| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Gehackte Fritzbox - Verdacht: PC infiziertWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
04.02.2014, 17:13
| #1 |
 |  Gehackte Fritzbox - Verdacht: PC infiziert Guten Tag allerseits, heute erfuhr ich, dass mein Router gehackt wurde. Es sind über meine Rufnummer einige Auslandstelefonate geführt worden. Da ich im Router ein einmaliges, sicheres, langes, kompliziertes Passwort verwende, stellt sich nun die Frage, wie kommen die Schlingel an Username / Passwort ...? Bin ich ein Trojaner- bzw. Keylogger Opfer? Der Rechner verhält sich unauffällig. Norton Internet Security und Malwarebytes Anti-Malware finden nichts Auffälliges, Wie überprüfe ich meinen PC systematisch auf Spyware? Vielen Dank vorab! Mo9 Geändert von mo9 (04.02.2014 um 17:58 Uhr) |
|
04.02.2014, 17:17
| #2 |
| /// the machine /// TB-Ausbilder    | Gehackte Fritzbox - Verdacht: PC infiziert hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
04.02.2014, 17:49
| #3 |
| | Gehackte Fritzbox - Verdacht: PC infiziert Vielen Dank!
__________________FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-02-2014
Ran by mo9 (administrator) on X on 04-02-2014 17:33:02
Running from D:\Users\mo9\Downloads
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Computer, Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Synametrics Technologies) D:\DeltaCopy\DCServce.exe
() C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() D:\DeltaCopy\rsync.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
() C:\Program Files (x86)\Hotkey\PowerBiosServer.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(Absolute Software Corp.) C:\Windows\SysWOW64\rpcnet.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe
(Seagate) C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe
(STRATO) C:\Program Files (x86)\STRATO AG\STRATO HiDrive\STRATO HiDrive Service.exe
(Uwe Sieber - www.uwe-sieber.de) C:\Program Files\USBDLM\USBDLM.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
() C:\Program Files (x86)\3DataManager\WTGService.exe
(O&O Software GmbH) C:\Program Files\OO Software\DiskImage\oodiag.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(Microsoft Corporation) C:\Windows\System32\vdsldr.exe
(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe
(Uwe Sieber - www.uwe-sieber.de) C:\Program Files\USBDLM\USBDLM_usr.exe
(H.D.S. Hungary) C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe
() C:\Program Files (x86)\Paragon Software\Paragon ExtFS for Windows\Paragon ExtFS for Windows.exe
(Kazuyuki Nakayama) D:\c\Program Files\HotSwap! 6.1.0.0\64bit\HotSwap!.EXE
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Seagate) C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
(O&O Software GmbH) C:\Program Files\OO Software\DiskImage\ooditray.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Skillbrains) C:\Users\mo9\AppData\Local\Skillbrains\lightshot\4.4.2.10\Lightshot.exe
() C:\Program Files (x86)\Hotkey\Hotkey.exe
() C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
(Dropbox, Inc.) C:\Users\mo9\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(STRATO) C:\Program Files (x86)\STRATO AG\STRATO HiDrive\STRATO HiDrive.exe
() C:\Program Files (x86)\Everything\Everything.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Mindjet) C:\Program Files (x86)\Mindjet\MindManager 8\MmReminderService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\apdproxy.exe
(Seagate) C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe
(Acronis) C:\Program Files (x86)\Seagate\DiscWizard\TimounterMonitor.exe
(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
(Visagesoft) C:\Program Files (x86)\Avanquest\PDF Experte 8 Ultimate\vspdfprsrv.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(X1 Discovery, Inc.) C:\Program Files (x86)\X1 Search\X1ServiceHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Filipe Lourenço) C:\Program Files (x86)\BatteryCare\BatteryCare.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox 25.0.1\firefox.exe
(Synametrics Technologies) D:\DeltaCopy\DeltaC.exe
() D:\DeltaCopy\rsync.exe
() D:\DeltaCopy\rsync.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2862928 2012-08-19] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12921488 2012-07-08] (Realtek Semiconductor)
HKLM\...\Run: [THXCfg64] - C:\Windows\system32\THXCfg64.dll [25600 2010-09-14] (Creative Technology Ltd.)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-08-27] (NVIDIA Corporation)
HKLM\...\Run: [Seagate Scheduler2 Service] - C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe [136544 2009-11-10] (Seagate)
HKLM\...\Run: [SamsungRapidApp] - C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [109280 2013-07-29] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [tvncontrol] - "C:\Program Files\TightVNC\tvnserver.exe" -controlservice -slave
HKLM\...\Run: [OODITRAY.EXE] - C:\Program Files\OO Software\DiskImage\ooditray.exe [4986672 2013-09-09] (O&O Software GmbH)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-06-11] (Intel Corporation)
HKLM-x32\...\Run: [THX Audio Control Panel] - C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe [1374720 2010-11-01] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] - C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKLM-x32\...\Run: [Everything] - C:\Program Files (x86)\Everything\Everything.exe [602624 2009-03-13] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [MMReminderService] - C:\Program Files (x86)\Mindjet\MindManager 8\MMReminderService.exe [38240 2009-12-18] (Mindjet)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Photo Downloader] - C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\apdproxy.exe [67488 2007-09-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DiscWizardMonitor.exe] - C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe [1352480 2009-11-10] (Seagate)
HKLM-x32\...\Run: [AcronisTimounterMonitor] - C:\Program Files (x86)\Seagate\DiscWizard\TimounterMonitor.exe [906912 2009-11-10] (Acronis)
HKLM-x32\...\Run: [MobileConnect] - C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe [2412032 2009-09-18] (Vodafone)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [vspdfprsrv.exe] - C:\Program Files (x86)\Avanquest\PDF Experte 8 Ultimate\vspdfprsrv.exe [6082560 2012-04-23] (Visagesoft)
HKLM-x32\...\Run: [Ext2 Volume Manager] - C:\Program Files\Ext2Fsd\Ext2Mgr.exe -quiet
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [133248 2013-05-31] ( (Atheros Communications))
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-09-21] (Microsoft Corporation)
HKU\S-1-5-21-2954204670-4021530364-4044966424-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20587168 2013-11-18] (Skype Technologies S.A.)
