ok
10:38:05.0993 0x05c4 [ B785320CBCF5021DE9945C803696C511, 01D374F6F0EEA385A25DA375EDDD83F5F6F3FEC6D5C3F844AE2DDE75C451A623 ] nvsvc C:\Windows\system32\nvvsvc.exe
10:38:06.0040 0x05c4 nvsvc - ok
10:38:06.0149 0x05c4 [ D2B064796C369F82E96397F721C4A29D, 49A9E7DBCFFE5C8D0B22088193277366BAEA7D6CF51894BD4030F7C96275237B ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
10:38:06.0211 0x05c4 nvUpdatusService - ok
10:38:06.0258 0x05c4 [ 18BBDF913916B71BD54575BDB6EEAC0B, 5FBA165149AB09E869DCE35622E91CFC964BDD22B31A5E76CF12F1565402B207 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:38:06.0274 0x05c4 nv_agp - ok
10:38:06.0289 0x05c4 NwlnkFlt - ok
10:38:06.0289 0x05c4 NwlnkFwd - ok
10:38:06.0321 0x05c4 [ F9BEED56D7FCDBD4924AC1E628261882, 9D7A355A1C3E7241CFF3DA06730F3E3A8ECCAA3D1F16B03D7B1D418FAF837B9D ] O2FLASH C:\Windows\system32\DRIVERS\o2flash.exe
10:38:06.0336 0x05c4 O2FLASH - ok
10:38:06.0367 0x05c4 [ 4F8D4B1233AF48B30F4FDC76A8865CFA, 1AE34F62B42345687481851D6366548155E2907D7470612C67F438C97E97BA28 ] O2MDGRDR C:\Windows\system32\DRIVERS\o2mdg.sys
10:38:06.0383 0x05c4 O2MDGRDR - ok
10:38:06.0477 0x05c4 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:38:06.0508 0x05c4 odserv - ok
10:38:06.0539 0x05c4 [ 86326062A90494BDD79CE383511D7D69, 43D5682CA8ECB4BA7CC1A5C4C2BF966EE4802E8C3AA84CDEB634CA3C410DAB89 ] OEM13Vfx C:\Windows\system32\DRIVERS\OEM13Vfx.sys
10:38:06.0586 0x05c4 OEM13Vfx - ok
10:38:06.0617 0x05c4 [ 12539B57ED05DE7552403A12B3E0161C, 15E1E10DBA6508B539A1CDD0B2E809E40ECB0988AE76FC1A477FA83F01AA8495 ] OEM13Vid C:\Windows\system32\DRIVERS\OEM13Vid.sys
10:38:06.0633 0x05c4 OEM13Vid - ok
10:38:06.0679 0x05c4 [ 6F310E890D46E246E0E261A63D9B36B4, 7050B0C43CC0DF2DDAD3EB8D2FF9EEE425A627C68654CBB154D55A4B1A47AA08 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
10:38:06.0695 0x05c4 ohci1394 - ok
10:38:06.0773 0x05c4 [ D3E2E1CE1527AE076706419ABE7F4608, 6E85F9D2A314BE2DC346B1C990CB496258E62DBAC656F57AC66410A607016132 ] OpenVPNService C:\Neue Programme\OpenVPN\bin\openvpnserv.exe
10:38:06.0789 0x05c4 OpenVPNService - detected UnsignedFile.Multi.Generic ( 1 )
10:38:07.0038 0x05c4 Detect skipped due to KSN trusted
10:38:07.0038 0x05c4 OpenVPNService - ok
10:38:07.0069 0x05c4 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:38:07.0085 0x05c4 ose - ok
10:38:07.0132 0x05c4 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc C:\Windows\system32\p2psvc.dll
10:38:07.0225 0x05c4 p2pimsvc - ok
10:38:07.0272 0x05c4 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc C:\Windows\system32\p2psvc.dll
10:38:07.0303 0x05c4 p2psvc - ok
10:38:07.0335 0x05c4 [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport C:\Windows\system32\drivers\parport.sys
10:38:07.0366 0x05c4 Parport - ok
10:38:07.0428 0x05c4 [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:38:07.0444 0x05c4 partmgr - ok
10:38:07.0459 0x05c4 [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
10:38:07.0506 0x05c4 Parvdm - ok
10:38:07.0569 0x05c4 [ 5F731DD45D3B176C071E4CCEEB87B06B, 9B090813203FE4A2AA1BEAE942F4023FFE00599A52712B306330565816E55FA1 ] PassThru Service C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
10:38:07.0569 0x05c4 PassThru Service - detected UnsignedFile.Multi.Generic ( 1 )
10:38:07.0771 0x05c4 Detect skipped due to KSN trusted
10:38:07.0771 0x05c4 PassThru Service - ok
10:38:07.0818 0x05c4 [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc C:\Windows\System32\pcasvc.dll
10:38:07.0849 0x05c4 PcaSvc - ok
10:38:07.0896 0x05c4 [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci C:\Windows\system32\drivers\pci.sys
10:38:07.0912 0x05c4 pci - ok
10:38:07.0927 0x05c4 [ FC175F5DDAB666D7F4D17449A547626F, 7D6108213D1AD3F97A3B83E491BCCC7D6F5BC72C32A182BDDE8736851A26C8D2 ] pciide C:\Windows\system32\drivers\pciide.sys
10:38:07.0974 0x05c4 pciide - ok
10:38:07.0990 0x05c4 [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
10:38:08.0005 0x05c4 pcmcia - ok
10:38:08.0068 0x05c4 [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:38:08.0193 0x05c4 PEAUTH - ok
10:38:08.0286 0x05c4 [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla C:\Windows\system32\pla.dll
10:38:08.0458 0x05c4 pla - ok
10:38:08.0520 0x05c4 [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:38:08.0551 0x05c4 PlugPlay - ok
10:38:08.0583 0x05c4 [ BAFC9706BDF425A02B66468AB2605C59, 6F8F7982AD452F0E68D91CCAF05DF152F00FA3D885DCBBBC470199E74F17B1E0 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
10:38:08.0598 0x05c4 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
10:38:08.0754 0x05c4 Detect skipped due to KSN trusted
10:38:08.0754 0x05c4 Pml Driver HPZ12 - ok
10:38:08.0785 0x05c4 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
10:38:08.0817 0x05c4 PNRPAutoReg - ok
10:38:08.0848 0x05c4 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc C:\Windows\system32\p2psvc.dll
10:38:08.0879 0x05c4 PNRPsvc - ok
10:38:08.0910 0x05c4 [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:38:08.0973 0x05c4 PolicyAgent - ok
10:38:09.0019 0x05c4 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:38:09.0051 0x05c4 PptpMiniport - ok
10:38:09.0066 0x05c4 [ 2027293619DD0F047C584CF2E7DF4FFD, B7C172CCD08D8A30483D27536355ED1E5009B33629355B426470AFBA8542B394 ] Processor C:\Windows\system32\drivers\processr.sys
10:38:09.0082 0x05c4 Processor - ok
10:38:09.0129 0x05c4 [ 0D5DAD610D7EA1627581ED06FB2BAA9A, 6E27CF3A1624AE10EECB8B5F38E03D76A6AABE4E75DD66DEDD67E0773935A396 ] ProfSvc C:\Windows\system32\profsvc.dll
10:38:09.0175 0x05c4 ProfSvc - ok
10:38:09.0207 0x05c4 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
10:38:09.0207 0x05c4 ProtectedStorage - ok
10:38:09.0238 0x05c4 [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
10:38:09.0253 0x05c4 PSched - ok
10:38:09.0300 0x05c4 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6, 8B7D44A7698B95FE34CBBE4FAB2F01EC1F5BA86C2B19672F99767E650E99BF1C ] ql2300 C:\Windows\system32\drivers\ql2300.sys
10:38:09.0378 0x05c4 ql2300 - ok
10:38:09.0409 0x05c4 [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
10:38:09.0425 0x05c4 ql40xx - ok
10:38:09.0487 0x05c4 [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE C:\Windows\system32\qwave.dll
10:38:09.0503 0x05c4 QWAVE - ok
10:38:09.0519 0x05c4 [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:38:09.0534 0x05c4 QWAVEdrv - ok
10:38:09.0550 0x05c4 [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:38:09.0565 0x05c4 RasAcd - ok
10:38:09.0581 0x05c4 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto C:\Windows\System32\rasauto.dll
10:38:09.0612 0x05c4 RasAuto - ok
10:38:09.0628 0x05c4 [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:38:09.0643 0x05c4 Rasl2tp - ok
10:38:09.0675 0x05c4 [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan C:\Windows\System32\rasmans.dll
10:38:09.0706 0x05c4 RasMan - ok
10:38:09.0721 0x05c4 [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:38:09.0753 0x05c4 RasPppoe - ok
10:38:09.0768 0x05c4 [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:38:09.0784 0x05c4 RasSstp - ok
10:38:09.0799 0x05c4 [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:38:09.0831 0x05c4 rdbss - ok
10:38:09.0831 0x05c4 [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:38:09.0846 0x05c4 RDPCDD - ok
10:38:09.0877 0x05c4 [ 943B18305EAE3935598A9B4A3D560B4C, E083FA4B9CA1A24031FF23A54942372D7FB3F02F62EE3580F01BEC3229DB2101 ] rdpdr C:\Windows\system32\DRIVERS\rdpdr.sys
10:38:09.0909 0x05c4 rdpdr - ok
10:38:09.0909 0x05c4 [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:38:09.0940 0x05c4 RDPENCDD - ok
10:38:09.0971 0x05c4 [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:38:10.0018 0x05c4 RDPWD - ok
10:38:10.0065 0x05c4 [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess C:\Windows\System32\mprdim.dll
10:38:10.0096 0x05c4 RemoteAccess - ok
10:38:10.0111 0x05c4 [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:38:10.0127 0x05c4 RemoteRegistry - ok
10:38:10.0143 0x05c4 [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator C:\Windows\system32\locator.exe
10:38:10.0158 0x05c4 RpcLocator - ok
10:38:10.0189 0x05c4 [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs C:\Windows\system32\rpcss.dll
10:38:10.0221 0x05c4 RpcSs - ok
10:38:10.0236 0x05c4 [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:38:10.0267 0x05c4 rspndr - ok
10:38:10.0299 0x05c4 [ 2D19A7469EA19993D0C12E627F4530BC, B59F0D4ACAA60ED95093FA561D4C5D87F26C9F6C646858772743038D97B2D6AB ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
10:38:10.0314 0x05c4 RTL8169 - ok
10:38:10.0330 0x05c4 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs C:\Windows\system32\lsass.exe
10:38:10.0345 0x05c4 SamSs - ok
10:38:10.0361 0x05c4 [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:38:10.0377 0x05c4 sbp2port - ok
10:38:10.0377 0x05c4 [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:38:10.0408 0x05c4 SCardSvr - ok
10:38:10.0455 0x05c4 [ F79CC0F814748E15538BF4D808030739, 396E94A309AFB163791095A25950CB7D85EEC43B416E1E7F056F430E1B719F4D ] Schedule C:\Windows\system32\schedsvc.dll
10:38:10.0548 0x05c4 Schedule - ok
10:38:10.0579 0x05c4 [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc C:\Windows\System32\certprop.dll
10:38:10.0595 0x05c4 SCPolicySvc - ok
10:38:10.0626 0x05c4 [ 8F36B54688C31EED4580129040C6A3D3, DC150689CBAEEC94B9DE0CA6A633FAD16CDDDC452521232E0C2A44BAE61E08D9 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
10:38:10.0642 0x05c4 sdbus - ok
10:38:10.0673 0x05c4 [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:38:10.0720 0x05c4 SDRSVC - ok
10:38:10.0813 0x05c4 [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
10:38:10.0954 0x05c4 SDScannerService - ok
10:38:11.0047 0x05c4 [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
10:38:11.0188 0x05c4 SDUpdateService - ok
10:38:11.0235 0x05c4 [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
10:38:11.0235 0x05c4 SDWSCService - ok
10:38:11.0266 0x05c4 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:38:11.0281 0x05c4 secdrv - ok
10:38:11.0297 0x05c4 [ 7D7A5D3CB5AB4B394E03BDE27E6114E8, 590644469036B9C2DF3D6E56D41FD7D09D0AE5021B0FA96A8CBA873F923865C8 ] seclogon C:\Windows\system32\seclogon.dll
10:38:11.0313 0x05c4 seclogon - ok
10:38:11.0344 0x05c4 [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS C:\Windows\System32\sens.dll
10:38:11.0375 0x05c4 SENS - ok
10:38:11.0391 0x05c4 [ 68E44E331D46F0FB38F0863A84CD1A31, 0778D85B6869CE2610820DC9724360538BFE832426E898AEBC34E53D2AB4322B ] Serenum C:\Windows\system32\drivers\serenum.sys
10:38:11.0422 0x05c4 Serenum - ok
10:38:11.0437 0x05c4 [ C70D69A918B178D3C3B06339B40C2E1B, 40BEEECA4C797A3355F4B01C57C2763C33028F27826315062320789A496D0810 ] Serial C:\Windows\system32\drivers\serial.sys
10:38:11.0484 0x05c4 Serial - ok
10:38:11.0500 0x05c4 [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse C:\Windows\system32\drivers\sermouse.sys
10:38:11.0531 0x05c4 sermouse - ok
10:38:11.0547 0x05c4 [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv C:\Windows\system32\sessenv.dll
10:38:11.0578 0x05c4 SessionEnv - ok
10:38:11.0593 0x05c4 [ 3EFA810BDCA87F6ECC24F9832243FE86, E50FEA94DB9851A46A8A71A8C061AC953A9D5B14585382B3F0FFC84931A0A68F ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
10:38:11.0609 0x05c4 sffdisk - ok
10:38:11.0625 0x05c4 [ E95D451F7EA3E583AEC75F3B3EE42DC5, B014BE4F9B0C79ECCE2537D1CF4AAD48ACB4C5AD3DACAC4444F0F465B9689921 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:38:11.0640 0x05c4 sffp_mmc - ok
10:38:11.0671 0x05c4 [ 9F66A46C55D6F1CCABC79BB7AFCCC545, 029115C69315D2298F7FC944A53EF7F120FF74919208EB5ABC190022176D9B16 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
10:38:11.0687 0x05c4 sffp_sd - ok
10:38:11.0718 0x05c4 [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
10:38:11.0749 0x05c4 sfloppy - ok
10:38:11.0781 0x05c4 [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:38:11.0812 0x05c4 SharedAccess - ok
10:38:11.0843 0x05c4 [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:38:11.0890 0x05c4 ShellHWDetection - ok
10:38:11.0905 0x05c4 [ 1D76624A09A054F682D746B924E2DBC3, DC903DD466AB8899883253F09477B02E4E93A31C8B279F9F02BD555F1AA083B7 ] sisagp C:\Windows\system32\drivers\sisagp.sys
10:38:11.0921 0x05c4 sisagp - ok
10:38:11.0937 0x05c4 [ 43CB7AA756C7DB280D01DA9B676CFDE2, 08484CAEA0518C0A4CCCD292D8C803B27FEC453537EE1E4CEE74A7208356A474 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
10:38:11.0952 0x05c4 SiSRaid2 - ok
10:38:11.0968 0x05c4 [ A99C6C8B0BAA970D8AA59DDC50B57F94, 97AC9DD6DC4F58AC60E819B999BB157663EE7C1739521D16768AA9AC00DAD012 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
10:38:11.0983 0x05c4 SiSRaid4 - ok
10:38:12.0030 0x05c4 [ 3E98CE04689597C76B3EF4D3D0323836, F7FFF675066281190C236F2995EB003A1779231E5164EEE6BEE334A4240B1DF9 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
10:38:12.0061 0x05c4 SkypeUpdate - ok
10:38:12.0186 0x05c4 [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc C:\Windows\system32\SLsvc.exe
10:38:12.0514 0x05c4 slsvc - ok
10:38:12.0561 0x05c4 [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify C:\Windows\system32\SLUINotify.dll
10:38:12.0576 0x05c4 SLUINotify - ok
10:38:12.0623 0x05c4 [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:38:12.0639 0x05c4 Smb - ok
10:38:12.0670 0x05c4 [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:38:12.0685 0x05c4 SNMPTRAP - ok
10:38:12.0717 0x05c4 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr C:\Windows\system32\drivers\spldr.sys
10:38:12.0717 0x05c4 spldr - ok
10:38:12.0748 0x05c4 [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler C:\Windows\System32\spoolsv.exe
10:38:12.0779 0x05c4 Spooler - ok
10:38:12.0966 0x05c4 [ 674C5E022318EE3A8565001DF3CA0809, 82EB0ADD80B428565D9377999FD8BA104547DED8BB0B1714454D00D565B94231 ] SQTECH930B C:\Windows\system32\Drivers\Capt930b.sys
10:38:12.0982 0x05c4 SQTECH930B - detected UnsignedFile.Multi.Generic ( 1 )
10:38:13.0216 0x05c4 SQTECH930B ( UnsignedFile.Multi.Generic ) - warning
10:38:13.0434 0x05c4 [ DC7E6FCD8C51AEF8FF3F2E23C786014A, 02852FC293359BA89155367FA7D3A69922EC2574E5B85C842517272768BE8808 ] srv C:\Windows\system32\DRIVERS\srv.sys
10:38:13.0481 0x05c4 srv - ok
10:38:13.0512 0x05c4 [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:38:13.0559 0x05c4 srv2 - ok
10:38:13.0590 0x05c4 [ 8AE0783E3EDCED90D4B2961887056A2B, D24168259988576B13EB2A4B2C11622A736174DDF11F6718D9A0DC9837F50EA5 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:38:13.0606 0x05c4 srvnet - ok
10:38:13.0621 0x05c4 [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:38:13.0653 0x05c4 SSDPSRV - ok
10:38:13.0699 0x05c4 [ 424566865D82AA4BD8D6546C1F2065FA, 37B4C04C7C0EE0F3347A9E9F35B095478299F7324CA87AAE487BF989B0E6AE03 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
10:38:13.0715 0x05c4 ssmdrv - ok
10:38:13.0762 0x05c4 [ EF3458337D7341A05169CEFC73709264, C9D0AE966CFA02F7B72586C2A6E2AFA9818C9F4856A4E9625B79BC5A886FC193 ] SSPORT C:\Windows\system32\Drivers\SSPORT.sys
10:38:13.0762 0x05c4 SSPORT - detected UnsignedFile.Multi.Generic ( 1 )
10:38:13.0933 0x05c4 Detect skipped due to KSN trusted
10:38:13.0933 0x05c4 SSPORT - ok
10:38:13.0965 0x05c4 [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:38:13.0980 0x05c4 SstpSvc - ok
10:38:14.0011 0x05c4 Steam Client Service - ok
10:38:14.0074 0x05c4 [ 00FCEC4DA4198F5F2B9BBD9225842568, 95CE48CC4238FB4D95E2EFFF195C38C321D3F7B513C779FDFBB3F77F9C72EA05 ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
10:38:14.0105 0x05c4 Stereo Service - ok
10:38:14.0152 0x05c4 [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc C:\Windows\System32\wiaservc.dll
10:38:14.0199 0x05c4 stisvc - ok
10:38:14.0245 0x05c4 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum C:\Windows\system32\DRIVERS\swenum.sys
10:38:14.0261 0x05c4 swenum - ok
10:38:14.0292 0x05c4 [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv C:\Windows\System32\swprv.dll
10:38:14.0308 0x05c4 swprv - ok
10:38:14.0339 0x05c4 [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
10:38:14.0339 0x05c4 Symc8xx - ok
10:38:14.0370 0x05c4 [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
10:38:14.0370 0x05c4 Sym_hi - ok
10:38:14.0386 0x05c4 [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
10:38:14.0401 0x05c4 Sym_u3 - ok
10:38:14.0433 0x05c4 [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain C:\Windows\system32\sysmain.dll
10:38:14.0479 0x05c4 SysMain - ok
10:38:14.0511 0x05c4 [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:38:14.0526 0x05c4 TabletInputService - ok
10:38:14.0557 0x05c4 [ B40FECCBA92D8495366B6974D35704FF, 532A9050EA2C017407E5302048E7BC461370DB48B1778D38509EC586446B1F28 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
10:38:14.0589 0x05c4 tap0901 - ok
10:38:14.0635 0x05c4 [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv C:\Windows\System32\tapisrv.dll
10:38:14.0651 0x05c4 TapiSrv - ok
