| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Internetverbindung über Port 8877 unter WIN 8.1Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
04.02.2014, 13:58
| #31 |
| /// Malwareteam   |  Internetverbindung über Port 8877 unter WIN 8.1 Hi ich hab das Thema mal intern besprochen. Schritt 1: Bitte lade dir  GMER herunter: (Dateiname zufällig)
 Tauchen Probleme auf?
Schritt 2: Lese bitte folgende Anweisungen genau. Wir wollen hier noch nichts "fixen" sondern nur einen Scan Report sehen. Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
|
|
04.02.2014, 15:43
| #32 |
 | Internetverbindung über Port 8877 unter WIN 8.1 So, Folgendes: GMER ging nicht im Normalmodus. Es kam die Meldung: "kann nicht auf C:\windows\system32\config\System zugreifen, da der Prozess läuft. Dann war Schluss. Im abgesicherten Modus kam die gleiche Meldung, das Programm scannte aber wohl doch und brachte die Meldung: kann nicht auf die ...Pfad\ntuser.dat zugreifen. Das Logfile ist leer. Ich habe Win 8.1 im abgesicherten Modus mit Netzwerktreibern gestartet.
__________________Dann zu TDSSKiller: Ich habs im Normalmodus durchlaufenlassen mit Netzzugang. Er bot mir ein Update an mit neuer exe. Die habe ich genommen. Der Scan lief durch ohne Fehlermeldung. Ein Logfile wurde nicht erstellt. Nur ein Report. Der Report ist leider zu lang, um ihn hier rein zu schreiben. |
|
04.02.2014, 16:00
| #33 |
| /// Malwareteam | Internetverbindung über Port 8877 unter WIN 8.1 Kannst du das Logfile/den Report von TDSS bitte als Anhang anhängen
__________________
__________________ |
|
04.02.2014, 16:04
| #34 |
| | Internetverbindung über Port 8877 unter WIN 8.1Code:
ATTFilter 15:33:02.0607 0x198c TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
15:33:02.0607 0x198c UEFI system
15:33:09.0014 0x198c ============================================================
15:33:09.0014 0x198c Current date / time: 2014/02/04 15:33:09.0014
15:33:09.0014 0x198c SystemInfo:
15:33:09.0014 0x198c
15:33:09.0014 0x198c OS Version: 6.3.9600 ServicePack: 0.0
15:33:09.0014 0x198c Product type: Workstation
15:33:09.0014 0x198c ComputerName: MARKIS_DESKTOP
15:33:09.0014 0x198c UserName: rpmarr
15:33:09.0014 0x198c Windows directory: C:\WINDOWS
15:33:09.0014 0x198c System windows directory: C:\WINDOWS
15:33:09.0014 0x198c Running under WOW64
15:33:09.0014 0x198c Processor architecture: Intel x64
15:33:09.0014 0x198c Number of processors: 8
15:33:09.0014 0x198c Page size: 0x1000
15:33:09.0014 0x198c Boot type: Normal boot
15:33:09.0014 0x198c ============================================================
15:33:09.0170 0x198c KLMD registered as C:\WINDOWS\system32\drivers\55450883.sys
15:33:09.0327 0x198c System UUID: {086D2876-C8DE-7A59-B821-12CA7DF8BD46}
15:33:09.0811 0x198c Drive \Device\Harddisk0\DR0 - Size: 0x5D27216000 (372.61 Gb), SectorSize: 0x200, Cylinders: 0xBE01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:33:09.0811 0x198c Drive \Device\Harddisk1\DR1 - Size: 0x3B9E656000 (238.47 Gb), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:33:09.0811 0x198c Drive \Device\Harddisk2\DR2 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:33:09.0811 0x198c Drive \Device\Harddisk3\DR3 - Size: 0x2BAA1472000 (2794.52 Gb), SectorSize: 0x1000, Cylinders: 0xB220, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:33:09.0827 0x198c ============================================================
15:33:09.0827 0x198c \Device\Harddisk0\DR0:
15:33:09.0827 0x198c MBR partitions:
15:33:09.0827 0x198c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2, BlocksNum 0x2E9380AE
15:33:09.0827 0x198c \Device\Harddisk1\DR1:
15:33:09.0827 0x198c GPT partitions:
15:33:09.0827 0x198c \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {71D8DD61-6FEB-4D38-98AF-601C1A408900}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x96000
15:33:09.0827 0x198c \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {4DCC2FB0-12F9-4913-A528-EB4077C4EE62}, Name: EFI system partition, StartLBA 0x96800, BlocksNum 0x32000
15:33:09.0827 0x198c \Device\Harddisk1\DR1\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {986C3590-5EF0-42B0-B56B-E3023E14D785}, Name: Microsoft reserved partition, StartLBA 0xC8800, BlocksNum 0x40000
15:33:09.0827 0x198c \Device\Harddisk1\DR1\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {8DC9D169-20BD-4F18-AEB1-E7DA7F8EC7B8}, Name: Basic data partition, StartLBA 0x108800, BlocksNum 0x1DBEA800
15:33:09.0827 0x198c MBR partitions:
15:33:09.0827 0x198c \Device\Harddisk2\DR2:
15:33:09.0827 0x198c MBR partitions:
15:33:09.0827 0x198c \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
15:33:09.0827 0x198c \Device\Harddisk3\DR3:
15:33:09.0827 0x198c MBR partitions:
15:33:09.0827 0x198c \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x8100, BlocksNum 0x2BA99300
15:33:09.0827 0x198c ============================================================
15:33:09.0827 0x198c C: <-> \Device\Harddisk1\DR1\Partition4
15:33:09.0827 0x198c D: <-> \Device\Harddisk0\DR0\Partition1
15:33:09.0842 0x198c E: <-> \Device\Harddisk2\DR2\Partition1
15:33:09.0858 0x198c F: <-> \Device\Harddisk3\DR3\Partition1
15:33:09.0858 0x198c ============================================================
15:33:09.0858 0x198c Initialize success
15:33:09.0858 0x198c ============================================================
15:33:14.0718 0x1270 ============================================================
15:33:14.0718 0x1270 Scan started
15:33:14.0718 0x1270 Mode: Manual;
15:33:14.0718 0x1270 ============================================================
15:33:14.0718 0x1270 KSN ping started
15:33:17.0062 0x1270 KSN ping finished: true
15:33:17.0171 0x1270 ================ Scan system memory ========================
15:33:17.0171 0x1270 System memory - ok
15:33:17.0171 0x1270 ================ Scan services =============================
15:33:17.0234 0x1270 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
15:33:17.0234 0x1270 1394ohci - ok
15:33:17.0250 0x1270 [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
15:33:17.0250 0x1270 3ware - ok
15:33:17.0265 0x1270 [ 3D30878A269D934100FA5F972E53AF39, 3D2D22D1A9D80DB94D6059C789FBD04DC945722B8644DF6DAA73D5713A10EC52 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
15:33:17.0281 0x1270 ACPI - ok
15:33:17.0281 0x1270 [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
15:33:17.0281 0x1270 acpiex - ok
15:33:17.0296 0x1270 [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
15:33:17.0296 0x1270 acpipagr - ok
15:33:17.0296 0x1270 [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
15:33:17.0296 0x1270 AcpiPmi - ok
15:33:17.0296 0x1270 [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
15:33:17.0296 0x1270 acpitime - ok
15:33:17.0328 0x1270 [ 8054C6835F89CA2367798396423608F1, 086B19922CA9DA1BD45BB1CE5E9303A137A09EC6D5971F59341A612CE3BB50BC ] AcrSch2Svc C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
15:33:17.0343 0x1270 AcrSch2Svc - ok
15:33:17.0375 0x1270 [ 8D268693A6DCE3D7319DF14834841BAF, 229C95FE2E6A692EBC2842823A1C7D438F8DF18F44691BD7AFE79DB76F092F9D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:33:17.0375 0x1270 AdobeFlashPlayerUpdateSvc - ok
15:33:17.0390 0x1270 [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
15:33:17.0406 0x1270 ADP80XX - ok
15:33:17.0406 0x1270 [ B19CA8E441D35AA2B1EE51C10B27DA1B, EBEB96EA44E665B2D4FCD1CC58621A20A17F036EA4A695340A2B65F94F69CDDC ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
15:33:17.0421 0x1270 AeLookupSvc - ok
15:33:17.0421 0x1270 [ ABCF9C80EAACE03021BB7F450EB8993F, 8E38726C423E82954CA85266D6F38B605D010A659420A4EF99D29035A9474BFB ] afcdp C:\WINDOWS\system32\DRIVERS\afcdp.sys
15:33:17.0437 0x1270 afcdp - ok
15:33:17.0500 0x1270 [ 3625E0DEAE06134C3B6FD4CC90329912, B2DD2931C9CD6B6C1D8BB26D78ABD095723EBEA82B2DF26DB99605B3E106CD10 ] afcdpsrv C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
15:33:17.0546 0x1270 afcdpsrv - ok
15:33:17.0562 0x1270 [ 239268BAB58EAE9A3FF4E08334C00451, 13F927730DF9BAEDB3A7AB6F7238270A20E4CDEB3D5324A1C471DF2209F3D239 ] AFD C:\WINDOWS\system32\drivers\afd.sys
15:33:17.0578 0x1270 AFD - ok
15:33:17.0578 0x1270 [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
15:33:17.0578 0x1270 agp440 - ok
15:33:17.0578 0x1270 [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
15:33:17.0578 0x1270 ahcache - ok
15:33:17.0593 0x1270 [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG C:\WINDOWS\System32\alg.exe
15:33:17.0593 0x1270 ALG - ok
15:33:17.0593 0x1270 [ 66B54471B5856E314947881E28263A6D, 2D60706B52A2CE98FF806337D62CD010C1DEB2AEDDF899C7B67173928B2D7C4C ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
15:33:17.0593 0x1270 AMD External Events Utility - ok
15:33:17.0609 0x1270 [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
15:33:17.0609 0x1270 AmdK8 - ok
15:33:17.0812 0x1270 [ FBB35875FEFE53D4280259842069ED72, B1A1B5799A6C50C244182CD201A1E9FCB7BE3B5ED4BB2E2E6BCF8E1BF53B75DB ] amdkmdag C:\WINDOWS\system32\DRIVERS\atikmdag.sys
15:33:18.0000 0x1270 amdkmdag - ok
15:33:18.0031 0x1270 [ A32BCAD9377E3B75D034CAFBA463A0AE, F504895D9C9CD1B4607806BCAF15A1CBFBAC2E5824903277A1350C9F35045602 ] amdkmdap C:\WINDOWS\system32\DRIVERS\atikmpag.sys
15:33:18.0031 0x1270 amdkmdap - ok
15:33:18.0047 0x1270 [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
15:33:18.0047 0x1270 AmdPPM - ok
15:33:18.0047 0x1270 [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
15:33:18.0047 0x1270 amdsata - ok
15:33:18.0062 0x1270 [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
15:33:18.0062 0x1270 amdsbs - ok
15:33:18.0062 0x1270 [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
15:33:18.0062 0x1270 amdxata - ok
15:33:18.0062 0x1270 [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID C:\WINDOWS\system32\drivers\appid.sys
15:33:18.0078 0x1270 AppID - ok
15:33:18.0078 0x1270 [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
15:33:18.0078 0x1270 AppIDSvc - ok
15:33:18.0078 0x1270 [ 7E790DE2487CEDB349D1750B9E47F090, EDA4A87EA2F89ABD174E9590DD46E70B9E7E4B35BDFC3ED90D79CD594F8CB2CD ] Appinfo C:\WINDOWS\System32\appinfo.dll
15:33:18.0078 0x1270 Appinfo - ok
15:33:18.0093 0x1270 [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:33:18.0093 0x1270 Apple Mobile Device - ok
15:33:18.0093 0x1270 [ 8176FBA685178FB0F52D46693474FA50, 69FE3692C7FE24289A479ADD74F2C782B59A099B7B07FE5ACFC4DA899E40BFDE ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
15:33:18.0093 0x1270 AppMgmt - ok
15:33:18.0109 0x1270 [ 4B964AE0DF433A3BFA7BD24713BC2E9B, DC8933265E67E43CAE96EA64B146CB9067B536A4DA2C90EDCB38302BBFA1CE6B ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
15:33:18.0109 0x1270 AppReadiness - ok
15:33:18.0140 0x1270 [ 0B726D9ED75C787D6FFAF1E3873BCC70, DC3822B35FB65D53CC5D0E3982C326C5F47F0911BEB1F66DCC84A79C84621E1E ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
15:33:18.0156 0x1270 AppXSvc - ok
15:33:18.0172 0x1270 [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
15:33:18.0172 0x1270 arcsas - ok
15:33:18.0172 0x1270 [ 3DB7721F06BC2FEDB25029EA23AB27DA, 221861148C66FE53E4D6EE49C6E656479AB5804A2D348A280A1CD8093E8AB788 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
15:33:18.0172 0x1270 AsyncMac - ok
15:33:18.0172 0x1270 [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
15:33:18.0172 0x1270 atapi - ok
15:33:18.0187 0x1270 [ FC0E8778C000291CAF60EB88C011E931, 09BCCA3DE01021AEF76DFB46F01D21BA6FF409E816FA7547E5C3DFBF3A615ED2 ] atksgt C:\WINDOWS\system32\DRIVERS\atksgt.sys
15:33:18.0187 0x1270 atksgt - ok
15:33:18.0203 0x1270 [ 4903CBC14742B5AB4DCF7A92F7DEC483, B8491FDA1D1E767658ECC5C3C3DDFB3EB12A969F0F6ACF116C18300FF54075D5 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
15:33:18.0203 0x1270 AudioEndpointBuilder - ok
15:33:18.0218 0x1270 [ EF276593AD1BDF5A99032F62D6272848, 3961689B34A6BCD891FF48A044ABD184F5D7320AE882DF79E5ADC57B08205BA9 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
15:33:18.0234 0x1270 Audiosrv - ok
15:33:18.0234 0x1270 [ 35C7F981A65DD2D96A156B6776A52ACF, CAB79A8C61D780A0372EF0DC72DF760F7794668E918C2B943D34AC7ED3959BFF ] avfwot C:\WINDOWS\system32\DRIVERS\avfwot.sys
15:33:18.0234 0x1270 avfwot - ok
15:33:18.0234 0x1270 [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
15:33:18.0234 0x1270 AxInstSV - ok
15:33:18.0250 0x1270 [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
15:33:18.0265 0x1270 b06bdrv - ok
15:33:18.0265 0x1270 [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
15:33:18.0265 0x1270 BasicDisplay - ok
15:33:18.0265 0x1270 [ 2748E116F8621A4DB0D39FCDD7318C01, DA2DEB7FE1D887B1EF5E2B5103270B72268D8ABDDA36C396627305C0BA90FC20 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
15:33:18.0265 0x1270 BasicRender - ok
15:33:18.0281 0x1270 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
15:33:18.0281 0x1270 bcmfn2 - ok
15:33:18.0297 0x1270 [ 6FA3557EA5FA09BA705298CC6B0E9F5A, 3C8EA2080973619DEC613FC2F2022AA1A931EE9640C32C6DF6B50C46671BE5F5 ] BCMH43XX C:\WINDOWS\system32\DRIVERS\bcmwlhigh664.sys
15:33:18.0312 0x1270 BCMH43XX - ok
15:33:18.0328 0x1270 [ BBE61A40665B83488901E41082A6097D, ADF750DB32E1295C57C03D587A60194529C8B83F90F433C3458288FB5E8F475B ] BDESVC C:\WINDOWS\System32\bdesvc.dll
15:33:18.0328 0x1270 BDESVC - ok
15:33:18.0328 0x1270 [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\WINDOWS\system32\drivers\Beep.sys
15:33:18.0328 0x1270 Beep - ok
15:33:18.0343 0x1270 [ 6468B696C65775D51A06615830E0E79D, CC4081B3A4895192B4796A745F0BCE8C9C3149B854A7B9BEF84668A2E1D074B5 ] BFE C:\WINDOWS\System32\bfe.dll
15:33:18.0359 0x1270 BFE - ok
15:33:18.0390 0x1270 [ F14F048B4D05FBCE536250EA74BF9FDC, 63E25E916209B6AF7AAC98B665E0128842F1EFDDEF95D50095514A9FDDC522A9 ] BHDrvx64 C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140121.001\BHDrvx64.sys
15:33:18.0422 0x1270 BHDrvx64 - ok
15:33:18.0437 0x1270 [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS C:\WINDOWS\System32\qmgr.dll
15:33:18.0468 0x1270 BITS - ok
15:33:18.0468 0x1270 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:33:18.0484 0x1270 Bonjour Service - ok
15:33:18.0484 0x1270 [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
15:33:18.0484 0x1270 bowser - ok
15:33:18.0500 0x1270 [ A6207A88B596F726DE558425F3B7E592, 126375CC8EA101E0878728323B7EAA69DC8699AC04470FB95D482B1025E0FFB2 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
15:33:18.0500 0x1270 BrokerInfrastructure - ok
15:33:18.0500 0x1270 [ D528D6A92D187777691993DD757AF19A, 2C79978310193431E5FC462368424A172858D5351C92D4815C2A7E35B5DDE50C ] Browser C:\WINDOWS\System32\browser.dll
15:33:18.0500 0x1270 Browser - ok
15:33:18.0515 0x1270 [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
15:33:18.0515 0x1270 BthAvrcpTg - ok
15:33:18.0515 0x1270 [ 131F1C8573E7BFB41C54FBF5309CCD94, DAFE51E3BADBD82A33B580F212B2D6520A120877C23F6D675521FEA2F4BA5A1F ] BthEnum C:\WINDOWS\System32\drivers\BthEnum.sys
15:33:18.0515 0x1270 BthEnum - ok
15:33:18.0515 0x1270 [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
15:33:18.0515 0x1270 BthHFEnum - ok
15:33:18.0531 0x1270 [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
15:33:18.0531 0x1270 bthhfhid - ok
15:33:18.0531 0x1270 [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
15:33:18.0531 0x1270 BTHMODEM - ok
15:33:18.0531 0x1270 [ 3AFE71D80EDF5D4DE0C5731352905669, 3E370169B8C5D301954D1F1DA302F7A0DB2A034990E10B3D64458C48E5693205 ] BthPan C:\WINDOWS\system32\DRIVERS\bthpan.sys
15:33:18.0531 0x1270 BthPan - ok
15:33:18.0562 0x1270 [ 10EDF9E0838BA4578FFFFF274632D454, 7719C161A3A05DF62124177A8EC97800DFE855D2B738C443F1B44E8643A4CF44 ] BTHPORT C:\WINDOWS\System32\Drivers\BTHport.sys
15:33:18.0578 0x1270 BTHPORT - ok
15:33:18.0594 0x1270 [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv C:\WINDOWS\system32\bthserv.dll
15:33:18.0594 0x1270 bthserv - ok
15:33:18.0594 0x1270 [ 0E7FA34B975764C33B5DBC6F8C401627, 9727B9D216D0670D2F2BC5B464B5FDAEC8BC769CA6ADC7F3858EDA3DA0F8036C ] BTHUSB C:\WINDOWS\System32\Drivers\BTHUSB.sys
15:33:18.0594 0x1270 BTHUSB - ok
15:33:18.0609 0x1270 [ 0510396A957E9FD7205BA62D3CAE4528, C80C39EB3A87C5111132E96E966CF74ACABA36DE7714B545A707027D35995792 ] ccSet_NIS C:\WINDOWS\system32\drivers\NISx64\1501000.012\ccSetx64.sys
15:33:18.0609 0x1270 ccSet_NIS - ok
15:33:18.0609 0x1270 [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
15:33:18.0609 0x1270 cdfs - ok
15:33:18.0609 0x1270 [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
15:33:18.0625 0x1270 cdrom - ok
15:33:18.0625 0x1270 [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
15:33:18.0625 0x1270 CertPropSvc - ok
15:33:18.0625 0x1270 [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
15:33:18.0640 0x1270 circlass - ok
15:33:18.0640 0x1270 [ 7F006813C2AFE622C13D7AF94F56CD07, 9F4AEEE19B44F4117BE036F1475CE2E91ED740EB7D8D38364F9724517F777482 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
15:33:18.0640 0x1270 CLFS - ok
15:33:18.0656 0x1270 [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
15:33:18.0656 0x1270 CmBatt - ok
15:33:18.0672 0x1270 [ 825BE21E6395E00698D8A23955A87972, 303F10C3BA72ABB3BA27D08968B10E8EB03FFB6951943B0E9DD35CF48BB72578 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
15:33:18.0672 0x1270 CNG - ok
15:33:18.0687 0x1270 [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
15:33:18.0687 0x1270 CompositeBus - ok
15:33:18.0687 0x1270 COMSysApp - ok
15:33:18.0687 0x1270 [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\WINDOWS\system32\drivers\condrv.sys
15:33:18.0687 0x1270 condrv - ok
15:33:18.0687 0x1270 [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
15:33:18.0703 0x1270 CryptSvc - ok
15:33:18.0703 0x1270 [ EE2F3C0D6ADBC975D6B621EC15ACF4E2, D158C0FACA6344BCD77616EC3D23212F9FD76D7D0C834ACA51998B80162106D5 ] CSC C:\WINDOWS\system32\drivers\csc.sys
15:33:18.0719 0x1270 CSC - ok
15:33:18.0734 0x1270 [ 936D9E2871CEEFF6A33695D98374367B, C30D42E870F196C4FA20AF95C7B9D9C9C5414D6DDE71268F88C3FC5BF372E61B ] CscService C:\WINDOWS\System32\cscsvc.dll
15:33:18.0750 0x1270 CscService - ok
15:33:18.0750 0x1270 [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\WINDOWS\system32\drivers\dam.sys
15:33:18.0750 0x1270 dam - ok
15:33:18.0750 0x1270 [ C6E1C081C0849E08FECEC18DF73B10C4, B5E552F4744C91836CBAF3F62CB861C1D9422721870D11B5CCE21B45E384985A ] dc3d C:\WINDOWS\System32\drivers\dc3d.sys