HKU\S-1-5-21-2954204670-4021530364-4044966424-1000\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2013-01-16] (Hewlett-Packard Company)
HKU\S-1-5-21-2954204670-4021530364-4044966424-1000\...\Run: [LightShot] - C:\Users\mo9\AppData\Local\Skillbrains\lightshot\LightShot.exe [226592 2013-09-27] ()
HKU\S-1-5-21-2954204670-4021530364-4044966424-1000\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-2954204670-4021530364-4044966424-1000\...\Run: [Google Update] - C:\Users\mo9\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-12-27] (Google Inc.)
HKU\S-1-5-21-2954204670-4021530364-4044966424-1000\...\Policies\Explorer: [HideSCAPower] 0
HKU\S-1-5-21-2954204670-4021530364-4044966424-1000\...\MountPoints2: E - E:\Setupx.exe
HKU\S-1-5-21-2954204670-4021530364-4044966424-1000\...\MountPoints2: F - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-2954204670-4021530364-4044966424-1000\...\MountPoints2: {0bdf5cc0-2ba6-11e3-b26b-806e6f6e6963} - F:\Setup\Common\Autorun\Autorun.exe
HKU\S-1-5-21-2954204670-4021530364-4044966424-1000\...\MountPoints2: {375d65ae-41b5-11e3-9cb7-0090f5da6521} - G:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-2954204670-4021530364-4044966424-1000\...\MountPoints2: {6e8a996c-2217-11e3-96a3-806e6f6e6963} - D:\autorun.exe
HKU\S-1-5-21-2954204670-4021530364-4044966424-1007\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20587168 2013-11-18] (Skype Technologies S.A.)
HKU\S-1-5-21-2954204670-4021530364-4044966424-1007\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2013-01-16] (Hewlett-Packard Company)
HKU\S-1-5-21-2954204670-4021530364-4044966424-1007\...\Run: [LightShot] - C:\Users\UpdatusUser\AppData\Local\Skillbrains\lightshot\LightShot.exe Flags: uninsdeletevalue
HKU\S-1-5-21-2954204670-4021530364-4044966424-1007\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-2954204670-4021530364-4044966424-1007\...\Run: [FreeScreenSharing] - C:\Users\mo9\AppData\Local\FreeScreenSharing\FreeScreenSharing.exe [2266104 2013-06-26] ()
HKU\S-1-5-21-2954204670-4021530364-4044966424-1007\...\Run: [WISE-FTP Task Planner] - C:\Program Files (x86)\AceBIT\WISE-FTP 6\wf_tp.exe [1786624 2011-01-14] (AceBIT GmbH)
HKU\S-1-5-21-2954204670-4021530364-4044966424-1007\...\Policies\Explorer: [HideSCAPower] 0
HKU\S-1-5-21-2954204670-4021530364-4044966424-1007\...\MountPoints2: E - E:\Setupx.exe
HKU\S-1-5-21-2954204670-4021530364-4044966424-1007\...\MountPoints2: F - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-2954204670-4021530364-4044966424-1007\...\MountPoints2: {6e8a996c-2217-11e3-96a3-806e6f6e6963} - D:\autorun.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-10-16] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-10-16] (NVIDIA Corporation)
Lsa: [Authentication Packages] msv1_0 relog_ap
Startup: C:\Users\mo9\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\mo9\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\mo9\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mediencenter.lnk
ShortcutTarget: Mediencenter.lnk -> C:\Users\mo9\AppData\Roaming\Telekom\MediencenterSync\Mediencenter.exe (Deutsche Telekom AG)
Startup: C:\Users\mo9\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\mo9\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk
ShortcutTarget: Samsung Magician.lnk -> C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe (Samsung Electronics.)