10:38:14.0667 0x05c4 [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS C:\Windows\System32\tbssvc.dll
10:38:14.0698 0x05c4 TBS - ok
10:38:14.0776 0x05c4 [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:38:14.0838 0x05c4 Tcpip - ok
10:38:14.0885 0x05c4 [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
10:38:14.0916 0x05c4 Tcpip6 - ok
10:38:14.0947 0x05c4 [ 608C345A255D82A6289C2D468EB41FD7, 74ECFDD45DC3EB3AFAEF9C42B546241AA1D6ACB2F6591A76DDB8BB1768545889 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:38:14.0979 0x05c4 tcpipreg - ok
10:38:15.0010 0x05c4 [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:38:15.0025 0x05c4 TDPIPE - ok
10:38:15.0057 0x05c4 [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:38:15.0072 0x05c4 TDTCP - ok
10:38:15.0103 0x05c4 [ EC565DFA3D9C45D8083B72DEC5B33710, BC4F41795AF98FD87F8CC92F946E6896BAC1925A35C3E5E159E8BF4E6A34A35D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:38:15.0119 0x05c4 tdx - ok
10:38:15.0135 0x05c4 [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
10:38:15.0150 0x05c4 TermDD - ok
10:38:15.0197 0x05c4 [ DBD84E59D631569EC3E756EF144E8431, 9E58629EC762584A2D294A619593620626F7CBE467045AD0F920B6CF1D4B4724 ] TermService C:\Windows\System32\termsrv.dll
10:38:15.0322 0x05c4 TermService - ok
10:38:15.0369 0x05c4 [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes C:\Windows\system32\shsvcs.dll
10:38:15.0415 0x05c4 Themes - ok
10:38:15.0431 0x05c4 [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER C:\Windows\system32\mmcss.dll
10:38:15.0462 0x05c4 THREADORDER - ok
10:38:15.0493 0x05c4 [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks C:\Windows\System32\trkwks.dll
10:38:15.0509 0x05c4 TrkWks - ok
10:38:15.0556 0x05c4 [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:38:15.0571 0x05c4 TrustedInstaller - ok
10:38:15.0603 0x05c4 [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:38:15.0665 0x05c4 tssecsrv - ok
10:38:15.0696 0x05c4 [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
10:38:15.0727 0x05c4 tunmp - ok
10:38:15.0774 0x05c4 [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:38:15.0790 0x05c4 tunnel - ok
10:38:15.0805 0x05c4 [ 7D33C4DB2CE363C8518D2DFCF533941F, C6A539AD31B0BD9F895E0A537783AA75D5760C8590D83BA832D59A9B090CA0E9 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
10:38:15.0821 0x05c4 uagp35 - ok
10:38:15.0852 0x0650 Object required for P2P: [ 5E420601E9CD653429A91E11EEE6D44C ] AntiVirMailService
10:38:15.0868 0x05c4 [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:38:15.0883 0x05c4 udfs - ok
10:38:15.0915 0x05c4 [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:38:15.0930 0x05c4 UI0Detect - ok
10:38:15.0961 0x05c4 [ B0ACFDC9E4AF279E9116C03E014B2B27, 455D30859E381361FF6EE8B01EDC22A2E66CD5EC22CA9F314E88009DB77A8BAF ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:38:15.0977 0x05c4 uliagpkx - ok
10:38:15.0993 0x05c4 [ 9224BB254F591DE4CA8D572A5F0D635C, C5E7B24587AC5A28ECA63300307AD95B8A846833340126AE378840A40E53C056 ] uliahci C:\Windows\system32\drivers\uliahci.sys
10:38:16.0008 0x05c4 uliahci - ok
10:38:16.0039 0x05c4 [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata C:\Windows\system32\drivers\ulsata.sys
10:38:16.0055 0x05c4 UlSata - ok
10:38:16.0086 0x05c4 [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
10:38:16.0102 0x05c4 ulsata2 - ok
10:38:16.0133 0x05c4 [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus C:\Windows\system32\DRIVERS\umbus.sys
10:38:16.0149 0x05c4 umbus - ok
10:38:16.0149 0x0650 Object send P2P result: true
10:38:16.0164 0x0650 Object required for P2P: [ 4768863A98FC66BFC74F276A70B4362E ] AntiVirWebService
10:38:16.0227 0x05c4 [ 8A66360F38F81E960E2367B428CBD5D9, 349A39BD63E1FF3C3D0249A3BE834D62F3EFC5EA4416269421AF03F10356D3E5 ] UmRdpService C:\Windows\System32\umrdp.dll
10:38:16.0258 0x05c4 UmRdpService - ok
10:38:16.0305 0x05c4 [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost C:\Windows\System32\upnphost.dll
10:38:16.0336 0x05c4 upnphost - ok
10:38:16.0398 0x05c4 [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:38:16.0429 0x05c4 usbccgp - ok
10:38:16.0476 0x05c4 [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:38:16.0507 0x05c4 usbcir - ok
10:38:16.0539 0x05c4 [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
10:38:16.0554 0x05c4 usbehci - ok
10:38:16.0570 0x05c4 [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:38:16.0601 0x05c4 usbhub - ok
10:38:16.0617 0x05c4 [ 38DBC7DD6CC5A72011F187425384388B, 456CFCD190035C3033709C8DC0F6DC4352BBF751D57C0C52DD04F8C301FEBACD ] usbohci C:\Windows\system32\drivers\usbohci.sys
10:38:16.0648 0x05c4 usbohci - ok
10:38:16.0695 0x05c4 [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
10:38:16.0726 0x05c4 usbprint - ok
10:38:16.0788 0x05c4 [ 1D714B8497CD68307806D5D3F60A5169, 1914D92ECE39995168E3C8F5A7694B7A94954DB299410A2781D1321C8E60C3D9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
10:38:16.0835 0x05c4 usbscan - ok
10:38:16.0866 0x05c4 [ 234F76D9337BBD25D849C3860418723A, 8AC74D4FFFDEF5CCAA34BA185B45D252BAC15FE37E00515F9365878325764E7F ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:38:16.0913 0x05c4 USBSTOR - ok
10:38:16.0929 0x05c4 [ 44056325428A8E4C755830426E29878F, 95F182047746D352B7DC2B22298D5E58738E1B787C110D1DE841C026FB8A67EB ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
10:38:16.0944 0x05c4 usbuhci - ok
10:38:16.0975 0x05c4 [ E67998E8F14CB0627A769F6530BCB352, 60982F168E9BF13954328C728F55F4D3ADDC572CACB65289B0E895A63DAA08C1 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
10:38:17.0007 0x05c4 usbvideo - ok
10:38:17.0038 0x05c4 [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms C:\Windows\System32\uxsms.dll
10:38:17.0069 0x05c4 UxSms - ok
10:38:17.0100 0x05c4 [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds C:\Windows\System32\vds.exe
10:38:17.0147 0x05c4 vds - ok
10:38:17.0194 0x05c4 [ 87B06E1F30B749A114F74622D013F8D4, 06C06EF87F7DC668D23B50AA5F419F62474ACF90E325E167491BF290286D6594 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:38:17.0225 0x05c4 vga - ok
10:38:17.0225 0x05c4 [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave C:\Windows\System32\drivers\vga.sys
10:38:17.0241 0x05c4 VgaSave - ok
10:38:17.0287 0x05c4 [ 5D7159DEF58A800D5781BA3A879627BC, 499A8E51FDE61AE0D7C1812D1E5B331211A36BD095A4992C629B93DE6D80F4E6 ] viaagp C:\Windows\system32\drivers\viaagp.sys
10:38:17.0303 0x05c4 viaagp - ok
10:38:17.0319 0x05c4 [ C4F3A691B5BAD343E6249BD8C2D45DEE, 19DE07AD6CD51036FA8A6B8EE82F34D7F5264FF3A12CBE6E52BD036D0303E319 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
10:38:17.0350 0x05c4 ViaC7 - ok
10:38:17.0365 0x05c4 [ AADF5587A4063F52C2C3FED7887426FC, 0A74791A236FDAFCD045CFB79A159245B94F7C2033E0CD830C1B76F0F994E06D ] viaide C:\Windows\system32\drivers\viaide.sys
10:38:17.0381 0x05c4 viaide - ok
10:38:17.0397 0x05c4 [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:38:17.0412 0x05c4 volmgr - ok
10:38:17.0443 0x05c4 [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:38:17.0475 0x05c4 volmgrx - ok
10:38:17.0521 0x05c4 [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:38:17.0553 0x05c4 volsnap - ok
10:38:17.0568 0x05c4 [ 587253E09325E6BF226B299774B728A9, C9F46197819C2A095456393C518A9B00B59ECDC54F464D038AA7F8DCCDB93CCF ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
10:38:17.0584 0x05c4 vsmraid - ok
10:38:17.0646 0x05c4 [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS C:\Windows\system32\vssvc.exe
10:38:17.0709 0x05c4 VSS - ok
10:38:17.0771 0x05c4 [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time C:\Windows\system32\w32time.dll
10:38:17.0802 0x05c4 W32Time - ok
10:38:17.0818 0x05c4 [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
10:38:17.0865 0x05c4 WacomPen - ok
10:38:17.0880 0x05c4 [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
10:38:17.0896 0x05c4 Wanarp - ok
10:38:17.0911 0x05c4 [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:38:17.0927 0x05c4 Wanarpv6 - ok
10:38:17.0958 0x05c4 [ 20B23332885DFB93FE0185362EE811E9, 67B8026E8285FEB6E3939DEEE4E0F2FD0FA0917E0ED0F1FAE56B7841AF74C8F8 ] wbengine C:\Windows\system32\wbengine.exe
10:38:18.0005 0x0650 Object send P2P result: true
10:38:18.0005 0x0650 Object required for P2P: [ BC6FA9C5D9253ECB020DF1AB6E46DFD2 ] avipbb
10:38:18.0083 0x05c4 wbengine - ok
10:38:18.0145 0x05c4 [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:38:18.0192 0x05c4 wcncsvc - ok
10:38:18.0223 0x05c4 [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:38:18.0255 0x05c4 WcsPlugInService - ok
10:38:18.0255 0x0650 Object send P2P result: true
10:38:18.0255 0x0650 Object required for P2P: [ 8B86696A7030DDBD85B64621BD5B9C44 ] Avira.ServiceHost
10:38:18.0301 0x05c4 [ 78FE9542363F297B18C027B2D7E7C07F, 6BC3ED2A48EF41E1EE597FD58271DB12256EC013518663331CD0FBCB3FC415EE ] Wd C:\Windows\system32\drivers\wd.sys
10:38:18.0317 0x05c4 Wd - ok
10:38:18.0364 0x05c4 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:38:18.0411 0x05c4 Wdf01000 - ok
10:38:18.0457 0x05c4 [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:38:18.0489 0x05c4 WdiServiceHost - ok
10:38:18.0489 0x05c4 [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:38:18.0504 0x05c4 WdiSystemHost - ok
10:38:18.0551 0x05c4 [ BB77BAA3E7FD8F1A5D092A96D37B5A2D, 880C37347091224DFB7C442252FE4A29FD7002DA6A8BA994B8CEAABC5E535593 ] WebClient C:\Windows\System32\webclnt.dll
10:38:18.0582 0x05c4 WebClient - ok
10:38:18.0629 0x05c4 [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:38:18.0660 0x05c4 Wecsvc - ok
10:38:18.0676 0x05c4 [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:38:18.0707 0x05c4 wercplsupport - ok
10:38:18.0723 0x05c4 [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc C:\Windows\System32\WerSvc.dll
10:38:18.0754 0x05c4 WerSvc - ok
10:38:18.0785 0x05c4 [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
10:38:18.0801 0x05c4 WinDefend - ok
10:38:18.0816 0x05c4 WinHttpAutoProxySvc - ok
10:38:18.0879 0x05c4 [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:38:18.0894 0x05c4 Winmgmt - ok
10:38:18.0972 0x05c4 [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM C:\Windows\system32\WsmSvc.dll
10:38:19.0066 0x05c4 WinRM - ok
10:38:19.0128 0x05c4 [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc C:\Windows\System32\wlansvc.dll
10:38:19.0175 0x05c4 Wlansvc - ok
10:38:19.0222 0x05c4 [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
10:38:19.0237 0x05c4 WmiAcpi - ok
10:38:19.0284 0x05c4 [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:38:19.0300 0x05c4 wmiApSrv - ok
10:38:19.0331 0x05c4 [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
10:38:19.0440 0x05c4 WMPNetworkSvc - ok
10:38:19.0503 0x05c4 [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:38:19.0534 0x05c4 WPDBusEnum - ok
10:38:19.0565 0x05c4 [ DE9D36F91A4DF3D911626643DEBF11EA, 8029ECE76E29276BFB6ED3387AC560A9A779AAF683A4416E96334FAF7BDBADA0 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
10:38:19.0581 0x05c4 WpdUsb - ok
10:38:19.0674 0x05c4 [ C108DC20ACE05072350DBB6934E277FB, 548E6ABE4C4ADE48260FFDC7BADFD1697972EA3AE94D6576498C8A183D8CE0C8 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
10:38:19.0721 0x05c4 WPFFontCache_v0400 - ok
10:38:19.0783 0x05c4 [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:38:19.0799 0x05c4 ws2ifsl - ok
10:38:19.0830 0x05c4 [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc C:\Windows\System32\wscsvc.dll
10:38:19.0846 0x05c4 wscsvc - ok
10:38:19.0893 0x05c4 [ 4422AC5ED8D4C2F0DB63E71D4C069DD7, B010DCC7B802C26A701A7DE1CA1B21D6B43D99FE88524D015C9228376B0BDA6E ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
10:38:19.0908 0x05c4 WSDPrintDevice - ok
10:38:19.0908 0x05c4 [ 65D1FF8AAFF4A7D8F787A290E5087816, 9681C1B3B683E7F9531CD223C4C09877C829EFF3C707DD826752A815C1CF8982 ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
10:38:19.0939 0x05c4 WSDScan - ok
10:38:19.0955 0x05c4 WSearch - ok
10:38:19.0971 0x0650 Object send P2P result: true
10:38:19.0986 0x0650 Object required for P2P: [ 3E98CE04689597C76B3EF4D3D0323836 ] SkypeUpdate
10:38:20.0033 0x05c4 [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv C:\Windows\system32\wuaueng.dll
10:38:20.0158 0x05c4 wuauserv - ok
10:38:20.0236 0x05c4 [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:38:20.0251 0x0650 Object send P2P result: true
10:38:20.0267 0x05c4 WudfPf - ok
10:38:20.0298 0x05c4 [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:38:20.0329 0x05c4 WUDFRd - ok
10:38:20.0345 0x05c4 [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:38:20.0361 0x05c4 wudfsvc - ok
10:38:20.0376 0x05c4 ================ Scan global ===============================
10:38:20.0423 0x05c4 [ 2F2DFC846D75D680B9018823A8B5EF07, DBC823CF0C659B6D7482CB080CD042EC6BBAEDB6297DB712CADA1BCEAA8A95C8 ] C:\Windows\system32\basesrv.dll
10:38:20.0470 0x05c4 [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
10:38:20.0501 0x05c4 [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
10:38:20.0563 0x05c4 [ 4F0A7910FC7D8A66433FA9961EEF8BB5, 2086EDEE8CF9CC9BDBDC03018F7C28BB56172F941CB4D6F3D857BCF82B32FB6B ] C:\Windows\system32\services.exe
10:38:20.0579 0x05c4 [ Global ] - ok
10:38:20.0579 0x05c4 ================ Scan MBR ==================================
10:38:20.0595 0x05c4 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
10:38:21.0359 0x05c4 \Device\Harddisk0\DR0 - ok
10:38:21.0375 0x05c4 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
10:38:21.0780 0x05c4 \Device\Harddisk1\DR1 - ok
10:38:21.0780 0x05c4 ================ Scan VBR ==================================
10:38:21.0843 0x05c4 [ 4ABE4B2FF83ECB0C7E703D4EF564C1BF ] \Device\Harddisk0\DR0\Partition1
10:38:22.0030 0x05c4 \Device\Harddisk0\DR0\Partition1 - ok
10:38:22.0123 0x05c4 [ 83867977CB21460BC8BE5A8F23D99718 ] \Device\Harddisk0\DR0\Partition2
10:38:22.0201 0x05c4 \Device\Harddisk0\DR0\Partition2 - ok
10:38:22.0217 0x05c4 [ D3AFD64E0D1C3F0D7652B9E096920977 ] \Device\Harddisk1\DR1\Partition1
10:38:22.0295 0x05c4 \Device\Harddisk1\DR1\Partition1 - ok
10:38:22.0295 0x05c4 ================ Scan generic autorun ======================
10:38:22.0763 0x05c4 [ C94EBFBCD3018DCC50E193DFD02C8CEF, 93E48E0B2E9794CBE59C57226E5AF4CBAD03A1C04F76830530DDFD746794F0A2 ] C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe
10:38:22.0763 0x05c4 Avira SystrayStartTrigger - ok
10:38:23.0169 0x05c4 [ 1CE11C53E562D5F7EAFCF47E0E696516, 4E8264DB3CA9B2344905BC2CAE6A9E73190A3CCF3D154B3CBDAF4F73F8FCD64B ] C:\Program Files\Avira\Antivirus\avgnt.exe
10:38:23.0325 0x05c4 avgnt - ok
10:38:23.0621 0x05c4 [ 06E0A81C46574A8E38950BD9A3B358AC, 36257BF87EDCA2680DA792772DE1F311B4CE2DAC65299BB4DC7687BE469085C8 ] C:\Program Files\KeePass Password Safe 2\KeePass.exe
10:38:24.0245 0x05c4 KeePass 2 PreLoad - ok
10:38:24.0495 0x05c4 [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
10:38:24.0588 0x05c4 Sidebar - ok
10:38:24.0588 0x05c4 WindowsWelcomeCenter - ok
10:38:24.0682 0x05c4 [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
10:38:24.0729 0x05c4 Sidebar - ok
10:38:24.0729 0x05c4 WindowsWelcomeCenter - ok
10:38:24.0853 0x05c4 [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
10:38:24.0963 0x05c4 Sidebar - ok
10:38:24.0963 0x05c4 WindowsWelcomeCenter - ok
10:38:24.0963 0x05c4 Waiting for KSN requests completion. In queue: 6
10:38:25.0992 0x05c4 AV detected via SS2: Avira Antivirus, C:\Program Files\Avira\Antivirus\wsctool.exe ( 15.0.16.273 ), 0x41000 ( enabled : updated )
10:38:26.0023 0x05c4 Win FW state via NFP2: enabled ( trusted )
10:38:26.0211 0x05c4 ============================================================
10:38:26.0211 0x05c4 Scan finished
10:38:26.0211 0x05c4 ============================================================
10:38:26.0211 0x08dc Detected object count: 1
10:38:26.0211 0x08dc Actual detected object count: 1
10:39:08.0362 0x08dc SQTECH930B ( UnsignedFile.Multi.Generic ) - skipped by user
10:39:08.0362 0x08dc SQTECH930B ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
30.04.2016, 16:21
| #3 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Windows Vista: Wiederholtes Einfrieren und suspekte svchost.exe moin
__________________ Zitat:
Vista wird nur noch wenige Monate supportet. Man sollte jetzt den Umstieg auf was Neueres schon längst in Angriff genommen haben...
__________________ |
|
30.04.2016, 16:29
| #4 |
| | Windows Vista: Wiederholtes Einfrieren und suspekte svchost.exe Moin, Danke für den Hinweis. Mir ist das bewusst, nur wird das System zum einen nicht gewerblich genutzt und zum anderen habe ich leider mittelfristig keine Zeit für die Umstellung. Darum werde ich mich aber kümmern... |
|
30.04.2016, 16:37
| #5 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows Vista: Wiederholtes Einfrieren und suspekte svchost.exe Dann erklär doch mal bitte was den da ein Vista Business und v.a. das Enterprise Office da zu suchen haben wenn es nur reine Privatnutzung ist... Wenn du keine Zeit hast: für die Analyse und das Bereinigen aber schon? 