15:33:18.0750 0x1270 dc3d - ok
15:33:18.0765 0x1270 [ 3FD5AE42EC87C6F532A931F96BE731DD, 8282823022391ACF65E23F461FCE5CAFFB5ADC077647FEF80B91BC4BC31EDFE2 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
15:33:18.0781 0x1270 DcomLaunch - ok
15:33:18.0797 0x1270 [ F4CCAADC2C78F57E4F16B24C9201CE22, B76A5C487A814CB986FE8CC398FB7493C9EAB9ACC933A3C35384FA447092EF00 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
15:33:18.0797 0x1270 defragsvc - ok
15:33:18.0812 0x1270 [ 0BC71D4D3B5883903C37BF4E13B0F0C5, C5EC2AD001FB7E72D3D12DBADFE01C308ACCB7426E0B90CCB3ECE2DE49D5E7D4 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
15:33:18.0812 0x1270 DeviceAssociationService - ok
15:33:18.0812 0x1270 [ 752A457320A946E03C3AA86C3ACD735E, 63946150581532D862F4220606E74FFC479209E1A36CD57AA78AC4AE34A26F49 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
15:33:18.0828 0x1270 DeviceInstall - ok
15:33:18.0828 0x1270 [ 5DB26D7E0216D0BF364A81D3829AD7B9, FD786D530EA9ADBCB48782FE091E926505A83F2BF3B4181A3D4EDFAA991C4E5E ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
15:33:18.0828 0x1270 Dfsc - ok
15:33:18.0844 0x1270 [ 8B107F55FD61654A6C9F1B819AEC5FC4, 773B1B9D3583F17B7C89BDE1EC4487ABB0AE039DF4583F8746460425443DA291 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
15:33:18.0844 0x1270 Dhcp - ok
15:33:18.0844 0x1270 [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\WINDOWS\system32\drivers\disk.sys
15:33:18.0844 0x1270 disk - ok
15:33:18.0859 0x1270 [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
15:33:18.0859 0x1270 dmvsc - ok
15:33:18.0859 0x1270 [ 5BAF7714E68F93515A937A3FA8587EF9, DD9296F75341EF96D514139DD8A8680B332E9B9D476368AB897FDA2D5D674E60 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
15:33:18.0859 0x1270 Dnscache - ok
15:33:18.0875 0x1270 [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc C:\WINDOWS\System32\dot3svc.dll
15:33:18.0875 0x1270 dot3svc - ok
15:33:18.0890 0x1270 [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS C:\WINDOWS\system32\dps.dll
15:33:18.0890 0x1270 DPS - ok
15:33:18.0890 0x1270 DRHARD - ok
15:33:18.0890 0x1270 [ 8D204535D6E0727DF89AF6D962A36359, 8EB84D4AAB280D46EDDD2FF0306FA6F341BF812F913A4964155514EF330D63B5 ] DRHARD64 C:\WINDOWS\system32\drivers\DRHARD64.sys
15:33:18.0890 0x1270 DRHARD64 - ok
15:33:18.0890 0x1270 [ 5F8D4D82CB212774980F15258825F8E1, 67F6274B4632163197E7BB026E3EB00B75937DA8F98A566FAA3586E04DA54D1F ] DRHMSR64 C:\WINDOWS\system32\drivers\DRHMSR64.sys
15:33:18.0890 0x1270 DRHMSR64 - ok
15:33:18.0890 0x1270 [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
15:33:18.0906 0x1270 drmkaud - ok
15:33:18.0906 0x1270 [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
15:33:18.0906 0x1270 DsmSvc - ok
15:33:18.0937 0x1270 [ A3D1CB64DF885ACE126543E6D7067348, AFB5EF73F7B2854669137F586171500E4EB00F12BFCFD6B743FABD165B4AEED3 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
15:33:18.0953 0x1270 DXGKrnl - ok
15:33:18.0969 0x1270 [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost C:\WINDOWS\System32\eapsvc.dll
15:33:18.0969 0x1270 Eaphost - ok
15:33:19.0015 0x1270 [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
15:33:19.0062 0x1270 ebdrv - ok
15:33:19.0078 0x1270 [ 1B7AA375F711F66D5FF2B855F9EC987F, 151E3897A31F0E828D08EBBB9C10A60047B48534BB38349EF1C8D9245524CA58 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
15:33:19.0094 0x1270 eeCtrl - ok
15:33:19.0094 0x1270 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS C:\WINDOWS\System32\lsass.exe
15:33:19.0094 0x1270 EFS - ok
15:33:19.0109 0x1270 [ 44C5F3F4B70D1C8D21C90E724E249796, 49B31B9E7E45A2E42BDA803D9CDC3837E0CB73A1E1E6DA00CF4282573D60526F ] ehRecvr C:\WINDOWS\ehome\ehRecvr.exe
15:33:19.0125 0x1270 ehRecvr - ok
15:33:19.0125 0x1270 [ 8EFB35A528A48D682C5322A5A07D4352, 5886991ECA449C48A89A3BB2950468EA7CCBD0998774C4C77A1194866827D267 ] ehSched C:\WINDOWS\ehome\ehsched.exe
15:33:19.0125 0x1270 ehSched - ok
15:33:19.0125 0x1270 [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
15:33:19.0140 0x1270 EhStorClass - ok
15:33:19.0140 0x1270 [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
15:33:19.0140 0x1270 EhStorTcgDrv - ok
15:33:19.0140 0x1270 [ 7230C8B80DDE1F0524C353240B78CC0E, 15F73EBFB9152010E7736AFE518A47C209E17DDB347A40C4CDA0D9BBD26D1176 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
15:33:19.0140 0x1270 EraserUtilRebootDrv - ok
15:33:19.0156 0x1270 [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
15:33:19.0156 0x1270 ErrDev - ok
15:33:19.0156 0x1270 [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem C:\WINDOWS\system32\es.dll
15:33:19.0172 0x1270 EventSystem - ok
15:33:19.0172 0x1270 [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
15:33:19.0172 0x1270 exfat - ok
15:33:19.0187 0x1270 [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
15:33:19.0187 0x1270 fastfat - ok
15:33:19.0203 0x1270 [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax C:\WINDOWS\system32\fxssvc.exe
15:33:19.0219 0x1270 Fax - ok
15:33:19.0219 0x1270 [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
15:33:19.0219 0x1270 fdc - ok
15:33:19.0219 0x1270 [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost C:\WINDOWS\system32\fdPHost.dll
15:33:19.0219 0x1270 fdPHost - ok
15:33:19.0219 0x1270 [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub C:\WINDOWS\system32\fdrespub.dll
15:33:19.0219 0x1270 FDResPub - ok
15:33:19.0234 0x1270 [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc C:\WINDOWS\system32\fhsvc.dll
15:33:19.0234 0x1270 fhsvc - ok
15:33:19.0234 0x1270 [ 957A7A8F5ACCAF23DD9DFF6DAA393CE5, 85D1AC25CF8056FF303930A7E18DE5F7C3AEE429272CB791BD6F81F1DAFB7D8A ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
15:33:19.0234 0x1270 FileInfo - ok
15:33:19.0234 0x1270 [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
15:33:19.0234 0x1270 Filetrace - ok
15:33:19.0234 0x1270 [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
15:33:19.0250 0x1270 flpydisk - ok
15:33:19.0250 0x1270 [ 60D5067FCE6D9433D35E04C01D8538B3, 2D97E9E8FF18CF564DE8E70F68B56F0177DC6C0E9EEB7E1C58BBDF42456CB0D8 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
15:33:19.0250 0x1270 FltMgr - ok
15:33:19.0265 0x1270 [ C06AF3D1E7CA6868A6A3064CE6907C4A, A1A357CF99291E1611A4380BF8866B5B594637C186B5FD1EFDF052D4EB69FAB9 ] fltsrv C:\WINDOWS\system32\DRIVERS\fltsrv.sys
15:33:19.0265 0x1270 fltsrv - ok
15:33:19.0281 0x1270 [ 183CA7699474FDE235853967D1DA4D9B, 8FBD5997F1E39AFFD8C4322520DF4D2227279B5149017D825C188D7411BA99AF ] FontCache C:\WINDOWS\system32\FntCache.dll
15:33:19.0312 0x1270 FontCache - ok
15:33:19.0312 0x1270 [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:33:19.0312 0x1270 FontCache3.0.0.0 - ok
15:33:19.0312 0x1270 [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
15:33:19.0312 0x1270 FsDepends - ok
15:33:19.0328 0x1270 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:33:19.0328 0x1270 Fs_Rec - ok
15:33:19.0328 0x1270 [ 83E1F0983B02A6F8EC764D18E24ECF10, B5CA3FCB442697681C513FB37C6BB74D7A72B67DC65E2FCA93A7F9E81B63EAAC ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
15:33:19.0344 0x1270 fvevol - ok
15:33:19.0344 0x1270 [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
15:33:19.0344 0x1270 FxPPM - ok
15:33:19.0344 0x1270 [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
15:33:19.0344 0x1270 gagp30kx - ok
15:33:19.0359 0x1270 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
15:33:19.0359 0x1270 GEARAspiWDM - ok
15:33:19.0359 0x1270 [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
15:33:19.0359 0x1270 gencounter - ok
15:33:19.0359 0x1270 [ FDA72810CA2F8409D9B31E833C448E34, FC24350E875D2AF2A41DB5EF0BFE4F876DADEACCC0B34B9B9C9B2CA185CBAE87 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
15:33:19.0359 0x1270 GPIOClx0101 - ok
15:33:19.0390 0x1270 [ 0BDE0FCF597E9B65600121EF54FF8340, DA5C96E84E05AD09251C82B4BFEDE274342409803730CEBF24EEAD0DCD42DA7E ] gpsvc C:\WINDOWS\System32\gpsvc.dll
15:33:19.0406 0x1270 gpsvc - ok
15:33:19.0422 0x1270 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:33:19.0422 0x1270 gupdate - ok
15:33:19.0422 0x1270 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:33:19.0422 0x1270 gupdatem - ok
15:33:19.0422 0x1270 [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
15:33:19.0437 0x1270 gusvc - ok
15:33:19.0437 0x1270 [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
15:33:19.0453 0x1270 HdAudAddService - ok
15:33:19.0453 0x1270 [ 03909BDBFF0DCACCABF2B2D4ADEE44DC, 42E631B23BB004F5C2128BAD334C21AB20FAD08AFED9E8191AE9373531BC73DD ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
15:33:19.0453 0x1270 HDAudBus - ok
15:33:19.0453 0x1270 [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
15:33:19.0453 0x1270 HidBatt - ok
15:33:19.0469 0x1270 [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
15:33:19.0469 0x1270 HidBth - ok
15:33:19.0469 0x1270 [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
15:33:19.0469 0x1270 hidi2c - ok
15:33:19.0469 0x1270 [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
15:33:19.0469 0x1270 HidIr - ok
15:33:19.0484 0x1270 [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv C:\WINDOWS\system32\hidserv.dll
15:33:19.0484 0x1270 hidserv - ok
15:33:19.0484 0x1270 [ F31397220D9687E11EB448649AA6E038, 671ACEAA8E00E0D4ED7E33D06A4558121DA4F56EB94F1CBC16FEB2EF3852F7A5 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
15:33:19.0484 0x1270 HidUsb - ok
15:33:19.0484 0x1270 [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
15:33:19.0484 0x1270 hkmsvc - ok
15:33:19.0500 0x1270 [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
15:33:19.0500 0x1270 HomeGroupListener - ok
15:33:19.0515 0x1270 [ BE5F89BAFBD4272D5A0C0A37B97865ED, 2F80CE6D123FEED9FA7B00ACF7547FF77E0E6FDC5243942E83BE308C46D414C6 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
15:33:19.0515 0x1270 HomeGroupProvider - ok
15:33:19.0515 0x1270 [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
15:33:19.0515 0x1270 HpSAMD - ok
15:33:19.0547 0x1270 [ 3502776E366C913D49C0DA928AE3E6CB, 3FB452F640B78AEDFBC09188F25C566949660163732A180331226A93DB08F26C ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
15:33:19.0562 0x1270 HTTP - ok
15:33:19.0562 0x1270 [ EF1722B926A8626F1C39BDC6C068510B, 1F0DA040271746FB26C115BA282FE7D14FE42BC4EA310F1FAEE8F0719BAD5D87 ] HWiNFO32 C:\WINDOWS\system32\drivers\HWiNFO64A.SYS
15:33:19.0562 0x1270 HWiNFO32 - ok
15:33:19.0562 0x1270 [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
15:33:19.0562 0x1270 hwpolicy - ok
15:33:19.0562 0x1270 [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
15:33:19.0562 0x1270 hyperkbd - ok
15:33:19.0562 0x1270 [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
15:33:19.0562 0x1270 HyperVideo - ok
15:33:19.0578 0x1270 [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
15:33:19.0578 0x1270 i8042prt - ok
15:33:19.0578 0x1270 [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
15:33:19.0578 0x1270 iaLPSSi_GPIO - ok
15:33:19.0578 0x1270 [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
15:33:19.0578 0x1270 iaLPSSi_I2C - ok
15:33:19.0594 0x1270 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
15:33:19.0609 0x1270 iaStorAV - ok
15:33:19.0625 0x1270 [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
15:33:19.0625 0x1270 iaStorV - ok
15:33:19.0641 0x1270 [ 777612849691B0D9EE064F93481FEFF1, BA970CE9F13EE25AA54E7E9B3BE7DE0C271D9067A317F8AE5F60F93B3D18E912 ] IDSVia64 C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140203.001\IDSvia64.sys
15:33:19.0641 0x1270 IDSVia64 - ok
15:33:19.0641 0x1270 IEEtwCollectorService - ok
15:33:19.0656 0x1270 [ 755519F49906B73C1FE9CBBF75E347EA, 20FF0D235478C693AB0708DF040EDA2ED8D4856EFCACD0A0ABD25E49330810FC ] IJPLMSVC C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
15:33:19.0656 0x1270 IJPLMSVC - ok
15:33:19.0672 0x1270 [ B82255670D270B75D2D2F0F8747D1443, C40E151AC3FBF289456A4AD9E5744B314067ADA03FE729970410931904305F51 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
15:33:19.0687 0x1270 IKEEXT - ok
15:33:19.0703 0x1270 [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
15:33:19.0703 0x1270 intelide - ok
15:33:19.0703 0x1270 [ 139CFCDCD36B1B1782FD8C0014AC9B0E, E0D7E0E9B46A8CECE138D689820023BFA650FB689E4FD62855BED37E04F2D9FF ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
15:33:19.0703 0x1270 intelpep - ok
15:33:19.0703 0x1270 [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
15:33:19.0703 0x1270 intelppm - ok
15:33:19.0719 0x1270 [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:33:19.0719 0x1270 IpFilterDriver - ok
15:33:19.0734 0x1270 [ DFC4050D58565ADBEE793A8D4AEBDAE6, 89B900408F030CD45753A11D6AE6CBAB87E8B0E3F8401402D2D8713C045BF488 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
15:33:19.0750 0x1270 iphlpsvc - ok
15:33:19.0750 0x1270 [ 9949A3C7590B8C536C05312205079A82, 9276A09D5F910AE8358A96505AB3F66C514870944D58B63B71D5E96567D1E6BB ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
15:33:19.0750 0x1270 IPMIDRV - ok
15:33:19.0750 0x1270 [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
15:33:19.0750 0x1270 IPNAT - ok
15:33:19.0766 0x1270 [ 33B286326BD2B1A7748C43391058FB19, C6240C9ED5B7C227595E953E3D1AB5F2D45CCD86FDBDF985836A970B4B6467FE ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:33:19.0781 0x1270 iPod Service - ok
15:33:19.0781 0x1270 [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
15:33:19.0781 0x1270 IRENUM - ok
15:33:19.0781 0x1270 [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
15:33:19.0797 0x1270 isapnp - ok
15:33:19.0797 0x1270 [ 034D4BD9DC67C64F3A4C8A049B5173BF, C68AF5A5AD4092AA1C871BD38473AEF84EC3ECF4D06FBEB5F6C09972EF1B8A81 ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
15:33:19.0797 0x1270 iScsiPrt - ok
15:33:19.0812 0x1270 [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
15:33:19.0812 0x1270 kbdclass - ok
15:33:19.0812 0x1270 [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
15:33:19.0812 0x1270 kbdhid - ok
15:33:19.0812 0x1270 [ DB7A09BC90DF20F44F16F8B0F9ED3491, 2DF5E042284D61368A5801B2557351B2C4B1044AA6F966DF4DDCE7B453D1B9AE ] kbldfltr C:\WINDOWS\system32\drivers\kbldfltr.sys
15:33:19.0812 0x1270 kbldfltr - ok
15:33:19.0812 0x1270 [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
15:33:19.0812 0x1270 kdnic - ok
15:33:19.0828 0x1270 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso C:\WINDOWS\system32\lsass.exe
15:33:19.0828 0x1270 KeyIso - ok
15:33:19.0828 0x1270 [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
15:33:19.0828 0x1270 KSecDD - ok
15:33:19.0828 0x1270 [ 7296EA420134EAC390798B3232D066A4, 1F5D51EEFD389706660DFB4DB4BF3EC570BEC7097CEB5CAE70EFFE35C3255346 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
15:33:19.0844 0x1270 KSecPkg - ok
15:33:19.0844 0x1270 [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
15:33:19.0844 0x1270 ksthunk - ok
15:33:19.0844 0x1270 [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
15:33:19.0859 0x1270 KtmRm - ok
15:33:19.0859 0x1270 [ 27B58E16CF895AC1F1A97C04814C2239, D4336155331DDBF91952CDC6C446C68FF524F979099BA8D9B3A578758F97B2BE ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
15:33:19.0875 0x1270 LanmanServer - ok
15:33:19.0875 0x1270 [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
15:33:19.0875 0x1270 LanmanWorkstation - ok
15:33:19.0891 0x1270 [ D186AAAE72691136BDE00BBB41F48D12, C64885A726C0642C92BC4993667696DFEC8D284C20872D58E49786EE280A01ED ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
15:33:19.0891 0x1270 LBTServ - ok
15:33:19.0906 0x1270 [ 015BABFCD2E911C505204257DAB5ADC5, 94239919E967ABA12394D445E2D126447B5B7FB042DB95B1CCB280AF02D93833 ] LEqdUsb C:\WINDOWS\system32\DRIVERS\LEqdUsb.Sys
15:33:19.0906 0x1270 LEqdUsb - ok
15:33:19.0906 0x1270 [ EE289BD147FDFF95EF1B9BD65D3B974A, EFD9D0F6C73E7D2D52DBE2E2A8D3009BFB6AB24776A100CA528A8365002C6105 ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll
15:33:19.0922 0x1270 lfsvc - ok
15:33:19.0922 0x1270 [ 20A23B8863AAA8A23EEB9E2919F529FD, 5DD7C780346DA6A36AB55B38109167B3BE138713C5A7C913BFED2B61F34E8BA1 ] LHidEqd C:\WINDOWS\system32\DRIVERS\LHidEqd.Sys
15:33:19.0922 0x1270 LHidEqd - ok
15:33:19.0922 0x1270 [ 77D5786C6A7765503884E38706C9FD5E, 827DC2069AA0997DB87E118AAAA53575D97A89147C1451464986F8D68A329D41 ] LHidFilt C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
15:33:19.0922 0x1270 LHidFilt - ok
15:33:19.0937 0x1270 [ 156AB2E56DC3CA0B582E3362E07CDED7, 7B03929273861690DC42E4C686E655BE5A1C60136AE5E739D7E62306AFD4AB9A ] lirsgt C:\WINDOWS\system32\DRIVERS\lirsgt.sys
15:33:19.0937 0x1270 lirsgt - ok
15:33:19.0937 0x1270 [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
15:33:19.0937 0x1270 lltdio - ok
15:33:19.0937 0x1270 [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
15:33:19.0953 0x1270 lltdsvc - ok
15:33:19.0953 0x1270 [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
15:33:19.0953 0x1270 lmhosts - ok
15:33:19.0953 0x1270 [ F84023FB2E3DEA06103501974A2EDB44, 38144EB7DE7F0B33F9C3E637715834CD0860CCE11915C77065000949767D98DF ] LMouFilt C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
15:33:19.0953 0x1270 LMouFilt - ok
15:33:19.0969 0x1270 [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
15:33:19.0969 0x1270 LSI_SAS - ok
15:33:19.0969 0x1270 [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
15:33:19.0969 0x1270 LSI_SAS2 - ok
15:33:19.0969 0x1270 [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys
15:33:19.0969 0x1270 LSI_SAS3 - ok
15:33:19.0984 0x1270 [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
15:33:19.0984 0x1270 LSI_SSS - ok
15:33:20.0000 0x1270 [ B6B69FF200F68888A7FAFDF204D00C91, 4C9BA7B8646C74AE1E49F513EF426930C09969F29F1533D84D020B414BB1609B ] LSM C:\WINDOWS\System32\lsm.dll
15:33:20.0000 0x1270 LSM - ok
15:33:20.0016 0x1270 [ 5EF604B0698F4FA962778285E8C5F1F2, 0465BDAB7EFBE9CC648E7E736B0B8BE152BD2FAB0917F6306675B9039C77F454 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
15:33:20.0016 0x1270 luafv - ok
15:33:20.0016 0x1270 [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
15:33:20.0016 0x1270 MBAMProtector - ok
15:33:20.0031 0x1270 [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
15:33:20.0031 0x1270 MBAMScheduler - ok