Startup: C:\Users\mo9\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\STRATO HiDrive.lnk
ShortcutTarget: STRATO HiDrive.lnk -> C:\Program Files (x86)\STRATO AG\STRATO HiDrive\STRATO HiDrive.exe (STRATO)
Startup: C:\Users\mo9\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\X1 Search.lnk
ShortcutTarget: X1 Search.lnk -> C:\Program Files (x86)\X1 Search\X1.exe (X1 Discovery, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x4C609D55F5B5CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
SearchScopes: HKCU - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=NIS&chn=retail&geo=DE&ver=21&locale=de_DE&gct=sb&qsrc=2869
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: CmjBrowserHelperObject Object - {6FE6A929-59D1-4763-91AD-29B61CFFB35B} - C:\Program Files (x86)\Mindjet\MindManager 8\Mm8InternetExplorer.dll (Mindjet)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GmbH)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\mo9\AppData\Roaming\Mozilla\Firefox\Profiles\cw24vw4n.default
FF NewTab: user_pref("browser.newtab.url", "");
FF SearchEngineOrder.1: https://startpage.com/do/search?language=deutsch&cat=web&query={searchTerms}
FF Homepage: https://startpage.com/do/mypage.pl?prf=6d03849d76652fc55d685ed8b0ae9fca
FF NetworkProxy: "backup.gopher", "web.vodafone.de"
FF NetworkProxy: "backup.gopher_port", 80
FF NetworkProxy: "gopher", "web.vodafone.de"
FF NetworkProxy: "gopher_port", 80
FF NetworkProxy: "no_proxies_on", ""
FF NetworkProxy: "socks", "127.0.0.1"
FF NetworkProxy: "socks_port", 7070
FF NetworkProxy: "socks_version", 4
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Users\mo9\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\mo9\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\mo9\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\mo9\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\mo9\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\mo9\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\mo9\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\mo9\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\mo9\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\mo9\AppData\Roaming\Mozilla\Firefox\Profiles\cw24vw4n.default\searchplugins\safesearch.xml
FF SearchPlugin: C:\Users\mo9\AppData\Roaming\Mozilla\Firefox\Profiles\cw24vw4n.default\searchplugins\startpage-ssl.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\searchplugins.hash
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: FireShot - C:\Users\mo9\AppData\Roaming\Mozilla\Firefox\Profiles\cw24vw4n.default\Extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2014-01-28]
FF Extension: SeoQuake - C:\Users\mo9\AppData\Roaming\Mozilla\Firefox\Profiles\cw24vw4n.default\Extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74} [2013-10-10]
FF Extension: Xinha Here! - C:\Users\mo9\AppData\Roaming\Mozilla\Firefox\Profiles\cw24vw4n.default\Extensions\{5B280457-4290-40c2-9441-EA647775F824} [2013-09-27]
FF Extension: Live HTTP Headers - C:\Users\mo9\AppData\Roaming\Mozilla\Firefox\Profiles\cw24vw4n.default\Extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a} [2013-09-27]
FF Extension: DownloadHelper - C:\Users\mo9\AppData\Roaming\Mozilla\Firefox\Profiles\cw24vw4n.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013-09-27]
FF Extension: Export Cookies - C:\Users\mo9\AppData\Roaming\Mozilla\Firefox\Profiles\cw24vw4n.default\Extensions\exportcookies@aag.xpi [2013-09-27]
FF Extension: flv movies downloader - C:\Users\mo9\AppData\Roaming\Mozilla\Firefox\Profiles\cw24vw4n.default\Extensions\flvmoviesdownloader@rzll.xpi [2013-09-27]
FF Extension: ManyCam - C:\Users\mo9\AppData\Roaming\Mozilla\Firefox\Profiles\cw24vw4n.default\Extensions\toolbar_MYC3-V7@apn.ask.com.xpi [2013-09-27]
FF Extension: ReloadEvery - C:\Users\mo9\AppData\Roaming\Mozilla\Firefox\Profiles\cw24vw4n.default\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2013-09-27]
FF Extension: Password Exporter - C:\Users\mo9\AppData\Roaming\Mozilla\Firefox\Profiles\cw24vw4n.default\Extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi [2013-09-27]
FF Extension: Modify Headers - C:\Users\mo9\AppData\Roaming\Mozilla\Firefox\Profiles\cw24vw4n.default\Extensions\{b749fc7c-e949-447f-926c-3f4eed6accfe}.xpi [2013-09-27]
FF Extension: DownThemAll! - C:\Users\mo9\AppData\Roaming\Mozilla\Firefox\Profiles\cw24vw4n.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013-09-27]
FF Extension: Fox!Box - C:\Users\mo9\AppData\Roaming\Mozilla\Firefox\Profiles\cw24vw4n.default\Extensions\{df4e4df5-5cb7-46b0-9aef-6c784c3249f8}.xpi [2013-09-27]
FF Extension: Greasemonkey - C:\Users\mo9\AppData\Roaming\Mozilla\Firefox\Profiles\cw24vw4n.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-09-27]
FF Extension: HackBar - C:\Users\mo9\AppData\Roaming\Mozilla\Firefox\Profiles\cw24vw4n.default\Extensions\{F5DDF39C-9293-4d5e-9AA8-E04E6DD5E9B4}.xpi [2013-09-27]
FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake411\Freemake Video Converter\BrowserPlugin\Firefox\
FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake411\Freemake Video Converter\BrowserPlugin\Firefox\ []
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-10-17]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF [2014-01-09]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\ []
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox 25.0.1\firefox.exe
==================== Services (Whitelisted) =================
R2 AdobeActiveFileMonitor6.0; C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [124832 2007-09-10] ()
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [310912 2013-05-31] (Windows (R) Win 7 DDK provider)
R2 DeltaCopyService; D:\DeltaCopy\DCServce.exe [683008 2009-11-23] (Synametrics Technologies)
R2 DokanMounter; C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe [14848 2013-08-13] ()
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-09-03] (Nero AG)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [127320 2012-04-15] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [164184 2012-04-15] (Intel Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe [275696 2013-10-08] (Symantec Corporation)
R2 nTuneService; C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe [180224 2007-09-04] (NVIDIA)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14997280 2013-08-27] (NVIDIA Corporation)
R2 OO DiskImage; C:\Program Files\OO Software\DiskImage\oodiag.exe [6258480 2013-09-09] (O&O Software GmbH)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 PowerBiosServer; C:\Program Files (x86)\Hotkey\PowerBiosServer.exe [35328 2012-05-22] ()
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [341504 2013-06-26] (Qualcomm Atheros)
R2 SamsungRapidSvc; C:\Windows\System32\RAPID\SamsungRapidSvc.exe [27360 2013-07-29] (Samsung Electronics Co., Ltd.)