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
30.04.2016, 17:16
| #6 |
| | Windows Vista: Wiederholtes Einfrieren und suspekte svchost.exe Die Hardware mit System wurde mal im Rahmen einer gewerblichen Nutzung bestellt. Und ich habe deshalb für die Bereinigung Zeit, weil ich auf das Funktionieren eines Rechners angewiesen bin  .PS: Meinst du, wenn ich bereit wäre, mir illegale Betriebssysteme und Office-Software zu besorgen, hätte ich Windows Vista und Microsoft Office 2007 ? Was betriebssystemtechnisch wohl noch weniger Sinn macht, weil es nun Windows 10 für lau gibt.... Geändert von Millmank (30.04.2016 um 17:26 Uhr) |
|
01.05.2016, 20:18
| #7 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows Vista: Wiederholtes Einfrieren und suspekte svchost.exe Es geht nicht um illegale Installationen sondern darum, dass wir hier nicht den Admins von Firmen in den Rücken fallen. Für IT-Probleme an Büro-PCs ist der Firmen-Admin zuständig und nicht das TB. Nur bei kleinen Betrieben ohne EDV wird eine Ausnahme gemacht. Deinstalliere bitte Avir aund Spybot, beides ist ziemlich unnützer Schrott, wenn wir hier druch sind kannst du auf was anderes umsteigen. Nur Emsisoft geht nicht mehr, da du noch Vista hast. Der Support von Vista wurde fallengelassen und allein aus solchen Gründen hättest du den Umstieg schon viel eher in Angriff nehmen sollen...
__________________ Logfiles bitte immer in CODE-Tags posten |
|
02.05.2016, 08:28
| #8 |
| | Windows Vista: Wiederholtes Einfrieren und suspekte svchost.exe Alles klar, nachvollziehbar. Spybot und Antivir sind runter. FRST: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:27-04-2016
durchgeführt von Administrator (Administrator) auf HAL (02-05-2016 09:00:07)
Gestartet von C:\Users\Administrator\Desktop
Geladene Profile: Administrator (Verfügbare Profile: UpdatusUser & Administrator)
Platform: Microsoft® Windows Vista™ Business Service Pack 2 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 9 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(O2Micro International) C:\Windows\System32\drivers\o2flash.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [KeePass 2 PreLoad] => C:\Program Files\KeePass Password Safe 2\KeePass.exe [2756672 2016-03-09] (Dominik Reichl)
HKU\S-1-5-19\...\Winlogon: [Userinit] [[%%INSTALLTIME%%]]
HKU\S-1-5-19\...\Winlogon: [Shell] [[%%INSTALLTIME%%]] <==== ACHTUNG
HKU\S-1-5-20\...\Winlogon: [Userinit] [[%%INSTALLTIME%%]]
HKU\S-1-5-20\...\Winlogon: [Shell] [[%%INSTALLTIME%%]] <==== ACHTUNG
HKU\S-1-5-21-1397528827-1418839280-159149109-500\...\MountPoints2: {12083a0a-84a4-11e5-8f70-9bf26590be9a} - "G:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-21-1397528827-1418839280-159149109-500\...\MountPoints2: {7ee0c92b-563b-11e5-8fb0-f07647e6b42a} - H:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1397528827-1418839280-159149109-500\...\MountPoints2: {8bb26413-2138-11e3-a06a-806e6f6e6963} - I:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1397528827-1418839280-159149109-500\...\MountPoints2: {a0075fd2-64db-11e3-9e9d-f852a0f2242a} - F:\setup.exe
HKU\S-1-5-21-1397528827-1418839280-159149109-500\...\MountPoints2: {ff154bdd-d87f-11e5-860d-b1d5f7d05b10} - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-18\...\Winlogon: [Userinit] [[%%INSTALLTIME%%]]
HKU\S-1-5-18\...\Winlogon: [Shell] [[%%INSTALLTIME%%]] <==== ACHTUNG
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei
BootExecute: autocheck autochk * sdnclean.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8215736F-5127-4938-92B1-C1C02F71EB6B}: [DhcpNameServer] 141.42.1.1
Tcpip\..\Interfaces\{9BF89D0C-B95D-4044-8AD0-6DAC2CFE06CB}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-1397528827-1418839280-159149109-500\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1397528827-1418839280-159149109-500 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1397528827-1418839280-159149109-500 -> {E4171500-0AC3-440B-AD19-3D240E6D0933} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27] (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-21] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-21] (Oracle Corporation)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2008-10-16] (Hewlett-Packard Co.)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\1j26d316.default
FF DefaultSearchEngine: Wikipedia (de)
FF SelectedSearchEngine: Wikipedia (de)
FF Homepage: about:home
FF Session Restore: -> ist aktiviert.
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-08] ()
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-21] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2012-12-29] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2012-12-29] (NVIDIA Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.1 -> C:\Neue Programme\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Neue Programme\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Neue Programme\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-07-27] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\1j26d316.default\user.js [2016-03-04]
FF Extension: Dict.cc Translation - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\1j26d316.default\Extensions\searchdictcc@roughael.xpi [2016-04-29]
FF Extension: Zotero - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\1j26d316.default\Extensions\zotero@chnm.gmu.edu.xpi [2016-04-18]
FF Extension: html5 wizard pro - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\1j26d316.default\Extensions\{66ff16b6-75fb-4dfc-a2ea-04d7c5775cbe}.xpi [2016-02-28] [ist nicht signiert]
FF Extension: Adblock Plus - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\1j26d316.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-29]
FF Extension: QuickTime Manager - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\1j26d316.default\Extensions\{df45044c-ed92-458d-8cc7-e596730ac00e}.xpi [2016-03-12] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-04-20] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [{190bc294-c8e5-471c-9466-3eb945b09542}] - C:\Neue Programme\Firefox\extensions\{190bc294-c8e5-471c-9466-3eb945b09542} => nicht gefunden
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2016-02-07] [ist nicht signiert]
FF HKU\S-1-5-21-1397528827-1418839280-159149109-500\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-08-12] (Adobe Systems) [Datei ist nicht signiert]
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2008-10-16] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [135168 2008-10-16] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2008-07-18] (Hewlett-Packard) [Datei ist nicht signiert]
R2 O2FLASH; C:\Windows\system32\DRIVERS\o2flash.exe [72224 2009-01-21] (O2Micro International)
S3 OpenVPNService; C:\Neue Programme\OpenVPN\bin\openvpnserv.exe [33120 2016-02-01] (The OpenVPN Project) [Datei ist nicht signiert]
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2012-10-08] () [Datei ist nicht signiert]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-07-18] (Hewlett-Packard) [Datei ist nicht signiert]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2013-12-14] (Disc Soft Ltd)
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R3 O2MDGRDR; C:\Windows\System32\DRIVERS\o2mdg.sys [51616 2009-01-21] (O2Micro )
R3 OEM13Vfx; C:\Windows\System32\DRIVERS\OEM13Vfx.sys [7424 2009-01-18] (EyePower Games Pte. Ltd.)
R3 OEM13Vid; C:\Windows\System32\DRIVERS\OEM13Vid.sys [235840 2009-01-18] (Creative Technology Ltd.)
R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2013-04-10] (Samsung Electronics) [Datei ist nicht signiert]
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [23040 2014-11-05] (The OpenVPN Project)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S0 MBAMSwissArmy; system32\drivers\MBAMSwissArmy.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-05-01 23:03 - 2016-05-01 23:04 - 00000079 _____ C:\Windows\wininit.ini
2016-05-01 09:07 - 2016-05-01 09:11 - 00188354 _____ C:\TDSSKiller.3.1.0.9_01.05.2016_09.07.40_log.txt
2016-05-01 09:03 - 2016-05-01 09:03 - 00000000 ____D C:\TDSSKiller_Quarantine
2016-05-01 08:58 - 2016-05-01 09:05 - 00374164 _____ C:\TDSSKiller.3.1.0.9_01.05.2016_08.58.18_log.txt
2016-04-30 10:36 - 2016-04-30 10:40 - 00189476 _____ C:\TDSSKiller.3.1.0.9_30.04.2016_10.36.53_log.txt
2016-04-30 10:36 - 2016-04-30 10:36 - 00000490 _____ C:\TDSSKiller.3.1.0.9_30.04.2016_10.36.22_log.txt
2016-04-30 10:35 - 2016-04-30 10:35 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Administrator\Desktop\tdsskiller.exe
2016-04-30 10:30 - 2016-05-02 09:01 - 00012159 _____ C:\Users\Administrator\Desktop\FRST.txt
2016-04-30 10:30 - 2016-05-02 09:00 - 00000000 ____D C:\FRST
2016-04-30 10:29 - 2016-04-30 10:29 - 01728000 _____ (Farbar) C:\Users\Administrator\Desktop\FRST.exe
2016-04-14 13:35 - 2016-04-22 14:53 - 00000076 _____ C:\Users\Administrator\Desktop\KeePass nachtragen.txt
2016-04-14 13:32 - 2016-04-14 13:32 - 00000029 _____ C:\Users\Administrator\Desktop\Produktschlüssel.txt
2016-04-14 13:31 - 2016-04-14 13:31 - 03304640 _____ (Microsoft Corporation) C:\Users\Administrator\Desktop\Setup.x86.de-DE_ProPlusRetail_62NKP-79J2T-CC9DR-Q47B2-3YH7H_act_1_.exe
2016-04-07 19:51 - 2016-04-14 13:37 - 00002782 _____ C:\Users\Administrator\Desktop\KeePass_Database.kdbx
2016-04-06 20:12 - 2016-04-14 13:37 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\KeePass
2016-04-06 20:08 - 2016-04-06 20:08 - 00000914 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk
2016-04-06 20:08 - 2016-04-06 20:08 - 00000000 ____D C:\Program Files\KeePass Password Safe 2
2016-04-04 18:34 - 2016-04-04 18:34 - 00000000 ____D C:\Program Files\Common Files\ResearchSoft
2016-04-04 18:09 - 2016-04-04 18:34 - 00000000 ____D C:\Users\Public\Documents\EndNote
2016-04-04 18:09 - 2016-04-04 18:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EndNote
2016-04-04 18:07 - 2016-04-04 18:35 - 00000000 ____D C:\Program Files\EndNote X7
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-05-02 08:59 - 2016-02-14 18:25 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-05-02 08:55 - 2006-11-02 14:47 - 00003712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-02 08:54 - 2012-04-27 21:11 - 00000000 ____D C:\ProgramData\NVIDIA
2016-05-02 08:54 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-02 08:54 - 2006-11-02 14:47 - 00003712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-01 23:39 - 2006-11-02 15:01 - 00032562 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-05-01 23:28 - 2012-04-20 13:54 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-05-01 23:08 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\inf
2016-05-01 23:05 - 2015-11-21 19:28 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2016-05-01 23:04 - 2012-12-02 00:02 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-05-01 23:03 - 2013-12-14 17:30 - 00000000 ____D C:\ProgramData\Avira
2016-04-30 10:23 - 2012-04-19 22:59 - 00677784 _____ C:\Windows\system32\perfh007.dat
2016-04-30 10:23 - 2012-04-19 22:59 - 00147264 _____ C:\Windows\system32\perfc007.dat
2016-04-30 10:23 - 2006-11-02 12:33 - 01576088 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-30 10:05 - 2016-02-08 18:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers
2016-04-30 10:05 - 2014-04-20 19:53 - 00000000 ____D C:\Program Files\Samsung
2016-04-30 10:04 - 2014-09-28 21:54 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2016-04-30 10:04 - 2014-09-28 21:53 - 00000000 ____D C:\Program Files\Common Files\InstallShield
2016-04-30 09:59 - 2014-09-28 21:54 - 00000035 _____ C:\Windows\SIERRA.INI
2016-04-25 21:00 - 2012-10-26 23:06 - 00015915 _____ C:\Users\Administrator\Desktop\Trainingsplan.xlsx
2016-04-08 13:28 - 2012-04-20 13:54 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-04-08 13:28 - 2012-04-20 13:54 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-04-06 20:03 - 2014-02-15 16:04 - 00000000 ____D C:\Users\Administrator\Desktop\Dokumente
2016-04-04 18:35 - 2016-02-24 18:25 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\EndNote
2016-04-04 18:35 - 2016-02-24 18:18 - 00000000 ____D C:\ProgramData\Thomson.ResearchSoft.Installers
2016-04-04 18:09 - 2016-02-24 18:20 - 00000000 ____D C:\Program Files\Common Files\Risxtd
2016-04-04 18:03 - 2012-04-27 21:04 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2016-04-04 17:56 - 2012-04-19 13:52 - 00000000 ____D C:\Users\Administrator\Desktop\Studium
2016-04-04 17:19 - 2015-08-03 15:20 - 00013820 _____ C:\Users\Administrator\Desktop\Ein- und Ausgabenrechnung.xlsx
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-09-25 15:44 - 2015-10-12 11:27 - 0000680 _____ () C:\Users\Administrator\AppData\Local\d3d9caps.dat
2014-05-09 22:20 - 2016-03-25 21:27 - 0071168 _____ () C:\Users\Administrator\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-06-12 15:57 - 2016-02-07 14:35 - 0001115 _____ () C:\ProgramData\hpzinstall.log
2012-04-27 21:12 - 2014-05-15 11:36 - 0088165 _____ () C:\ProgramData\nvModes.001
2012-04-27 21:12 - 2014-05-15 11:36 - 0088165 _____ () C:\ProgramData\nvModes.dat
Einige Dateien in TEMP:
====================
C:\Users\Administrator\AppData\Local\Temp\SlideBook6Reader3792290504220369582.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-05-02 09:03
==================== Ende vom FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:27-04-2016
durchgeführt von Administrator (2016-05-02 09:02:20)
Gestartet von C:\Users\Administrator\Desktop
Microsoft® Windows Vista™ Business Service Pack 2 (X86) (2012-04-19 11:09:38)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1397528827-1418839280-159149109-500 - Administrator - Enabled) => C:\Users\Administrator
Gast (S-1-5-21-1397528827-1418839280-159149109-501 - Limited - Enabled)
UpdatusUser (S-1-5-21-1397528827-1418839280-159149109-1001 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
32 Bit HP CIO Components Installer (Version: 3.1.1 - Hewlett-Packard) Hidden
3DHISTECH's SlideAC redist x86 (HKLM\...\3DHISTECH SlideAC x86) (Version: 1.15.3.42679 - 3DHISTECH Ltd.)
Adobe Flash Player 21 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Illustrator CS2 (HKLM\...\Adobe Illustrator CS2) (Version: 12.000.000 - Adobe Systems Inc.)
Adobe Reader X (10.1.4) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.4 - Adobe Systems Incorporated)
Adobe SVG Viewer 3.0 (HKLM\...\Adobe SVG Viewer) (Version: 3.0 - Adobe Systems, Inc.)
Benutzerhandbuch anzeigen (HKLM\...\View User Guide) (Version: 3.60.43.0 - )
BufferChm (Version: 120.0.194.000 - Hewlett-Packard) Hidden
CaseCenterClient Redist x86 (HKLM\...\CaseCenterClient Redist x86) (Version: 1.15.3.42983 - 3DHISTECH Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.10 - Piriform)
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
Copy (Version: 120.0.194.000 - Hewlett-Packard) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
Destination Component (Version: 110.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 120.0.194.000 - Hewlett-Packard) Hidden
Die Schlacht um Mittelerde(tm) (HKLM\...\{3F290582-3F4E-4B96-009C-E0BABAA40C42}) (Version: - )
DJ_AIO_03_F4200_Software_Min (Version: 110.0.206.000 - Hewlett-Packard) Hidden
DJ_AIO_04_F735_Software_Min (Version: 120.0.250.000 - Hewlett-Packard) Hidden
Elvenstar Mod 6.0 (HKLM\...\Elvenstar Mod 6.0) (Version: 1.0a - Elvenstar Team)
EndNote X7 (HKLM\...\{86B3F2D6-AC2B-0017-8AE1-F2F77F781B0C}) (Version: 17.5.0.9325 - Thomson Reuters)
F735 (Version: 120.0.250.000 - Hewlett-Packard) Hidden
GPBaseService2 (Version: 120.0.194.000 - Hewlett-Packard) Hidden
HiView (HKLM\...\HiView_is1) (Version: - Lunar and Planetary Laboratory, University of Arizona)
HP Customer Participation Program 12.0 (HKLM\...\HPExtendedCapabilities) (Version: 12.0 - HP)
HP Deskjet F4200 All-In-One Driver 11.0 03 (HKLM\...\{C3B6AEB1-390C-4792-8677-CD87F8B2C959}) (Version: 11.0 - HP)
HP Deskjet F735 All-in-one Driver Software 12.0 Rel .4 (HKLM\...\{7BE02706-B038-4844-8FE0-E7A7C0597023}) (Version: 12.0 - HP)
HP Imaging Device Functions 12.0 (HKLM\...\HP Imaging Device Functions) (Version: 12.0 - HP)
HP Smart Web Printing (HKLM\...\HP Smart Web Printing) (Version: 4.05 - HP)
HP Solution Center 12.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 12.0 - HP)
HP Update (HKLM\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
HPPhotoGadget (Version: 120.0.150.000 - Hewlett-Packard) Hidden
HPProductAssistant (Version: 120.0.194.000 - Hewlett-Packard) Hidden
HPSSupply (Version: 120.0.194.000 - Hewlett-Packard) Hidden
iCam Tracer CCD (HKLM\...\{D0AF1483-31AD-4FEB-A961-C9327185439F}) (Version: 930.0902.1115.05 - )
ImageMagick 6.8.9-3 Q16 (32-bit) (2014-07-15) (HKLM\...\ImageMagick 6.8.9 Q16 (32-bit)_is1) (Version: 6.8.9 - ImageMagick Studio LLC)
IPTInstaller (HKLM\...\{6965F2F4-1CD2-4F42-A8EF-9EF433F9AA72}) (Version: 4.0.4 - HTC)
Java 8 Update 66 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
JP2 WSI Converter (x86) (HKLM\...\{3C412784-C2EB-4C40-BD11-25B40D278181}) (Version: 1.0.2 - BioMediTech)
Kakadu-demo-apps (HKLM\...\{196F57F7-EFD6-4FA4-8956-C54C7ED79513}) (Version: 1.0.0 - The University of New South Wales)
KeePass Password Safe 2.32 (HKLM\...\KeePassPasswordSafe2_is1) (Version: 2.32 - Dominik Reichl)
Laptop Integrated Webcam Driver (1.01.01.0529) (HKLM\...\Creative OEM013) (Version: - )
MarketResearch (Version: 120.0.226.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Minecraft1.7.9 (HKLM\...\Minecraft1.7.9) (Version: - )
Mozilla Firefox 44.0.2 (x86 de) (HKLM\...\Mozilla Firefox 44.0.2 (x86 de)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 44.0.2.5884 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA 3D Vision Treiber 310.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 310.90 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 1.6 - NVIDIA Corporation)
NVIDIA Grafiktreiber 310.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 310.90 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
OpenVPN 2.3.10-I602 (HKLM\...\OpenVPN) (Version: 2.3.10-I602 - )
Pannoramic Viewer (HKLM\...\{3BB40331-A688-4F50-8004-97C8AB1ECDBA}) (Version: 1.15.4.43061 - 3DHISTECH Ltd.)
ResearchSoft Direct Export Helper (HKLM\...\ResearchSoft Direct Export Helper) (Version: - Thomson Reuters)
Risen 2 - Dark Waters (HKLM\...\Steam App 40390) (Version: - Piranha Bytes)
Samsung Easy Printer Manager (HKLM\...\Samsung Easy Printer Manager) (Version: 1.03.60.00(23.07.2013) - Samsung Electronics Co., Ltd.)
Samsung Easy Wireless Setup (HKLM\...\Easy Wireless Setup) (Version: 3.60.38.0 - Samsung Electronics Co., Ltd.)
Samsung M2070 Series (HKLM\...\Samsung M2070 Series) (Version: 1.02 (25.07.2013) - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Scan (Version: 12.0.0.0 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 12 - HP)
Skype™ 7.21 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
SlideDriver Redist x86 (HKLM\...\SlideDriver Redist x86) (Version: 1.15.3.42679 - 3DHISTECH Ltd.)