15:33:20.0047 0x1270 [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
15:33:20.0062 0x1270 MBAMService - ok
15:33:20.0062 0x1270 [ 9D2252224DF2213E1B44FA608E6A1D14, E2C644C5FDCCA7BD2547ADC110FDDB26EA91C734AB53CD4196266C746BFDFAA4 ] Mcx2Svc C:\WINDOWS\system32\Mcx2Svc.dll
15:33:20.0062 0x1270 Mcx2Svc - ok
15:33:20.0062 0x1270 [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\WINDOWS\system32\drivers\megasas.sys
15:33:20.0062 0x1270 megasas - ok
15:33:20.0078 0x1270 [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\WINDOWS\system32\drivers\megasr.sys
15:33:20.0094 0x1270 megasr - ok
15:33:20.0094 0x1270 [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS C:\WINDOWS\system32\mmcss.dll
15:33:20.0094 0x1270 MMCSS - ok
15:33:20.0094 0x1270 [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\WINDOWS\system32\drivers\modem.sys
15:33:20.0094 0x1270 Modem - ok
15:33:20.0109 0x1270 [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
15:33:20.0109 0x1270 monitor - ok
15:33:20.0109 0x1270 [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
15:33:20.0109 0x1270 mouclass - ok
15:33:20.0109 0x1270 [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
15:33:20.0109 0x1270 mouhid - ok
15:33:20.0109 0x1270 [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
15:33:20.0125 0x1270 mountmgr - ok
15:33:20.0125 0x1270 [ 3B9398E0146855B1DC0E3D9769C80F01, DF69DB5CA30A5577648635C27DD468AF98515D07DF379B3FFDCC6B40744EDE66 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:33:20.0125 0x1270 MozillaMaintenance - ok
15:33:20.0125 0x1270 [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
15:33:20.0125 0x1270 mpsdrv - ok
15:33:20.0141 0x1270 [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
15:33:20.0156 0x1270 MpsSvc - ok
15:33:20.0172 0x1270 [ 59DCEC7499095DE5AED741358037AE2D, 60C4CEBCAE27C121E9D63BD2BC3E5863A91ABC77616C56C10618273A8F9B6F61 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
15:33:20.0172 0x1270 MRxDAV - ok
15:33:20.0172 0x1270 [ 79B6F3DF7CDFD12159871FF71464F0CE, E01CDD5296237FB60D426784E1142B1AF2CEABDD7CB0B43C4798402C812A94D5 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:33:20.0187 0x1270 mrxsmb - ok
15:33:20.0187 0x1270 [ 295771B092D4F7FCF2B62F80CCD14320, 53655B5ABA43A6A9114FE545B88F84E52319B905B8393A51BD97678D3F94A178 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
15:33:20.0187 0x1270 mrxsmb10 - ok
15:33:20.0203 0x1270 [ AAF56E4E84D35411B4E446C445732DFE, 7AC41CAA0842AE4DA4EEF976202C58D7923DAA367F0D7E800D432323D5E7DE1A ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
15:33:20.0203 0x1270 mrxsmb20 - ok
15:33:20.0203 0x1270 [ 4E888019078AC363076A5433E89AA4F8, 3DEBDA290230B3E83F956C902C960E39463B7EFE86439199521356762769FD91 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
15:33:20.0203 0x1270 MsBridge - ok
15:33:20.0219 0x1270 [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC C:\WINDOWS\System32\msdtc.exe
15:33:20.0219 0x1270 MSDTC - ok
15:33:20.0219 0x1270 [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
15:33:20.0219 0x1270 Msfs - ok
15:33:20.0219 0x1270 [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
15:33:20.0234 0x1270 msgpiowin32 - ok
15:33:20.0234 0x1270 [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
15:33:20.0234 0x1270 mshidkmdf - ok
15:33:20.0234 0x1270 [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
15:33:20.0234 0x1270 mshidumdf - ok
15:33:20.0234 0x1270 [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
15:33:20.0234 0x1270 msisadrv - ok
15:33:20.0234 0x1270 [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
15:33:20.0250 0x1270 MSiSCSI - ok
15:33:20.0250 0x1270 msiserver - ok
15:33:20.0250 0x1270 [ D22AE5313F6B7EFDDD8C117B5501F4A3, 1937EEE33BF9C4485F172B10FB17AEF3F3B8978371307F49C3338D74D96A8389 ] MsKeyboardFilter C:\WINDOWS\System32\KeyboardFilterSvc.dll
15:33:20.0250 0x1270 MsKeyboardFilter - ok
15:33:20.0250 0x1270 [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:33:20.0250 0x1270 MSKSSRV - ok
15:33:20.0266 0x1270 [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
15:33:20.0266 0x1270 MsLldp - ok
15:33:20.0266 0x1270 [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:33:20.0266 0x1270 MSPCLOCK - ok
15:33:20.0266 0x1270 [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
15:33:20.0266 0x1270 MSPQM - ok
15:33:20.0281 0x1270 [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
15:33:20.0281 0x1270 MsRPC - ok
15:33:20.0281 0x1270 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
15:33:20.0281 0x1270 mssmbios - ok
15:33:20.0281 0x1270 [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
15:33:20.0281 0x1270 MSTEE - ok
15:33:20.0297 0x1270 [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
15:33:20.0297 0x1270 MTConfig - ok
15:33:20.0297 0x1270 [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\WINDOWS\system32\Drivers\mup.sys
15:33:20.0297 0x1270 Mup - ok
15:33:20.0297 0x1270 [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
15:33:20.0297 0x1270 mvumis - ok
15:33:20.0312 0x1270 [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent C:\WINDOWS\system32\qagentRT.dll
15:33:20.0312 0x1270 napagent - ok
15:33:20.0328 0x1270 [ CF8B989D89D6807B887690F2CF24EFD9, 7A3ED124D8D7736F57CD687111C478A206422D117099B2F752B6D933D009BCAC ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
15:33:20.0328 0x1270 NativeWifiP - ok
15:33:20.0344 0x1270 [ E59AFB64C2F6E0C99350E1C944C75088, 10A9044192D0A83857A57286EABB05037922860483DA2B05AFCC485A8311E4EF ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
15:33:20.0359 0x1270 NAUpdate - ok
15:33:20.0359 0x1270 [ 702E07EC32F96ACDB873E9A5465D4401, 2C6B1C8BA0BF4791AEA064062DCA3678AE4443DF19DB37D6CB55BA6297D8A238 ] NAVENG C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140203.019\ENG64.SYS
15:33:20.0359 0x1270 NAVENG - ok
15:33:20.0406 0x1270 [ 302EA314A1AF0D7CEF0A3D0195F79561, 046DBC2D9D028F2D2E8BAE745CA2ADEF42741689BFF743A13B81EA4228DDCDC6 ] NAVEX15 C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140203.019\EX64.SYS
15:33:20.0437 0x1270 NAVEX15 - ok
15:33:20.0437 0x1270 [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
15:33:20.0437 0x1270 NcaSvc - ok
15:33:20.0453 0x1270 [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService C:\WINDOWS\System32\ncbservice.dll
15:33:20.0453 0x1270 NcbService - ok
15:33:20.0453 0x1270 [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
15:33:20.0453 0x1270 NcdAutoSetup - ok
15:33:20.0453 0x1270 [ 7CCA9D3F1BA2172B8CB7558737404E15, C5AECF5AA7F2DEB015D3200A7FF79B925757B921E48ADDB7918EDB65693B6FEB ] ndfs C:\Program Files\NetDrive\ndfs.sys
15:33:20.0453 0x1270 ndfs - ok
15:33:20.0484 0x1270 [ ED39D676080A1AEA755F1DEC1A8DF1A4, E413DA1113A51F3A68957147A50248AA98C0D365103D137D5AE8638C74E802D7 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
15:33:20.0500 0x1270 NDIS - ok
15:33:20.0500 0x1270 [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
15:33:20.0500 0x1270 NdisCap - ok
15:33:20.0500 0x1270 [ 9F1DA20E943BE7AA4ED5F3E1EBA78B37, CCD99962917BBE256F64AE14CCC9FD12433C72B5DB98E0E57CA8F212A11B3C8F ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
15:33:20.0516 0x1270 NdisImPlatform - ok
15:33:20.0516 0x1270 [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:33:20.0516 0x1270 NdisTapi - ok
15:33:20.0516 0x1270 [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:33:20.0516 0x1270 Ndisuio - ok
15:33:20.0516 0x1270 [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
15:33:20.0516 0x1270 NdisVirtualBus - ok
15:33:20.0531 0x1270 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:33:20.0531 0x1270 NdisWan - ok
15:33:20.0531 0x1270 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:33:20.0531 0x1270 NdisWanLegacy - ok
15:33:20.0547 0x1270 [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
15:33:20.0547 0x1270 NDProxy - ok
15:33:20.0578 0x1270 [ 4F54331F051F15EAD005F0E4CB55014E, 77C905F6DA787725AB3DEA9EABF4A79CDFC9B2EAE377E635966CBE3B50A3DC34 ] ndsvc C:\Program Files\NetDrive\ndsvc.exe
15:33:20.0625 0x1270 ndsvc - ok
15:33:20.0641 0x1270 [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
15:33:20.0641 0x1270 Ndu - ok
15:33:20.0641 0x1270 [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
15:33:20.0641 0x1270 NetBIOS - ok
15:33:20.0641 0x1270 [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
15:33:20.0656 0x1270 NetBT - ok
15:33:20.0656 0x1270 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon C:\WINDOWS\system32\lsass.exe
15:33:20.0656 0x1270 Netlogon - ok
15:33:20.0656 0x1270 [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman C:\WINDOWS\System32\netman.dll
15:33:20.0672 0x1270 Netman - ok
15:33:20.0672 0x1270 [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
15:33:20.0687 0x1270 netprofm - ok
15:33:20.0687 0x1270 [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:33:20.0703 0x1270 NetTcpPortSharing - ok
15:33:20.0703 0x1270 [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc C:\WINDOWS\system32\DRIVERS\netvsc63.sys
15:33:20.0703 0x1270 netvsc - ok
15:33:20.0719 0x1270 [ C87442B6D17912785DC143CEDCA508C9, 58599BC7EE1FFC66291BF38F1800AFE087195EE3E2305BAB9C7F18F9033A93E0 ] NIS C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe
15:33:20.0719 0x1270 NIS - ok
15:33:20.0734 0x1270 [ 3A280F3B3C7A46E29C404ACD46ECBF5E, 81C3367A2A212DBCC65B8A0166FD092E3205AB31A146B4B737061335CEC51F9D ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
15:33:20.0734 0x1270 NlaSvc - ok
15:33:20.0734 0x1270 [ C31FA031335EFF434B2D94278E74BCCE, F5DFD40C16E4013CBAD0E4FB8EF2B4419702B9C215218F69C4A2DD7C4C4C1E2B ] NPF C:\WINDOWS\system32\DRIVERS\npf.sys
15:33:20.0734 0x1270 NPF - ok
15:33:20.0734 0x1270 [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
15:33:20.0750 0x1270 Npfs - ok
15:33:20.0750 0x1270 [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
15:33:20.0750 0x1270 npsvctrig - ok
15:33:20.0750 0x1270 [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi C:\WINDOWS\system32\nsisvc.dll
15:33:20.0750 0x1270 nsi - ok
15:33:20.0750 0x1270 [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
15:33:20.0750 0x1270 nsiproxy - ok
15:33:20.0781 0x1270 [ 4412D565C0278C401575E11072C7DCE3, 82A0E9AA88750900EA0E9983157345456B418745C8BA62FAF339640E759C0418 ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
15:33:20.0812 0x1270 Ntfs - ok
15:33:20.0828 0x1270 [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\WINDOWS\system32\drivers\Null.sys
15:33:20.0828 0x1270 Null - ok
15:33:20.0828 0x1270 [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
15:33:20.0828 0x1270 nvraid - ok
15:33:20.0828 0x1270 [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
15:33:20.0844 0x1270 nvstor - ok
15:33:20.0844 0x1270 [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
15:33:20.0844 0x1270 nv_agp - ok
15:33:20.0875 0x1270 [ E7D8C7748AAED52F1700D048A0087158, 3DD1652460C3AC9809A01DFC39326614C738CBF8196AC1DB73D88231EB860C90 ] OfficeSvc C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
15:33:20.0906 0x1270 OfficeSvc - ok
15:33:20.0906 0x1270 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:33:20.0922 0x1270 ose - ok
15:33:20.0922 0x1270 [ 3B510F20806B94E389784ED09DBD2111, EF8896C500B3AA3A811FDE97BC322EF3295E9BD0DE236715D4A4C52CF63727E1 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
15:33:20.0937 0x1270 p2pimsvc - ok
15:33:20.0937 0x1270 [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc C:\WINDOWS\system32\p2psvc.dll
15:33:20.0953 0x1270 p2psvc - ok
15:33:20.0953 0x1270 [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\WINDOWS\System32\drivers\parport.sys
15:33:20.0953 0x1270 Parport - ok
15:33:20.0953 0x1270 [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
15:33:20.0969 0x1270 partmgr - ok
15:33:20.0969 0x1270 [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
15:33:20.0984 0x1270 PcaSvc - ok
15:33:20.0984 0x1270 [ C0D3F3BC1C84B4BA746D9847314C1164, 66FDF288ACAE021C5F63BCCC68D7534B4DB737E252AB16DFF746355D8BE7502D ] pci C:\WINDOWS\system32\drivers\pci.sys
15:33:21.0000 0x1270 pci - ok
15:33:21.0000 0x1270 [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
15:33:21.0000 0x1270 pciide - ok
15:33:21.0000 0x1270 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
15:33:21.0000 0x1270 pcmcia - ok
15:33:21.0000 0x1270 [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
15:33:21.0000 0x1270 pcw - ok
15:33:21.0016 0x1270 [ B9D968D8E2B0F9C6301CEB39CFC9B9E4, 83F32831B0727F18B56DC3CAF37E45A3523D2BBCD54D1421F0DE5A0179D8A404 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
15:33:21.0016 0x1270 pdc - ok
15:33:21.0031 0x1270 [ BA50CC0BD19004AAB88BE37338B6FA0D, 34D4720A621CCB4707F2EB929F6F44C317DBC6F055F7F34F3FAC68DFDAA00DEF ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
15:33:21.0031 0x1270 PEAUTH - ok
15:33:21.0078 0x1270 [ 084DE525DFE82AE7453DD527390FA110, 8216AE63AE740D97204CDED6543B66FC1FB55DB86D42FBA0EC629361C40F9EC0 ] PeerDistSvc C:\WINDOWS\system32\peerdistsvc.dll
15:33:21.0109 0x1270 PeerDistSvc - ok
15:33:21.0125 0x1270 [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
15:33:21.0141 0x1270 PerfHost - ok
15:33:21.0156 0x1270 [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla C:\WINDOWS\system32\pla.dll
15:33:21.0187 0x1270 pla - ok
15:33:21.0187 0x1270 [ 752A457320A946E03C3AA86C3ACD735E, 63946150581532D862F4220606E74FFC479209E1A36CD57AA78AC4AE34A26F49 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
15:33:21.0187 0x1270 PlugPlay - ok
15:33:21.0187 0x1270 [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
15:33:21.0203 0x1270 PNRPAutoReg - ok
15:33:21.0203 0x1270 [ 3B510F20806B94E389784ED09DBD2111, EF8896C500B3AA3A811FDE97BC322EF3295E9BD0DE236715D4A4C52CF63727E1 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
15:33:21.0219 0x1270 PNRPsvc - ok
15:33:21.0219 0x1270 [ 520D48ECB54A33821C95EE496A4235AF, 3C7984E480F134E303E6AD03A3837515F3E03A4727F1AD184BD1D8C71D68FFEF ] Point64 C:\WINDOWS\System32\drivers\point64.sys
15:33:21.0219 0x1270 Point64 - ok
15:33:21.0219 0x1270 [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
15:33:21.0234 0x1270 PolicyAgent - ok
15:33:21.0234 0x1270 [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power C:\WINDOWS\system32\umpo.dll
15:33:21.0234 0x1270 Power - ok
15:33:21.0250 0x1270 [ E075CC071022BD4E9BE7C024717C0E0A, BE65A8C1082AE8DF8C37CA06B2BCC521478AC153EA7388B03F7FAE3913920E75 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
15:33:21.0250 0x1270 PptpMiniport - ok
15:33:21.0297 0x1270 [ B7DB57A000D46D4DE75BC0C563E58072, 8183EB09DC4D44DFF027CA0AAA8C09921A14F088C1BC427B6ACA42340AAF69E6 ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
15:33:21.0344 0x1270 PrintNotify - ok
15:33:21.0344 0x1270 [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\WINDOWS\System32\drivers\processr.sys
15:33:21.0344 0x1270 Processor - ok
15:33:21.0359 0x1270 [ 8513A1E7AE4B9DC82C4B4F432C648A58, C0C629BF79722A12B35BDA6D5EF6FD2D96E013D80D8F17077E9137ED3988B452 ] ProfSvc C:\WINDOWS\system32\profsvc.dll
15:33:21.0359 0x1270 ProfSvc - ok
15:33:21.0359 0x1270 [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
15:33:21.0359 0x1270 Psched - ok
15:33:21.0375 0x1270 [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE C:\WINDOWS\system32\qwave.dll
15:33:21.0375 0x1270 QWAVE - ok
15:33:21.0375 0x1270 [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
15:33:21.0375 0x1270 QWAVEdrv - ok
15:33:21.0391 0x1270 [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:33:21.0391 0x1270 RasAcd - ok
15:33:21.0391 0x1270 [ 55FE43112F61836D0581D615C72AA113, 35665E09BD74BD078A0BC49BF98102B5F3679A3FA2AC25FB629D448652D9938F ] RasAgileVpn C:\WINDOWS\system32\DRIVERS\AgileVpn.sys
15:33:21.0391 0x1270 RasAgileVpn - ok
15:33:21.0391 0x1270 [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto C:\WINDOWS\System32\rasauto.dll
15:33:21.0406 0x1270 RasAuto - ok
15:33:21.0406 0x1270 [ BBB6272B7F46C4640A8CDB8A70C3450F, 4266C3ABD0D1D0219F715EA0F155744F7C1E3A7B722BE863831B57AE785419A2 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
15:33:21.0406 0x1270 Rasl2tp - ok
15:33:21.0422 0x1270 [ BF3B17016764F20F9D28CF1A8DC210C0, F64B410D444D4A3DFEE356EFC5B758781FA2612771EDCF72DB91D3120385D7DB ] RasMan C:\WINDOWS\System32\rasmans.dll
15:33:21.0422 0x1270 RasMan - ok
15:33:21.0437 0x1270 [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:33:21.0437 0x1270 RasPppoe - ok
15:33:21.0437 0x1270 [ 2B0F1677CDD08967005F34488559BC6F, FFF168EBD171C0B85A448AD1A04F66534E889AE1DC128F68EA3F35D5996C8D39 ] RasSstp C:\WINDOWS\system32\DRIVERS\rassstp.sys
15:33:21.0437 0x1270 RasSstp - ok
15:33:21.0453 0x1270 [ B939A2A0F9D6C6C186721E268EB6FA93, 8AF03945428D8F0E9B6DE1C24627336398320C7C78E5F594E0A57AB2DB6E0A24 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:33:21.0453 0x1270 rdbss - ok
15:33:21.0453 0x1270 [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
15:33:21.0453 0x1270 rdpbus - ok
15:33:21.0469 0x1270 [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
15:33:21.0469 0x1270 RDPDR - ok
15:33:21.0469 0x1270 [ 858776908AF838E3790F3261B799CDA6, 5BE4658540382D1B2F46E503CE175D74E3870FE492B8B8F37C3CFB34FF8E2DA8 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
15:33:21.0469 0x1270 RdpVideoMiniport - ok
15:33:21.0484 0x1270 [ 847C6A08912C3515807049C93E526D65, 74AFC58793B43E73614D2F49B19FB360091E208097696D9DF0B0354761E0B30F ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
15:33:21.0484 0x1270 rdyboost - ok
15:33:21.0500 0x1270 [ 036746D54347FD2D0385668E2A4064E4, 7C670176176C86D6C3814367A6282A78F4E950F84DDEDA849829236C891F5BB9 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
15:33:21.0516 0x1270 ReFS - ok
15:33:21.0516 0x1270 [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
15:33:21.0531 0x1270 RemoteAccess - ok
15:33:21.0531 0x1270 [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
15:33:21.0531 0x1270 RemoteRegistry - ok
15:33:21.0547 0x1270 [ 02307C86CB24769306B0DFA0C751952E, 637D90161C477995925936E4807B57EA80BE11761B26F5FC1B4B0F3EB52FBA87 ] RFCOMM C:\WINDOWS\system32\DRIVERS\rfcomm.sys
15:33:21.0547 0x1270 RFCOMM - ok
15:33:21.0547 0x1270 [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
15:33:21.0547 0x1270 RpcEptMapper - ok
15:33:21.0547 0x1270 [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator C:\WINDOWS\system32\locator.exe