R2 STRATO HiDrive Service; C:\Program Files (x86)\STRATO AG\STRATO HiDrive\STRATO HiDrive Service.exe [32768 2011-11-15] (STRATO)
R2 USBDLM; C:\Program Files\USBDLM\USBDLM.exe [428480 2013-06-09] (Uwe Sieber - www.uwe-sieber.de)
R2 VMCService; C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [9216 2009-09-18] (Vodafone)
R2 WTGService; C:\Program Files (x86)\3DataManager\WTGService.exe [312784 2009-11-06] ()
==================== Drivers (Whitelisted) ====================
R3 Ak27x64; C:\Windows\System32\DRIVERS\Ak27x64.sys [3932880 2013-05-30] (Qualcomm Atheros, Inc.)
R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [67888 2013-02-13] (Qualcomm Atheros, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140121.001\BHDrvx64.sys [1526488 2013-12-18] (Symantec Corporation)
S3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2013-05-30] (Qualcomm Atheros)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1501000.012\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
S3 CrystalSysInfo; C:\Program Files\MediaCoder2\SysInfoX64.sys [18128 2007-09-25] ()
R3 dfmirage; C:\Windows\System32\DRIVERS\dfmirage.sys [36432 2008-03-05] (DemoForge, LLC)
R2 Dokan; C:\Windows\system32\drivers\dokan.sys [120408 2013-08-13] (Windows (R) Win 7 DDK provider)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-01-09] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2014-01-09] (Symantec Corporation)
R1 Ext2fs; C:\Windows\System32\DRIVERS\ext2fs.sys [270272 2008-09-25] (Stephan Schreiber)
S3 GPU-Z; C:\Users\mo9\AppData\Local\Temp\GPU-Z.sys [27008 2014-01-27] ()
S3 hwdatacard; C:\Windows\SysWOW64\DRIVERS\ewusbmdm.sys [117248 2009-09-10] (Huawei Technologies Co., Ltd.)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140203.001\IDSvia64.sys [521944 2014-01-21] (Symantec Corporation)
R1 IfsMount; C:\Windows\System32\DRIVERS\ifsmount.sys [80320 2008-08-28] (Stephan Schreiber)
R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv_x64.sys [44928 2012-10-11] (ManyCam LLC)
R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [28160 2013-01-31] (ManyCam LLC)
R3 mv2; C:\Windows\System32\DRIVERS\mv2.sys [12472 2013-09-19] (UVNC BVBA)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140203.019\ENG64.SYS [126040 2014-01-21] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140203.019\EX64.SYS [2099288 2014-01-21] (Symantec Corporation)
R3 nvoclk64; C:\Windows\System32\DRIVERS\nvoclk64.sys [42088 2009-09-15] (NVIDIA Corp.)
S3 NVR0Dev; C:\Windows\nvoclk64.sys [39968 2007-09-04] (NVidia Corp.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-08-20] (NVIDIA Corporation)
R0 oodisr; C:\Windows\System32\DRIVERS\oodisr.sys [116936 2013-09-09] (O&O Software GmbH)
R0 oodisrh; C:\Windows\System32\DRIVERS\oodisrh.sys [41160 2013-09-09] (O&O Software GmbH)
R0 oodivd; C:\Windows\System32\DRIVERS\oodivd.sys [255688 2013-09-09] (O&O Software GmbH)
R0 oodivdh; C:\Windows\System32\DRIVERS\oodivdh.sys [44744 2013-09-09] (O&O Software GmbH)
R0 SamsungRapidDiskFltr; C:\Windows\System32\DRIVERS\SamsungRapidDiskFltr.sys [240864 2013-07-29] (Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\Windows\System32\DRIVERS\SamsungRapidFSFltr.sys [111328 2013-07-29] (Samsung Electronics Co., Ltd.)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-10-01] (Duplex Secure Ltd.)