SmartWebPrinting (Version: 120.0.194.000 - Hewlett-Packard) Hidden
SolutionCenter (Version: 120.0.194.000 - Hewlett-Packard) Hidden
Status (Version: 120.0.194.000 - Hewlett-Packard) Hidden
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TAP-Windows 9.21.1 (HKLM\...\TAP-Windows) (Version: 9.21.1 - )
Toolbox (Version: 120.0.194.000 - Hewlett-Packard) Hidden
Total Annihilation (HKLM\...\Total Annihilation) (Version: - )
TrayApp (Version: 120.0.194.000 - Hewlett-Packard) Hidden
UnloadSupport (Version: 11.0.0 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WebReg (Version: 120.0.194.000 - Hewlett-Packard) Hidden
Winamp (HKLM\...\Winamp) (Version: 5.623 - Nullsoft, Inc)
WinRAR 4.11 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
Zotero Standalone 4.0.20 (x86 en-US) (HKLM\...\Zotero Standalone 4.0.20 (x86 en-US)) (Version: 4.0.20 - Zotero)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1397528827-1418839280-159149109-500_Classes\CLSID\{9E21666E-0EA4-4a3d-8619-BCB8D2E0C07B}\InprocServer32 -> C:\Program Files\3DHISTECH\Viewer\Data\DLLs\TDHThumbnailer.dll (3DHISTECH Ltd.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {1E608819-277D-4902-9CFB-4B2232214E49} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-09-16] (Piriform Ltd)
Task: {990EA275-82C8-4C53-AFE7-FB5FD0841D30} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-08] (Adobe Systems Incorporated)
Task: {FFA5584F-3327-4EEB-9A78-6EBC96D39E92} - System32\Tasks\{5FF594E3-88C9-4817-A470-50B943139F75} => pcalua.exe -a C:\GAMES\JUNGLE\INSTALL.EXE -d C:\GAMES\JUNGLE
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Minecraft-Server.lnk -> C:\Users\Administrator\AppData\Roaming\.minecraft\Server\start.bat ()
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-11-13 09:12 - 2013-11-13 09:12 - 00024064 _____ () C:\Windows\System32\ssm4mlm.dll
2013-11-13 09:12 - 2013-11-13 09:12 - 01042944 _____ () C:\Windows\system32\spool\DRIVERS\W32X86\3\ssm4mdu.dll
2012-10-08 17:04 - 2012-10-08 17:04 - 00166912 _____ () C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
2012-04-19 14:37 - 2012-02-17 20:55 - 00166912 _____ () C:\Program Files\WinRAR\rarext.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\18108338.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\18108338.sys => ""="Driver"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
Da befinden sich 7777 mehr Seiten.
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2006-11-02 12:23 - 2012-12-02 00:27 - 00444749 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.10sek.com
127.0.0.1 10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 www.123fporn.info
127.0.0.1 123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
Da befinden sich 15269 zusätzliche Einträge.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1397528827-1418839280-159149109-500\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\img24.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Administrator^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma.lnk => C:\Windows\pss\Adobe Gamma.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Sören^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Sören^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk => C:\Windows\pss\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk.Startup
MSCONFIG\startupreg: 6497d759cd44a3ad6d919de8dbbf6785 => "C:\Users\Administrator\AppData\Local\6497d759cd44a3ad6d919de8dbbf6785.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: avgnt => "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
MSCONFIG\startupreg: Avira Systray => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: CDAServer => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Neue Programme\Daemon Tools\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Facebook Update => "C:\Users\Sören\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: HP Software Update => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: OEM13Mon.exe => C:\Windows\OEM13Mon.exe
MSCONFIG\startupreg: SDTray => "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SpybotPostWindows10UpgradeReInstall => "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
MSCONFIG\startupreg: Steam => "C:\Neue Programme\Steam\Steam.exe" -silent
MSCONFIG\startupreg: STICAP => C:\Windows\Twain_32\iCam Tracer CCD\SnapTrap.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: Windows Defender => %ProgramFiles%\Windows Defender\MSASCui.exe -hide
==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [SLSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\slsvc.exe
FirewallRules: [SLSVC-In-TCP] => (Allow) %SystemRoot%\system32\slsvc.exe
FirewallRules: [{19AC6F5A-8D2B-4BD0-8FD2-C87682B2610D}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{4820CC46-39BD-4A6C-A1BC-DCCE46D39866}C:\neue programme\winamp\winamp.exe] => (Allow) C:\neue programme\winamp\winamp.exe
FirewallRules: [UDP Query User{321B15D9-CCE5-4EC1-8D17-55FF6A34D814}C:\neue programme\winamp\winamp.exe] => (Allow) C:\neue programme\winamp\winamp.exe
FirewallRules: [{8204586B-714B-41BD-AC3A-9DAF54AA20AB}] => (Allow) C:\Neue Programme\utorrent\uTorrent.exe
FirewallRules: [{90E8667C-642C-43AA-AC89-44376E0CB595}] => (Allow) C:\Neue Programme\utorrent\uTorrent.exe
FirewallRules: [TCP Query User{DDF620CB-6622-44A5-9E2D-ADED2D4022B7}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe
FirewallRules: [UDP Query User{DA58124F-9392-4688-B7CF-E51BE65C4F94}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe
FirewallRules: [{1DE23A38-06B3-4D77-9411-D80F6FB94DA6}] => (Allow) LPort=80
FirewallRules: [{DA5A8BD0-BA10-446D-9024-BAE227B23376}] => (Allow) LPort=80
FirewallRules: [{291F703C-FA34-4BB1-B593-AE249A9A50AF}] => (Allow) LPort=80
FirewallRules: [{DFA21B17-5D55-4EF6-9029-6A33187EAD27}] => (Allow) C:\Program Files\EA GAMES\Die Schlacht um Mittelerde(tm)\game.dat
FirewallRules: [{5534FFB0-C0A0-48B0-A3D2-4176DAAABA22}] => (Allow) C:\Program Files\EA GAMES\Die Schlacht um Mittelerde(tm)\game.dat
FirewallRules: [TCP Query User{49BDB96B-C89A-491E-A9C4-E034B08DA951}C:\program files\ea games\die schlacht um mittelerde(tm)\game.dat] => (Allow) C:\program files\ea games\die schlacht um mittelerde(tm)\game.dat
FirewallRules: [UDP Query User{EBD9393D-E43E-4817-98E3-5FA146257331}C:\program files\ea games\die schlacht um mittelerde(tm)\game.dat] => (Allow) C:\program files\ea games\die schlacht um mittelerde(tm)\game.dat
FirewallRules: [TCP Query User{2F2AAA2D-BF4A-40FB-B274-260378E5578F}C:\neue programme\valve\hl.exe] => (Block) C:\neue programme\valve\hl.exe
FirewallRules: [UDP Query User{AF4A2824-FFD4-47A0-B5A1-E3A84041C246}C:\neue programme\valve\hl.exe] => (Block) C:\neue programme\valve\hl.exe
FirewallRules: [TCP Query User{B7EBAF13-A0C5-4507-96DD-7656C2B38B09}C:\neue programme\winamp\winamp.exe] => (Allow) C:\neue programme\winamp\winamp.exe
FirewallRules: [UDP Query User{A781C59D-E0F7-4083-B11F-96698D4669FF}C:\neue programme\winamp\winamp.exe] => (Allow) C:\neue programme\winamp\winamp.exe
FirewallRules: [{0F52A4A1-9BBD-4A36-AB6A-4B527D7E3ADB}] => (Allow) C:\Neue Programme\Steam\Steam.exe
FirewallRules: [{72EB0DC1-28B1-4362-9C32-39550D9CB8CA}] => (Allow) C:\Neue Programme\Steam\Steam.exe
FirewallRules: [{3A26952E-DDCC-4C0E-93AF-DE78471D3C40}] => (Allow) C:\Neue Programme\Steam\SteamApps\common\Risen 2\system\Risen2.exe
FirewallRules: [{5E30B02D-CB26-41B5-A53D-6549F96D3CDA}] => (Allow) C:\Neue Programme\Steam\SteamApps\common\Risen 2\system\Risen2.exe
FirewallRules: [{EF936A89-DC28-4FA8-BEB5-71EF04ADD1FF}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{E51DB12E-F27E-41BE-93FD-A761F179FDA6}] => (Allow) LPort=12975
FirewallRules: [{E701A49D-2619-48B4-832B-D90DB8662FFB}] => (Allow) LPort=32976
FirewallRules: [{9865F695-85E7-4AA6-97BF-95DD77603F23}] => (Allow) C:\Neue Programme\Ahnenblatt\Ahnblatt.exe
FirewallRules: [{BE05A30D-2455-4C22-9378-BB55F05755A6}] => (Allow) C:\Neue Programme\Ahnenblatt\Ahnblatt.exe
FirewallRules: [TCP Query User{65CEB3E2-6F34-406F-BB26-890A4710B4B6}H:\ag harms\fiji\fiji.app\imagej-win32.exe] => (Allow) H:\ag harms\fiji\fiji.app\imagej-win32.exe
FirewallRules: [UDP Query User{A1464BDB-BF3C-440C-9ADC-6F9383B562EA}H:\ag harms\fiji\fiji.app\imagej-win32.exe] => (Allow) H:\ag harms\fiji\fiji.app\imagej-win32.exe
FirewallRules: [TCP Query User{588DFF16-C292-4093-97C4-508E0850CA95}H:\ag harms\fiji\fiji.app\imagej-win32.exe] => (Allow) H:\ag harms\fiji\fiji.app\imagej-win32.exe
FirewallRules: [UDP Query User{4DCA442E-7DEB-4C3A-A461-F7248CE66F31}H:\ag harms\fiji\fiji.app\imagej-win32.exe] => (Allow) H:\ag harms\fiji\fiji.app\imagej-win32.exe
FirewallRules: [TCP Query User{D27D6C30-4B4D-4C9F-B773-0DC3CE516715}C:\neue programme\valve\hl.exe] => (Allow) C:\neue programme\valve\hl.exe
FirewallRules: [UDP Query User{D8EE2827-AD42-4D67-BFBB-B6EAD833DEC6}C:\neue programme\valve\hl.exe] => (Allow) C:\neue programme\valve\hl.exe
FirewallRules: [TCP Query User{42268999-6FB8-45C1-A8F3-3DB224F78F95}C:\neue programme\warcraft iii\war3.exe] => (Allow) C:\neue programme\warcraft iii\war3.exe
FirewallRules: [UDP Query User{CA8D1B71-C1F6-436B-8F04-B9FF178D1019}C:\neue programme\warcraft iii\war3.exe] => (Allow) C:\neue programme\warcraft iii\war3.exe
FirewallRules: [TCP Query User{CAE189DF-5525-4FCF-8261-87D7EA27ED23}G:\ag harms\fiji\fiji.app\imagej-win32.exe] => (Allow) G:\ag harms\fiji\fiji.app\imagej-win32.exe
FirewallRules: [UDP Query User{3C72FC2C-C8ED-4764-8846-F1A5CEE376F3}G:\ag harms\fiji\fiji.app\imagej-win32.exe] => (Allow) G:\ag harms\fiji\fiji.app\imagej-win32.exe
FirewallRules: [TCP Query User{C8D9DF54-A495-46E4-A7D8-E0D1F0983B70}C:\neue programme\cellprofiler\cellprofiler.exe] => (Allow) C:\neue programme\cellprofiler\cellprofiler.exe
FirewallRules: [UDP Query User{17B80010-5FAB-447E-ABC7-2298BDBAED6A}C:\neue programme\cellprofiler\cellprofiler.exe] => (Allow) C:\neue programme\cellprofiler\cellprofiler.exe
FirewallRules: [TCP Query User{F18A17C4-8983-428D-814C-9EA28736AE17}C:\neue programme\cellprofiler\cellprofiler.exe] => (Allow) C:\neue programme\cellprofiler\cellprofiler.exe
FirewallRules: [UDP Query User{C41D84E1-72DE-4A3F-8756-471BE4FF1CBB}C:\neue programme\cellprofiler\cellprofiler.exe] => (Allow) C:\neue programme\cellprofiler\cellprofiler.exe
FirewallRules: [{70A6B460-1D91-47DD-BD3E-90FDC44484BD}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{B62D6A5D-5131-4924-AB17-145580ED49B7}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{846AABB0-E1BB-4C11-AB9B-05F337C4C443}] => (Allow) C:\Neue Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{9281564D-73F6-4846-88A1-AE2898F0838F}] => (Allow) C:\Neue Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{B69A5F67-AA4F-44B3-B61D-F1AD78AE9D57}C:\neue programme\cavedog\totala\totala.exe] => (Allow) C:\neue programme\cavedog\totala\totala.exe
FirewallRules: [UDP Query User{F1EFA0B4-25CC-419D-A873-540350CCED99}C:\neue programme\cavedog\totala\totala.exe] => (Allow) C:\neue programme\cavedog\totala\totala.exe
FirewallRules: [TCP Query User{57F7E70A-B26E-425C-B91E-964C840E2554}C:\neue programme\cavedog\totala\totala.exe] => (Allow) C:\neue programme\cavedog\totala\totala.exe
FirewallRules: [UDP Query User{D1ED9678-91D5-4DF4-917E-A7374A72AEE1}C:\neue programme\cavedog\totala\totala.exe] => (Allow) C:\neue programme\cavedog\totala\totala.exe
FirewallRules: [TCP Query User{142AE584-21F5-406C-9228-F509996E1694}C:\windows\system32\dplaysvr.exe] => (Allow) C:\windows\system32\dplaysvr.exe
FirewallRules: [UDP Query User{6B79F378-A49C-49E9-B421-34959B2577B1}C:\windows\system32\dplaysvr.exe] => (Allow) C:\windows\system32\dplaysvr.exe
FirewallRules: [TCP Query User{B6ECB59F-B69E-411F-8D1B-5B26A0349EB2}C:\program files\java\jre1.8.0_66\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [UDP Query User{49E867A2-6B39-46CC-BC54-BC138786C6BA}C:\program files\java\jre1.8.0_66\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [{AB82CC5C-BAF9-49CA-81B5-766F0C153768}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{8B4B6D3B-EF52-45AE-A436-3F693C9B7961}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{4C42B037-06E1-4C0A-95B0-C1DFE5EA54D1}C:\neue programme\fiji.app\imagej-win32.exe] => (Allow) C:\neue programme\fiji.app\imagej-win32.exe
FirewallRules: [UDP Query User{7BF40D46-3B2B-44E2-B61C-903F1FAC486F}C:\neue programme\fiji.app\imagej-win32.exe] => (Allow) C:\neue programme\fiji.app\imagej-win32.exe
FirewallRules: [TCP Query User{31234078-B085-4CA9-BDD7-6E76D50A3063}G:\ag harms\fiji\fiji.app\imagej-win32.exe] => (Allow) G:\ag harms\fiji\fiji.app\imagej-win32.exe
FirewallRules: [UDP Query User{52954E50-4CF5-48B5-96FD-7F40815A6B5B}G:\ag harms\fiji\fiji.app\imagej-win32.exe] => (Allow) G:\ag harms\fiji\fiji.app\imagej-win32.exe
FirewallRules: [{E11B1845-52D4-475E-BB04-4710700C54EF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{9DFE1EFA-00CC-4407-905A-13195619020C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{670BF190-3FC0-4E8A-A0EA-6DF9AB61DFFD}C:\program files\java\jre1.8.0_66\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [UDP Query User{710DA444-59FA-4C43-BA4D-8DA6FDF5D6E5}C:\program files\java\jre1.8.0_66\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [{4AD51538-3A76-413F-9C5C-3DE0C4254B9B}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{62CF701C-8944-4BB6-BE6A-3A3F313F3A6F}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{47244DBA-6DFD-4689-A7EB-8CF95BB60620}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{B4A39222-BA30-4F7F-AF3C-280234190B03}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{52BF9CB7-B36F-4610-BC1E-62EB15AC77A7}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{5B86D141-78C7-4791-94D9-8C9EEBFCC3DD}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{3EEB1AE3-BC31-4DC0-A775-C2B57FD924AF}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{58FA1520-33B8-4B51-AEAD-7E9FC0539BFE}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{AC5305D4-1581-4E13-BE67-B1907172B0B2}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{74E5C0DB-D564-46DE-BA40-9A204E71DCE1}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{EC47328E-B597-447A-8C38-D1D3E2EC5C36}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe
FirewallRules: [{3C63BB5D-4F0B-4CC2-B6BC-A6FFB98EAA38}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe
FirewallRules: [{B2F3CFAE-2E5A-41BE-BFB0-232F09409CA7}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{69639052-5CB4-44D9-8789-45F254175FCF}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{3903B973-838A-4513-A23D-136C8479F6A1}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{A3AD73F3-E606-4FC9-8C7D-F983394C71C3}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{20866BCB-794D-4C2F-866E-43192C9247EE}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{076228DB-46B1-4AF7-B20A-37904A599E9C}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{3281BD19-8E19-4DFB-8F4E-DC7B4E364869}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{4A192198-0E76-4128-9522-682D3DEAACAA}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{361D051C-AFF2-4655-8DC8-B1CB77CE52E2}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{C2FF0DEA-50EA-4A12-8EB3-EC1EED3CB484}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [TCP Query User{3F12F1DE-3EBB-42F2-8863-4198FCE3111F}C:\neue programme\fiji.app\imagej-win32.exe] => (Allow) C:\neue programme\fiji.app\imagej-win32.exe
FirewallRules: [UDP Query User{E20B7F4E-9F29-46C0-B333-4CD3C6D38A6A}C:\neue programme\fiji.app\imagej-win32.exe] => (Allow) C:\neue programme\fiji.app\imagej-win32.exe
==================== Wiederherstellungspunkte =========================
31-03-2016 12:36:10 Geplanter Prüfpunkt
01-04-2016 11:51:02 Geplanter Prüfpunkt
02-04-2016 15:06:49 Geplanter Prüfpunkt
04-04-2016 18:01:00 Removed EndNote X6
04-04-2016 18:06:53 Installed EndNote X7
05-04-2016 10:47:53 Geplanter Prüfpunkt
06-04-2016 10:33:53 Geplanter Prüfpunkt
08-04-2016 14:59:48 Geplanter Prüfpunkt
13-04-2016 11:47:23 Windows Update
30-04-2016 09:55:41 Entfernt EE-ZDE
30-04-2016 09:58:10 Entfernt Empire Earth
30-04-2016 10:00:56 Entfernt ANNO 1602 Königs-Edition
30-04-2016 10:03:52 Entfernt ANNO 1602
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Microsoft-ISATAP-Adapter #3
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Realtek PCIe GBE Family Controller
Description: Realtek PCIe GBE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8169
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (05/02/2016 08:56:24 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/01/2016 11:42:04 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\ADMINISTRATOR\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\1J26D316.DEFAULT\SAFEBROWSING> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (05/01/2016 11:42:04 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\ADMINISTRATOR\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\1J26D316.DEFAULT\SAFEBROWSING> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (05/01/2016 11:07:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/01/2016 11:01:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/01/2016 09:09:19 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/01/2016 08:23:47 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/30/2016 11:33:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/30/2016 03:43:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/30/2016 10:21:14 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\ADMINISTRATOR\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\1J26D316.DEFAULT\SAFEBROWSING-TO_DELETE> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Systemfehler:
=============
Error: (05/02/2016 08:57:55 AM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT-AUTORITÄT)
Description: 0x80070032
Error: (05/02/2016 08:57:28 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: NVIDIA Update Service Daemon%%1069
Error: (05/02/2016 08:57:28 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: nvUpdatusService.\UpdatusUser%%1330
Error: (05/02/2016 08:56:25 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: MBAMSwissArmy
Error: (05/02/2016 08:56:25 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
Error: (05/02/2016 08:56:00 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)
Error: (05/02/2016 08:55:57 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (05/02/2016 08:54:47 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 02.05.2016 um 00:04:46 unerwartet heruntergefahren.