15:33:21.0547 0x1270 RpcLocator - ok
15:33:21.0563 0x1270 [ 3FD5AE42EC87C6F532A931F96BE731DD, 8282823022391ACF65E23F461FCE5CAFFB5ADC077647FEF80B91BC4BC31EDFE2 ] RpcSs C:\WINDOWS\system32\rpcss.dll
15:33:21.0578 0x1270 RpcSs - ok
15:33:21.0578 0x1270 [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
15:33:21.0578 0x1270 rspndr - ok
15:33:21.0594 0x1270 [ 7563A39853287906095103FE5C963461, 9DA9DB903659CF2B5BDE844DF1B81463E5BA4D18E98504B6C39F64EDEEA0C437 ] RtkBtFilter C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys
15:33:21.0594 0x1270 RtkBtFilter - ok
15:33:21.0609 0x1270 [ 19764658C1468C2C0CEF133D28414A6B, 87AD4056F6C67052433A366B200B75613148B69B9B9D502AD926A7F7F037B8DE ] RTL8168 C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
15:33:21.0609 0x1270 RTL8168 - ok
15:33:21.0609 0x1270 [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
15:33:21.0609 0x1270 s3cap - ok
15:33:21.0625 0x1270 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs C:\WINDOWS\system32\lsass.exe
15:33:21.0625 0x1270 SamSs - ok
15:33:21.0625 0x1270 [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
15:33:21.0625 0x1270 sbp2port - ok
15:33:21.0641 0x1270 [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
15:33:21.0641 0x1270 SCardSvr - ok
15:33:21.0641 0x1270 [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
15:33:21.0641 0x1270 ScDeviceEnum - ok
15:33:21.0656 0x1270 [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
15:33:21.0656 0x1270 scfilter - ok
15:33:21.0672 0x1270 [ 888A30EAB651502352C18745367FD179, 00CD9FA55F3E896D8BA81368DF1E855E2F64B5AC488EB4F9BF2C4E45ED63FD5F ] Schedule C:\WINDOWS\system32\schedsvc.dll
15:33:21.0688 0x1270 Schedule - ok
15:33:21.0688 0x1270 [ DBEE135B67ACBA572B5792775075C440, 775755BB77C61061F43B4B981953B817B1BF645AD4AEA38118B3362DFFAB89B4 ] SCMNdisP C:\WINDOWS\system32\DRIVERS\scmndisp.sys
15:33:21.0688 0x1270 SCMNdisP - ok
15:33:21.0703 0x1270 [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
15:33:21.0703 0x1270 SCPolicySvc - ok
15:33:21.0703 0x1270 [ 2F9A3380B8C0380E5608E29C7AA66899, 56D1908437DD3791E54866819E39CC89586C5CD804F47B556416FA8642D88CBB ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
15:33:21.0719 0x1270 sdbus - ok
15:33:21.0719 0x1270 [ 4EAF4DCF9DBD9A56952A58F56D61C005, BCA42FD1553569D3603008CC97D88FD309E87F8A8B1522A4287A0E81CAE6C294 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
15:33:21.0719 0x1270 sdstor - ok
15:33:21.0719 0x1270 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
15:33:21.0719 0x1270 secdrv - ok
15:33:21.0719 0x1270 [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon C:\WINDOWS\system32\seclogon.dll
15:33:21.0734 0x1270 seclogon - ok
15:33:21.0734 0x1270 [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS C:\WINDOWS\System32\sens.dll
15:33:21.0734 0x1270 SENS - ok
15:33:21.0734 0x1270 [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
15:33:21.0750 0x1270 SensrSvc - ok
15:33:21.0750 0x1270 [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
15:33:21.0750 0x1270 SerCx - ok
15:33:21.0750 0x1270 [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
15:33:21.0750 0x1270 SerCx2 - ok
15:33:21.0766 0x1270 [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
15:33:21.0766 0x1270 Serenum - ok
15:33:21.0766 0x1270 [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\WINDOWS\System32\drivers\serial.sys
15:33:21.0766 0x1270 Serial - ok
15:33:21.0766 0x1270 [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
15:33:21.0766 0x1270 sermouse - ok
15:33:21.0781 0x1270 [ 441E6FF1F34D7A942946DB42A15FB519, A16BA505B74C7A2ADD08BD5B50728C2AD55062E0ABABAD7E3EE0EB97F3725523 ] SessionEnv C:\WINDOWS\system32\sessenv.dll
15:33:21.0781 0x1270 SessionEnv - ok
15:33:21.0797 0x1270 [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
15:33:21.0797 0x1270 sfloppy - ok
15:33:21.0797 0x1270 [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
15:33:21.0813 0x1270 SharedAccess - ok
15:33:21.0828 0x1270 [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
15:33:21.0828 0x1270 ShellHWDetection - ok
15:33:21.0828 0x1270 [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
15:33:21.0844 0x1270 SiSRaid2 - ok
15:33:21.0844 0x1270 [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
15:33:21.0844 0x1270 SiSRaid4 - ok
15:33:21.0844 0x1270 [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost C:\WINDOWS\System32\smphost.dll
15:33:21.0844 0x1270 smphost - ok
15:33:21.0859 0x1270 [ E3E56CAF0472163871B922FC7CBC9654, 1D7208519DB904E1B27F8D5214CA219BD52AB8C1AB64F22F8959DC4E8955AD37 ] snapman C:\WINDOWS\system32\DRIVERS\snapman.sys
15:33:21.0859 0x1270 snapman - ok
15:33:21.0859 0x1270 [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
15:33:21.0859 0x1270 SNMPTRAP - ok
15:33:21.0875 0x1270 [ F6EBE514D13ECE7EDC23440039CDF9AB, B58072BE7E4E52704C7B1D52DD49F469542B4B015C6D560369EEC1B046AFB254 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
15:33:21.0875 0x1270 spaceport - ok
15:33:21.0875 0x1270 [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
15:33:21.0891 0x1270 SpbCx - ok
15:33:21.0891 0x1270 [ FE0CB40F36D3FCDD3A1B312EF72C38D5, 42EA50869752164764DFE8CE7E1C247BE8342A0C15F39158DC808E8A692C460F ] Spooler C:\WINDOWS\System32\spoolsv.exe
15:33:21.0906 0x1270 Spooler - ok
15:33:22.0016 0x1270 [ E6DEC72A2A23FAA53EB9FEC3C7E29D66, 58BB3B9D50DFFF99E790D5B768FAA387F16385436BA6EB704BE6DB1F63B8E4B2 ] sppsvc C:\WINDOWS\system32\sppsvc.exe
15:33:22.0110 0x1270 sppsvc - ok
15:33:22.0141 0x1270 [ 8BFD1752AAA15BF47D668E9AC5AF96FB, EEC6CDA06A971D2E2C2634987228E550970C9246659C25DCCF87AC9CD08F55F3 ] SRTSP C:\WINDOWS\system32\drivers\NISx64\1501000.012\SRTSP64.SYS
15:33:22.0156 0x1270 SRTSP - ok
15:33:22.0156 0x1270 [ B18CE01B9C09C59422BA7C7064248B35, B355EE2FBB37C4B0EFFE4DC5E0788A26579266828E7988EDC497B0AE7375F8AB ] SRTSPX C:\WINDOWS\system32\drivers\NISx64\1501000.012\SRTSPX64.SYS
15:33:22.0156 0x1270 SRTSPX - ok
15:33:22.0156 0x1270 [ 2B78788A1485F9B99A578A299DF42C02, A87183A9B13585C9E850437A45237105D39D7F3212ADB079D6AB430B67A59643 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
15:33:22.0172 0x1270 srv - ok
15:33:22.0188 0x1270 [ C1AE59C0B0817236EC083A91C396005A, 26F05ECB44C300DA8F333B115727C31C5C8252C83F37F0AE7DFF89B267599CDF ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
15:33:22.0188 0x1270 srv2 - ok
15:33:22.0203 0x1270 [ 77195C32175FC63D6054EBA5A066D727, 22F5D26809BC9288021620040FC7B7BB76708D434C863B3C0C20F73200C1C6A9 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
15:33:22.0203 0x1270 srvnet - ok
15:33:22.0219 0x1270 [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
15:33:22.0219 0x1270 SSDPSRV - ok
15:33:22.0219 0x1270 [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
15:33:22.0219 0x1270 SstpSvc - ok
15:33:22.0235 0x1270 [ 5FFDA96330357A914A69D79BE1988A38, E2A03A8D108C210B1111E2466E3DD381F0FA440B95B5013DC728EAD9CFE448AF ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
15:33:22.0250 0x1270 Steam Client Service - ok
15:33:22.0250 0x1270 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
15:33:22.0250 0x1270 stexstor - ok
15:33:22.0266 0x1270 [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc C:\WINDOWS\System32\wiaservc.dll
15:33:22.0281 0x1270 stisvc - ok
15:33:22.0281 0x1270 [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
15:33:22.0281 0x1270 storahci - ok
15:33:22.0281 0x1270 [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
15:33:22.0281 0x1270 storflt - ok
15:33:22.0297 0x1270 [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
15:33:22.0297 0x1270 stornvme - ok
15:33:22.0297 0x1270 [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc C:\WINDOWS\system32\storsvc.dll
15:33:22.0297 0x1270 StorSvc - ok
15:33:22.0297 0x1270 [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
15:33:22.0297 0x1270 storvsc - ok
15:33:22.0297 0x1270 [ 03618F935379614837F915D04C45FC0E, 9CC0CBA7AFC58E7F921C13FA3F5269714F1F827535A311E11EA48689C4D539DE ] storvsp C:\WINDOWS\System32\drivers\storvsp.sys
15:33:22.0297 0x1270 storvsp - ok
15:33:22.0313 0x1270 [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc C:\WINDOWS\system32\svsvc.dll
15:33:22.0313 0x1270 svsvc - ok
15:33:22.0313 0x1270 [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum C:\WINDOWS\System32\drivers\swenum.sys
15:33:22.0313 0x1270 swenum - ok
15:33:22.0328 0x1270 [ A5DC2E63F5E5D3C0B843307374998479, B3156296D1750FEAF2354E217735B8D888C50599869233FB1B537167F2CECE0B ] swprv C:\WINDOWS\System32\swprv.dll
15:33:22.0344 0x1270 swprv - ok
15:33:22.0344 0x1270 sxuptp - ok
15:33:22.0344 0x1270 [ 5C9EE2303CA7F267665D75237862B39C, 5DECD977A823C14B4D980D3DB621BC875231B741653F0450A027FC9E87725F9D ] SymDS C:\WINDOWS\system32\drivers\NISx64\1501000.012\SYMDS64.SYS
15:33:22.0360 0x1270 SymDS - ok
15:33:22.0375 0x1270 [ 08AF51153E441687130B759A8F6892ED, C9DFC0667EF9CE7FACBBB0DE53BD6E0DC9E0ED582CB89FBB2E7FE91CEAC47C5B ] SymEFA C:\WINDOWS\system32\drivers\NISx64\1501000.012\SYMEFA64.SYS
15:33:22.0406 0x1270 SymEFA - ok
15:33:22.0406 0x1270 [ 20F758E6339A16F97DD83389D582E09A, 837016154B7952B645B5545AEB8E2A8878EFA8674E6B96471C3DB5E458B06960 ] SymELAM C:\WINDOWS\system32\drivers\NISx64\1501000.012\SymELAM.sys
15:33:22.0406 0x1270 SymELAM - ok
15:33:22.0406 0x1270 [ 97E11C50CE52277B377396EA8838E539, E17D03F80E14F961C41F2D54D1EF73D29BF01F38459C5710D786234F8BA3C835 ] SymEvent C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
15:33:22.0406 0x1270 SymEvent - ok
15:33:22.0422 0x1270 [ 48C2934683CBD06F662B088EEF49EF6A, 2212A3588C28F33EFCB1D34618B3054EBBAC6731D177A581D21D1F969FE040C0 ] SymIRON C:\WINDOWS\system32\drivers\NISx64\1501000.012\Ironx64.SYS
15:33:22.0422 0x1270 SymIRON - ok
15:33:22.0438 0x1270 [ 78A2F073AD9EA5EBC04A70931EA36C9A, 011395F07D7879D30E1700F060CA8C02407F8FFC99998B2E7507E7AF22578B68 ] SymNetS C:\WINDOWS\system32\drivers\NISx64\1501000.012\SYMNETS.SYS
15:33:22.0453 0x1270 SymNetS - ok
15:33:22.0563 0x1270 [ 062404ED60707B116EDD3E52836AE664, 846E1BF6FA3E8C6484438305901DC9AD867743104A07F67502F5F3A7195CAED7 ] syncagentsrv C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
15:33:22.0656 0x1270 syncagentsrv - ok
15:33:22.0672 0x1270 [ E45DA7CBBA34510C8B9473AD7D4FFD0B, 89C2AED757D86C276D78D29D94DCBF9C1B6A244A2153EC85CCB2E86C5F078387 ] SysMain C:\WINDOWS\system32\sysmain.dll
15:33:22.0703 0x1270 SysMain - ok
15:33:22.0703 0x1270 [ D65B1C952AEB864C2BAC7A770B17ECCE, 3EFAAFFF73390D9CB660E0F42B305512396CF66ED06E4A20ED67E8722FB4355B ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
15:33:22.0719 0x1270 SystemEventsBroker - ok
15:33:22.0719 0x1270 [ AFFCADFBC35AA9C4EBB4A51D3BF88D35, 9D1E2C09BCD478012E15ED3B57105F6EDC48957F63A4532C3365608A58EBE82C ] sysTPLMonitor.exe C:\Program Files (x86)\sysTPL\sysTPLMonitor.exe
15:33:22.0735 0x1270 sysTPLMonitor.exe - ok
15:33:22.0735 0x1270 [ 3FB90D9C98D4058E0EDDE3F870555878, 1E8EF6DDAAB652EEAEECE84277D4595870A9C1AFD62F736B22FF46C2FE00AAB4 ] sysTPLService.exe C:\Program Files (x86)\sysTPL\sysTPLService.exe
15:33:22.0735 0x1270 sysTPLService.exe - ok
15:33:22.0750 0x1270 [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
15:33:22.0750 0x1270 TabletInputService - ok
15:33:22.0750 0x1270 [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
15:33:22.0766 0x1270 TapiSrv - ok
15:33:22.0813 0x1270 [ 3D9A5AC880D7AA2305812D665D24ED23, 3947FA5DDE537EC566D10AC9705EC6A58C8D058CA535303434499D67B52A42A8 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
15:33:22.0844 0x1270 Tcpip - ok
15:33:22.0891 0x1270 [ 3D9A5AC880D7AA2305812D665D24ED23, 3947FA5DDE537EC566D10AC9705EC6A58C8D058CA535303434499D67B52A42A8 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:33:22.0922 0x1270 TCPIP6 - ok
15:33:22.0922 0x1270 [ 33A7D83EEB15431773A6E186CFAABA21, AC5100A76CA44BFADF4A54FDB09FF5D2FF13B9F8482DC1AE86C8C27005F77B0F ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
15:33:22.0922 0x1270 tcpipreg - ok
15:33:22.0953 0x1270 [ AC28A6FCA485821499FF018695CEDE16, 8BA6086EB1831FDEDB9E195EA7D5F2FE2B0944E4E0B0CDB41CD06971F7DAC805 ] tdrpman C:\WINDOWS\system32\DRIVERS\tdrpman.sys
15:33:22.0969 0x1270 tdrpman - ok
15:33:22.0985 0x1270 [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
15:33:22.0985 0x1270 tdx - ok
15:33:22.0985 0x1270 [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
15:33:22.0985 0x1270 terminpt - ok
15:33:23.0000 0x1270 [ 2C77831737491F4D684D315B95C62883, 90A2574A281F19646CFCDA5FDF40063220058290D2D5523AD91B7E709EC36D3D ] TermService C:\WINDOWS\System32\termsrv.dll
15:33:23.0016 0x1270 TermService - ok
15:33:23.0031 0x1270 [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes C:\WINDOWS\system32\themeservice.dll
15:33:23.0031 0x1270 Themes - ok
15:33:23.0031 0x1270 [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER C:\WINDOWS\system32\mmcss.dll
15:33:23.0031 0x1270 THREADORDER - ok
15:33:23.0047 0x1270 [ DE604462206F7D8C203F767F425FCA8D, 149FBF6367C45415B939A9B1A7A10DA7A5E19F28CE533BCBE2B20DA4B78F8645 ] tib C:\WINDOWS\system32\DRIVERS\tib.sys
15:33:23.0078 0x1270 tib - ok
15:33:23.0078 0x1270 [ 8C750FE6DE38AF13506B99EC2F519F79, 232D18416E9DE3A676C625280CF172ED180B5AF98C69E5B24CC780D480549E35 ] tib_mounter C:\WINDOWS\system32\DRIVERS\tib_mounter.sys
15:33:23.0078 0x1270 tib_mounter - ok
15:33:23.0094 0x1270 [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
15:33:23.0094 0x1270 TimeBroker - ok
15:33:23.0094 0x1270 [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM C:\WINDOWS\system32\drivers\tpm.sys
15:33:23.0094 0x1270 TPM - ok
15:33:23.0110 0x1270 [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks C:\WINDOWS\System32\trkwks.dll
15:33:23.0110 0x1270 TrkWks - ok
15:33:23.0110 0x1270 [ DA56FFA46030E6FEB215E3D5DAA65B11, 36B5EED8F9044475000362DBFC8A2A40B889ED46382CCEFB6BA04BE0442F98C2 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
15:33:23.0110 0x1270 TrustedInstaller - ok
15:33:23.0125 0x1270 [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
15:33:23.0125 0x1270 TsUsbFlt - ok
15:33:23.0125 0x1270 [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
15:33:23.0125 0x1270 TsUsbGD - ok
15:33:23.0125 0x1270 [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
15:33:23.0125 0x1270 tunnel - ok
15:33:23.0141 0x1270 [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
15:33:23.0141 0x1270 uagp35 - ok
15:33:23.0141 0x1270 [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
15:33:23.0141 0x1270 UASPStor - ok
15:33:23.0141 0x1270 [ 5D1B430EA11064C56E7C8F84B90DEB6A, 874D9EE807F16321C4857030F9C18D2B925785FD4BB7ED047AF9535BF3F30D84 ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
15:33:23.0156 0x1270 UCX01000 - ok
15:33:23.0156 0x1270 [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
15:33:23.0172 0x1270 udfs - ok
15:33:23.0172 0x1270 [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
15:33:23.0172 0x1270 UEFI - ok
15:33:23.0172 0x1270 [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
15:33:23.0172 0x1270 UI0Detect - ok
15:33:23.0172 0x1270 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
15:33:23.0188 0x1270 uliagpkx - ok
15:33:23.0188 0x1270 [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
15:33:23.0188 0x1270 umbus - ok
15:33:23.0188 0x1270 [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
15:33:23.0188 0x1270 UmPass - ok
15:33:23.0188 0x1270 [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
15:33:23.0203 0x1270 UmRdpService - ok
15:33:23.0203 0x1270 [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost C:\WINDOWS\System32\upnphost.dll
15:33:23.0219 0x1270 upnphost - ok
15:33:23.0219 0x1270 [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\WINDOWS\System32\Drivers\usbaapl64.sys
15:33:23.0219 0x1270 USBAAPL64 - ok
15:33:23.0235 0x1270 [ 755A90F1C949B8260D7670AEF6DB4912, 0408112B3277D00C92BD9265DC9A7C8CA46FB160D0B4BB0318B86DB4A5EA2DA7 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
15:33:23.0235 0x1270 usbaudio - ok
15:33:23.0235 0x1270 [ 433ECDE01A52691FA7ACA51C10C09B70, B896296A3F8EF2AF3AC5F0091B9848156608586F1E10A95D70700BAB51E8062A ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
15:33:23.0235 0x1270 usbccgp - ok
15:33:23.0250 0x1270 [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
15:33:23.0250 0x1270 usbcir - ok
15:33:23.0250 0x1270 [ 5477D6E27C7D266EF8C152B9A25ADE5E, FEE81677D284A78A0C0FB60F887A952CFC759AE78B01206D73F59FE33612C519 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
15:33:23.0250 0x1270 usbehci - ok
15:33:23.0266 0x1270 [ DF56C2C04EFA328D7A66B69007130266, 719316EB25A8C7B82C7941D1C5B964CC4EDA4A997732F481526DE7356F6FC0D8 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
15:33:23.0266 0x1270 usbhub - ok
15:33:23.0281 0x1270 [ C0E33820326199CE3CFD3B9F27F81D99, C67F55E7DD6F7FC4A96256A14A805D39C5CE8725FD86675C6C860B3DE8E4DBC3 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
15:33:23.0297 0x1270 USBHUB3 - ok
15:33:23.0297 0x1270 [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
15:33:23.0297 0x1270 usbohci - ok
15:33:23.0297 0x1270 [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
15:33:23.0297 0x1270 usbprint - ok
15:33:23.0297 0x1270 [ F04D164C4168701A4E7835607722E5F1, 6F743CF2CF73945B4A4B1C4402744BC2FE1624F1346C194493AD2F7110F9EB35 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
15:33:23.0297 0x1270 usbscan - ok
15:33:23.0313 0x1270 [ 4628B415A84EA9D4D396A56F1D0CB6C6, 430F4C819BF958430FD0DEEFD5BA07F210E0541634811993090C039CB602622F ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
15:33:23.0313 0x1270 USBSTOR - ok
15:33:23.0313 0x1270 [ BA4FA655E0FC577DB7436FC963932CE4, 3336FDECD4AEC6B316D4C0803E22A12719EBEDD1A9427C0DF5D3B263BE600EE6 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
15:33:23.0313 0x1270 usbuhci - ok
15:33:23.0328 0x1270 [ 3B44CB989757428208CCFCC028C13110, E71BFA4BB0F4FAEDA79606C44F7DAAB317CD99C9382942E5830F440CF96D9B35 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
15:33:23.0328 0x1270 USBXHCI - ok
15:33:23.0328 0x1270 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc C:\WINDOWS\system32\lsass.exe
15:33:23.0344 0x1270 VaultSvc - ok
15:33:23.0344 0x1270 [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
15:33:23.0344 0x1270 vdrvroot - ok
15:33:23.0360 0x1270 [ CFBAD6B48EDFAA0828A52646B7C4C08D, DDC7D607E784CE6FB5BC62E53E6309EB583D74425E6D3FC8F3D3EC705D69C075 ] vds C:\WINDOWS\System32\vds.exe