R3 SRTSP; C:\Windows\system32\drivers\NISx64\1501000.012\SRTSP64.SYS [858200 2013-09-27] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1501000.012\SRTSPX64.SYS [36952 2013-09-10] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1501000.012\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1501000.012\SYMEFA64.SYS [1147480 2013-09-27] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-01-09] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1501000.012\Ironx64.SYS [264280 2013-09-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\NISx64\1501000.012\SYMNETS.SYS [590936 2013-09-26] (Symantec Corporation)
S3 TDKLIB; C:\Users\mo9\AppData\Local\Temp\TdkLib64.sys [19336 2014-01-08] ()
S3 utdrv; C:\Windows\system32\drivers\utdrv.sys [26664 2013-03-29] ()
R0 vidsflt53; C:\Windows\System32\DRIVERS\vsflt53.sys [141920 2013-10-13] (Acronis)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
R3 WinRing0_1_2_0; C:\Program Files (x86)\BatteryCare\WinRing0x64.sys [14544 2008-07-26] (OpenLibSys.org)
U3 axr5ow1k; C:\Windows\System32\Drivers\axr5ow1k.sys [0 ] (Microsoft Corporation)
S3 clwvd; system32\DRIVERS\clwvd.sys [X]
S3 cpuz130; \??\C:\Users\mo9\AppData\Local\Temp\cpuz130\cpuz_x64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-04 17:32 - 2014-02-04 17:33 - 00000000 ____D () C:\FRST
2014-01-28 13:21 - 2014-01-28 16:41 - 00000000 ____D () C:\webinar teaser 14-3
2014-01-27 11:53 - 2014-01-27 11:54 - 00000000 ____D () C:\webinar teaser 2014
2014-01-25 18:58 - 2014-01-25 19:38 - 00000000 ____D () C:\stick
2014-01-18 19:48 - 2014-01-18 19:48 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-18 19:48 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-17 15:28 - 2014-01-17 15:28 - 00001017 _____ () C:\Users\Public\Desktop\Microsoft Network Monitor 3.4.lnk
2014-01-17 15:28 - 2014-01-17 15:28 - 00000000 ____D () C:\Program Files\Microsoft Network Monitor 3
2014-01-17 15:24 - 2014-01-17 19:25 - 00000000 ___DC () C:\Users\mo9\AppData\Roaming\TrafficMonitor
2014-01-16 16:12 - 2014-01-16 16:12 - 00003376 _____ () C:\Windows\System32\Tasks\{47226E0A-7C09-4048-81D8-2C6DBB5419F9}
2014-01-14 19:30 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-14 19:30 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-14 19:30 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-14 19:30 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-14 19:30 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-14 19:30 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-14 19:30 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-14 19:30 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-14 19:30 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-14 16:14 - 2014-01-14 16:16 - 00030324 ____C () C:\Users\mo9\Desktop\energy-report.html
2014-01-13 17:52 - 2014-01-13 17:52 - 00000000 ___DC () C:\Users\mo9\AppData\Local\Citrix
2014-01-13 17:52 - 2014-01-13 17:52 - 00000000 ____D () C:\Program Files (x86)\Citrix
2014-01-13 11:22 - 2014-01-13 11:24 - 00000000 ____D () C:\Backup
2014-01-13 11:21 - 2014-01-13 12:04 - 00003298 _____ () C:\Windows\System32\Tasks\test
2014-01-13 11:20 - 2014-02-04 17:33 - 00000270 _____ () C:\Windows\Tasks\test.job
2014-01-13 11:10 - 2014-01-13 11:10 - 00000000 ____D () C:\Windows\Downloaded Installations
2014-01-10 17:39 - 2014-01-10 17:39 - 00001025 _____ () C:\Users\Public\Desktop\KeywordXP.lnk
2014-01-10 17:39 - 2014-01-10 17:39 - 00000000 ____D () C:\Program Files (x86)\PageOneTraffic
2014-01-10 10:25 - 2014-01-10 10:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 25.0.1
2014-01-09 14:38 - 2014-01-09 14:38 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security
2014-01-09 14:37 - 2014-01-09 14:37 - 00177752 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2014-01-09 14:37 - 2014-01-09 14:37 - 00008222 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2014-01-09 14:37 - 2014-01-09 14:37 - 00002578 _____ () C:\Users\Public\Desktop\Norton Internet Security.lnk
2014-01-09 14:37 - 2014-01-09 14:37 - 00000000 ____D () C:\Program Files (x86)\Norton Internet Security
2014-01-08 21:46 - 2014-01-08 21:47 - 00000000 ____D () C:\synctest
2014-01-06 18:47 - 2014-01-06 18:47 - 00000000 ___DC () C:\Users\mo9\AppData\Roaming\STRATO
2014-01-06 18:44 - 2014-01-06 18:44 - 00001222 _____ () C:\Users\Public\Desktop\STRATO HiDrive.lnk
2014-01-06 18:44 - 2014-01-06 18:44 - 00000000 ____D () C:\Program Files (x86)\STRATO AG
2014-01-06 18:39 - 2014-01-06 18:39 - 104857600 _____ () C:\hidrive
2014-01-05 17:19 - 2014-02-04 17:28 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-05 17:19 - 2014-01-05 17:28 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-05 15:30 - 2014-01-05 18:54 - 00000000 ___DC () C:\Users\mo9\AppData\Local\VMware