Error: (05/01/2016 11:40:58 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {8BC3F05E-D86B-11D0-A075-00C04FB68820}
Error: (05/01/2016 11:08:31 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT-AUTORITÄT)
Description: 0x80070032
CodeIntegrity:
===================================
Date: 2015-04-12 21:12:49.650
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-04-12 21:12:49.120
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-04-12 21:12:48.589
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-04-12 21:12:48.012
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-04-12 21:12:43.410
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-04-12 21:12:42.849
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-04-12 21:12:40.961
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-04-12 21:12:39.729
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-03-22 19:53:48.702
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-03-22 19:53:48.203
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU P8700 @ 2.53GHz
Prozentuale Nutzung des RAM: 61%
Installierter physikalischer RAM: 3065.96 MB
Verfügbarer physikalischer RAM: 1169.41 MB
Summe virtueller Speicher: 6350.95 MB
Verfügbarer virtueller Speicher: 4400.11 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:283.4 GB) (Free:4.91 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (RECOVERY) (Fixed) (Total:14.65 GB) (Free:9.61 GB) NTFS
Drive g: (MyDrive) (Fixed) (Total:931.51 GB) (Free:40.77 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 54E94AB4)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=283.4 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 003DF751)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== Ende vom Addition.txt ============================
|
|
02.05.2016, 08:32
| #9 |
| | Windows Vista: Wiederholtes Einfrieren und suspekte svchost.exe TDSSKiller: Code:
ATTFilter 09:23:11.0342 0x0f9c TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
09:23:16.0490 0x0f9c ============================================================
09:23:16.0490 0x0f9c Current date / time: 2016/05/02 09:23:16.0490
09:23:16.0490 0x0f9c SystemInfo:
09:23:16.0490 0x0f9c
09:23:16.0490 0x0f9c OS Version: 6.0.6002 ServicePack: 2.0
09:23:16.0490 0x0f9c Product type: Workstation
09:23:16.0490 0x0f9c ComputerName: HAL
09:23:16.0490 0x0f9c UserName: Administrator
09:23:16.0490 0x0f9c Windows directory: C:\Windows
09:23:16.0490 0x0f9c System windows directory: C:\Windows
09:23:16.0490 0x0f9c Processor architecture: Intel x86
09:23:16.0490 0x0f9c Number of processors: 2
09:23:16.0490 0x0f9c Page size: 0x1000
09:23:16.0490 0x0f9c Boot type: Normal boot
09:23:16.0490 0x0f9c ============================================================
09:23:18.0362 0x0f9c KLMD registered as C:\Windows\system32\drivers\22607115.sys
09:23:18.0409 0x0f9c System UUID: {CCA73D96-F6A6-8383-7DDD-23D26838BCDE}
09:23:19.0049 0x0f9c Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
09:23:19.0049 0x0f9c Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
09:23:19.0376 0x0f9c ============================================================
09:23:19.0376 0x0f9c \Device\Harddisk0\DR0:
09:23:19.0376 0x0f9c MBR partitions:
09:23:19.0376 0x0f9c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
09:23:19.0376 0x0f9c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x236CE2B0
09:23:19.0376 0x0f9c \Device\Harddisk1\DR1:
09:23:19.0376 0x0f9c MBR partitions:
09:23:19.0376 0x0f9c \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x747051C1
09:23:19.0376 0x0f9c ============================================================
09:23:19.0423 0x0f9c C: <-> \Device\Harddisk0\DR0\Partition2
09:23:19.0454 0x0f9c D: <-> \Device\Harddisk0\DR0\Partition1
09:23:19.0751 0x0f9c G: <-> \Device\Harddisk1\DR1\Partition1
09:23:19.0751 0x0f9c ============================================================
09:23:19.0751 0x0f9c Initialize success
09:23:19.0751 0x0f9c ============================================================
09:23:26.0084 0x0f04 ============================================================
09:23:26.0084 0x0f04 Scan started
09:23:26.0084 0x0f04 Mode: Manual;
09:23:26.0084 0x0f04 ============================================================
09:23:26.0084 0x0f04 KSN ping started
09:24:02.0600 0x0f04 KSN ping finished: true
09:24:03.0239 0x0f04 ================ Scan system memory ========================
09:24:03.0239 0x0f04 Scan was interrupted by user!
09:24:03.0271 0x0f04 Win FW state via NFP2: enabled ( trusted )
09:24:05.0751 0x0f04 ============================================================
09:24:05.0751 0x0f04 Scan finished
09:24:05.0751 0x0f04 ============================================================
09:24:05.0751 0x0e64 Detected object count: 0
09:24:05.0751 0x0e64 Actual detected object count: 0
09:24:18.0790 0x0644 ============================================================
09:24:18.0790 0x0644 Scan started
09:24:18.0790 0x0644 Mode: Manual; SigCheck; TDLFS;
09:24:18.0790 0x0644 ============================================================
09:24:18.0790 0x0644 KSN ping started
09:24:21.0162 0x0644 KSN ping finished: true
09:24:21.0632 0x0644 ================ Scan system memory ========================
09:24:21.0633 0x0644 System memory - ok
09:24:21.0633 0x0644 ================ Scan services =============================
09:24:21.0789 0x0644 [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI C:\Windows\system32\drivers\acpi.sys
09:24:21.0861 0x0644 ACPI - ok
09:24:21.0968 0x0644 [ 8B46D5A1D3EF08232C04D0EAFB871FB2, 5306F8452EF675851CB0015F9E5C5EB750137D6D65C9CB7E47F8EF5B10A44D10 ] Adobe LM Service C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
09:24:21.0977 0x0644 Adobe LM Service - detected UnsignedFile.Multi.Generic ( 1 )
09:24:24.0473 0x0644 Detect skipped due to KSN trusted
09:24:24.0473 0x0644 Adobe LM Service - ok
09:24:24.0567 0x0644 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A, F419E159D3E428A3929A1A983142E7B0783D3F104EE9587585418E51011E4B8F ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
09:24:24.0581 0x0644 AdobeARMservice - ok
09:24:24.0650 0x0644 [ 28FFB14117CCEDD7D2F124596AA9B785, 8FC482C6444C904B5536979B3354597FD714634EC7372B464118C42AA9DCB58A ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
09:24:24.0670 0x0644 AdobeFlashPlayerUpdateSvc - ok
09:24:24.0734 0x0644 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303, FBBDD38574A1F66A5AA12B82E34FDE60B870180C4B7100C15757539DC869ED4B ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
09:24:24.0761 0x0644 adp94xx - ok
09:24:24.0800 0x0644 [ 60505E0041F7751BDBB80F88BF45C2CE, 1DE16042B8ABD7B643189E836DE273832EE743FD66AFBB641E8049C4E0CD04D8 ] adpahci C:\Windows\system32\drivers\adpahci.sys
09:24:24.0820 0x0644 adpahci - ok
09:24:24.0840 0x0644 [ 8A42779B02AEC986EAB64ECFC98F8BD7, B89938EFF4E81FA44197D2D839EBD3340DDE01FBC79605049C088621784C1B91 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
09:24:24.0855 0x0644 adpu160m - ok
09:24:24.0884 0x0644 [ 241C9E37F8CE45EF51C3DE27515CA4E5, 1A03E93DD8C1F3640C96124A14A3D0F4E349B06CCA2118CE40B8AE201A4030A7 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
09:24:24.0899 0x0644 adpu320 - ok
09:24:24.0939 0x0644 [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:24:24.0955 0x0644 AeLookupSvc - ok
09:24:25.0010 0x0644 [ 4A0978779958D8FE8F5849F452BCC812, C57002A721F3DCAFB00CF4DEC57E9E761393BDB471ACEAFFDBD1ABA9AE308598 ] AFD C:\Windows\system32\drivers\afd.sys
09:24:25.0031 0x0644 AFD - ok
09:24:25.0061 0x0644 [ 13F9E33747E6B41A3FF305C37DB0D360, 066DD6060B1CF93F85BBAAA52848C801128CD294E8B7EACD912E0EF219DBFBC2 ] agp440 C:\Windows\system32\drivers\agp440.sys
09:24:25.0072 0x0644 agp440 - ok
09:24:25.0099 0x0644 [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
09:24:25.0113 0x0644 aic78xx - ok
09:24:25.0144 0x0644 [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG C:\Windows\System32\alg.exe
09:24:25.0165 0x0644 ALG - ok
09:24:25.0176 0x0644 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91, 0EADB6AE21FEDAB55D41F41B638198B556CC2BE2EE57F6C8B40EB044A318319F ] aliide C:\Windows\system32\drivers\aliide.sys
09:24:25.0185 0x0644 aliide - ok
09:24:25.0205 0x0644 [ C47344BC706E5F0B9DCE369516661578, 689C9CDAF6F38227F1C34359CAEB3C7798F318EDFD4B7FE532FBE3C8E4EE3DC8 ] amdagp C:\Windows\system32\drivers\amdagp.sys
09:24:25.0217 0x0644 amdagp - ok
09:24:25.0231 0x0644 [ 9B78A39A4C173FDBC1321E0DD659B34C, 2CA66EB68AD7A317D91C13B8CFD4E8CA985926A610D19595B613F5553B145C7B ] amdide C:\Windows\system32\drivers\amdide.sys
09:24:25.0240 0x0644 amdide - ok
09:24:25.0257 0x0644 [ 18F29B49AD23ECEE3D2A826C725C8D48, 0FA08882301D218E367E63E1966B6406220EE94BAE7E7DAD6E55EB70BF6FED7F ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
09:24:25.0279 0x0644 AmdK7 - ok
09:24:25.0297 0x0644 [ 93AE7F7DD54AB986A6F1A1B37BE7442D, ECE0ABA2DECEED94AC678240A4B604F04022F0740F2295CBD07D25F5917E878A ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
09:24:25.0319 0x0644 AmdK8 - ok
09:24:25.0386 0x0644 [ 8F7D200717A58E9800D391F4C2101577, F07CF0F5636F46D8F3D5133284943E991E8739E5A644BCA5F18BB896B374620D ] Appinfo C:\Windows\System32\appinfo.dll
09:24:25.0399 0x0644 Appinfo - ok
09:24:25.0431 0x0644 [ 0FE769CAE5855B53C90E23F85E7E89FF, 7163E364D33EDABCFC1E1B586D28FA906F34A764BF4B3031DF020043EAE0D3BF ] AppMgmt C:\Windows\System32\appmgmts.dll
09:24:25.0448 0x0644 AppMgmt - ok
09:24:25.0464 0x0644 [ 5D2888182FB46632511ACEE92FDAD522, 2E53231ACAF9B2FB7993DBC1CD15C06D7B0CCE0D08DAFF7B0CC13A2040028A75 ] arc C:\Windows\system32\drivers\arc.sys
09:24:25.0476 0x0644 arc - ok
09:24:25.0513 0x0644 [ 5E2A321BD7C8B3624E41FDEC3E244945, 9D47FF6C823868F2267FEFAB5851D3CD2BC3F619A2D6EFF803EA22DB0509C450 ] arcsas C:\Windows\system32\drivers\arcsas.sys
09:24:25.0525 0x0644 arcsas - ok
09:24:25.0639 0x0644 [ 537B2948976F5D9B5767B74A63EBB395, 1A14F8B582E74AD15B612EDA5B707AA3CB0B2A107ED14572B4232EAA7383B634 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
09:24:25.0667 0x0644 aspnet_state - ok
09:24:25.0693 0x0644 [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:24:25.0713 0x0644 AsyncMac - ok
09:24:25.0741 0x0644 [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi C:\Windows\system32\drivers\atapi.sys
09:24:25.0751 0x0644 atapi - ok
09:24:25.0802 0x0644 [ 8E98A99187FF17FC1D48E6FAFFD870BE, 7C935191A0A2BA95CA9A9E450F7C8802E6184F73BC297E91908B59F34C22AB06 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:24:25.0824 0x0644 AudioEndpointBuilder - ok
09:24:25.0837 0x0644 [ 8E98A99187FF17FC1D48E6FAFFD870BE, 7C935191A0A2BA95CA9A9E450F7C8802E6184F73BC297E91908B59F34C22AB06 ] Audiosrv C:\Windows\System32\Audiosrv.dll
09:24:25.0859 0x0644 Audiosrv - ok
09:24:25.0952 0x0644 [ 3DA0CA1A7497B3AB3ACBB94632C996E8, 74CAB9113DC07022C4A23E1E20A67B5F68064A7F00755DEAC8FB827BF85FE1D8 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl6.sys
09:24:26.0085 0x0644 BCM43XX - ok
09:24:26.0133 0x0644 [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep C:\Windows\system32\drivers\Beep.sys
09:24:26.0153 0x0644 Beep - ok
09:24:26.0204 0x0644 [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE C:\Windows\System32\bfe.dll
09:24:26.0230 0x0644 BFE - ok
09:24:26.0271 0x0644 [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS C:\Windows\System32\qmgr.dll
09:24:26.0329 0x0644 BITS - ok
09:24:26.0352 0x0644 [ D4DF28447741FD3D953526E33A617397, E7239BA432090F8AC7DF453DB876507CD4419ECA964D289408A1B2B353618693 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
09:24:26.0374 0x0644 blbdrive - ok
09:24:26.0402 0x0644 [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:24:26.0415 0x0644 bowser - ok
09:24:26.0431 0x0644 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
09:24:26.0446 0x0644 BrFiltLo - ok
09:24:26.0458 0x0644 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
09:24:26.0472 0x0644 BrFiltUp - ok
09:24:26.0504 0x0644 [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser C:\Windows\System32\browser.dll
09:24:26.0530 0x0644 Browser - ok
09:24:26.0562 0x0644 [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid C:\Windows\system32\drivers\brserid.sys
09:24:26.0599 0x0644 Brserid - ok
09:24:26.0620 0x0644 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
09:24:26.0658 0x0644 BrSerWdm - ok
09:24:26.0677 0x0644 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
09:24:26.0734 0x0644 BrUsbMdm - ok
09:24:26.0760 0x0644 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
09:24:26.0795 0x0644 BrUsbSer - ok
09:24:26.0819 0x0644 [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
09:24:26.0854 0x0644 BTHMODEM - ok
09:24:26.0884 0x0644 [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:24:26.0905 0x0644 cdfs - ok
09:24:26.0932 0x0644 [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
09:24:26.0950 0x0644 cdrom - ok
09:24:26.0980 0x0644 [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc C:\Windows\System32\certprop.dll
09:24:26.0997 0x0644 CertPropSvc - ok
09:24:27.0016 0x0644 [ E5D4133F37219DBCFE102BC61072589D, 74C7F8C53D9C71CE3C8B33BC0331948571318402B0A8E1AC4552360504092A46 ] circlass C:\Windows\system32\drivers\circlass.sys
09:24:27.0036 0x0644 circlass - ok
09:24:27.0062 0x0644 [ 5D9311526801643000D7032A83B18B12, C5A98868A41446617B3A27C6C4AAFA4E7C093E253E8C1DD5DBFE6FAE21991209 ] CLFS C:\Windows\system32\CLFS.sys
09:24:27.0080 0x0644 CLFS - ok
09:24:27.0169 0x0644 [ 6B6943A0CA56B47D6FB2EE476890854F, 6DA779879487F4A187DF54B0362642643D7871AA8F7E30992D781F558C50F052 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:24:27.0184 0x0644 clr_optimization_v2.0.50727_32 - ok
09:24:27.0231 0x0644 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:24:27.0265 0x0644 clr_optimization_v4.0.30319_32 - ok
09:24:27.0290 0x0644 [ 99AFC3795B58CC478FBBBCDC658FCB56, 0D1B27C42A058C5D56A0157B5ECA9A054254F6B9C8015D0321021A7EFCE10CE2 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
09:24:27.0310 0x0644 CmBatt - ok
09:24:27.0337 0x0644 [ 0CA25E686A4928484E9FDABD168AB629, C2CB2333CAB40CDF93219870E66700F957188C86A1B1A004BC4652953091E5C5 ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:24:27.0345 0x0644 cmdide - ok
09:24:27.0358 0x0644 [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
09:24:27.0367 0x0644 Compbatt - ok
09:24:27.0371 0x0644 COMSysApp - ok
09:24:27.0378 0x0644 [ 741E9DFF4F42D2D8477D0FC1DC0DF871, 06EA43D771E3455F943AB624CC00C2259FE5E561164908630755E933EF44A522 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
09:24:27.0387 0x0644 crcdisk - ok
09:24:27.0407 0x0644 [ 1F07BECDCA750766A96CDA811BA86410, F4E36F0003184BCB36D59B23AC903421AD8C0A1FD2D6315E06375235ABC9A0AD ] Crusoe C:\Windows\system32\drivers\crusoe.sys
09:24:27.0427 0x0644 Crusoe - ok
09:24:27.0461 0x0644 [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:24:27.0478 0x0644 CryptSvc - ok
09:24:27.0510 0x0644 [ 9BDB2E89BE8D0EF37B1F25C3D3FC192C, 95E3AA76DAF3F9EDE1AAE9B85C779F2716097266F492E0A8D361C6ED9A9AC8CC ] CSC C:\Windows\system32\drivers\csc.sys
09:24:27.0535 0x0644 CSC - ok
09:24:27.0573 0x0644 [ 0A2095F92F6AE4FE6484D911B0C21E95, 52E2E08107FEBD6B46E1C71B39ECA8AB1A0ECF18CA248D9172F831B6FAB99139 ] CscService C:\Windows\System32\cscsvc.dll
09:24:27.0612 0x0644 CscService - ok
09:24:27.0665 0x0644 [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch C:\Windows\system32\rpcss.dll
09:24:27.0700 0x0644 DcomLaunch - ok
09:24:27.0735 0x0644 [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:24:27.0748 0x0644 DfsC - ok
09:24:27.0920 0x0644 [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR C:\Windows\system32\DFSR.exe
09:24:28.0005 0x0644 DFSR - ok
09:24:28.0081 0x0644 [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp C:\Windows\System32\dhcpcsvc.dll
09:24:28.0104 0x0644 Dhcp - ok
09:24:28.0126 0x0644 [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk C:\Windows\system32\drivers\disk.sys
09:24:28.0137 0x0644 disk - ok
09:24:28.0168 0x0644 [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:24:28.0182 0x0644 Dnscache - ok
09:24:28.0212 0x0644 [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc C:\Windows\System32\dot3svc.dll
09:24:28.0235 0x0644 dot3svc - ok
09:24:28.0294 0x0644 [ 4F59C172C094E1A1D46463A8DC061CBD, CE09A4ED1F8BA6242E152C384AFF5C3C95FBB8556DAE23765272F13BF158D8F9 ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
09:24:28.0316 0x0644 Dot4 - ok
09:24:28.0346 0x0644 [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5, 69BB5B07D03FA9F28591012F2AA4A583D3F086644C136D63A56D1A827121CC19 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
09:24:28.0366 0x0644 Dot4Print - ok
09:24:28.0401 0x0644 [ C55004CA6B419B6695970DFE849B122F, 6E0C4A9E24DD09E9389E097AF63E7F5040A0658DDCEBBE963968B7118CFE9AB8 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
09:24:28.0421 0x0644 dot4usb - ok
09:24:28.0472 0x0644 [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS C:\Windows\system32\dps.dll
09:24:28.0505 0x0644 DPS - ok
09:24:28.0539 0x0644 [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:24:28.0549 0x0644 drmkaud - ok
09:24:28.0592 0x0644 [ E6B7D1B24E16FB24CE1FEA964E144EBC, 30F81E0A017163A1AB463FE3A13B5CC2905B973E782AEBC1EB63759BF2470658 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
09:24:28.0606 0x0644 dtsoftbus01 - ok
09:24:28.0703 0x0644 [ 5C2C209CDEFBC51D83D66E8A53B2BE89, 7AE68672A6BEEF601017BE28AA0BF3673318EFE97AA08E70F58A9391C54DF71F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:24:28.0742 0x0644 DXGKrnl - ok
09:24:28.0777 0x0644 [ 5425F74AC0C1DBD96A1E04F17D63F94C, AD133CEDCDEA75420C75A91BB4CF7152475D46ED7B7703E3BAE5F9946D610292 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
09:24:28.0800 0x0644 E1G60 - ok