15:33:23.0391 0x1270 vds - ok
15:33:23.0391 0x1270 [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
15:33:23.0391 0x1270 VerifierExt - ok
15:33:23.0406 0x1270 [ 041D3EF364E624DBB2703A64A5AADF89, 94A52A35AFDD09EBCC4266BD6D44014AAB4BBDFD3F6E8C997A1CA49DFB48F60D ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
15:33:23.0422 0x1270 vhdmp - ok
15:33:23.0422 0x1270 [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\WINDOWS\system32\drivers\viaide.sys
15:33:23.0422 0x1270 viaide - ok
15:33:23.0422 0x1270 [ 3CE922E34DB12D9F3C0EA856BC09687C, E50A1885FBC775E49614989ECFEA4ACBBDDA16AF459CC5361EED9E23CC7CD42C ] Vid C:\WINDOWS\System32\drivers\Vid.sys
15:33:23.0438 0x1270 Vid - ok
15:33:23.0438 0x1270 [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
15:33:23.0438 0x1270 vmbus - ok
15:33:23.0438 0x1270 [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
15:33:23.0438 0x1270 VMBusHID - ok
15:33:23.0453 0x1270 [ 68F8C26DEA2D42E8DEC0778943433C80, 81E8F9D62815F94952CEEABD0689473CC330F7890F66872DCD35A43C06ED33CD ] vmbusr C:\WINDOWS\System32\drivers\vmbusr.sys
15:33:23.0453 0x1270 vmbusr - ok
15:33:23.0453 0x1270 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
15:33:23.0469 0x1270 vmicguestinterface - ok
15:33:23.0485 0x1270 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
15:33:23.0485 0x1270 vmicheartbeat - ok
15:33:23.0500 0x1270 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
15:33:23.0500 0x1270 vmickvpexchange - ok
15:33:23.0516 0x1270 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
15:33:23.0516 0x1270 vmicrdv - ok
15:33:23.0531 0x1270 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
15:33:23.0531 0x1270 vmicshutdown - ok
15:33:23.0547 0x1270 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
15:33:23.0563 0x1270 vmictimesync - ok
15:33:23.0563 0x1270 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss C:\WINDOWS\System32\ICSvc.dll
15:33:23.0578 0x1270 vmicvss - ok
15:33:23.0578 0x1270 [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
15:33:23.0578 0x1270 volmgr - ok
15:33:23.0594 0x1270 [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
15:33:23.0594 0x1270 volmgrx - ok
15:33:23.0610 0x1270 [ 9F9CE33B50611A1C61A46B8911E0B30B, FE4EDF16CE8FC36BB2125FC7D1CF45C65B06A2C31D426635115D879987DF2159 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
15:33:23.0610 0x1270 volsnap - ok
15:33:23.0610 0x1270 [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
15:33:23.0610 0x1270 vpci - ok
15:33:23.0625 0x1270 [ ADBE96C33D1A5BB1BBAF90B4BC84F523, 6E9C9ED3D51E4B6E494D42ECA6F824AD86D676C12C39BBE6B8BD96366BCB02DA ] vpcivsp C:\WINDOWS\System32\drivers\vpcivsp.sys
15:33:23.0625 0x1270 vpcivsp - ok
15:33:23.0625 0x1270 [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
15:33:23.0625 0x1270 vsmraid - ok
15:33:23.0657 0x1270 [ D51D7EF1EA5ED2BB01E9D07E6E0533BC, E31118F42B316C9B6C9072D9628AA2801FC2519F1A46C9ED167843CD67183C19 ] VSS C:\WINDOWS\system32\vssvc.exe
15:33:23.0672 0x1270 VSS - ok
15:33:23.0688 0x1270 [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
15:33:23.0688 0x1270 VSTXRAID - ok
15:33:23.0688 0x1270 [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
15:33:23.0688 0x1270 vwifibus - ok
15:33:23.0688 0x1270 [ 6B26AD573CCDD5209DF4397438B76354, 2C8AC314EC471F6D8B0B12D49D621360A10DCADA7C52E73596730C954FF89FCF ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys
15:33:23.0703 0x1270 vwififlt - ok
15:33:23.0703 0x1270 [ 0B48E0DFB44EE475F4FD8A8EE599AF30, 28271D4CA0C642304CD8826A3D514F44E3391F9D6D07A1595BB30CE65E7E3494 ] vwifimp C:\WINDOWS\system32\DRIVERS\vwifimp.sys
15:33:23.0703 0x1270 vwifimp - ok
15:33:23.0703 0x1270 [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time C:\WINDOWS\system32\w32time.dll
15:33:23.0719 0x1270 W32Time - ok
15:33:23.0719 0x1270 [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
15:33:23.0719 0x1270 WacomPen - ok
15:33:23.0719 0x1270 [ AFCD4054D61BD708B82991348ED1C763, EBDAC0E218F1DFC405DB3C8A2F014D20A17B0690EA381C750BED5C2AFCDFEBE3 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:33:23.0719 0x1270 Wanarp - ok
15:33:23.0735 0x1270 [ AFCD4054D61BD708B82991348ED1C763, EBDAC0E218F1DFC405DB3C8A2F014D20A17B0690EA381C750BED5C2AFCDFEBE3 ] Wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:33:23.0735 0x1270 Wanarpv6 - ok
15:33:23.0750 0x1270 [ 92BF4B3EBD6F163B94B7A20C65E7B698, 293E6FEFA862690A7B75443D6495144313D759971B98B495A99AAB0D2CF1F350 ] wbengine C:\WINDOWS\system32\wbengine.exe
15:33:23.0782 0x1270 wbengine - ok
15:33:23.0797 0x1270 [ 58F28103889817C93E5B5AFABC87E709, 547381B10DAC8A3CC16FB5DE6DF2FDA3CCD8F45DF581959FFF6E30875419B011 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
15:33:23.0797 0x1270 WbioSrvc - ok
15:33:23.0813 0x1270 [ 772365894F14652D376B2E5030179DC9, 3D917CED040456EB269BE2B82315CEAE3589FEC016DAE37FC5BC1C3D66DE3140 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
15:33:23.0813 0x1270 Wcmsvc - ok
15:33:23.0828 0x1270 [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
15:33:23.0828 0x1270 wcncsvc - ok
15:33:23.0844 0x1270 [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
15:33:23.0844 0x1270 WcsPlugInService - ok
15:33:23.0844 0x1270 [ 694B28DE12AD47031FFB4B052662131A, FF3B1B1A69C82BB123073E10D9F1322ED8587F5BAC36F8AB7DAED22C7DD5C7DB ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
15:33:23.0844 0x1270 WdBoot - ok
15:33:23.0860 0x1270 [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
15:33:23.0875 0x1270 Wdf01000 - ok
15:33:23.0875 0x1270 [ 0B99529A3BECC3528D865DDECB62503B, 28E6B44BDC52E212D2EB269491D3574B45EE9B19821FE15167D7FA05566C89F4 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
15:33:23.0891 0x1270 WdFilter - ok
15:33:23.0891 0x1270 [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
15:33:23.0891 0x1270 WdiServiceHost - ok
15:33:23.0891 0x1270 [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
15:33:23.0891 0x1270 WdiSystemHost - ok
15:33:23.0907 0x1270 [ 282E7D46310338FF4A6B7680440EB0DA, 04242798DD82F583154AEA3D775C9BFD574FC471D01CDEB9D070872425094D82 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
15:33:23.0907 0x1270 WdNisDrv - ok
15:33:23.0907 0x1270 WdNisSvc - ok
15:33:23.0907 0x1270 [ 6588A957873326361AB1CAC4E76F8394, BE17880CEDCAE5ED3B983443E3777842646A3E48B661422A717656E11F6DBA94 ] WebClient C:\WINDOWS\System32\webclnt.dll
15:33:23.0922 0x1270 WebClient - ok
15:33:23.0922 0x1270 [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
15:33:23.0922 0x1270 Wecsvc - ok
15:33:23.0922 0x1270 [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
15:33:23.0922 0x1270 WEPHOSTSVC - ok
15:33:23.0938 0x1270 [ AA1315B87D9B2E39584165318A59F15D, CD19608BE1F6B7AECF802F8D2DD4FCBDAA29450ED37F7D040DC6453924C7B0FE ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
15:33:23.0938 0x1270 wercplsupport - ok
15:33:23.0938 0x1270 [ 22B4C24AB921BFF7827FFBCA1F4E1BB3, B634F7018097A8E4EECDD9F032DF6A0FB6817FC3DEB92BCE6A0965B5D71D8DFA ] WerSvc C:\WINDOWS\System32\WerSvc.dll
15:33:23.0938 0x1270 WerSvc - ok
15:33:23.0953 0x1270 [ 2E3E82D7B1076B90F4E228A8EF17B261, 0492F8E0BE09DAD9922E85CCA7BCB1548CB9DC5841F46174A0657FDC59AAC3CE ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
15:33:23.0953 0x1270 WFPLWFS - ok
15:33:23.0953 0x1270 [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
15:33:23.0953 0x1270 WiaRpc - ok
15:33:23.0953 0x1270 [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
15:33:23.0953 0x1270 WIMMount - ok
15:33:23.0953 0x1270 WinDefend - ok
15:33:23.0985 0x1270 [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
15:33:23.0985 0x1270 WinHttpAutoProxySvc - ok
15:33:24.0000 0x1270 [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
15:33:24.0000 0x1270 Winmgmt - ok
15:33:24.0047 0x1270 [ 690C3FC5C9DBD6B9AEDF8341EC720E41, 0E4412BB6DEB5761F7A889FD90821FAFD7C6E173F449EAB3A0446BA653D6AD0C ] WinRM C:\WINDOWS\system32\WsmSvc.dll
15:33:24.0078 0x1270 WinRM - ok
15:33:24.0094 0x1270 [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb C:\WINDOWS\system32\DRIVERS\WinUsb.sys
15:33:24.0094 0x1270 WinUsb - ok
15:33:24.0110 0x1270 [ 728D3349FAB251B0265EFA55C67DCA2D, 676D2C9CF16DD333BF99FD5EC31B8F53E5295553E19BED5CF94620EE59345777 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
15:33:24.0141 0x1270 WlanSvc - ok
15:33:24.0172 0x1270 [ C2838466CCC44FAEF2C3D4C1E5971ECB, 4CA5B1632302E59E754CEA5B3CA3977D8CE9DC7B2E8673B450BBF0D646AD7AD8 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
15:33:24.0188 0x1270 wlidsvc - ok
15:33:24.0203 0x1270 [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
15:33:24.0203 0x1270 WmiAcpi - ok
15:33:24.0203 0x1270 [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
15:33:24.0203 0x1270 wmiApSrv - ok
15:33:24.0203 0x1270 WMPNetworkSvc - ok
15:33:24.0235 0x1270 [ E178371E493BF17EB90FE71ABA8BE643, E6F96C62D6AD1FE65D54F6799ABC32D34DE8C6EBFF8A297CA3142EF096112FCE ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
15:33:24.0266 0x1270 workfolderssvc - ok
15:33:24.0266 0x1270 [ E746BCDBA2E02CF6B8D6B26FB167FBE0, 8875BBE444A33E0C477EF1A3899955501B7E0A9479CA8AA20DD8E6AA0D9A71E6 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
15:33:24.0266 0x1270 wpcfltr - ok
15:33:24.0266 0x1270 [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
15:33:24.0266 0x1270 WPCSvc - ok
15:33:24.0282 0x1270 [ D27491CFCE452C154CECFA155AD0EBC8, 1F3F74C253E3B07DE7EFE27C34DD9AF08617C7B03BB44C2902F69BA9DA3F21F2 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
15:33:24.0282 0x1270 WPDBusEnum - ok
15:33:24.0282 0x1270 [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
15:33:24.0282 0x1270 WpdUpFltr - ok
15:33:24.0282 0x1270 [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
15:33:24.0282 0x1270 ws2ifsl - ok
15:33:24.0297 0x1270 [ 5CFA46C4ACB2FD70572017052378DAE5, F09134C4433A9E174889A16F29EA6628045B21BE4FA85275ACFD24D5DFB0D937 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
15:33:24.0297 0x1270 wscsvc - ok
15:33:24.0297 0x1270 [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice C:\WINDOWS\System32\drivers\WSDPrint.sys
15:33:24.0297 0x1270 WSDPrintDevice - ok
15:33:24.0297 0x1270 [ D38297814FB6E33655342D869996E617, 3701892EEF87D1BF0E73322B90678802B6EA4AFA9CBF6111F39611C79DBA96C7 ] WSDScan C:\WINDOWS\system32\DRIVERS\WSDScan.sys
15:33:24.0297 0x1270 WSDScan - ok
15:33:24.0297 0x1270 WSearch - ok
15:33:24.0360 0x1270 [ D8E3A4701376CCFD0BE542D745FA4809, CF267B5507BD02EEB6BF051534E900D592682D11159A6A13C38AE70B3CCC081F ] WSService C:\WINDOWS\System32\WSService.dll
15:33:24.0407 0x1270 WSService - ok
15:33:24.0422 0x1270 [ A40B7561851F827E792C13937F3693B4, 569BD5E417F6B4CBA5F5E7D8860320CD6D69BC4552F6BB762DC5BDCC05903ED7 ] WSWNDA3100v2 C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe
15:33:24.0422 0x1270 WSWNDA3100v2 - ok
15:33:24.0485 0x1270 [ 86D0BF4F792053A50D6EE43DFA5837A5, 5705DAB9C5896F10757630439AC8FEAB5754251C6C90E9E8449220A65D1E95D5 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
15:33:24.0532 0x1270 wuauserv - ok
15:33:24.0547 0x1270 [ 2FEAE33E9B2B56104596E1BA444405A9, 0A142F50E06F6224B9CB36B3CE62BE0B36DE8B8DB9F9E05D287DFB884CC7826E ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
15:33:24.0547 0x1270 WudfPf - ok
15:33:24.0547 0x1270 [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFSensorLP C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
15:33:24.0563 0x1270 WUDFSensorLP - ok
15:33:24.0563 0x1270 [ BB73CBC65AABC4EA0A5C6A1474A0A743, D644B3C6A7202CADDADB3B68FE1B2A7C76B023FE58F667EED4D538C1F4A65D64 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
15:33:24.0563 0x1270 wudfsvc - ok
15:33:24.0563 0x1270 [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
15:33:24.0578 0x1270 WUDFWpdFs - ok
15:33:24.0578 0x1270 [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
15:33:24.0578 0x1270 WUDFWpdMtp - ok
15:33:24.0594 0x1270 [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
15:33:24.0594 0x1270 WwanSvc - ok
15:33:24.0610 0x1270 [ 6F58BD07113A38412A6AE6566A3B36A0, 1D1A6342F776C74D49D589548F5F00A549C4A32F35D08858D55D5EB8A55EED81 ] {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl
15:33:24.0610 0x1270 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} - ok
15:33:24.0625 0x1270 ================ Scan global ===============================
15:33:24.0625 0x1270 [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\WINDOWS\system32\basesrv.dll
15:33:24.0625 0x1270 [ 599F1244C60E3D6C28A8DA7FBA7A2C13, 992E5EB5E3ED6172DC986085532224A148A09A4E9A4DED9556F34533EE98E4D0 ] C:\WINDOWS\system32\winsrv.dll
15:33:24.0641 0x1270 [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\WINDOWS\system32\sxssrv.dll
15:33:24.0641 0x1270 [ B4B610BBCB002EC478C6FD80CF915697, CE22B87A7C7C0D325CE66FB97E7318B4A41EE0BD14D902A410126A1EBBEAA6FB ] C:\WINDOWS\system32\services.exe
15:33:24.0657 0x1270 [ Global ] - ok
15:33:24.0657 0x1270 ================ Scan MBR ==================================
15:33:24.0657 0x1270 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:33:24.0907 0x1270 \Device\Harddisk0\DR0 - ok
15:33:24.0907 0x1270 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
15:33:24.0907 0x1270 \Device\Harddisk1\DR1 - ok
15:33:24.0907 0x1270 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
15:33:24.0922 0x1270 \Device\Harddisk2\DR2 - ok
15:33:24.0922 0x1270 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk3\DR3
15:33:24.0938 0x1270 \Device\Harddisk3\DR3 - ok
15:33:24.0938 0x1270 ================ Scan VBR ==================================
15:33:24.0938 0x1270 [ D79F920E9C9C86D4E7CD56879D2D7F59 ] \Device\Harddisk0\DR0\Partition1
15:33:24.0938 0x1270 \Device\Harddisk0\DR0\Partition1 - ok
15:33:24.0938 0x1270 [ 3F2974A8A2D3F95165BA3C581B990FCD ] \Device\Harddisk1\DR1\Partition1
15:33:24.0938 0x1270 \Device\Harddisk1\DR1\Partition1 - ok
15:33:24.0938 0x1270 [ A99C76E708EC1A675BFE8C7E8779D414 ] \Device\Harddisk1\DR1\Partition2
15:33:24.0938 0x1270 \Device\Harddisk1\DR1\Partition2 - ok
15:33:24.0938 0x1270 [ 8ACD313B79762E95FF3960BD84E55B7F ] \Device\Harddisk1\DR1\Partition3
15:33:24.0938 0x1270 \Device\Harddisk1\DR1\Partition3 - ok
15:33:24.0938 0x1270 [ 3FB1CD17EA417851B061D0C5155EB716 ] \Device\Harddisk1\DR1\Partition4
15:33:24.0938 0x1270 \Device\Harddisk1\DR1\Partition4 - ok
15:33:24.0938 0x1270 [ 82E7B368848B2E60F9171EBC49467B5C ] \Device\Harddisk2\DR2\Partition1
15:33:24.0938 0x1270 \Device\Harddisk2\DR2\Partition1 - ok
15:33:24.0953 0x1270 [ AB1CCCE22AE2957064074B1314D959D8 ] \Device\Harddisk3\DR3\Partition1
15:33:24.0953 0x1270 \Device\Harddisk3\DR3\Partition1 - ok
15:33:24.0953 0x1270 Waiting for KSN requests completion. In queue: 171
15:33:25.0969 0x1270 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.3.9600.16384 ), 0x60100 ( disabled : updated )
15:33:25.0969 0x1270 AV detected via SS2: Norton Internet Security, C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\WSCStub.exe ( 21.1.0.0 ), 0x51000 ( enabled : updated )
15:33:25.0985 0x1270 FW detected via SS2: Norton Internet Security, C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\WSCStub.exe ( 21.1.0.0 ), 0x52010 ( disabled )
15:33:25.0985 0x1270 Win FW state via NFP2: enabled
15:33:28.0376 0x1270 ============================================================
15:33:28.0376 0x1270 Scan finished
15:33:28.0376 0x1270 ============================================================
15:33:28.0376 0x1cb4 Detected object count: 0
15:33:28.0376 0x1cb4 Actual detected object count: 0
|
|
04.02.2014, 16:54
| #36 |
| | Internetverbindung über Port 8877 unter WIN 8.1 Nein. Natürlich nicht!! Ich Depp hätte darauf auch alleine kommen können. Entschuldigung. Also, jetzt noch einmal! Es hat sich nichts geändert, außer das im Normalmodus der Rechner jetzt "einfriert" nach dem Start von GMER mit Admin-Rechten. (kleiner blauer Kreis - unbeweglich und der Rechner reagiert auf gar nichts mehr, außer die Power-Taste mehrere Sekunden drücken!! Im abges. Modus kommen wieder die Meldungen über die Prozesse s.o. und es wird nichts gefunden. Übrigens, im abges. Modus sind nach dem Start die ganzen oberen Optionen gegraut. Nur die letzten drei kann man ändern. Im Normalmodus (mit Admin) nicht, aber da friert ja alles ein. |
|
05.02.2014, 08:14
| #37 |
| /// Malwareteam | Internetverbindung über Port 8877 unter WIN 8.1Code:
ATTFilter Tcpip\Parameters: [DhcpNameServer] 10.0.1.1
|
|
05.02.2014, 09:22
| #38 |
| | Internetverbindung über Port 8877 unter WIN 8.1 Nein, ganz allein, privat zu hause! Bei meinem Notebook (auch Win 8.1) ist das nicht und das geht auch so ins Netzwerk, natürlich mit eigener internen WLAN-Karte. Ich habe zwei Netzwerke zu hause (eigentlich 3) Über eine Time-Capsule von Apple (auch mit 5 GHz) und eins von der Fritz-Box. Die Proxy-Einstellungen werden reingeschrieben, unabhängig davon, welches Netzwerk ich nutze. Auch bei Verbindung über LAN direkt an der Fritz-Box tritt es auf. Geändert von marki56 (05.02.2014 um 09:29 Uhr) |
|
05.02.2014, 09:30
| #39 |
| /// Malwareteam | Internetverbindung über Port 8877 unter WIN 8.1 Hi, da wir nichts finden wenn das System läuft möchte ich noch von außen auf das Sysem schauen. Scan mit Farbar's Recovery Scan Tool (Recovery Mode - Windows Vista, 7, 8) Hinweise für Windows 8-Nutzer: Anleitung 1 (FRST-Variante) und Anleitung 2 (zweiter Teil) |
|
05.02.2014, 09:34
| #40 |
| | Internetverbindung über Port 8877 unter WIN 8.1 Danke! Muss jetzt weg, mache ich heute Nachmittag. |
|
05.02.2014, 10:01
| #41 |
| /// Malwareteam | Internetverbindung über Port 8877 unter WIN 8.1 Kein Problem, wir finden den Grund für die Einträge noch  |
|
05.02.2014, 14:46
| #42 |
| | Internetverbindung über Port 8877 unter WIN 8.1 So, hier die Datei: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-01-2014 01
Ran by SYSTEM on MININT-GCML4R5 on 05-02-2014 14:42:16
Running from G:\
Windows 8.1 Pro with Media Center (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Recovery
The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [CNAP2 Launcher] - C:\WINDOWS\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE [406944 2008-04-08] (CANON INC.)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2710856 2009-11-01] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] - C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-03] (CANON INC.)