2014-01-05 15:30 - 2014-01-05 17:51 - 00000000 ___DC () C:\Users\mo9\AppData\Roaming\VMware
==================== One Month Modified Files and Folders =======
2014-02-04 17:33 - 2014-02-04 17:32 - 00000000 ____D () C:\FRST
2014-02-04 17:33 - 2014-01-13 11:20 - 00000270 _____ () C:\Windows\Tasks\test.job
2014-02-04 17:29 - 2013-10-14 11:23 - 00000000 ___DC () C:\Users\mo9\AppData\Local\X1 Search
2014-02-04 17:29 - 2013-09-20 16:28 - 00000000 ___DC () C:\Users\mo9\AppData\Roaming\Skype
2014-02-04 17:28 - 2014-01-05 17:19 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-04 17:28 - 2013-11-01 21:39 - 00000000 ___DC () C:\Users\mo9\AppData\Roaming\Dropbox
2014-02-04 17:28 - 2013-10-01 08:53 - 00000000 ___DC () C:\Users\mo9\AppData\Local\HTC MediaHub
2014-02-04 17:23 - 2009-07-14 18:58 - 00707830 _____ () C:\Windows\system32\perfh007.dat
2014-02-04 17:23 - 2009-07-14 18:58 - 00152724 _____ () C:\Windows\system32\perfc007.dat
2014-02-04 17:23 - 2009-07-14 06:13 - 01637714 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-04 17:23 - 2009-07-14 05:45 - 00013648 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-04 17:23 - 2009-07-14 05:45 - 00013648 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-04 17:19 - 2013-09-20 12:19 - 01615484 _____ () C:\Windows\WindowsUpdate.log
2014-02-04 17:15 - 2014-01-03 19:32 - 00000000 ____D () C:\ProgramData\VMware
2014-02-04 17:15 - 2013-10-14 10:22 - 00386368 _____ () C:\Windows\PFRO.log
2014-02-04 17:15 - 2013-10-14 09:55 - 00041039 _____ () C:\Windows\setupact.log
2014-02-04 17:15 - 2013-10-12 23:04 - 00002984 _____ () C:\Windows\System32\Tasks\HotSwap! Applet
2014-02-04 17:15 - 2013-09-20 18:09 - 00017920 _____ () C:\Windows\system32\rpcnetp.exe
2014-02-04 17:15 - 2013-09-20 12:40 - 00069792 _____ (Absolute Software Corp.) C:\Windows\SysWOW64\rpcnet.dll
2014-02-04 17:15 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-04 17:14 - 2013-10-14 11:54 - 00000000 ___DC () C:\Users\mo9\AppData\Roaming\.oit
2014-02-04 17:14 - 2013-10-08 08:35 - 00000000 ___DC () C:\Users\mo9\AppData\Roaming\FileZilla
2014-02-04 17:14 - 2013-09-20 16:18 - 00000000 ____D () C:\Program Files (x86)\Everything
2014-02-04 17:11 - 2013-10-01 18:47 - 00000000 ___DC () C:\Users\mo9\AppData\Local\SwvUpdater
2014-02-04 16:42 - 2013-12-27 15:31 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2954204670-4021530364-4044966424-1000UA.job
2014-02-04 15:42 - 2013-12-27 15:31 - 00001060 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2954204670-4021530364-4044966424-1000Core.job
2014-02-04 15:00 - 2013-10-01 10:18 - 00000384 _____ () C:\Windows\Tasks\update-S-1-5-21-2954204670-4021530364-4044966424-1000.job
2014-02-04 14:04 - 2013-10-01 10:17 - 00000384 _____ () C:\Windows\Tasks\update-sys.job
2014-02-04 12:37 - 2013-09-20 12:45 - 00000000 ____D () C:\Program Files (x86)\Hotkey
2014-02-04 11:03 - 2013-09-30 15:15 - 00000600 ____C () C:\Users\mo9\AppData\Local\PUTTY.RND
2014-02-04 10:59 - 2013-09-21 18:22 - 00000000 ___DC () C:\Users\mo9\AppData\Roaming\vlc
2014-02-03 21:30 - 2013-10-29 14:58 - 00000000 ___DC () C:\Users\mo9\AppData\Roaming\UltraVNC
2014-02-03 18:52 - 2013-10-10 20:43 - 00003894 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{696D0FCC-207A-4F0E-BA23-7E9AAD19D221}
2014-02-03 17:57 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-02-02 18:25 - 2013-09-20 16:12 - 00000000 ___DC () C:\Users\mo9\AppData\Local\CrashDumps
2014-01-31 08:47 - 2013-11-09 22:10 - 00000000 __RDC () C:\Users\mo9\Mediencenter
2014-01-30 20:06 - 2013-09-20 15:05 - 00000000 ___DC () C:\Users\mo9\AppData\Roaming\Atheros
2014-01-30 20:03 - 2013-10-26 17:32 - 00338534 ____N () C:\Windows\Minidump\013014-14430-01.dmp
2014-01-30 20:03 - 2013-09-29 19:49 - 00000000 ____D () C:\Windows\Minidump
2014-01-28 16:41 - 2014-01-28 13:21 - 00000000 ____D () C:\webinar teaser 14-3
2014-01-28 16:41 - 2013-10-01 18:11 - 00000000 ___DC () C:\Users\mo9\AppData\Roaming\HandBrake
2014-01-27 11:54 - 2014-01-27 11:53 - 00000000 ____D () C:\webinar teaser 2014
2014-01-25 19:38 - 2014-01-25 18:58 - 00000000 ____D () C:\stick
2014-01-25 14:43 - 2013-09-20 18:18 - 00000000 ___DC () C:\Users\mo9\AppData\Roaming\Mozilla
2014-01-25 11:41 - 2013-10-01 17:15 - 00002813 ____C () C:\Users\mo9\.swfinfo
2014-01-24 18:20 - 2013-09-21 19:46 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-24 15:30 - 2013-09-21 17:28 - 00000000 ___DC () C:\Users\mo9\AppData\Roaming\BatteryCare
2014-01-24 09:24 - 2013-09-20 17:18 - 00000000 ____D () C:\Program Files\MyDefrag v4.3.1
2014-01-19 13:06 - 2013-10-01 17:26 - 00000000 ____D () C:\Program Files (x86)\StreamTransport