09:24:28.0824 0x0644 [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost C:\Windows\System32\eapsvc.dll
09:24:28.0843 0x0644 EapHost - ok
09:24:28.0887 0x0644 [ 9BAB89DBB27891DEEF6E1F1B589A6ED4, 61BE4A6394ED5C99CB84B720F6AA6B97C7FE71A7A04D822F6EE99AB084C55606 ] Ecache C:\Windows\system32\drivers\ecache.sys
09:24:28.0899 0x0644 Ecache - ok
09:24:28.0937 0x0644 [ 23B62471681A124889978F6295B3F4C6, A90C521F06125B86A26EA625B0E7F811AF7D328E1313165E7AD4A83596A23819 ] elxstor C:\Windows\system32\drivers\elxstor.sys
09:24:28.0955 0x0644 elxstor - ok
09:24:29.0011 0x0644 [ E798C0BDFA4913CCF8A646D29BB34796, 7CDB2BCCDD8A8A70C6248C327A357EA3488C7ADED32D4F89B933ED72AE12B73B ] EMDMgmt C:\Windows\system32\emdmgmt.dll
09:24:29.0053 0x0644 EMDMgmt - ok
09:24:29.0073 0x0644 [ 3DB974F3935483555D7148663F726C61, C288CFC04213B0340ABEC752C0A7B308B29122B5F51E68387BA1D9E9D7166FDD ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:24:29.0093 0x0644 ErrDev - ok
09:24:29.0138 0x0644 [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem C:\Windows\system32\es.dll
09:24:29.0164 0x0644 EventSystem - ok
09:24:29.0207 0x0644 [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat C:\Windows\system32\drivers\exfat.sys
09:24:29.0220 0x0644 exfat - ok
09:24:29.0313 0x0644 [ 4E404505B3F62ECFBDBCBBCF0A72DBC5, 9F446ED06A31BFE52C4F1E8ACC400B8E3F47A3CC02FFC950DB861B2B3BA4C5B9 ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:24:29.0331 0x0644 fastfat - ok
09:24:29.0366 0x0644 [ DFBA0F60FA301E5B1BFB1403A93EE23E, 727A01AA77BFD6B6FEB394A4C4CCBDB785987A1904F8EED3739A5F6D03C15965 ] Fax C:\Windows\system32\fxssvc.exe
09:24:29.0392 0x0644 Fax - ok
09:24:29.0410 0x0644 [ AFE1E8B9782A0DD7FB46BBD88E43F89A, B4CBE1DC3430F2F3485F49007C71293D5B86E9C405741EA00A67B00A38BE1F8D ] fdc C:\Windows\system32\DRIVERS\fdc.sys
09:24:29.0431 0x0644 fdc - ok
09:24:29.0454 0x0644 [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost C:\Windows\system32\fdPHost.dll
09:24:29.0473 0x0644 fdPHost - ok
09:24:29.0482 0x0644 [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub C:\Windows\system32\fdrespub.dll
09:24:29.0525 0x0644 FDResPub - ok
09:24:29.0538 0x0644 [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:24:29.0548 0x0644 FileInfo - ok
09:24:29.0578 0x0644 [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:24:29.0600 0x0644 Filetrace - ok
09:24:29.0614 0x0644 [ 85B7CF99D532820495D68D747FDA9EBD, 682D35D219D1AFBE51CF0AB03F2D3E15C940F5AF291C1A611A19F4D279143F3C ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
09:24:29.0641 0x0644 flpydisk - ok
09:24:29.0682 0x0644 [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:24:29.0700 0x0644 FltMgr - ok
09:24:29.0802 0x0644 [ 61AC5BF24A155C95F865290F046F91EF, 89F6A96F5CBD04390CF0509DDC22E4FDC1F8AB862F23957D583A757C1E51C20B ] FontCache C:\Windows\system32\FntCache.dll
09:24:29.0857 0x0644 FontCache - ok
09:24:29.0903 0x0644 [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
09:24:29.0911 0x0644 FontCache3.0.0.0 - ok
09:24:29.0932 0x0644 [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:24:29.0944 0x0644 Fs_Rec - ok
09:24:30.0039 0x0644 [ 34582A6E6573D54A07ECE5FE24A126B5, 5F45DC38F8015AD90616EAD3B57820CCD284938A96B2C4E1FF5FC7BDEE8A848D ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
09:24:30.0050 0x0644 gagp30kx - ok
09:24:30.0085 0x0644 [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc C:\Windows\System32\gpsvc.dll
09:24:30.0149 0x0644 gpsvc - ok
09:24:30.0205 0x0644 [ 833051C6C6C42117191935F734CFBD97, 5EB5672ABC7994A4AFF855A572158B8BE4FC6E541CFD4B9BE4FF2739A9A6AFB8 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
09:24:30.0213 0x0644 hamachi - ok
09:24:30.0280 0x0644 [ 3F90E001369A07243763BD5A523D8722, 25907F85787D879E75C3FE74C93567382AFB2D528BEEC61D71E3A6BE2D71DFBE ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:24:30.0298 0x0644 HdAudAddService - ok
09:24:30.0356 0x0644 [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
09:24:30.0389 0x0644 HDAudBus - ok
09:24:30.0411 0x0644 [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth C:\Windows\system32\drivers\hidbth.sys
09:24:30.0452 0x0644 HidBth - ok
09:24:30.0474 0x0644 [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr C:\Windows\system32\drivers\hidir.sys
09:24:30.0511 0x0644 HidIr - ok
09:24:30.0539 0x0644 [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv C:\Windows\system32\hidserv.dll
09:24:30.0550 0x0644 hidserv - ok
09:24:30.0581 0x0644 [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
09:24:30.0591 0x0644 HidUsb - ok
09:24:30.0610 0x0644 [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc C:\Windows\system32\kmsvc.dll
09:24:30.0636 0x0644 hkmsvc - ok
09:24:30.0650 0x0644 [ 16EE7B23A009E00D835CDB79574A91A6, 964AFE7D2F7E48C7DE7FDAB48F57ADC4AD44A0B2A9A03071E0E8D334007E5572 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
09:24:30.0662 0x0644 HpCISSs - ok
09:24:30.0787 0x0644 [ CE0FCEC4D4D860F36D972759B11EAF0F, 81F9E391A71D9FB9DD41BC35BD5136B3A851C231BE5A6E936B84E49CDAAF0B67 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
09:24:30.0800 0x0644 hpqcxs08 - detected UnsignedFile.Multi.Generic ( 1 )
09:24:31.0053 0x0644 Detect skipped due to KSN trusted
09:24:31.0053 0x0644 hpqcxs08 - ok
09:24:31.0114 0x0644 [ 7DA3211AC63EDD90B8ECA1CA1ABFD43B, D3D1EA40833157386E83EAC3B730E043BE0ED831106972625E285263ADB968C3 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
09:24:31.0124 0x0644 hpqddsvc - detected UnsignedFile.Multi.Generic ( 1 )
09:24:31.0317 0x0644 Detect skipped due to KSN trusted
09:24:31.0317 0x0644 hpqddsvc - ok
09:24:31.0495 0x0644 [ CBD09ED9CF6822177EE85AEA4D8816A2, 369897B4609B3FE55F9A82F19E38116E2E6527E349D48A956607EDED71F664D2 ] HTCAND32 C:\Windows\system32\Drivers\ANDROIDUSB.sys
09:24:31.0514 0x0644 HTCAND32 - ok
09:24:31.0539 0x0644 [ 52395A94C127C0266D1C0F3CCE8A4345, A5477CD488291C0F31DBF104E67E5FB41D45ADC85ABFD03059FF27BCCF07CFD8 ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys
09:24:31.0547 0x0644 htcnprot - ok
09:24:31.0584 0x0644 [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:24:31.0649 0x0644 HTTP - ok
09:24:31.0688 0x0644 [ C6B032D69650985468160FC9937CF5B4, 4D5A944C70037F35A9DBA4F49F174455FA80ED7EAEDAA143F0A2C0E05AE585D8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
09:24:31.0698 0x0644 i2omp - ok
09:24:31.0734 0x0644 [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
09:24:31.0753 0x0644 i8042prt - ok
09:24:31.0774 0x0644 [ 54155EA1B0DF185878E0FC9EC3AC3A14, 344A0793499261D2E4FF2FCCC70501329485F8E299EBC68953D07BA86F0D4729 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
09:24:31.0789 0x0644 iaStorV - ok
09:24:31.0877 0x0644 [ DD386C45D2B5863740166783448A2E7A, 10B912BA70306644BE73A53AF4DCDFF63880C4C5860FF6DBA92B0914EB566718 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:24:31.0936 0x0644 idsvc - ok
09:24:31.0958 0x0644 [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp C:\Windows\system32\drivers\iirsp.sys
09:24:31.0967 0x0644 iirsp - ok
09:24:32.0060 0x0644 [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT C:\Windows\System32\ikeext.dll
09:24:32.0107 0x0644 IKEEXT - ok
09:24:32.0137 0x0644 [ 83AA759F3189E6370C30DE5DC5590718, 7406FE41EA8FB80052517318CB72E2641E92E579FAFAF5E8DDDFF0BF8DAE773A ] intelide C:\Windows\system32\drivers\intelide.sys
09:24:32.0146 0x0644 intelide - ok
09:24:32.0167 0x0644 [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:24:32.0188 0x0644 intelppm - ok
09:24:32.0223 0x0644 [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:24:32.0250 0x0644 IPBusEnum - ok
09:24:32.0322 0x0644 [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:24:32.0337 0x0644 IpFilterDriver - ok
09:24:32.0368 0x0644 [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:24:32.0400 0x0644 iphlpsvc - ok
09:24:32.0400 0x0644 IpInIp - ok
09:24:32.0415 0x0644 [ B25AAF203552B7B3491139D582B39AD1, EA9C38F512F40FF12975A6719E6FE4D7EA93A4B2497103E0FDA5A4CD6033C0A6 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
09:24:32.0431 0x0644 IPMIDRV - ok
09:24:32.0478 0x0644 [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
09:24:32.0493 0x0644 IPNAT - ok
09:24:32.0509 0x0644 [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:24:32.0540 0x0644 IRENUM - ok
09:24:32.0571 0x0644 [ 6C70698A3E5C4376C6AB5C7C17FB0614, 10FBCBA5A74AF5D136B152FD4D3DFA2A1F2CEBC3F979D5BA6DB98B3DCB2F7A07 ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:24:32.0571 0x0644 isapnp - ok
09:24:32.0680 0x0644 [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
09:24:32.0696 0x0644 iScsiPrt - ok
09:24:32.0743 0x0644 [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
09:24:32.0758 0x0644 iteatapi - ok
09:24:32.0774 0x0644 [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid C:\Windows\system32\drivers\iteraid.sys
09:24:32.0790 0x0644 iteraid - ok
09:24:32.0805 0x0644 [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
09:24:32.0805 0x0644 kbdclass - ok
09:24:32.0852 0x0644 [ EDE59EC70E25C24581ADD1FBEC7325F7, 41B37778E9A12675FC0DF74606AAF18C652EB88513B3C4889C5C512E14587CEE ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
09:24:32.0868 0x0644 kbdhid - ok
09:24:32.0883 0x0644 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso C:\Windows\system32\lsass.exe
09:24:32.0899 0x0644 KeyIso - ok
09:24:33.0024 0x0644 [ C89E473697B67F0E3AE9211ADBD43278, DECC1CA1E0FB0CDE384F29F5FC5D234C2C923999EB98FE1F88CDCA37859116A3 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:24:33.0039 0x0644 KSecDD - ok
09:24:33.0086 0x0644 [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm C:\Windows\system32\msdtckrm.dll
09:24:33.0117 0x0644 KtmRm - ok
09:24:33.0148 0x0644 [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer C:\Windows\system32\srvsvc.dll
09:24:33.0164 0x0644 LanmanServer - ok
09:24:33.0226 0x0644 [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:24:33.0242 0x0644 LanmanWorkstation - ok
09:24:33.0258 0x0644 [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:24:33.0289 0x0644 lltdio - ok
09:24:33.0320 0x0644 [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:24:33.0351 0x0644 lltdsvc - ok
09:24:33.0367 0x0644 [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:24:33.0398 0x0644 lmhosts - ok
09:24:33.0429 0x0644 [ C7E15E82879BF3235B559563D4185365, 98C9268ADF6BAEB0522BB84BE6C98D0D6D5EB4BD27BB61412D208232164C8435 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
09:24:33.0429 0x0644 LSI_FC - ok
09:24:33.0460 0x0644 [ EE01EBAE8C9BF0FA072E0FF68718920A, 655924440E611278998226299645BC72B3627A8A057286DC8D65A162CFBBE484 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
09:24:33.0460 0x0644 LSI_SAS - ok
09:24:33.0476 0x0644 [ 912A04696E9CA30146A62AFA1463DD5C, 1D336D47B9D1C8449F29CDB776C092235E3D70CE53D9440970533E376EB004D3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
09:24:33.0492 0x0644 LSI_SCSI - ok
09:24:33.0507 0x0644 [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv C:\Windows\system32\drivers\luafv.sys
09:24:33.0538 0x0644 luafv - ok
09:24:33.0554 0x0644 MBAMSwissArmy - ok
09:24:33.0570 0x0644 [ 0001CE609D66632FA17B84705F658879, D5F9758BDC2B733307B565A74B33F5581FB425A5A9F32CCFA307DA1569EBD6CD ] megasas C:\Windows\system32\drivers\megasas.sys
09:24:33.0570 0x0644 megasas - ok
09:24:33.0601 0x0644 [ C252F32CD9A49DBFC25ECF26EBD51A99, 47EC8F475AB62A00FAF989CD2C3ABDF2922588F75CC15C83CD99A62EF6400FB0 ] MegaSR C:\Windows\system32\drivers\megasr.sys
09:24:33.0632 0x0644 MegaSR - ok
09:24:33.0694 0x0644 [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
09:24:33.0694 0x0644 Microsoft Office Groove Audit Service - ok
09:24:33.0726 0x0644 [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS C:\Windows\system32\mmcss.dll
09:24:33.0757 0x0644 MMCSS - ok
09:24:33.0772 0x0644 [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem C:\Windows\system32\drivers\modem.sys
09:24:33.0804 0x0644 Modem - ok
09:24:33.0819 0x0644 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:24:33.0850 0x0644 monitor - ok
09:24:33.0850 0x0644 [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
09:24:33.0866 0x0644 mouclass - ok
09:24:33.0882 0x0644 [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:24:33.0897 0x0644 mouhid - ok
09:24:33.0913 0x0644 [ 3EAE06B0D9E32A3D45DC3E07F1FBFA97, 0C56D92C5131D60AF2FCCF071976F2932A2C544C5EC4C2A5476E99CDE17FF08C ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
09:24:33.0928 0x0644 MountMgr - ok
09:24:33.0991 0x0644 [ 5961C5D8EDD2E2A3B99F1782AE1AC21F, C383A4724A335737C4C7C3211AFCFB82D373267EC634BC47EE078A1C66E1F62A ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
09:24:34.0006 0x0644 MozillaMaintenance - ok
09:24:34.0038 0x0644 [ 511D011289755DD9F9A7579FB0B064E6, 1FD0D0D5B6E08FE06F7A5D0821BCD859B0F98A6DEA58AAB7FB6C95B64212FFC8 ] mpio C:\Windows\system32\drivers\mpio.sys
09:24:34.0038 0x0644 mpio - ok
09:24:34.0069 0x0644 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:24:34.0084 0x0644 mpsdrv - ok
09:24:34.0116 0x0644 [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc C:\Windows\system32\mpssvc.dll
09:24:34.0178 0x0644 MpsSvc - ok
09:24:34.0209 0x0644 [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
09:24:34.0209 0x0644 Mraid35x - ok
09:24:34.0256 0x0644 [ DADF6D90942C198CD15D345A9F6CF4CD, 993240684DA9EC5B45B28EEEB36B4676A0ADE5CA385C231DF7F94B81F6A69DD3 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:24:34.0272 0x0644 MRxDAV - ok
09:24:34.0318 0x0644 [ 1B864548B2ACEC1C0BB29B615CC42978, E1DA3E6764A2C7072D99F2F093E5F40DB6DC809701B59C155C6B4EE327AB9E41 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:24:34.0334 0x0644 mrxsmb - ok
09:24:34.0365 0x0644 [ 3F39B02EEDC5B8A0ED896EA1CDF7245F, 41C1DCD82F964A398B7C3D44178DBF7C8AF1C2DBC5F2D944BE6B00E909FE083B ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:24:34.0381 0x0644 mrxsmb10 - ok
09:24:34.0396 0x0644 [ D0670EC8E5AD3FA5BE372BF70AC0EABF, BD2D1BA151FD5409EAA41ECCBEB863FE52FF7C2D92349961FEE736D66970748E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:24:34.0412 0x0644 mrxsmb20 - ok
09:24:34.0443 0x0644 [ 5457DCFA7C0DA43522F4D9D4049C1472, C8B0FD8F96E4FC5CB4B74D5968E808F44B4371F0A797B1D368E6A6080CB862FD ] msahci C:\Windows\system32\drivers\msahci.sys
09:24:34.0459 0x0644 msahci - ok
09:24:34.0474 0x0644 [ 4468B0F385A86ECDDAF8D3CA662EC0E7, EAEDC9CDD2EEC5000AF8190A4BE7729282576C3F88E64FDF57F455F5CECC81C9 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:24:34.0490 0x0644 msdsm - ok
09:24:34.0506 0x0644 [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC C:\Windows\System32\msdtc.exe
09:24:34.0521 0x0644 MSDTC - ok
09:24:34.0537 0x0644 [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:24:34.0552 0x0644 Msfs - ok
09:24:34.0584 0x0644 [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:24:34.0599 0x0644 msisadrv - ok
09:24:34.0630 0x0644 [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:24:34.0646 0x0644 MSiSCSI - ok
09:24:34.0662 0x0644 msiserver - ok
09:24:34.0693 0x0644 [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:24:34.0708 0x0644 MSKSSRV - ok
09:24:34.0724 0x0644 [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:24:34.0755 0x0644 MSPCLOCK - ok
09:24:34.0755 0x0644 [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:24:34.0786 0x0644 MSPQM - ok
09:24:34.0818 0x0644 [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:24:34.0818 0x0644 MsRPC - ok
09:24:34.0833 0x0644 [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
09:24:34.0849 0x0644 mssmbios - ok
09:24:34.0864 0x0644 [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:24:34.0880 0x0644 MSTEE - ok
09:24:34.0896 0x0644 [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup C:\Windows\system32\Drivers\mup.sys
09:24:34.0911 0x0644 Mup - ok
09:24:34.0942 0x0644 [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent C:\Windows\system32\qagentRT.dll
09:24:34.0974 0x0644 napagent - ok
09:24:35.0005 0x0644 [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:24:35.0020 0x0644 NativeWifiP - ok
09:24:35.0098 0x0644 [ DEC4B200C459FA929B0A764E79904B79, 40261D7D0BEE45E6E3F4F25D7ACAB00744BAF5D515B6D84B41A25ED22380DC13 ] NDIS C:\Windows\system32\drivers\ndis.sys
09:24:35.0130 0x0644 NDIS - ok
09:24:35.0161 0x0644 [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:24:35.0176 0x0644 NdisTapi - ok
09:24:35.0176 0x0644 [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:24:35.0192 0x0644 Ndisuio - ok
09:24:35.0208 0x0644 [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:24:35.0239 0x0644 NdisWan - ok
09:24:35.0254 0x0644 [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:24:35.0270 0x0644 NDProxy - ok
09:24:35.0348 0x0644 [ 2969D26EEE289BE7422AA46FC55F4E38, 0128C6C764C9BE01E9C5B272385524361C46C051D9D371D8E06B8493A49250AF ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
09:24:35.0348 0x0644 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
09:24:35.0567 0x0644 Detect skipped due to KSN trusted
09:24:35.0567 0x0644 Net Driver HPZ12 - ok
09:24:35.0599 0x0644 [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:24:35.0630 0x0644 NetBIOS - ok
09:24:35.0661 0x0644 [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt C:\Windows\system32\DRIVERS\netbt.sys
09:24:35.0692 0x0644 netbt - ok
09:24:35.0692 0x0644 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon C:\Windows\system32\lsass.exe
09:24:35.0708 0x0644 Netlogon - ok
09:24:35.0739 0x0644 [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman C:\Windows\System32\netman.dll
09:24:35.0770 0x0644 Netman - ok
09:24:35.0817 0x0644 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:24:35.0833 0x0644 NetMsmqActivator - ok
09:24:35.0848 0x0644 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:24:35.0864 0x0644 NetPipeActivator - ok