HKLM\...\Run: [Acronis Scheduler2 Service] - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [517912 2013-02-15] (Acronis)
HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91096 2013-04-22] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] - C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2011-12-20] (cyberlink)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [IJNetworkScanUtility] - C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [206240 2010-08-23] (CANON INC.)
HKLM-x32\...\Run: [AirPort Base Station Agent] - C:\Program Files (x86)\AirPort\APAgent.exe [771360 2009-11-11] (Apple Inc.)
HKLM-x32\...\Run: [NetDrive] - C:\Program Files\NetDrive\NetDrive.exe [3587072 2013-02-27] (Bdrive Inc.)
HKLM-x32\...\Run: [TrueImageMonitor.exe] - C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [6405376 2013-03-27] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] - C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1105848 2013-01-10] (Acronis)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [186408 2013-12-12] (Geek Software GmbH)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\rpmar_000\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\rpmar_000\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1815976 2014-01-27] (Valve Corporation)
HKU\rpmar_000\...\Run: [AppleIEDAV] - C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1326408 2013-11-15] (Apple Inc.)
HKU\rpmar_000\...\Run: [DriveOnWeb Client] - "C:\Program Files\DriveOnWeb Client\DriveOnWeb.exe" /min /sleep=40
HKU\rpmar_000\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-11-14] (Google Inc.)
Startup: C:\Users\rpmar_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\rpmar_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\windows\system32\config\systemprofile\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)
Startup: C:\Users\rpmar_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar.lnk
ShortcutTarget: Sidebar.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
==================== Services (Whitelisted) =================
S2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [103808 2008-01-22] ()
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S2 ndsvc; C:\Program Files\NetDrive\ndsvc.exe [2789376 2013-02-27] (Bdrive Inc.)
S2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe [275696 2013-10-08] (Symantec Corporation)
S2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-10-31] (Microsoft Corporation)
S2 sysTPLMonitor.exe; C:\Program Files (x86)\sysTPL\sysTPLMonitor.exe [395888 2013-11-28] (Tlapia)
S2 sysTPLService.exe; C:\Program Files (x86)\sysTPL\sysTPLService.exe [394352 2013-11-28] (Tlapia)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
S2 WSWNDA3100v2; C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe [305200 2012-09-18] ()
==================== Drivers (Whitelisted) ====================
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2012-11-15] ()
S1 avfwot; C:\Windows\system32\DRIVERS\avfwot.sys [126792 2011-01-10] (Avira GmbH)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
S1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140121.001\BHDrvx64.sys [1526488 2014-01-21] (Symantec Corporation)
S1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1501000.012\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
S2 DRHARD64; C:\WINDOWS\system32\drivers\DRHARD64.sys [21984 2011-11-03] (Licensed for Gebhard Software)
S2 DRHARD64; C:\WINDOWS\SysWOW64\drivers\DRHARD64.sys [21984 2011-11-03] (Licensed for Gebhard Software)
S2 DRHMSR64; C:\WINDOWS\system32\drivers\DRHMSR64.sys [13760 2013-07-21] ()
S2 DRHMSR64; C:\WINDOWS\SysWOW64\drivers\DRHMSR64.sys [13760 2013-07-21] ()
S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-01-28] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2014-01-28] (Symantec Corporation)
S1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO64A.SYS [31136 2013-10-18] (REALiX(tm))
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
S1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140205.001\IDSvia64.sys [521944 2014-01-27] (Symantec Corporation)
S0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
S3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [22272 2013-09-30] (Microsoft Corporation)
S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2012-11-15] ()
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140204.024\ENG64.SYS [126040 2014-01-31] (Symantec Corporation)
S3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140204.024\EX64.SYS [2099288 2014-01-31] (Symantec Corporation)
S3 ndfs; C:\Program Files\NetDrive\ndfs.sys [63712 2013-02-09] (Bdrive Inc.)
S3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 NPF; C:\Windows\system32\DRIVERS\npf.sys [47632 2010-02-03] (CACE Technologies, Inc.)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [47320 2013-07-29] (Realtek Microelectronics)
S0 SCMNdisP; C:\Windows\System32\DRIVERS\scmndisp.sys [29472 2012-09-05] (SerComm Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
S3 SRTSP; C:\Windows\system32\drivers\NISx64\1501000.012\SRTSP64.SYS [858200 2013-09-27] (Symantec Corporation)
S1 SRTSPX; C:\Windows\system32\drivers\NISx64\1501000.012\SRTSPX64.SYS [36952 2013-09-10] (Symantec Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
S0 SymDS; C:\Windows\System32\drivers\NISx64\1501000.012\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
S0 SymEFA; C:\Windows\System32\drivers\NISx64\1501000.012\SYMEFA64.SYS [1147480 2013-09-27] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1501000.012\SymELAM.sys [23568 2013-09-10] (Symantec Corporation)
S3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-01-28] (Symantec Corporation)
S1 SymIRON; C:\Windows\system32\drivers\NISx64\1501000.012\Ironx64.SYS [264280 2013-09-27] (Symantec Corporation)
S1 SymNetS; C:\Windows\system32\drivers\NISx64\1501000.012\SYMNETS.SYS [590936 2013-09-26] (Symantec Corporation)
S0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2013-08-29] (Acronis International GmbH)
S0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [183224 2013-08-29] (Acronis)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
S2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl [130320 2013-04-25] (CyberLink Corp.)
S3 DfSdkS;
S3 DRHARD; \??\C:\WINDOWS\system32\DRIVERS\DRHARD.SYS [x]
S2 sxuptp; \SystemRoot\System32\drivers\sxuptp.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-04 17:52 - 2014-02-04 17:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-02-04 15:46 - 2014-02-04 15:46 - 00119443 _____ C:\Users\rpmar_000\Desktop\TDSSKiller_Report.txt
2014-02-04 15:32 - 2013-11-18 06:28 - 04121952 _____ (Kaspersky Lab ZAO) C:\Users\rpmar_000\Desktop\TDSSKiller.exe
2014-02-04 15:30 - 2014-02-04 15:31 - 04101441 _____ C:\Users\rpmar_000\Downloads\tdsskiller.zip
2014-02-04 15:24 - 2014-02-04 15:24 - 00000000 _____ C:\Users\rpmar_000\Desktop\gmer.txt
2014-02-04 15:07 - 2014-02-04 15:07 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\rpmar_000\Downloads\tdsskiller.exe
2014-02-04 15:02 - 2014-02-04 15:02 - 00380416 _____ C:\Users\rpmar_000\Downloads\xceq2g82.exe
2014-02-04 15:02 - 2014-02-04 15:02 - 00380416 _____ C:\Users\rpmar_000\Downloads\Gmer-19357.exe
2014-02-04 08:38 - 2014-02-04 17:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-04 08:38 - 2014-02-04 08:38 - 00001163 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-04 08:37 - 2014-02-04 08:37 - 00283096 _____ (Mozilla) C:\Users\rpmar_000\Downloads\Firefox Setup Stub 26.0.exe
2014-02-03 16:23 - 2014-02-03 16:23 - 00003235 _____ C:\Users\rpmar_000\Downloads\Antrag(2).xml
2014-02-03 11:06 - 2014-02-03 11:06 - 02347384 _____ (ESET) C:\Users\rpmar_000\Downloads\esetsmartinstaller_enu.exe
2014-02-03 10:33 - 2014-02-05 14:36 - 00000000 ____D C:\Users\rpmar_000\AppData\Roaming\vlc
2014-02-03 10:29 - 2014-02-03 10:29 - 00000887 _____ C:\Users\Public\Desktop\VLC media player.lnk
2014-02-03 10:25 - 2014-02-03 10:26 - 23884615 _____ C:\Users\rpmar_000\Downloads\vlc-2.1.2-win64.exe
2014-02-01 12:48 - 2014-02-01 12:48 - 00000637 _____ C:\Users\rpmar_000\Desktop\JRT.txt
2014-02-01 10:16 - 2014-02-01 10:16 - 00000085 _____ C:\Windows\wininit.ini
2014-01-31 16:19 - 2014-02-01 12:43 - 00001814 _____ C:\sc-cleaner.txt
2014-01-31 16:18 - 2014-01-31 16:18 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\rpmar_000\Downloads\sc-cleaner.exe
2014-01-31 16:18 - 2014-01-31 16:18 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\rpmar_000\Desktop\sc-cleaner.exe
2014-01-31 14:35 - 2014-01-31 14:35 - 00000000 ____D C:\Users\rpmar_000\Documents\ProcAlyzer Dumps
2014-01-31 14:31 - 2014-02-01 10:46 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-01-31 14:31 - 2014-02-01 10:16 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2014-01-31 14:31 - 2014-01-31 14:31 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2014-01-31 13:52 - 2014-01-31 13:53 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\rpmar_000\Downloads\spybot-2.2.25.exe
2014-01-31 13:33 - 2014-01-31 13:45 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-01-31 13:33 - 2014-01-31 13:33 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\MBAMSwissArmy.sys
2014-01-31 13:26 - 2014-01-31 13:45 - 00000000 ____D C:\Users\rpmar_000\Desktop\mbar
2014-01-31 13:24 - 2014-01-31 13:33 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamchameleon.sys
2014-01-31 13:23 - 2014-01-31 13:24 - 00000000 ____D C:\Malewarebytes
2014-01-31 13:21 - 2014-01-31 13:21 - 12589848 _____ (Malwarebytes Corp.) C:\Users\rpmar_000\Downloads\mbar-1.07.0.1009.exe
2014-01-30 16:49 - 2014-01-30 14:05 - 02079744 _____ (Farbar) C:\Users\rpmar_000\Desktop\FRST64.exe
2014-01-30 16:08 - 2014-01-30 16:08 - 01804472 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2014-01-30 16:00 - 2014-01-30 16:00 - 00000000 ____D C:\Windows\ERUNT
2014-01-30 16:00 - 2014-01-30 15:59 - 01037068 _____ (Thisisu) C:\Users\rpmar_000\Desktop\JRT.exe
2014-01-30 15:59 - 2014-01-30 15:59 - 01037068 _____ (Thisisu) C:\Users\rpmar_000\Downloads\JRT.exe
2014-01-30 15:50 - 2014-01-30 13:13 - 01166132 _____ C:\Users\rpmar_000\Desktop\adwcleaner.exe
2014-01-30 15:42 - 2014-01-30 21:35 - 00011252 _____ C:\Users\rpmar_000\Documents\Einnahme_Ausgabe.xlsx
2014-01-30 14:17 - 2014-02-03 15:54 - 00000000 ____D C:\Users\rpmar_000\Documents\Malware
2014-01-30 14:08 - 2014-01-30 16:53 - 00071262 _____ C:\Users\rpmar_000\Desktop\FRST.txt
2014-01-30 14:06 - 2014-01-31 16:15 - 00073823 _____ C:\Users\rpmar_000\Downloads\FRST.txt
2014-01-30 14:06 - 2014-01-31 16:15 - 00031870 _____ C:\Users\rpmar_000\Downloads\Addition.txt
2014-01-30 14:06 - 2014-01-30 14:06 - 00000119 _____ C:\Users\rpmar_000\Desktop\Addition.txt
2014-01-30 14:05 - 2014-02-03 16:48 - 00000000 ____D C:\FRST
2014-01-30 14:05 - 2014-01-30 14:05 - 02079744 _____ (Farbar) C:\Users\rpmar_000\Downloads\FRST64.exe
2014-01-30 13:13 - 2014-01-30 13:13 - 01166132 _____ C:\Users\rpmar_000\Downloads\adwcleaner.exe
2014-01-30 08:59 - 2014-01-30 08:59 - 00281136 _____ C:\Windows\Minidump\013014-7265-01.dmp
2014-01-29 20:53 - 2014-01-29 20:53 - 00009538 _____ C:\Users\rpmar_000\Documents\Malware.txt
2014-01-29 16:49 - 2014-01-29 16:49 - 00000000 ____D C:\ProgramData\Websteroids
2014-01-29 16:45 - 2014-01-29 16:45 - 00675048 _____ C:\Users\rpmar_000\Downloads\AdwCleaner_Setup_Download.exe
2014-01-29 16:44 - 2014-01-29 16:44 - 01166132 _____ C:\Users\rpmar_000\Downloads\adwcleaner-3.018.exe
2014-01-29 16:39 - 2014-01-30 14:02 - 00000000 ____D C:\ProgramData\Updater
2014-01-29 16:39 - 2014-01-30 14:02 - 00000000 ____D C:\ProgramData\RHelpers
2014-01-29 16:10 - 2014-01-29 16:10 - 00000000 ____D C:\Users\rpmar_000\AppData\Roaming\Malwarebytes
2014-01-29 16:09 - 2014-02-01 10:44 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-29 16:09 - 2014-01-29 16:09 - 00001125 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-29 16:09 - 2014-01-29 16:09 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-29 16:09 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2014-01-29 15:09 - 2014-01-29 15:09 - 00004096 _____ C:\Users\rpmar_000\Desktop\ipdetails.txt
2014-01-29 15:02 - 2014-01-29 15:02 - 00003475 _____ C:\Users\rpmar_000\Desktop\ipdetails1.txt
2014-01-28 18:20 - 2014-01-28 18:20 - 00000000 ____D C:\Windows\System32\Tasks\Norton Internet Security
2014-01-28 18:19 - 2014-01-28 18:19 - 00177752 _____ (Symantec Corporation) C:\Windows\System32\Drivers\SYMEVENT64x86.SYS
2014-01-28 18:19 - 2014-01-28 18:19 - 00008222 _____ C:\Windows\System32\Drivers\SYMEVENT64x86.CAT
2014-01-28 18:19 - 2014-01-28 18:19 - 00002597 _____ C:\Users\Public\Desktop\Norton Internet Security.lnk
2014-01-28 18:19 - 2014-01-28 18:19 - 00000000 ____D C:\Program Files (x86)\Norton Internet Security
2014-01-28 18:10 - 2014-01-28 18:15 - 204480336 ____N (Symantec Corporation) C:\Users\rpmar_000\Downloads\NIS-ESD-21.1.0-GE.exe
2014-01-28 17:55 - 2014-01-28 18:47 - 00000000 ____D C:\Users\rpmar_000\AppData\Local\LogMeIn Rescue Applet
2014-01-28 15:20 - 2014-01-28 15:28 - 00101386 _____ C:\Users\rpmar_000\Desktop\sfcdetails.txt
2014-01-28 15:08 - 2014-01-28 15:08 - 00000000 ____D C:\Users\rpmar_000\AppData\Local\PackageStaging
2014-01-28 13:00 - 2014-01-28 14:16 - 00051811 _____ C:\Users\rpmar_000\Documents\sfcdetails.txt
2014-01-28 08:55 - 2014-02-03 17:00 - 00216987 _____ C:\Users\rpmar_000\Desktop\ProjStat_GCD_RPMarr.xlsx
2014-01-25 16:49 - 2014-01-25 16:49 - 00000000 ____D C:\Windows\SysWOW64\AIM
2014-01-25 16:49 - 2003-12-04 15:58 - 00000696 _____ C:\Windows\SysWOW64\jetodbc.rsp
2014-01-25 16:49 - 2002-12-11 19:12 - 00760968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSDMOD.DLL
2014-01-25 16:49 - 2002-12-11 19:12 - 00316040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DMOD.DLL
2014-01-25 16:49 - 2002-12-11 19:10 - 00816264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDMOD.DLL
2014-01-25 16:49 - 2002-12-11 17:34 - 00241664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DMOD.DLL
2014-01-25 16:49 - 2002-12-11 15:16 - 00384512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDMOD.DLL
2014-01-25 16:49 - 2002-08-29 03:43 - 00278559 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMV8DS32.AX
2014-01-25 16:49 - 2002-08-29 03:43 - 00258048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDS32.AX
2014-01-25 16:49 - 2002-08-29 03:43 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSADDS32.AX
2014-01-25 16:49 - 2002-04-29 19:47 - 00121160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscal.ocx
2014-01-25 16:49 - 2000-06-13 00:00 - 01046288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSJET35.DLL
2014-01-25 16:49 - 2000-06-13 00:00 - 00415504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSREPL35.DLL
2014-01-25 16:49 - 1999-03-05 22:15 - 00074000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrclr40.dll
2014-01-25 16:49 - 1999-03-05 22:15 - 00028944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrecr40.dll
2014-01-25 16:49 - 1998-04-24 00:00 - 00368912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VBAR332.DLL
2014-01-25 16:49 - 1998-04-24 00:00 - 00148240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSJINT35.DLL
2014-01-25 16:49 - 1997-07-01 10:45 - 00250128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSEXCL35.DLL
2014-01-25 16:49 - 1997-06-23 09:06 - 00330000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSEXCH35.DLL
2014-01-25 16:49 - 1997-06-23 09:06 - 00287504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSXBSE35.DLL
2014-01-25 16:49 - 1997-06-23 09:06 - 00252176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSRD2X35.DLL
2014-01-25 16:49 - 1997-06-23 09:06 - 00250128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSPDOX35.DLL
2014-01-25 16:49 - 1997-06-23 09:06 - 00166160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSLTUS35.DLL
2014-01-25 16:49 - 1997-06-23 09:06 - 00165648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSTEXT35.DLL
2014-01-25 16:49 - 1997-06-23 09:06 - 00024848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSJTER35.DLL
2014-01-25 16:48 - 2014-01-25 16:48 - 00002116 _____ C:\Users\Public\Desktop\Olympia Chronik 2014.lnk
2014-01-25 16:46 - 2014-01-25 16:46 - 00000000 ____D C:\Program Files (x86)\USM
2014-01-25 16:45 - 2014-01-03 11:55 - 24097311 _____ C:\Users\rpmar_000\Downloads\vlc-2.1.2-win32.exe
2014-01-25 16:44 - 2014-02-03 13:41 - 00000000 ____D C:\ProgramData\Ashampoo
2014-01-25 16:44 - 2014-01-25 16:44 - 00002268 _____ C:\Users\Public\Desktop\Ein-Klick-Optimierung (WO10).lnk
2014-01-25 16:44 - 2014-01-25 16:44 - 00001246 _____ C:\Users\Public\Desktop\Ashampoo WinOptimizer 10.lnk
2014-01-25 16:44 - 2014-01-25 16:44 - 00000214 _____ C:\Users\Public\Desktop\Your Software Deals.url
2014-01-25 16:44 - 2014-01-25 16:44 - 00000000 ____D C:\Program Files (x86)\Ashampoo
2014-01-25 16:44 - 2009-08-24 21:13 - 00034304 _____ (mst software GmbH, Germany) C:\Windows\System32\DfSdkBt.exe
2014-01-25 16:37 - 2014-02-03 13:43 - 00000000 ____D C:\Program Files (x86)\Dr. Hardware 2013
2014-01-25 16:37 - 2014-01-25 16:37 - 00000996 _____ C:\Users\rpmar_000\Desktop\Dr. Hardware 2013.lnk
2014-01-25 16:37 - 2014-01-25 16:37 - 00000996 _____ C:\Users\marki_lokal\Desktop\Dr. Hardware 2013.lnk
2014-01-25 16:37 - 2013-07-21 17:41 - 00013760 _____ C:\Windows\SysWOW64\Drivers\DRHMSR64.sys
2014-01-25 16:37 - 2013-07-21 17:41 - 00013760 _____ C:\Windows\System32\Drivers\DRHMSR64.sys
2014-01-25 16:37 - 2011-11-03 18:05 - 00021984 _____ (Licensed for Gebhard Software) C:\Windows\SysWOW64\Drivers\DRHARD64.sys
2014-01-25 16:37 - 2011-11-03 18:05 - 00021984 _____ (Licensed for Gebhard Software) C:\Windows\System32\Drivers\DRHARD64.sys