2014-01-18 19:48 - 2014-01-18 19:48 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-18 19:48 - 2013-09-21 14:25 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-18 19:48 - 2013-09-21 14:24 - 00000000 ____D () C:\Program Files (x86)\Java
2014-01-17 22:24 - 2013-10-13 19:54 - 00000000 ____D () C:\Program Files (x86)\Ultra Fractal 5
2014-01-17 22:20 - 2013-10-10 21:13 - 00000000 ____D () C:\vhd
2014-01-17 19:28 - 2013-11-01 10:16 - 00045824 _____ () C:\debug1214.txt
2014-01-17 19:25 - 2014-01-17 15:24 - 00000000 ___DC () C:\Users\mo9\AppData\Roaming\TrafficMonitor
2014-01-17 15:29 - 2013-11-14 12:14 - 00004118 _____ () C:\Windows\seRapid.INI
2014-01-17 15:28 - 2014-01-17 15:28 - 00001017 _____ () C:\Users\Public\Desktop\Microsoft Network Monitor 3.4.lnk
2014-01-17 15:28 - 2014-01-17 15:28 - 00000000 ____D () C:\Program Files\Microsoft Network Monitor 3
2014-01-16 22:07 - 2013-09-21 13:28 - 00000000 ____D () C:\tmp
2014-01-16 21:56 - 2013-10-07 15:09 - 00000000 ___DC () C:\Users\mo9\AppData\Roaming\AllDup
2014-01-16 21:28 - 2013-10-07 15:09 - 00000000 ____D () C:\ProgramData\AllDup
2014-01-16 16:12 - 2014-01-16 16:12 - 00003376 _____ () C:\Windows\System32\Tasks\{47226E0A-7C09-4048-81D8-2C6DBB5419F9}
2014-01-15 22:33 - 2013-10-06 12:19 - 00011776 ____C () C:\Users\mo9\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-15 22:26 - 2013-10-14 11:23 - 00000000 ____D () C:\Program Files (x86)\X1 Search
2014-01-15 09:48 - 2009-07-14 05:45 - 02352168 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-14 19:32 - 2013-09-20 22:52 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-14 19:31 - 2013-09-20 22:52 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-14 16:16 - 2014-01-14 16:14 - 00030324 ____C () C:\Users\mo9\Desktop\energy-report.html
2014-01-13 19:25 - 2013-09-20 19:45 - 00000000 ____D () C:\activation
2014-01-13 17:52 - 2014-01-13 17:52 - 00000000 ___DC () C:\Users\mo9\AppData\Local\Citrix
2014-01-13 17:52 - 2014-01-13 17:52 - 00000000 ____D () C:\Program Files (x86)\Citrix
2014-01-13 12:04 - 2014-01-13 11:21 - 00003298 _____ () C:\Windows\System32\Tasks\test
2014-01-13 11:24 - 2014-01-13 11:22 - 00000000 ____D () C:\Backup
2014-01-13 11:10 - 2014-01-13 11:10 - 00000000 ____D () C:\Windows\Downloaded Installations
2014-01-11 13:10 - 2013-10-01 20:42 - 00000513 ____C () C:\Users\mo9\AppData\Roaming\MPUI.ini
2014-01-11 11:07 - 2013-10-24 18:54 - 00000000 ___DC () C:\Users\mo9\AppData\Local\FRITZ!
2014-01-10 20:02 - 2013-09-20 18:09 - 00017920 _____ () C:\Windows\SysWOW64\rpcnetp.exe
2014-01-10 20:02 - 2013-09-20 18:09 - 00017920 _____ () C:\Windows\SysWOW64\rpcnetp.dll
2014-01-10 17:39 - 2014-01-10 17:39 - 00001025 _____ () C:\Users\Public\Desktop\KeywordXP.lnk
2014-01-10 17:39 - 2014-01-10 17:39 - 00000000 ____D () C:\Program Files (x86)\PageOneTraffic
2014-01-10 13:24 - 2013-11-01 21:40 - 00000000 ___DC () C:\Users\mo9\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-10 13:24 - 2013-09-20 12:20 - 00000000 __RDC () C:\Users\mo9\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-10 13:21 - 2013-09-20 18:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-10 10:25 - 2014-01-10 10:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 25.0.1
2014-01-09 20:42 - 2013-09-20 12:19 - 00000000 ___DC () C:\Users\mo9\AppData\Local\VirtualStore
2014-01-09 14:38 - 2014-01-09 14:38 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security
2014-01-09 14:37 - 2014-01-09 14:37 - 00177752 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2014-01-09 14:37 - 2014-01-09 14:37 - 00008222 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2014-01-09 14:37 - 2014-01-09 14:37 - 00002578 _____ () C:\Users\Public\Desktop\Norton Internet Security.lnk
2014-01-09 14:37 - 2014-01-09 14:37 - 00000000 ____D () C:\Program Files (x86)\Norton Internet Security
2014-01-09 14:37 - 2013-09-20 13:12 - 00003234 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-01-09 14:37 - 2013-09-20 12:57 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-01-09 14:37 - 2013-09-20 12:56 - 00000000 ____D () C:\ProgramData\Norton
2014-01-09 12:27 - 2013-11-01 11:00 - 00000000 ____D () C:\Program Files (x86)\3DataManager
2014-01-08 22:28 - 2013-09-21 22:33 - 00000000 __RDC () C:\Users\mo9\Virtual Machines
2014-01-08 21:47 - 2014-01-08 21:46 - 00000000 ____D () C:\synctest
2014-01-08 21:22 - 2013-10-11 22:59 - 00000101 _____ () C:\Windows\wiso.ini
2014-01-08 21:21 - 2013-10-11 23:01 - 00000069 _____ () C:\Windows\buhl.ini
2014-01-08 17:45 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-01-07 16:45 - 2013-09-20 14:50 - 01615738 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-01-07 12:10 - 2013-09-20 17:42 - 00000000 ____D () C:\Program Files (x86)\Hard Disk Sentinel
2014-01-06 18:47 - 2014-01-06 18:47 - 00000000 ___DC () C:\Users\mo9\AppData\Roaming\STRATO