09:24:35.0926 0x0644 [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm C:\Windows\System32\netprofm.dll
09:24:35.0957 0x0644 netprofm - ok
09:24:36.0035 0x0644 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:24:36.0051 0x0644 NetTcpActivator - ok
09:24:36.0098 0x0644 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:24:36.0129 0x0644 NetTcpPortSharing - ok
09:24:36.0254 0x0644 [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
09:24:36.0269 0x0644 nfrd960 - ok
09:24:36.0332 0x0644 [ C96411DD46AABC0D6F3CF06D0E0E7E14, 0D36F322AF1B923D96735BFFCAC3FDB0B282E59220BADAB8B49AC178A6765380 ] NlaSvc C:\Windows\System32\nlasvc.dll
09:24:36.0347 0x0644 NlaSvc - ok
09:24:36.0394 0x0644 [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:24:36.0410 0x0644 Npfs - ok
09:24:36.0425 0x0644 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi C:\Windows\system32\nsisvc.dll
09:24:36.0457 0x0644 nsi - ok
09:24:36.0535 0x0644 [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:24:36.0550 0x0644 nsiproxy - ok
09:24:36.0706 0x0644 [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:24:36.0784 0x0644 Ntfs - ok
09:24:36.0831 0x0644 [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
09:24:36.0878 0x0644 ntrigdigi - ok
09:24:36.0909 0x0644 [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null C:\Windows\system32\drivers\Null.sys
09:24:36.0925 0x0644 Null - ok
09:24:37.0393 0x0644 [ 2FA5434344AF84D73F66BA402FF78690, D244C9BA5C9A582C17AA5DE3BE78A2C177AC2CEE5EE6C0E62A52AED7C51B0FB1 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
09:24:41.0308 0x0644 nvlddmkm - ok
09:24:41.0371 0x0644 [ 2EDF9E7751554B42CBB60116DE727101, 37A0AA78E83DBB5A788F7F067EB71DDF6CCC72A66BB41B209E1A5E2F68F8AF9B ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:24:41.0433 0x0644 nvraid - ok
09:24:41.0464 0x0644 [ ABED0C09758D1D97DB0042DBB2688177, 84B9BF886EF9181915E8AB6D971446BC681E6DE4485DBECD62838EAFA10E7F46 ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:24:41.0480 0x0644 nvstor - ok
09:24:41.0573 0x0644 [ B785320CBCF5021DE9945C803696C511, 01D374F6F0EEA385A25DA375EDDD83F5F6F3FEC6D5C3F844AE2DDE75C451A623 ] nvsvc C:\Windows\system32\nvvsvc.exe
09:24:41.0776 0x0644 nvsvc - ok
09:24:42.0135 0x0644 [ D2B064796C369F82E96397F721C4A29D, 49A9E7DBCFFE5C8D0B22088193277366BAEA7D6CF51894BD4030F7C96275237B ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
09:24:42.0182 0x0644 nvUpdatusService - ok
09:24:42.0213 0x0644 [ 18BBDF913916B71BD54575BDB6EEAC0B, 5FBA165149AB09E869DCE35622E91CFC964BDD22B31A5E76CF12F1565402B207 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:24:42.0229 0x0644 nv_agp - ok
09:24:42.0229 0x0644 NwlnkFlt - ok
09:24:42.0260 0x0644 NwlnkFwd - ok
09:24:42.0307 0x0644 [ F9BEED56D7FCDBD4924AC1E628261882, 9D7A355A1C3E7241CFF3DA06730F3E3A8ECCAA3D1F16B03D7B1D418FAF837B9D ] O2FLASH C:\Windows\system32\DRIVERS\o2flash.exe
09:24:42.0338 0x0644 O2FLASH - ok
09:24:42.0416 0x0644 [ 4F8D4B1233AF48B30F4FDC76A8865CFA, 1AE34F62B42345687481851D6366548155E2907D7470612C67F438C97E97BA28 ] O2MDGRDR C:\Windows\system32\DRIVERS\o2mdg.sys
09:24:42.0431 0x0644 O2MDGRDR - ok
09:24:42.0509 0x0644 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:24:42.0525 0x0644 odserv - ok
09:24:42.0728 0x0644 [ 86326062A90494BDD79CE383511D7D69, 43D5682CA8ECB4BA7CC1A5C4C2BF966EE4802E8C3AA84CDEB634CA3C410DAB89 ] OEM13Vfx C:\Windows\system32\DRIVERS\OEM13Vfx.sys
09:24:42.0728 0x0644 OEM13Vfx - ok
09:24:42.0759 0x0644 [ 12539B57ED05DE7552403A12B3E0161C, 15E1E10DBA6508B539A1CDD0B2E809E40ECB0988AE76FC1A477FA83F01AA8495 ] OEM13Vid C:\Windows\system32\DRIVERS\OEM13Vid.sys
09:24:42.0806 0x0644 OEM13Vid - ok
09:24:42.0853 0x0644 [ 6F310E890D46E246E0E261A63D9B36B4, 7050B0C43CC0DF2DDAD3EB8D2FF9EEE425A627C68654CBB154D55A4B1A47AA08 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
09:24:42.0868 0x0644 ohci1394 - ok
09:24:43.0024 0x0644 [ D3E2E1CE1527AE076706419ABE7F4608, 6E85F9D2A314BE2DC346B1C990CB496258E62DBAC656F57AC66410A607016132 ] OpenVPNService C:\Neue Programme\OpenVPN\bin\openvpnserv.exe
09:24:43.0024 0x0644 OpenVPNService - detected UnsignedFile.Multi.Generic ( 1 )
09:24:43.0321 0x0644 Detect skipped due to KSN trusted
09:24:43.0321 0x0644 OpenVPNService - ok
09:24:43.0367 0x0644 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:24:43.0383 0x0644 ose - ok
09:24:43.0445 0x0644 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc C:\Windows\system32\p2psvc.dll
09:24:43.0508 0x0644 p2pimsvc - ok
09:24:43.0539 0x0644 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc C:\Windows\system32\p2psvc.dll
09:24:43.0570 0x0644 p2psvc - ok
09:24:43.0601 0x0644 [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport C:\Windows\system32\drivers\parport.sys
09:24:43.0633 0x0644 Parport - ok
09:24:43.0679 0x0644 [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:24:43.0695 0x0644 partmgr - ok
09:24:43.0695 0x0644 [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
09:24:43.0742 0x0644 Parvdm - ok
09:24:43.0789 0x0644 [ 5F731DD45D3B176C071E4CCEEB87B06B, 9B090813203FE4A2AA1BEAE942F4023FFE00599A52712B306330565816E55FA1 ] PassThru Service C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
09:24:43.0804 0x0644 PassThru Service - detected UnsignedFile.Multi.Generic ( 1 )
09:24:44.0007 0x0644 Detect skipped due to KSN trusted
09:24:44.0007 0x0644 PassThru Service - ok
09:24:44.0038 0x0644 [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc C:\Windows\System32\pcasvc.dll
09:24:44.0085 0x0644 PcaSvc - ok
09:24:44.0132 0x0644 [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci C:\Windows\system32\drivers\pci.sys
09:24:44.0147 0x0644 pci - ok
09:24:44.0163 0x0644 [ FC175F5DDAB666D7F4D17449A547626F, 7D6108213D1AD3F97A3B83E491BCCC7D6F5BC72C32A182BDDE8736851A26C8D2 ] pciide C:\Windows\system32\drivers\pciide.sys
09:24:44.0179 0x0644 pciide - ok
09:24:44.0210 0x0644 [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
09:24:44.0225 0x0644 pcmcia - ok
09:24:44.0288 0x0644 [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:24:44.0366 0x0644 PEAUTH - ok
09:24:44.0475 0x0644 [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla C:\Windows\system32\pla.dll
09:24:44.0834 0x0644 pla - ok
09:24:44.0959 0x0644 [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:24:44.0990 0x0644 PlugPlay - ok
09:24:45.0099 0x0644 [ BAFC9706BDF425A02B66468AB2605C59, 6F8F7982AD452F0E68D91CCAF05DF152F00FA3D885DCBBBC470199E74F17B1E0 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
09:24:45.0177 0x0644 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
09:24:45.0442 0x0644 Detect skipped due to KSN trusted
09:24:45.0442 0x0644 Pml Driver HPZ12 - ok
09:24:45.0489 0x0644 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
09:24:45.0520 0x0644 PNRPAutoReg - ok
09:24:45.0551 0x0644 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc C:\Windows\system32\p2psvc.dll
09:24:45.0598 0x0644 PNRPsvc - ok
09:24:45.0629 0x0644 [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:24:45.0676 0x0644 PolicyAgent - ok
09:24:45.0723 0x0644 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:24:45.0739 0x0644 PptpMiniport - ok
09:24:45.0770 0x0644 [ 2027293619DD0F047C584CF2E7DF4FFD, B7C172CCD08D8A30483D27536355ED1E5009B33629355B426470AFBA8542B394 ] Processor C:\Windows\system32\drivers\processr.sys
09:24:45.0785 0x0644 Processor - ok
09:24:45.0848 0x0644 [ 0D5DAD610D7EA1627581ED06FB2BAA9A, 6E27CF3A1624AE10EECB8B5F38E03D76A6AABE4E75DD66DEDD67E0773935A396 ] ProfSvc C:\Windows\system32\profsvc.dll
09:24:45.0863 0x0644 ProfSvc - ok
09:24:45.0879 0x0644 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
09:24:45.0895 0x0644 ProtectedStorage - ok
09:24:45.0910 0x0644 [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
09:24:45.0941 0x0644 PSched - ok
09:24:46.0004 0x0644 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6, 8B7D44A7698B95FE34CBBE4FAB2F01EC1F5BA86C2B19672F99767E650E99BF1C ] ql2300 C:\Windows\system32\drivers\ql2300.sys
09:24:46.0238 0x0644 ql2300 - ok
09:24:46.0301 0x0644 [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
09:24:46.0305 0x0644 ql40xx - ok
09:24:46.0346 0x0644 [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE C:\Windows\system32\qwave.dll
09:24:46.0372 0x0644 QWAVE - ok
09:24:46.0390 0x0644 [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:24:46.0403 0x0644 QWAVEdrv - ok
09:24:46.0413 0x0644 [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:24:46.0437 0x0644 RasAcd - ok
09:24:46.0483 0x0644 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto C:\Windows\System32\rasauto.dll
09:24:46.0512 0x0644 RasAuto - ok
09:24:46.0536 0x0644 [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:24:46.0680 0x0644 Rasl2tp - ok
09:24:46.0834 0x0644 [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan C:\Windows\System32\rasmans.dll
09:24:46.0986 0x0644 RasMan - ok
09:24:47.0016 0x0644 [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:24:47.0035 0x0644 RasPppoe - ok
09:24:47.0051 0x0644 [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:24:47.0065 0x0644 RasSstp - ok
09:24:47.0100 0x0644 [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:24:47.0128 0x0644 rdbss - ok
09:24:47.0163 0x0644 [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:24:47.0186 0x0644 RDPCDD - ok
09:24:47.0231 0x0644 [ 943B18305EAE3935598A9B4A3D560B4C, E083FA4B9CA1A24031FF23A54942372D7FB3F02F62EE3580F01BEC3229DB2101 ] rdpdr C:\Windows\system32\DRIVERS\rdpdr.sys
09:24:47.0360 0x0644 rdpdr - ok
09:24:47.0413 0x0644 [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:24:47.0521 0x0644 RDPENCDD - ok
09:24:47.0653 0x0644 [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:24:47.0754 0x0644 RDPWD - ok
09:24:47.0810 0x0644 [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess C:\Windows\System32\mprdim.dll
09:24:47.0835 0x0644 RemoteAccess - ok
09:24:47.0912 0x0644 [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:24:47.0963 0x0644 RemoteRegistry - ok
09:24:47.0976 0x0644 [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator C:\Windows\system32\locator.exe
09:24:47.0986 0x0644 RpcLocator - ok
09:24:48.0019 0x0644 [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs C:\Windows\system32\rpcss.dll
09:24:48.0052 0x0644 RpcSs - ok
09:24:48.0071 0x0644 [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:24:48.0094 0x0644 rspndr - ok
09:24:48.0148 0x0644 [ 2D19A7469EA19993D0C12E627F4530BC, B59F0D4ACAA60ED95093FA561D4C5D87F26C9F6C646858772743038D97B2D6AB ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
09:24:48.0173 0x0644 RTL8169 - ok
09:24:48.0178 0x0644 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs C:\Windows\system32\lsass.exe
09:24:48.0189 0x0644 SamSs - ok
09:24:48.0240 0x0644 [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:24:48.0277 0x0644 sbp2port - ok
09:24:48.0302 0x0644 [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:24:48.0325 0x0644 SCardSvr - ok
09:24:48.0390 0x0644 [ F79CC0F814748E15538BF4D808030739, 396E94A309AFB163791095A25950CB7D85EEC43B416E1E7F056F430E1B719F4D ] Schedule C:\Windows\system32\schedsvc.dll
09:24:48.0485 0x0644 Schedule - ok
09:24:48.0497 0x0644 [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc C:\Windows\System32\certprop.dll
09:24:48.0513 0x0644 SCPolicySvc - ok
09:24:48.0543 0x0644 [ 8F36B54688C31EED4580129040C6A3D3, DC150689CBAEEC94B9DE0CA6A633FAD16CDDDC452521232E0C2A44BAE61E08D9 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
09:24:48.0564 0x0644 sdbus - ok
09:24:48.0593 0x0644 [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:24:48.0616 0x0644 SDRSVC - ok
09:24:48.0648 0x0644 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:24:48.0660 0x0644 secdrv - ok
09:24:48.0693 0x0644 [ 7D7A5D3CB5AB4B394E03BDE27E6114E8, 590644469036B9C2DF3D6E56D41FD7D09D0AE5021B0FA96A8CBA873F923865C8 ] seclogon C:\Windows\system32\seclogon.dll
09:24:48.0705 0x0644 seclogon - ok
09:24:48.0711 0x0644 [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS C:\Windows\System32\sens.dll
09:24:48.0734 0x0644 SENS - ok
09:24:48.0923 0x0644 [ 68E44E331D46F0FB38F0863A84CD1A31, 0778D85B6869CE2610820DC9724360538BFE832426E898AEBC34E53D2AB4322B ] Serenum C:\Windows\system32\drivers\serenum.sys
09:24:49.0069 0x0644 Serenum - ok
09:24:49.0219 0x0644 [ C70D69A918B178D3C3B06339B40C2E1B, 40BEEECA4C797A3355F4B01C57C2763C33028F27826315062320789A496D0810 ] Serial C:\Windows\system32\drivers\serial.sys
09:24:49.0256 0x0644 Serial - ok
09:24:49.0268 0x0644 [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse C:\Windows\system32\drivers\sermouse.sys
09:24:49.0299 0x0644 sermouse - ok
09:24:49.0326 0x0644 [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv C:\Windows\system32\sessenv.dll
09:24:49.0359 0x0644 SessionEnv - ok
09:24:49.0375 0x0644 [ 3EFA810BDCA87F6ECC24F9832243FE86, E50FEA94DB9851A46A8A71A8C061AC953A9D5B14585382B3F0FFC84931A0A68F ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
09:24:49.0393 0x0644 sffdisk - ok
09:24:49.0409 0x0644 [ E95D451F7EA3E583AEC75F3B3EE42DC5, B014BE4F9B0C79ECCE2537D1CF4AAD48ACB4C5AD3DACAC4444F0F465B9689921 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:24:49.0429 0x0644 sffp_mmc - ok
09:24:49.0448 0x0644 [ 9F66A46C55D6F1CCABC79BB7AFCCC545, 029115C69315D2298F7FC944A53EF7F120FF74919208EB5ABC190022176D9B16 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
09:24:49.0463 0x0644 sffp_sd - ok
09:24:49.0481 0x0644 [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
09:24:49.0517 0x0644 sfloppy - ok
09:24:49.0563 0x0644 [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess C:\Windows\System32\ipnathlp.dll
09:24:49.0603 0x0644 SharedAccess - ok
09:24:49.0635 0x0644 [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:24:49.0651 0x0644 ShellHWDetection - ok
09:24:49.0697 0x0644 [ 1D76624A09A054F682D746B924E2DBC3, DC903DD466AB8899883253F09477B02E4E93A31C8B279F9F02BD555F1AA083B7 ] sisagp C:\Windows\system32\drivers\sisagp.sys
09:24:49.0707 0x0644 sisagp - ok
09:24:49.0726 0x0644 [ 43CB7AA756C7DB280D01DA9B676CFDE2, 08484CAEA0518C0A4CCCD292D8C803B27FEC453537EE1E4CEE74A7208356A474 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
09:24:49.0736 0x0644 SiSRaid2 - ok
09:24:49.0758 0x0644 [ A99C6C8B0BAA970D8AA59DDC50B57F94, 97AC9DD6DC4F58AC60E819B999BB157663EE7C1739521D16768AA9AC00DAD012 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
09:24:49.0779 0x0644 SiSRaid4 - ok
09:24:49.0845 0x0644 [ 3E98CE04689597C76B3EF4D3D0323836, F7FFF675066281190C236F2995EB003A1779231E5164EEE6BEE334A4240B1DF9 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
09:24:49.0863 0x0644 SkypeUpdate - ok
09:24:49.0986 0x0644 [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc C:\Windows\system32\SLsvc.exe
09:24:50.0679 0x0644 slsvc - ok
09:24:50.0722 0x0644 [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify C:\Windows\system32\SLUINotify.dll
09:24:50.0743 0x0644 SLUINotify - ok
09:24:50.0768 0x0644 [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:24:50.0792 0x0644 Smb - ok
09:24:50.0821 0x0644 [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:24:50.0833 0x0644 SNMPTRAP - ok
09:24:50.0867 0x0644 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr C:\Windows\system32\drivers\spldr.sys
09:24:50.0876 0x0644 spldr - ok
09:24:50.0955 0x0644 [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler C:\Windows\System32\spoolsv.exe
09:24:50.0974 0x0644 Spooler - ok
09:24:51.0164 0x0644 [ DC7E6FCD8C51AEF8FF3F2E23C786014A, 02852FC293359BA89155367FA7D3A69922EC2574E5B85C842517272768BE8808 ] srv C:\Windows\system32\DRIVERS\srv.sys
09:24:51.0188 0x0644 srv - ok
09:24:51.0228 0x0644 [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:24:51.0246 0x0644 srv2 - ok
09:24:51.0281 0x0644 [ 8AE0783E3EDCED90D4B2961887056A2B, D24168259988576B13EB2A4B2C11622A736174DDF11F6718D9A0DC9837F50EA5 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:24:51.0302 0x0644 srvnet - ok
09:24:51.0328 0x0644 [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:24:51.0363 0x0644 SSDPSRV - ok
09:24:51.0409 0x0644 [ EF3458337D7341A05169CEFC73709264, C9D0AE966CFA02F7B72586C2A6E2AFA9818C9F4856A4E9625B79BC5A886FC193 ] SSPORT C:\Windows\system32\Drivers\SSPORT.sys
09:24:51.0412 0x0644 SSPORT - detected UnsignedFile.Multi.Generic ( 1 )
09:24:51.0657 0x0644 Detect skipped due to KSN trusted
09:24:51.0657 0x0644 SSPORT - ok
09:24:51.0943 0x0644 [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:24:51.0959 0x0644 SstpSvc - ok
09:24:51.0991 0x0644 Steam Client Service - ok
09:24:52.0188 0x0644 [ 00FCEC4DA4198F5F2B9BBD9225842568, 95CE48CC4238FB4D95E2EFFF195C38C321D3F7B513C779FDFBB3F77F9C72EA05 ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
09:24:52.0484 0x0644 Stereo Service - ok
09:24:52.0531 0x0644 [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc C:\Windows\System32\wiaservc.dll
09:24:52.0562 0x0644 stisvc - ok
09:24:52.0656 0x0644 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum C:\Windows\system32\DRIVERS\swenum.sys
09:24:52.0656 0x0644 swenum - ok
09:24:52.0750 0x0644 [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv C:\Windows\System32\swprv.dll
09:24:52.0781 0x0644 swprv - ok
09:24:52.0796 0x0644 [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
09:24:52.0812 0x0644 Symc8xx - ok
09:24:52.0843 0x0644 [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
09:24:52.0859 0x0644 Sym_hi - ok
09:24:52.0921 0x0644 [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
09:24:52.0952 0x0644 Sym_u3 - ok
09:24:52.0999 0x0644 [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain C:\Windows\system32\sysmain.dll
09:24:53.0093 0x0644 SysMain - ok
09:24:53.0140 0x0644 [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:24:53.0155 0x0644 TabletInputService - ok