2014-01-25 15:30 - 2014-01-25 15:30 - 00023489 _____ C:\Users\rpmar_000\Documents\Transsib.txt
2014-01-25 13:29 - 2014-01-25 13:41 - 00000000 ____D C:\Users\rpmar_000\Desktop\Neuer Ordner
2014-01-25 12:09 - 2014-01-25 12:09 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1379490362-2251337210-4251339374-1005
2014-01-25 12:05 - 2014-01-25 12:05 - 00000000 ____D C:\Users\marki_lokal\AppData\Roaming\Logitech
2014-01-25 12:05 - 2014-01-25 12:05 - 00000000 ____D C:\Users\marki_lokal\AppData\Roaming\ATI
2014-01-25 12:05 - 2014-01-25 12:05 - 00000000 ____D C:\Users\marki_lokal\AppData\Local\ATI
2014-01-25 12:04 - 2014-01-25 12:05 - 00000000 ____D C:\Users\marki_lokal\AppData\Local\Packages
2014-01-25 12:04 - 2014-01-25 12:04 - 00000020 ___SH C:\Users\marki_lokal\ntuser.ini
2014-01-25 12:04 - 2014-01-25 12:04 - 00000000 _SHDL C:\Users\marki_lokal\Vorlagen
2014-01-25 12:04 - 2014-01-25 12:04 - 00000000 _SHDL C:\Users\marki_lokal\Startmenü
2014-01-25 12:04 - 2014-01-25 12:04 - 00000000 _SHDL C:\Users\marki_lokal\Netzwerkumgebung
2014-01-25 12:04 - 2014-01-25 12:04 - 00000000 _SHDL C:\Users\marki_lokal\Lokale Einstellungen
2014-01-25 12:04 - 2014-01-25 12:04 - 00000000 _SHDL C:\Users\marki_lokal\Eigene Dateien
2014-01-25 12:04 - 2014-01-25 12:04 - 00000000 _SHDL C:\Users\marki_lokal\Druckumgebung
2014-01-25 12:04 - 2014-01-25 12:04 - 00000000 _SHDL C:\Users\marki_lokal\Documents\Eigene Musik
2014-01-25 12:04 - 2014-01-25 12:04 - 00000000 _SHDL C:\Users\marki_lokal\Documents\Eigene Bilder
2014-01-25 12:04 - 2014-01-25 12:04 - 00000000 _SHDL C:\Users\marki_lokal\AppData\Local\Verlauf
2014-01-25 12:04 - 2014-01-25 12:04 - 00000000 _SHDL C:\Users\marki_lokal\AppData\Local\Anwendungsdaten
2014-01-25 12:04 - 2014-01-25 12:04 - 00000000 _SHDL C:\Users\marki_lokal\Anwendungsdaten
2014-01-25 12:04 - 2014-01-25 12:04 - 00000000 ____D C:\Users\marki_lokal\AppData\Roaming\Adobe
2014-01-25 12:04 - 2014-01-25 12:04 - 00000000 ____D C:\Users\marki_lokal\AppData\Local\VirtualStore
2014-01-25 12:03 - 2014-01-25 12:04 - 00000000 ____D C:\users\marki_lokal
2014-01-25 12:03 - 2013-10-17 14:07 - 00000000 ____D C:\Users\marki_lokal\AppData\Local\Microsoft Help
2014-01-25 11:59 - 2014-01-25 11:59 - 00000000 ___HD C:\$SysReset
2014-01-23 13:58 - 2014-01-23 13:58 - 00001058 _____ C:\Users\Public\Desktop\PDF-XChange Editor.lnk
2014-01-23 13:58 - 2014-01-23 13:58 - 00000000 ____D C:\Users\rpmar_000\AppData\Roaming\Tracker Software
2014-01-23 13:58 - 2014-01-23 13:58 - 00000000 ____D C:\Program Files\Tracker Software
2014-01-23 13:56 - 2014-01-23 13:56 - 00000000 ____D C:\Users\rpmar_000\Documents\PDF-Viewer
2014-01-23 13:54 - 2014-01-23 13:56 - 53393688 _____ C:\Users\rpmar_000\Downloads\PDFXVE3_3.0.307.1.zip
2014-01-23 11:39 - 2014-02-01 12:51 - 00000000 ____D C:\AdwCleaner
2014-01-23 11:27 - 2012-07-25 12:03 - 00016896 _____ C:\Windows\System32\sasnative64.exe
2014-01-23 11:26 - 2014-01-25 11:27 - 00000138 _____ C:\Users\rpmar_000\AppData\Roaming\WB.CFG
2014-01-23 10:55 - 2014-01-23 10:55 - 00000000 ____D C:\Users\rpmar_000\AppData\Roaming\ATI
2014-01-23 10:55 - 2014-01-23 10:55 - 00000000 ____D C:\Users\rpmar_000\AppData\Local\ATI
2014-01-23 10:55 - 2014-01-23 10:55 - 00000000 ____D C:\ProgramData\ATI
2014-01-23 10:51 - 2014-01-23 13:57 - 00000000 ____D C:\ProgramData\Package Cache
2014-01-23 10:51 - 2014-01-23 10:51 - 00055441 _____ C:\Windows\SysWOW64\CCCInstall_201401231051561539.log
2014-01-23 10:51 - 2014-01-23 10:51 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2014-01-23 10:51 - 2014-01-23 10:51 - 00000000 ____D C:\Program Files (x86)\Advanced Micro Devices, Inc
2014-01-23 10:51 - 2014-01-23 10:51 - 00000000 ____D C:\AMD
2014-01-23 10:48 - 2013-12-09 01:34 - 01227264 _____ (Microsoft Corporation) C:\Windows\System32\mispace.dll
2014-01-23 10:48 - 2013-12-09 01:04 - 00980480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2014-01-23 10:48 - 2013-11-27 16:34 - 03210528 _____ (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2014-01-23 10:48 - 2013-11-27 16:27 - 00809872 _____ (Microsoft Corporation) C:\Windows\System32\mfmp4srcsnk.dll
2014-01-23 10:48 - 2013-11-27 15:00 - 00663680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2014-01-23 10:48 - 2013-11-27 14:47 - 02804528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-01-23 10:48 - 2013-11-27 13:02 - 00142848 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ipnat.sys
2014-01-23 10:48 - 2013-11-27 11:54 - 00461824 _____ (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2014-01-23 10:48 - 2013-11-27 11:24 - 00306688 _____ (Microsoft Corporation) C:\Windows\System32\msieftp.dll
2014-01-23 10:48 - 2013-11-27 11:08 - 00336384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-01-23 10:48 - 2013-11-27 10:46 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-01-23 10:48 - 2013-11-27 10:41 - 00136704 _____ (Microsoft Corporation) C:\Windows\System32\psmsrv.dll
2014-01-23 10:48 - 2013-11-27 10:17 - 00263168 _____ (Microsoft Corporation) C:\Windows\System32\bisrv.dll
2014-01-23 10:48 - 2013-11-27 10:10 - 00273408 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Graphics.dll
2014-01-23 10:48 - 2013-11-27 09:58 - 01503232 _____ (Microsoft Corporation) C:\Windows\System32\wlansvc.dll
2014-01-23 10:48 - 2013-11-27 09:56 - 00218112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.dll
2014-01-23 10:48 - 2013-11-27 09:20 - 04106240 _____ (Microsoft Corporation) C:\Windows\System32\SyncEngine.dll
2014-01-23 10:48 - 2013-11-27 05:01 - 00385614 _____ C:\Windows\System32\ApnDatabase.xml
2014-01-23 10:48 - 2013-11-26 14:22 - 01928144 _____ (Microsoft Corporation) C:\Windows\System32\combase.dll
2014-01-23 10:48 - 2013-11-26 14:20 - 02131120 _____ (Microsoft Corporation) C:\Windows\System32\mfcore.dll
2014-01-23 10:48 - 2013-11-26 14:20 - 01399176 _____ (Microsoft Corporation) C:\Windows\System32\winmde.dll
2014-01-23 10:48 - 2013-11-26 14:20 - 01396064 _____ (Microsoft Corporation) C:\Windows\System32\mcmde.dll
2014-01-23 10:48 - 2013-11-26 14:20 - 01374384 _____ (Microsoft Corporation) C:\Windows\System32\wmpmde.dll
2014-01-23 10:48 - 2013-11-26 12:50 - 01371312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2014-01-23 10:48 - 2013-11-26 12:44 - 02142936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-01-23 10:48 - 2013-11-26 12:44 - 01204968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2014-01-23 10:48 - 2013-11-26 11:13 - 04191232 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2014-01-23 10:48 - 2013-11-26 10:21 - 18577920 _____ (Microsoft Corporation) C:\Windows\System32\Windows.UI.Xaml.dll
2014-01-23 10:48 - 2013-11-26 09:28 - 13925888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-01-23 10:48 - 2013-11-25 02:45 - 00142680 ____C (Microsoft Corporation) C:\Windows\System32\Drivers\USBSTOR.SYS
2014-01-23 10:48 - 2013-11-25 02:32 - 01119064 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys
2014-01-23 10:48 - 2013-11-25 00:30 - 00513536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-01-23 10:48 - 2013-11-25 00:28 - 00589824 _____ (Microsoft Corporation) C:\Windows\System32\rastls.dll
2014-01-23 10:48 - 2013-11-23 13:47 - 00032088 _____ (Microsoft Corporation) C:\Windows\System32\ploptin.dll
2014-01-23 10:48 - 2013-11-23 12:49 - 21196664 _____ (Microsoft Corporation) C:\Windows\System32\shell32.dll
2014-01-23 10:48 - 2013-11-23 09:19 - 18642504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-01-23 10:48 - 2013-11-23 08:13 - 00024064 _____ (Microsoft Corporation) C:\Windows\System32\bi.dll
2014-01-23 10:48 - 2013-11-23 08:13 - 00019456 ____C (Microsoft Corporation) C:\Windows\System32\Drivers\BtaMPM.sys
2014-01-23 10:48 - 2013-11-23 08:08 - 00403456 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2014-01-23 10:48 - 2013-11-23 05:50 - 00282112 _____ (Microsoft Corporation) C:\Windows\System32\SystemEventsBrokerServer.dll
2014-01-23 10:48 - 2013-11-23 04:57 - 00637952 _____ (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
2014-01-23 10:48 - 2013-11-23 04:48 - 00479744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2014-01-23 10:48 - 2013-11-23 04:25 - 00744448 _____ (Microsoft Corporation) C:\Windows\System32\SettingSyncCore.dll
2014-01-23 10:48 - 2013-11-23 04:25 - 00584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2014-01-23 10:48 - 2013-11-23 04:19 - 02617344 _____ (Microsoft Corporation) C:\Windows\System32\authui.dll
2014-01-23 10:48 - 2013-11-23 04:15 - 02295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-01-23 10:48 - 2013-11-21 07:58 - 00207872 _____ (Microsoft Corporation) C:\Windows\System32\deviceregistration.dll
2014-01-23 10:48 - 2013-11-21 07:26 - 01415680 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2014-01-23 10:48 - 2013-11-16 06:11 - 00764856 _____ (Microsoft Corporation) C:\Windows\System32\mfmpeg2srcsnk.dll
2014-01-23 10:48 - 2013-11-15 19:19 - 00669344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2014-01-23 10:48 - 2013-11-15 15:59 - 00470016 _____ (Microsoft Corporation) C:\Windows\System32\mfds.dll
2014-01-23 10:48 - 2013-11-15 15:25 - 00433664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2014-01-23 10:48 - 2013-11-15 15:08 - 00202240 _____ (Microsoft Corporation) C:\Windows\System32\ubpm.dll
2014-01-23 10:48 - 2013-11-15 14:24 - 00834048 _____ (Microsoft Corporation) C:\Windows\System32\audiosrv.dll
2014-01-23 10:48 - 2013-11-05 21:12 - 02551128 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2014-01-23 10:48 - 2013-10-31 01:29 - 00745336 _____ (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2014-01-23 10:48 - 2013-10-31 00:41 - 00552624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-01-23 10:47 - 2013-12-11 08:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\System32\winbici.dll
2014-01-23 10:47 - 2013-12-09 01:15 - 00787968 _____ (Microsoft Corporation) C:\Windows\System32\uDWM.dll
2014-01-23 10:47 - 2013-11-27 16:36 - 03395920 _____ (Microsoft Corporation) C:\Windows\System32\WSService.dll
2014-01-23 10:47 - 2013-11-27 12:41 - 00084480 _____ (Microsoft Corporation) C:\Windows\System32\WSCollect.exe
2014-01-23 10:47 - 2013-11-27 11:34 - 00138240 _____ C:\Windows\System32\OEMLicense.dll
2014-01-23 10:47 - 2013-11-27 10:54 - 00103936 _____ C:\Windows\SysWOW64\OEMLicense.dll
2014-01-23 10:47 - 2013-11-27 09:48 - 00249856 _____ (Microsoft Corporation) C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-23 10:47 - 2013-11-27 09:45 - 00206336 _____ (Microsoft Corporation) C:\Windows\System32\WSClient.dll
2014-01-23 10:47 - 2013-11-27 09:40 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-23 10:47 - 2013-11-27 09:38 - 00174592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll
2014-01-23 10:47 - 2013-11-27 09:17 - 00695808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-01-23 10:47 - 2013-11-27 09:12 - 00848384 _____ (Microsoft Corporation) C:\Windows\System32\WSShared.dll
2014-01-22 13:28 - 2014-01-22 13:28 - 00003118 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2014-01-22 13:28 - 2014-01-22 13:28 - 00003092 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-01-22 13:28 - 2014-01-22 13:28 - 00003090 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2014-01-22 13:28 - 2014-01-22 13:28 - 00003062 _____ C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-01-22 13:28 - 2014-01-22 13:28 - 00003060 _____ C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-01-22 13:28 - 2014-01-22 13:28 - 00000000 ____D C:\Program Files\Microsoft Mouse and Keyboard Center
2014-01-21 15:28 - 2014-01-21 15:29 - 28028590 _____ C:\Users\rpmar_000\Downloads\WIT-Photobox.zip
2014-01-09 11:26 - 2014-01-09 11:27 - 00000000 ____D C:\Users\rpmar_000\Documents\SEPA
2014-01-09 11:24 - 2014-01-09 11:24 - 00001095 _____ C:\Users\Public\Desktop\PDF24 Creator.lnk
2014-01-09 11:24 - 2014-01-09 11:24 - 00001075 _____ C:\Users\Public\Desktop\PDF24 Fax.lnk
2014-01-09 11:24 - 2014-01-09 11:24 - 00000000 ____D C:\Users\rpmar_000\AppData\Local\PDF24
2014-01-09 11:24 - 2014-01-09 11:24 - 00000000 ____D C:\Program Files (x86)\PDF24
2014-01-09 11:23 - 2014-01-09 11:24 - 16189768 _____ (Geek Software GmbH ) C:\Users\rpmar_000\Downloads\pdf24-creator-6.2.0.exe
2014-01-09 10:10 - 2014-01-09 10:10 - 00003442 _____ C:\Users\rpmar_000\Downloads\Antrag (16).xml
2014-01-07 15:46 - 2013-12-19 16:16 - 01812992 _____ C:\Users\rpmar_000\Downloads\ProjStat_GCD_RPMarr_bis_12.12.12.xls
2014-01-07 10:42 - 2014-02-04 16:51 - 00002195 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2014-01-07 09:43 - 2014-01-07 09:43 - 00004857 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2014-01-07 09:43 - 2014-01-07 09:43 - 00000000 ____D C:\ProgramData\Oracle
==================== One Month Modified Files and Folders =======
2014-02-05 14:37 - 2013-09-30 05:14 - 01812910 _____ C:\Windows\System32\PerfStringBackup.INI
2014-02-05 14:37 - 2013-09-30 04:58 - 00782352 _____ C:\Windows\System32\perfh007.dat
2014-02-05 14:37 - 2013-09-30 04:58 - 00164592 _____ C:\Windows\System32\perfc007.dat
2014-02-05 14:37 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-02-05 14:37 - 2013-08-22 14:25 - 06553600 ___SH C:\Windows\System32\config\BBI
2014-02-05 14:37 - 2012-12-11 18:25 - 00165263 _____ C:\ndsvc.log
2014-02-05 14:37 - 2012-11-12 15:30 - 00000000 ____D C:\Users\rpmar_000\Documents\WISO Mein Geld
2014-02-05 14:36 - 2014-02-03 10:33 - 00000000 ____D C:\Users\rpmar_000\AppData\Roaming\vlc
2014-02-05 14:35 - 2012-11-12 15:19 - 00000000 ____D C:\Users\rpmar_000\Documents\Outlook-Dateien
2014-02-05 14:34 - 2013-10-17 14:09 - 01174537 _____ C:\Windows\WindowsUpdate.log
2014-02-05 14:34 - 2013-08-22 15:46 - 00300465 _____ C:\Windows\setupact.log
2014-02-05 14:29 - 2012-11-12 17:22 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1379490362-2251337210-4251339374-1001
2014-02-05 14:24 - 2013-10-22 08:58 - 00000000 ____D C:\Users\rpmar_000\AppData\Local\E7546975-342B-4B7C-A126-4E5CA701679A.aplzod
2014-02-05 14:24 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\System32\sru
2014-02-05 14:24 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
2014-02-04 18:17 - 2012-11-14 11:32 - 00001146 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-04 18:06 - 2013-11-12 11:42 - 00000000 ____D C:\Program Files (x86)\sysTPL
2014-02-04 17:53 - 2014-02-04 08:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-04 17:53 - 2012-11-12 17:23 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-04 17:52 - 2014-02-04 17:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-02-04 16:51 - 2014-01-07 10:42 - 00002195 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-04 16:50 - 2013-10-17 14:16 - 00000000 __RDO C:\Users\rpmar_000\SkyDrive
2014-02-04 16:50 - 2012-11-18 10:51 - 00000000 ___RD C:\Users\rpmar_000\Dropbox
2014-02-04 16:50 - 2012-11-18 10:46 - 00000000 ____D C:\Users\rpmar_000\AppData\Roaming\Dropbox
2014-02-04 16:50 - 2012-11-14 11:32 - 00001142 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-04 16:42 - 2013-10-17 14:05 - 00000000 ____D C:\users\rpmar_000
2014-02-04 16:41 - 2012-12-11 18:25 - 00000000 ____D C:\Users\rpmar_000\AppData\Local\CrashDumps
2014-02-04 15:46 - 2014-02-04 15:46 - 00119443 _____ C:\Users\rpmar_000\Desktop\TDSSKiller_Report.txt
2014-02-04 15:31 - 2014-02-04 15:30 - 04101441 _____ C:\Users\rpmar_000\Downloads\tdsskiller.zip
2014-02-04 15:24 - 2014-02-04 15:24 - 00000000 _____ C:\Users\rpmar_000\Desktop\gmer.txt
2014-02-04 15:07 - 2014-02-04 15:07 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\rpmar_000\Downloads\tdsskiller.exe
2014-02-04 15:02 - 2014-02-04 15:02 - 00380416 _____ C:\Users\rpmar_000\Downloads\xceq2g82.exe
2014-02-04 15:02 - 2014-02-04 15:02 - 00380416 _____ C:\Users\rpmar_000\Downloads\Gmer-19357.exe
2014-02-04 08:54 - 2013-09-29 20:05 - 00504322 _____ C:\Windows\PFRO.log
2014-02-04 08:38 - 2014-02-04 08:38 - 00001163 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-04 08:37 - 2014-02-04 08:37 - 00283096 _____ (Mozilla) C:\Users\rpmar_000\Downloads\Firefox Setup Stub 26.0.exe
2014-02-03 17:00 - 2014-01-28 08:55 - 00216987 _____ C:\Users\rpmar_000\Desktop\ProjStat_GCD_RPMarr.xlsx
2014-02-03 16:59 - 2013-01-10 13:28 - 00216986 _____ C:\Users\rpmar_000\Downloads\ProjStat_GCD_RPMarr.xlsx
2014-02-03 16:52 - 2013-12-02 13:48 - 00000000 __SHD C:\Users\rpmar_000\wc
2014-02-03 16:48 - 2014-01-30 14:05 - 00000000 ____D C:\FRST
2014-02-03 16:23 - 2014-02-03 16:23 - 00003235 _____ C:\Users\rpmar_000\Downloads\Antrag(2).xml
2014-02-03 15:54 - 2014-01-30 14:17 - 00000000 ____D C:\Users\rpmar_000\Documents\Malware
2014-02-03 13:49 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\System32\FxsTmp
2014-02-03 13:43 - 2014-01-25 16:37 - 00000000 ____D C:\Program Files (x86)\Dr. Hardware 2013
2014-02-03 13:41 - 2014-01-25 16:44 - 00000000 ____D C:\ProgramData\Ashampoo
2014-02-03 11:16 - 2012-11-12 08:56 - 00000000 ____D C:\Users\rpmar_000\AppData\Local\Packages
2014-02-03 11:06 - 2014-02-03 11:06 - 02347384 _____ (ESET) C:\Users\rpmar_000\Downloads\esetsmartinstaller_enu.exe
2014-02-03 10:29 - 2014-02-03 10:29 - 00000887 _____ C:\Users\Public\Desktop\VLC media player.lnk
2014-02-03 10:29 - 2013-09-26 12:45 - 00000000 ____D C:\Program Files\VideoLAN
2014-02-03 10:26 - 2014-02-03 10:25 - 23884615 _____ C:\Users\rpmar_000\Downloads\vlc-2.1.2-win64.exe
2014-02-01 16:38 - 2012-11-14 12:37 - 00000000 ____D C:\ProgramData\CanonIJPLM
2014-02-01 12:51 - 2014-01-23 11:39 - 00000000 ____D C:\AdwCleaner
2014-02-01 12:48 - 2014-02-01 12:48 - 00000637 _____ C:\Users\rpmar_000\Desktop\JRT.txt
2014-02-01 12:43 - 2014-01-31 16:19 - 00001814 _____ C:\sc-cleaner.txt
2014-02-01 11:36 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\System32\NDF
2014-02-01 10:48 - 2012-11-12 17:33 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2014-02-01 10:46 - 2014-01-31 14:31 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-02-01 10:44 - 2014-01-29 16:09 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-01 10:16 - 2014-02-01 10:16 - 00000085 _____ C:\Windows\wininit.ini
2014-02-01 10:16 - 2014-01-31 14:31 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2014-01-31 16:27 - 2013-12-04 10:22 - 00000000 ____D C:\Program Files\DriveOnWeb Client
2014-01-31 16:18 - 2014-01-31 16:18 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\rpmar_000\Downloads\sc-cleaner.exe
2014-01-31 16:18 - 2014-01-31 16:18 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\rpmar_000\Desktop\sc-cleaner.exe
2014-01-31 16:15 - 2014-01-30 14:06 - 00073823 _____ C:\Users\rpmar_000\Downloads\FRST.txt
2014-01-31 16:15 - 2014-01-30 14:06 - 00031870 _____ C:\Users\rpmar_000\Downloads\Addition.txt
2014-01-31 14:35 - 2014-01-31 14:35 - 00000000 ____D C:\Users\rpmar_000\Documents\ProcAlyzer Dumps
2014-01-31 14:31 - 2014-01-31 14:31 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2014-01-31 13:53 - 2014-01-31 13:52 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\rpmar_000\Downloads\spybot-2.2.25.exe
2014-01-31 13:45 - 2014-01-31 13:33 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-01-31 13:45 - 2014-01-31 13:26 - 00000000 ____D C:\Users\rpmar_000\Desktop\mbar
2014-01-31 13:33 - 2014-01-31 13:33 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\MBAMSwissArmy.sys
2014-01-31 13:33 - 2014-01-31 13:24 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamchameleon.sys
2014-01-31 13:24 - 2014-01-31 13:23 - 00000000 ____D C:\Malewarebytes
2014-01-31 13:21 - 2014-01-31 13:21 - 12589848 _____ (Malwarebytes Corp.) C:\Users\rpmar_000\Downloads\mbar-1.07.0.1009.exe
2014-01-30 21:35 - 2014-01-30 15:42 - 00011252 _____ C:\Users\rpmar_000\Documents\Einnahme_Ausgabe.xlsx
2014-01-30 16:53 - 2014-01-30 14:08 - 00071262 _____ C:\Users\rpmar_000\Desktop\FRST.txt
2014-01-30 16:08 - 2014-01-30 16:08 - 01804472 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2014-01-30 16:00 - 2014-01-30 16:00 - 00000000 ____D C:\Windows\ERUNT
2014-01-30 15:59 - 2014-01-30 16:00 - 01037068 _____ (Thisisu) C:\Users\rpmar_000\Desktop\JRT.exe
2014-01-30 15:59 - 2014-01-30 15:59 - 01037068 _____ (Thisisu) C:\Users\rpmar_000\Downloads\JRT.exe
2014-01-30 14:06 - 2014-01-30 14:06 - 00000119 _____ C:\Users\rpmar_000\Desktop\Addition.txt
2014-01-30 14:05 - 2014-01-30 16:49 - 02079744 _____ (Farbar) C:\Users\rpmar_000\Desktop\FRST64.exe
2014-01-30 14:05 - 2014-01-30 14:05 - 02079744 _____ (Farbar) C:\Users\rpmar_000\Downloads\FRST64.exe
2014-01-30 14:02 - 2014-01-29 16:39 - 00000000 ____D C:\ProgramData\Updater
2014-01-30 14:02 - 2014-01-29 16:39 - 00000000 ____D C:\ProgramData\RHelpers
2014-01-30 13:13 - 2014-01-30 15:50 - 01166132 _____ C:\Users\rpmar_000\Desktop\adwcleaner.exe
2014-01-30 13:13 - 2014-01-30 13:13 - 01166132 _____ C:\Users\rpmar_000\Downloads\adwcleaner.exe
2014-01-30 08:59 - 2014-01-30 08:59 - 00281136 _____ C:\Windows\Minidump\013014-7265-01.dmp
2014-01-30 08:59 - 2013-12-02 10:42 - 2056067440 _____ C:\Windows\MEMORY.DMP
2014-01-30 08:59 - 2013-12-02 10:42 - 00000000 ____D C:\Windows\Minidump
2014-01-29 20:53 - 2014-01-29 20:53 - 00009538 _____ C:\Users\rpmar_000\Documents\Malware.txt
2014-01-29 16:49 - 2014-01-29 16:49 - 00000000 ____D C:\ProgramData\Websteroids
2014-01-29 16:45 - 2014-01-29 16:45 - 00675048 _____ C:\Users\rpmar_000\Downloads\AdwCleaner_Setup_Download.exe
2014-01-29 16:44 - 2014-01-29 16:44 - 01166132 _____ C:\Users\rpmar_000\Downloads\adwcleaner-3.018.exe
2014-01-29 16:10 - 2014-01-29 16:10 - 00000000 ____D C:\Users\rpmar_000\AppData\Roaming\Malwarebytes
2014-01-29 16:09 - 2014-01-29 16:09 - 00001125 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-29 16:09 - 2014-01-29 16:09 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-29 15:43 - 2013-07-08 15:28 - 00000000 ____D C:\Program Files (x86)\Steam
2014-01-29 15:09 - 2014-01-29 15:09 - 00004096 _____ C:\Users\rpmar_000\Desktop\ipdetails.txt
2014-01-29 15:02 - 2014-01-29 15:02 - 00003475 _____ C:\Users\rpmar_000\Desktop\ipdetails1.txt
2014-01-29 11:42 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\System32\config\ELAM
2014-01-28 18:47 - 2014-01-28 17:55 - 00000000 ____D C:\Users\rpmar_000\AppData\Local\LogMeIn Rescue Applet
2014-01-28 18:46 - 2012-07-26 09:12 - 00000000 ___HD C:\Windows\ELAMBKUP
2014-01-28 18:20 - 2014-01-28 18:20 - 00000000 ____D C:\Windows\System32\Tasks\Norton Internet Security
2014-01-28 18:19 - 2014-01-28 18:19 - 00177752 _____ (Symantec Corporation) C:\Windows\System32\Drivers\SYMEVENT64x86.SYS
2014-01-28 18:19 - 2014-01-28 18:19 - 00008222 _____ C:\Windows\System32\Drivers\SYMEVENT64x86.CAT
2014-01-28 18:19 - 2014-01-28 18:19 - 00002597 _____ C:\Users\Public\Desktop\Norton Internet Security.lnk
2014-01-28 18:19 - 2014-01-28 18:19 - 00000000 ____D C:\Program Files (x86)\Norton Internet Security
2014-01-28 18:19 - 2012-12-11 10:33 - 00003234 _____ C:\Windows\System32\Tasks\Norton WSC Integration
2014-01-28 18:19 - 2012-12-11 10:33 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2014-01-28 18:19 - 2012-12-11 10:30 - 00000000 ____D C:\ProgramData\Norton
2014-01-28 18:15 - 2014-01-28 18:10 - 204480336 ____N (Symantec Corporation) C:\Users\rpmar_000\Downloads\NIS-ESD-21.1.0-GE.exe
2014-01-28 15:28 - 2014-01-28 15:20 - 00101386 _____ C:\Users\rpmar_000\Desktop\sfcdetails.txt
2014-01-28 15:08 - 2014-01-28 15:08 - 00000000 ____D C:\Users\rpmar_000\AppData\Local\PackageStaging
2014-01-28 14:16 - 2014-01-28 13:00 - 00051811 _____ C:\Users\rpmar_000\Documents\sfcdetails.txt
2014-01-25 16:49 - 2014-01-25 16:49 - 00000000 ____D C:\Windows\SysWOW64\AIM
2014-01-25 16:49 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2014-01-25 16:49 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2014-01-25 16:48 - 2014-01-25 16:48 - 00002116 _____ C:\Users\Public\Desktop\Olympia Chronik 2014.lnk
2014-01-25 16:48 - 2012-11-12 18:38 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2014-01-25 16:46 - 2014-01-25 16:46 - 00000000 ____D C:\Program Files (x86)\USM
2014-01-25 16:44 - 2014-01-25 16:44 - 00002268 _____ C:\Users\Public\Desktop\Ein-Klick-Optimierung (WO10).lnk
2014-01-25 16:44 - 2014-01-25 16:44 - 00001246 _____ C:\Users\Public\Desktop\Ashampoo WinOptimizer 10.lnk
2014-01-25 16:44 - 2014-01-25 16:44 - 00000214 _____ C:\Users\Public\Desktop\Your Software Deals.url
2014-01-25 16:44 - 2014-01-25 16:44 - 00000000 ____D C:\Program Files (x86)\Ashampoo
2014-01-25 16:37 - 2014-01-25 16:37 - 00000996 _____ C:\Users\rpmar_000\Desktop\Dr. Hardware 2013.lnk
2014-01-25 16:37 - 2014-01-25 16:37 - 00000996 _____ C:\Users\marki_lokal\Desktop\Dr. Hardware 2013.lnk
2014-01-25 16:31 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\Registration
2014-01-25 15:30 - 2014-01-25 15:30 - 00023489 _____ C:\Users\rpmar_000\Documents\Transsib.txt
2014-01-25 13:41 - 2014-01-25 13:29 - 00000000 ____D C:\Users\rpmar_000\Desktop\Neuer Ordner
2014-01-25 12:09 - 2014-01-25 12:09 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1379490362-2251337210-4251339374-1005
2014-01-25 12:05 - 2014-01-25 12:05 - 00000000 ____D C:\Users\marki_lokal\AppData\Roaming\Logitech
2014-01-25 12:05 - 2014-01-25 12:05 - 00000000 ____D C:\Users\marki_lokal\AppData\Roaming\ATI
2014-01-25 12:05 - 2014-01-25 12:05 - 00000000 ____D C:\Users\marki_lokal\AppData\Local\ATI
2014-01-25 12:05 - 2014-01-25 12:04 - 00000000 ____D C:\Users\marki_lokal\AppData\Local\Packages
2014-01-25 12:04 - 2014-01-25 12:04 - 00000020 ___SH C:\Users\marki_lokal\ntuser.ini
2014-01-25 12:04 - 2014-01-25 12:04 - 00000000 _SHDL C:\Users\marki_lokal\Vorlagen
2014-01-25 12:04 - 2014-01-25 12:04 - 00000000 _SHDL C:\Users\marki_lokal\Startmenü
2014-01-25 12:04 - 2014-01-25 12:04 - 00000000 _SHDL C:\Users\marki_lokal\Netzwerkumgebung
2014-01-25 12:04 - 2014-01-25 12:04 - 00000000 _SHDL C:\Users\marki_lokal\Lokale Einstellungen
2014-01-25 12:04 - 2014-01-25 12:04 - 00000000 _SHDL C:\Users\marki_lokal\Eigene Dateien
2014-01-25 12:04 - 2014-01-25 12:04 - 00000000 _SHDL C:\Users\marki_lokal\Druckumgebung
2014-01-25 12:04 - 2014-01-25 12:04 - 00000000 _SHDL C:\Users\marki_lokal\Documents\Eigene Musik
2014-01-25 12:04 - 2014-01-25 12:04 - 00000000 _SHDL C:\Users\marki_lokal\Documents\Eigene Bilder
2014-01-25 12:04 - 2014-01-25 12:04 - 00000000 _SHDL C:\Users\marki_lokal\AppData\Local\Verlauf
2014-01-25 12:04 - 2014-01-25 12:04 - 00000000 _SHDL C:\Users\marki_lokal\AppData\Local\Anwendungsdaten
2014-01-25 12:04 - 2014-01-25 12:04 - 00000000 _SHDL C:\Users\marki_lokal\Anwendungsdaten
2014-01-25 12:04 - 2014-01-25 12:04 - 00000000 ____D C:\Users\marki_lokal\AppData\Roaming\Adobe
2014-01-25 12:04 - 2014-01-25 12:04 - 00000000 ____D C:\Users\marki_lokal\AppData\Local\VirtualStore
2014-01-25 12:04 - 2014-01-25 12:03 - 00000000 ____D C:\users\marki_lokal
2014-01-25 11:59 - 2014-01-25 11:59 - 00000000 ___HD C:\$SysReset
2014-01-25 11:27 - 2014-01-23 11:26 - 00000138 _____ C:\Users\rpmar_000\AppData\Roaming\WB.CFG
2014-01-23 13:58 - 2014-01-23 13:58 - 00001058 _____ C:\Users\Public\Desktop\PDF-XChange Editor.lnk
2014-01-23 13:58 - 2014-01-23 13:58 - 00000000 ____D C:\Users\rpmar_000\AppData\Roaming\Tracker Software
2014-01-23 13:58 - 2014-01-23 13:58 - 00000000 ____D C:\Program Files\Tracker Software
2014-01-23 13:57 - 2014-01-23 10:51 - 00000000 ____D C:\ProgramData\Package Cache
2014-01-23 13:56 - 2014-01-23 13:56 - 00000000 ____D C:\Users\rpmar_000\Documents\PDF-Viewer
2014-01-23 13:56 - 2014-01-23 13:54 - 53393688 _____ C:\Users\rpmar_000\Downloads\PDFXVE3_3.0.307.1.zip
2014-01-23 12:14 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache
2014-01-23 10:55 - 2014-01-23 10:55 - 00000000 ____D C:\Users\rpmar_000\AppData\Roaming\ATI
2014-01-23 10:55 - 2014-01-23 10:55 - 00000000 ____D C:\Users\rpmar_000\AppData\Local\ATI
2014-01-23 10:55 - 2014-01-23 10:55 - 00000000 ____D C:\ProgramData\ATI
2014-01-23 10:54 - 2013-08-22 15:44 - 00482800 _____ C:\Windows\System32\FNTCACHE.DAT
2014-01-23 10:53 - 2013-08-22 16:36 - 00000000 ___RD C:\Windows\ToastData
2014-01-23 10:53 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\WinStore
2014-01-23 10:53 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\MediaViewer
2014-01-23 10:53 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\FileManager
2014-01-23 10:53 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\Camera
2014-01-23 10:53 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\SysWOW64\Dism
2014-01-23 10:53 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\System32\Dism
2014-01-23 10:51 - 2014-01-23 10:51 - 00055441 _____ C:\Windows\SysWOW64\CCCInstall_201401231051561539.log
2014-01-23 10:51 - 2014-01-23 10:51 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2014-01-23 10:51 - 2014-01-23 10:51 - 00000000 ____D C:\Program Files (x86)\Advanced Micro Devices, Inc
2014-01-23 10:51 - 2014-01-23 10:51 - 00000000 ____D C:\AMD
2014-01-23 10:51 - 2013-10-17 14:03 - 00000000 ____D C:\Program Files\AMD
2014-01-23 10:46 - 2013-08-15 14:21 - 00000000 ____D C:\Windows\System32\MRT
2014-01-23 10:45 - 2012-12-12 11:45 - 86054176 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2014-01-23 10:40 - 2013-12-02 11:00 - 00000000 ____D C:\Program Files\WhoCrashed
2014-01-22 13:28 - 2014-01-22 13:28 - 00003118 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2014-01-22 13:28 - 2014-01-22 13:28 - 00003092 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-01-22 13:28 - 2014-01-22 13:28 - 00003090 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2014-01-22 13:28 - 2014-01-22 13:28 - 00003062 _____ C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-01-22 13:28 - 2014-01-22 13:28 - 00003060 _____ C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-01-22 13:28 - 2014-01-22 13:28 - 00000000 ____D C:\Program Files\Microsoft Mouse and Keyboard Center
2014-01-22 12:07 - 2012-11-13 09:31 - 00000000 ____D C:\Users\rpmar_000\AppData\Local\Adobe
2014-01-22 12:01 - 2013-10-17 14:16 - 00000650 __RSH C:\ProgramData\ntuser.pol
2014-01-22 11:52 - 2012-11-12 17:23 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-21 15:29 - 2014-01-21 15:28 - 28028590 _____ C:\Users\rpmar_000\Downloads\WIT-Photobox.zip
2014-01-21 11:17 - 2012-11-18 10:51 - 00001041 _____ C:\Users\rpmar_000\Desktop\Dropbox.lnk
2014-01-21 10:44 - 2012-11-12 17:53 - 00000000 ____D C:\Users\rpmar_000\AppData\Local\Microsoft Help
2014-01-17 12:16 - 2013-09-01 12:25 - 00000000 ____D C:\Users\rpmar_000\AppData\Roaming\FileZilla
2014-01-17 11:52 - 2013-11-18 10:31 - 00000000 ____D C:\Program Files\Microsoft Office 15
2014-01-15 07:10 - 2012-11-21 17:05 - 00000000 ____D C:\Users\rpmar_000\AppData\Roaming\Nero
2014-01-14 17:15 - 2012-11-22 13:49 - 00000000 ____D C:\Users\rpmar_000\AppData\Local\Nero
2014-01-14 16:31 - 2012-11-14 16:57 - 00000000 ____D C:\ProgramData\CanonIJ
2014-01-09 11:27 - 2014-01-09 11:26 - 00000000 ____D C:\Users\rpmar_000\Documents\SEPA
2014-01-09 11:24 - 2014-01-09 11:24 - 00001095 _____ C:\Users\Public\Desktop\PDF24 Creator.lnk
2014-01-09 11:24 - 2014-01-09 11:24 - 00001075 _____ C:\Users\Public\Desktop\PDF24 Fax.lnk
2014-01-09 11:24 - 2014-01-09 11:24 - 00000000 ____D C:\Users\rpmar_000\AppData\Local\PDF24
2014-01-09 11:24 - 2014-01-09 11:24 - 00000000 ____D C:\Program Files (x86)\PDF24
2014-01-09 11:24 - 2014-01-09 11:23 - 16189768 _____ (Geek Software GmbH ) C:\Users\rpmar_000\Downloads\pdf24-creator-6.2.0.exe
2014-01-09 10:10 - 2014-01-09 10:10 - 00003442 _____ C:\Users\rpmar_000\Downloads\Antrag (16).xml
2014-01-07 10:42 - 2012-11-14 11:32 - 00000000 ____D C:\Users\rpmar_000\AppData\Local\Google
2014-01-07 10:42 - 2012-11-14 11:32 - 00000000 ____D C:\Program Files (x86)\Google
2014-01-07 09:43 - 2014-01-07 09:43 - 00004857 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2014-01-07 09:43 - 2014-01-07 09:43 - 00000000 ____D C:\ProgramData\Oracle
2014-01-07 09:43 - 2013-07-11 11:06 - 00000000 ____D C:\Program Files (x86)\Java
2014-01-07 09:39 - 2013-11-27 11:42 - 00002125 _____ C:\Users\Public\Desktop\Nero MediaHome.lnk
2014-01-06 23:31 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-06 23:31 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
Some content of TEMP:
====================
C:\Users\rpmar_000\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\rpmar_000\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\rpmar_000\AppData\Local\Temp\Quarantine.exe
C:\Users\rpmar_000\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\rpmar_000\AppData\Local\Temp\SDShelEx-x64.dll
==================== Known DLLs (Whitelisted) ================
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
==================== Restore Points =========================
Restore point made on: 2014-01-22 11:44:11
Restore point made on: 2014-01-23 13:57:08
Restore point made on: 2014-01-25 16:48:52
Restore point made on: 2014-02-01 10:17:12
==================== Memory info ===========================
Percentage of memory in use: 8%
Total physical RAM: 16347.32 MB
Available physical RAM: 15037.39 MB
Total Pagefile: 16347.32 MB
Available Pagefile: 15068.44 MB
Total Virtual: 131072 MB
Available Virtual: 131071.86 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:237.96 GB) (Free:48.62 GB) NTFS
Drive e: (Volume) (Fixed) (Total:1863.01 GB) (Free:396.29 GB) NTFS
Drive f: (Volume) (Fixed) (Total:2794.39 GB) (Free:808.24 GB) NTFS
Drive g: (BOOTSTICK) (Removable) (Total:0.95 GB) (Free:0.95 GB) FAT32
Drive k: (Wiederherstellung) (Fixed) (Total:0.29 GB) (Free:0 GB) NTFS
Drive x: (Boot) (Fixed) (Total:0.49 GB) (Free:0.49 GB) NTFS
Drive y: () (Fixed) (Total:372.61 GB) (Free:140.43 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 373 GB) (Disk ID: D3CA27CC)
Partition 1: (Active) - (Size=373 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 238 GB) (Disk ID: 8C18BFF1)
Partition: GPT Partition Type
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 5D334ECE)
Partition 1: (Not Active) - (Size=-198626508800) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 3.
========================================================
Disk: 4 (Size: 978 MB) (Disk ID: 38E206BE)
Partition 1: (Active) - (Size=978 MB) - (Type=0B)
LastRegBack: 2014-02-04 16:14
==================== End Of Log ============================
|
|
05.02.2014, 16:30
| #43 |
| /// Malwareteam | Internetverbindung über Port 8877 unter WIN 8.1 ich werde das Logfile heute abend auswerten und melde mich dann |
|
05.02.2014, 16:32
| #44 |
| | Internetverbindung über Port 8877 unter WIN 8.1 Danke! |
|
06.02.2014, 09:54
| #45 |
| /// Malwareteam | Internetverbindung über Port 8877 unter WIN 8.1 Hi ich hab da mal ein Paar Fragen und Tests für dich: 1.) Es gibt Berichte im Netz dass ITunes, ICLoud und andere I-Produkte den Port 8877 benutzen. Stoppe doch einmal deinen "iCloudServices" und nimm ihn aus dem Autostart. Eventuell hilft es. 2.) Code:
ATTFilter HKU\rpmar_000\...\Run: [DriveOnWeb Client] - "C:\Program Files\DriveOnWeb Client\DriveOnWeb.exe" /min /sleep=40
3.) Installiere dir einmal "Fiddler" und beobachte was an Netzwerkkommunikation auf deinem System läuft. Eventuell kann man so herausfinden was da im Hintergrund läuft. Fiddler - Download - heise online Ich sitze noch an den Logfiles... |
|
| Themen zu Internetverbindung über Port 8877 unter WIN 8.1 |
| 127.0.0.1, automatisch, einstellungen, erkennen, eset, firefox, folge, folgendes, funktionieren, haken, inhalt, interne, internetverbindung, meldung, minute, neustart, outlook, port, problem, proxy-server, rechner, sport, stelle, verbindung, wetter, win |
Gruß Aneri 
Linear-Darstellung