09:24:53.0202 0x0644 [ B40FECCBA92D8495366B6974D35704FF, 532A9050EA2C017407E5302048E7BC461370DB48B1778D38509EC586446B1F28 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
09:24:53.0202 0x0644 tap0901 - ok
09:24:53.0249 0x0644 [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv C:\Windows\System32\tapisrv.dll
09:24:53.0264 0x0644 TapiSrv - ok
09:24:53.0296 0x0644 [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS C:\Windows\System32\tbssvc.dll
09:24:53.0311 0x0644 TBS - ok
09:24:53.0436 0x0644 [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:24:53.0483 0x0644 Tcpip - ok
09:24:53.0514 0x0644 [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
09:24:53.0561 0x0644 Tcpip6 - ok
09:24:53.0592 0x0644 [ 608C345A255D82A6289C2D468EB41FD7, 74ECFDD45DC3EB3AFAEF9C42B546241AA1D6ACB2F6591A76DDB8BB1768545889 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:24:53.0608 0x0644 tcpipreg - ok
09:24:53.0686 0x0644 [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:24:53.0717 0x0644 TDPIPE - ok
09:24:53.0748 0x0644 [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:24:53.0810 0x0644 TDTCP - ok
09:24:53.0842 0x0644 [ EC565DFA3D9C45D8083B72DEC5B33710, BC4F41795AF98FD87F8CC92F946E6896BAC1925A35C3E5E159E8BF4E6A34A35D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:24:53.0857 0x0644 tdx - ok
09:24:53.0857 0x0644 [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
09:24:53.0873 0x0644 TermDD - ok
09:24:53.0966 0x0644 [ DBD84E59D631569EC3E756EF144E8431, 9E58629EC762584A2D294A619593620626F7CBE467045AD0F920B6CF1D4B4724 ] TermService C:\Windows\System32\termsrv.dll
09:24:54.0044 0x0644 TermService - ok
09:24:54.0076 0x0644 [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes C:\Windows\system32\shsvcs.dll
09:24:54.0091 0x0644 Themes - ok
09:24:54.0107 0x0644 [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER C:\Windows\system32\mmcss.dll
09:24:54.0122 0x0644 THREADORDER - ok
09:24:54.0154 0x0644 [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks C:\Windows\System32\trkwks.dll
09:24:54.0185 0x0644 TrkWks - ok
09:24:54.0216 0x0644 [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:24:54.0232 0x0644 TrustedInstaller - ok
09:24:54.0278 0x0644 [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:24:54.0278 0x0644 tssecsrv - ok
09:24:54.0356 0x0644 [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
09:24:54.0372 0x0644 tunmp - ok
09:24:54.0403 0x0644 [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:24:54.0403 0x0644 tunnel - ok
09:24:54.0434 0x0644 [ 7D33C4DB2CE363C8518D2DFCF533941F, C6A539AD31B0BD9F895E0A537783AA75D5760C8590D83BA832D59A9B090CA0E9 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
09:24:54.0450 0x0644 uagp35 - ok
09:24:54.0512 0x0644 [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:24:54.0528 0x0644 udfs - ok
09:24:54.0559 0x0644 [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:24:54.0590 0x0644 UI0Detect - ok
09:24:54.0590 0x0644 [ B0ACFDC9E4AF279E9116C03E014B2B27, 455D30859E381361FF6EE8B01EDC22A2E66CD5EC22CA9F314E88009DB77A8BAF ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:24:54.0606 0x0644 uliagpkx - ok
09:24:54.0653 0x0644 [ 9224BB254F591DE4CA8D572A5F0D635C, C5E7B24587AC5A28ECA63300307AD95B8A846833340126AE378840A40E53C056 ] uliahci C:\Windows\system32\drivers\uliahci.sys
09:24:54.0668 0x0644 uliahci - ok
09:24:54.0700 0x0644 [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata C:\Windows\system32\drivers\ulsata.sys
09:24:54.0715 0x0644 UlSata - ok
09:24:54.0746 0x0644 [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
09:24:54.0762 0x0644 ulsata2 - ok
09:24:54.0793 0x0644 [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus C:\Windows\system32\DRIVERS\umbus.sys
09:24:54.0809 0x0644 umbus - ok
09:24:54.0856 0x0644 [ 8A66360F38F81E960E2367B428CBD5D9, 349A39BD63E1FF3C3D0249A3BE834D62F3EFC5EA4416269421AF03F10356D3E5 ] UmRdpService C:\Windows\System32\umrdp.dll
09:24:54.0887 0x0644 UmRdpService - ok
09:24:54.0918 0x0644 [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost C:\Windows\System32\upnphost.dll
09:24:54.0949 0x0644 upnphost - ok
09:24:54.0980 0x0644 [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:24:54.0996 0x0644 usbccgp - ok
09:24:55.0043 0x0644 [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir C:\Windows\system32\drivers\usbcir.sys
09:24:55.0074 0x0644 usbcir - ok
09:24:55.0136 0x0644 [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
09:24:55.0136 0x0644 usbehci - ok
09:24:55.0152 0x0644 [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:24:55.0183 0x0644 usbhub - ok
09:24:55.0199 0x0644 [ 38DBC7DD6CC5A72011F187425384388B, 456CFCD190035C3033709C8DC0F6DC4352BBF751D57C0C52DD04F8C301FEBACD ] usbohci C:\Windows\system32\drivers\usbohci.sys
09:24:55.0230 0x0644 usbohci - ok
09:24:55.0292 0x0644 [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
09:24:55.0308 0x0644 usbprint - ok
09:24:55.0355 0x0644 [ 1D714B8497CD68307806D5D3F60A5169, 1914D92ECE39995168E3C8F5A7694B7A94954DB299410A2781D1321C8E60C3D9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
09:24:55.0370 0x0644 usbscan - ok
09:24:55.0417 0x0644 [ 234F76D9337BBD25D849C3860418723A, 8AC74D4FFFDEF5CCAA34BA185B45D252BAC15FE37E00515F9365878325764E7F ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:24:55.0433 0x0644 USBSTOR - ok
09:24:55.0464 0x0644 [ 44056325428A8E4C755830426E29878F, 95F182047746D352B7DC2B22298D5E58738E1B787C110D1DE841C026FB8A67EB ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
09:24:55.0480 0x0644 usbuhci - ok
09:24:55.0511 0x0644 [ E67998E8F14CB0627A769F6530BCB352, 60982F168E9BF13954328C728F55F4D3ADDC572CACB65289B0E895A63DAA08C1 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
09:24:55.0542 0x0644 usbvideo - ok
09:24:55.0604 0x0644 [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms C:\Windows\System32\uxsms.dll
09:24:55.0620 0x0644 UxSms - ok
09:24:55.0651 0x0644 [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds C:\Windows\System32\vds.exe
09:24:55.0698 0x0644 vds - ok
09:24:55.0745 0x0644 [ 87B06E1F30B749A114F74622D013F8D4, 06C06EF87F7DC668D23B50AA5F419F62474ACF90E325E167491BF290286D6594 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:24:55.0760 0x0644 vga - ok
09:24:55.0792 0x0644 [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave C:\Windows\System32\drivers\vga.sys
09:24:55.0807 0x0644 VgaSave - ok
09:24:55.0838 0x0644 [ 5D7159DEF58A800D5781BA3A879627BC, 499A8E51FDE61AE0D7C1812D1E5B331211A36BD095A4992C629B93DE6D80F4E6 ] viaagp C:\Windows\system32\drivers\viaagp.sys
09:24:55.0854 0x0644 viaagp - ok
09:24:55.0885 0x0644 [ C4F3A691B5BAD343E6249BD8C2D45DEE, 19DE07AD6CD51036FA8A6B8EE82F34D7F5264FF3A12CBE6E52BD036D0303E319 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
09:24:55.0916 0x0644 ViaC7 - ok
09:24:55.0948 0x0644 [ AADF5587A4063F52C2C3FED7887426FC, 0A74791A236FDAFCD045CFB79A159245B94F7C2033E0CD830C1B76F0F994E06D ] viaide C:\Windows\system32\drivers\viaide.sys
09:24:55.0948 0x0644 viaide - ok
09:24:55.0963 0x0644 [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:24:55.0979 0x0644 volmgr - ok
09:24:56.0010 0x0644 [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:24:56.0026 0x0644 volmgrx - ok
09:24:56.0088 0x0644 [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:24:56.0104 0x0644 volsnap - ok
09:24:56.0135 0x0644 [ 587253E09325E6BF226B299774B728A9, C9F46197819C2A095456393C518A9B00B59ECDC54F464D038AA7F8DCCDB93CCF ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
09:24:56.0150 0x0644 vsmraid - ok
09:24:56.0213 0x0644 [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS C:\Windows\system32\vssvc.exe
09:24:56.0260 0x0644 VSS - ok
09:24:56.0322 0x0644 [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time C:\Windows\system32\w32time.dll
09:24:56.0353 0x0644 W32Time - ok
09:24:56.0369 0x0644 [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
09:24:56.0400 0x0644 WacomPen - ok
09:24:56.0416 0x0644 [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
09:24:56.0447 0x0644 Wanarp - ok
09:24:56.0447 0x0644 [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:24:56.0462 0x0644 Wanarpv6 - ok
09:24:56.0509 0x0644 [ 20B23332885DFB93FE0185362EE811E9, 67B8026E8285FEB6E3939DEEE4E0F2FD0FA0917E0ED0F1FAE56B7841AF74C8F8 ] wbengine C:\Windows\system32\wbengine.exe
09:24:56.0556 0x0644 wbengine - ok
09:24:56.0587 0x0644 [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:24:56.0618 0x0644 wcncsvc - ok
09:24:56.0650 0x0644 [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:24:56.0665 0x0644 WcsPlugInService - ok
09:24:56.0696 0x0644 [ 78FE9542363F297B18C027B2D7E7C07F, 6BC3ED2A48EF41E1EE597FD58271DB12256EC013518663331CD0FBCB3FC415EE ] Wd C:\Windows\system32\drivers\wd.sys
09:24:56.0712 0x0644 Wd - ok
09:24:56.0759 0x0644 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:24:56.0806 0x0644 Wdf01000 - ok
09:24:56.0806 0x0644 [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:24:56.0837 0x0644 WdiServiceHost - ok
09:24:56.0837 0x0644 [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:24:56.0868 0x0644 WdiSystemHost - ok
09:24:57.0071 0x0644 [ BB77BAA3E7FD8F1A5D092A96D37B5A2D, 880C37347091224DFB7C442252FE4A29FD7002DA6A8BA994B8CEAABC5E535593 ] WebClient C:\Windows\System32\webclnt.dll
09:24:57.0133 0x0644 WebClient - ok
09:24:57.0352 0x0644 [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:24:57.0398 0x0644 Wecsvc - ok
09:24:57.0414 0x0644 [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:24:57.0445 0x0644 wercplsupport - ok
09:24:57.0476 0x0644 [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc C:\Windows\System32\WerSvc.dll
09:24:57.0492 0x0644 WerSvc - ok
09:24:57.0570 0x0644 [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
09:24:57.0586 0x0644 WinDefend - ok
09:24:57.0601 0x0644 WinHttpAutoProxySvc - ok
09:24:57.0695 0x0644 [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:24:57.0726 0x0644 Winmgmt - ok
09:24:57.0804 0x0644 [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM C:\Windows\system32\WsmSvc.dll
09:24:57.0851 0x0644 WinRM - ok
09:24:57.0913 0x0644 [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc C:\Windows\System32\wlansvc.dll
09:24:57.0944 0x0644 Wlansvc - ok
09:24:57.0976 0x0644 [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
09:24:57.0991 0x0644 WmiAcpi - ok
09:24:58.0085 0x0644 [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:24:58.0100 0x0644 wmiApSrv - ok
09:24:58.0178 0x0644 [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
09:24:58.0256 0x0644 WMPNetworkSvc - ok
09:24:58.0288 0x0644 [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:24:58.0303 0x0644 WPDBusEnum - ok
09:24:58.0334 0x0644 [ DE9D36F91A4DF3D911626643DEBF11EA, 8029ECE76E29276BFB6ED3387AC560A9A779AAF683A4416E96334FAF7BDBADA0 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
09:24:58.0350 0x0644 WpdUsb - ok
09:24:58.0459 0x0644 [ C108DC20ACE05072350DBB6934E277FB, 548E6ABE4C4ADE48260FFDC7BADFD1697972EA3AE94D6576498C8A183D8CE0C8 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
09:24:58.0522 0x0644 WPFFontCache_v0400 - ok
09:24:58.0568 0x0644 [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:24:58.0584 0x0644 ws2ifsl - ok
09:24:58.0631 0x0644 [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc C:\Windows\System32\wscsvc.dll
09:24:58.0646 0x0644 wscsvc - ok
09:24:58.0678 0x0644 [ 4422AC5ED8D4C2F0DB63E71D4C069DD7, B010DCC7B802C26A701A7DE1CA1B21D6B43D99FE88524D015C9228376B0BDA6E ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
09:24:58.0693 0x0644 WSDPrintDevice - ok
09:24:58.0709 0x0644 [ 65D1FF8AAFF4A7D8F787A290E5087816, 9681C1B3B683E7F9531CD223C4C09877C829EFF3C707DD826752A815C1CF8982 ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
09:24:58.0724 0x0644 WSDScan - ok
09:24:58.0724 0x0644 WSearch - ok
09:24:58.0802 0x0644 [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv C:\Windows\system32\wuaueng.dll
09:24:58.0927 0x0644 wuauserv - ok
09:24:58.0990 0x0644 [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
09:24:59.0005 0x0644 WudfPf - ok
09:24:59.0021 0x0644 [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:24:59.0036 0x0644 WUDFRd - ok
09:24:59.0052 0x0644 [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:24:59.0068 0x0644 wudfsvc - ok
09:24:59.0083 0x0644 ================ Scan global ===============================
09:24:59.0130 0x0644 [ 2F2DFC846D75D680B9018823A8B5EF07, DBC823CF0C659B6D7482CB080CD042EC6BBAEDB6297DB712CADA1BCEAA8A95C8 ] C:\Windows\system32\basesrv.dll
09:24:59.0177 0x0644 [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
09:24:59.0224 0x0644 [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
09:24:59.0286 0x0644 [ 4F0A7910FC7D8A66433FA9961EEF8BB5, 2086EDEE8CF9CC9BDBDC03018F7C28BB56172F941CB4D6F3D857BCF82B32FB6B ] C:\Windows\system32\services.exe
09:24:59.0302 0x0644 [ Global ] - ok
09:24:59.0302 0x0644 ================ Scan MBR ==================================
09:24:59.0317 0x0644 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
09:25:00.0097 0x0644 \Device\Harddisk0\DR0 - ok
09:25:00.0144 0x0644 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
09:25:00.0565 0x0644 \Device\Harddisk1\DR1 - ok
09:25:00.0565 0x0644 ================ Scan VBR ==================================
09:25:00.0565 0x0644 [ 4ABE4B2FF83ECB0C7E703D4EF564C1BF ] \Device\Harddisk0\DR0\Partition1
09:25:00.0628 0x0644 \Device\Harddisk0\DR0\Partition1 - ok
09:25:00.0659 0x0644 [ 83867977CB21460BC8BE5A8F23D99718 ] \Device\Harddisk0\DR0\Partition2
09:25:00.0690 0x0644 \Device\Harddisk0\DR0\Partition2 - ok
09:25:00.0690 0x0644 [ D3AFD64E0D1C3F0D7652B9E096920977 ] \Device\Harddisk1\DR1\Partition1
09:25:00.0752 0x0644 \Device\Harddisk1\DR1\Partition1 - ok
09:25:00.0752 0x0644 ================ Scan generic autorun ======================
09:25:00.0893 0x0644 [ 06E0A81C46574A8E38950BD9A3B358AC, 36257BF87EDCA2680DA792772DE1F311B4CE2DAC65299BB4DC7687BE469085C8 ] C:\Program Files\KeePass Password Safe 2\KeePass.exe
09:25:01.0049 0x0644 KeePass 2 PreLoad - ok
09:25:01.0142 0x0644 [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
09:25:01.0345 0x0644 Sidebar - ok
09:25:01.0361 0x0644 WindowsWelcomeCenter - ok
09:25:01.0392 0x0644 [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
09:25:01.0517 0x0644 Sidebar - ok
09:25:01.0517 0x0644 WindowsWelcomeCenter - ok
09:25:01.0579 0x0644 [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
09:25:01.0626 0x0644 Sidebar - ok
09:25:01.0642 0x0644 WindowsWelcomeCenter - ok
09:25:01.0642 0x0644 Waiting for KSN requests completion. In queue: 180
09:25:02.0640 0x0334 Object required for P2P: [ 3E98CE04689597C76B3EF4D3D0323836 ] SkypeUpdate
09:25:02.0656 0x0644 Waiting for KSN requests completion. In queue: 106
09:25:03.0701 0x0644 Waiting for KSN requests completion. In queue: 106
09:25:04.0356 0x0334 Object send P2P result: true
09:25:04.0715 0x0644 Win FW state via NFP2: enabled ( trusted )
09:25:04.0886 0x0644 ============================================================
09:25:04.0886 0x0644 Scan finished
09:25:04.0886 0x0644 ============================================================
09:25:04.0886 0x0440 Detected object count: 0
09:25:04.0886 0x0440 Actual detected object count: 0
|
|
02.05.2016, 12:54
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows Vista: Wiederholtes Einfrieren und suspekte svchost.exe Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
02.05.2016, 15:30
| #11 |
| | Windows Vista: Wiederholtes Einfrieren und suspekte svchost.exe mbar-log 1): 1 Fund Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2016.05.02.02
rootkit: v2016.04.17.01
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Administrator :: HAL [administrator]
02.05.2016 14:44:02
mbar-log-2016-05-02 (14-44-02).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 342971
Time elapsed: 22 minute(s), 37 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 1
C:\Users\Administrator\Desktop\Medien\Spiele\Schlacht um Mittelerde\fff-ea106.exe (RiskWare.Tool.CK) -> Delete on reboot. [d842c20faeeb5bdb2d6b5700d5307a86]
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2016.05.02.02
rootkit: v2016.04.17.01
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Administrator :: HAL [administrator]
02.05.2016 15:35:25
mbar-log-2016-05-02 (15-35-25).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 342986
Time elapsed: 25 minute(s), 20 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
|
|
02.05.2016, 22:49
| #12 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows Vista: Wiederholtes Einfrieren und suspekte svchost.exeZitat:
 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
03.05.2016, 10:47
| #13 |
| | Windows Vista: Wiederholtes Einfrieren und suspekte svchost.exe Alles in Ordnung. Ich hab mich natürlich auch gewundert, allerdings hab ich auch einen MOD da drauf, der vielleicht nicht ganz vertrauenswürdig ist. Und da ich das eh nicht mehr nutze, lieber runter damit.... |
|
03.05.2016, 12:48
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows Vista: Wiederholtes Einfrieren und suspekte svchost.exe Für mich sieht das ja eher nach einem Keygen/Crack aus
__________________ Logfiles bitte immer in CODE-Tags posten |
|
03.05.2016, 14:56
| #15 |
| | Windows Vista: Wiederholtes Einfrieren und suspekte svchost.exe Die Datei war Teil des 1.06er Community-Patches. Aber frag mich nicht, das Teil war von 2004... |
| Themen zu Windows Vista: Wiederholtes Einfrieren und suspekte svchost.exe |
| antivirus, avg, avira, converter, defender, dnsapi.dll, einfrieren, excel, firefox, flash player, helper, homepage, install.exe, installation, mozilla, performance, programm, prozesse, realtek, registry, scan, services.exe, software, svchost.exe, system, vista, windows |
Linear-Darstellung