2014-01-06 18:44 - 2014-01-06 18:44 - 00001222 _____ () C:\Users\Public\Desktop\STRATO HiDrive.lnk
2014-01-06 18:44 - 2014-01-06 18:44 - 00000000 ____D () C:\Program Files (x86)\STRATO AG
2014-01-06 18:39 - 2014-01-06 18:39 - 104857600 _____ () C:\hidrive
2014-01-05 18:54 - 2014-01-05 15:30 - 00000000 ___DC () C:\Users\mo9\AppData\Local\VMware
2014-01-05 17:51 - 2014-01-05 15:30 - 00000000 ___DC () C:\Users\mo9\AppData\Roaming\VMware
2014-01-05 17:28 - 2014-01-05 17:19 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-05 17:28 - 2013-09-20 13:30 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-05 17:28 - 2013-09-20 13:30 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-05 17:19 - 2013-09-22 13:02 - 00000000 ___DC () C:\Users\mo9\AppData\Local\Adobe
Files to move or delete:
====================
C:\Users\mo9\del.bat
Some content of TEMP:
====================
C:\Users\mo9\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\mo9\AppData\Local\Temp\pylD1B0.tmp.exe
C:\Users\mo9\AppData\Local\Temp\X1Setup.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-30 18:27
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-02-2014
Ran by mo9 at 2014-02-04 17:33:20
Running from D:\Users\mo9\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Norton Internet Security (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
==================== Installed Programs ======================
Update for Microsoft Office 2007 (KB2508958) (x32 Version: - Microsoft)
2007 Microsoft Office Suite Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
2007 Microsoft Office system (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
3DataManager (x32 Version: 2.2 - 3DataManager)
3DMark (x32 Version: 1.1 - Futuremark)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0 - Igor Pavlov)
ABBYY FineReader 6.0 Sprint (x32 Version: 6.00.1735.41615 - ABBYY Software House)
Acoustica Special Edition 5.0 (x32 Version: 5.0 - Acon AS)
Adobe AIR (x32 Version: 3.9.0.1030 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.9.0.1030 - Adobe Systems Incorporated) Hidden
Adobe Anchor Service CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Asset Services CS3 (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Audition 3.0 (x32 Version: 3.0 - Adobe Systems Incorporated)
Adobe Audition 3.0 (x32 Version: 3.0 - Adobe Systems Incorporated) Hidden
Adobe Audition Loopology Content (x32 Version: 3.0.0 - Ihr Firmenname) Hidden
Adobe Bridge CS3 (x32 Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Bridge Start Meeting (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Camera Raw 4.0 (x32 Version: 4.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color - Photoshop Specific (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color Common Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color EU Extra Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color JA Extra Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color NA Recommended Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Default Language CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit 2 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Fonts All (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Help Viewer CS3 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS3 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files (x32 Version: 8.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS3 (x32 Version: 10 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS3 (x32 Version: 10.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 6.0 (x32 Version: 6.0 - Adobe Systems, Inc.)
Adobe Photoshop Elements 6.0 (x32 Version: 6.0 - Adobe Systems, Inc.) Hidden
Adobe Reader XI (11.0.06) - Deutsch (x32 Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Setup (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Stock Photos CS3 (x32 Version: 1.5 - Adobe Systems Incorporated) Hidden
Adobe Type Support (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS3 (x32 Version: 5.1.0 - Adobe Systems Incorporated) Hidden
Adobe Version Cue CS3 Client (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Advanced Archive Password Recovery (x32 Version: 4.54.48.1338 - Elcomsoft Co. Ltd.)
AllDup 3.4.24 (x32 Version: 3.4.24 - Michael Thummerer Software Design)
Apple Application Support (x32 Version: 2.3.4 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
AviSynth 2.5 (x32 Version: - )
AVM FRITZ!fax für FRITZ!Box (x32 Version: - AVM Berlin)
BatteryCare 0.9.15.0 (x32 Version: 0.9.15.0 - Filipe Lourenço)
Biet-O-Matic v2.14.12 (x32 Version: 2.14.12 - BOM Development Team)
BurnInTest v7.1 Standard (Version: 7.1 - Passmark Software)
Camtasia Studio 8 (x32 Version: 8.0.4.1060 - TechSmith Corporation)
Canon Easy-PhotoPrint EX (x32 Version: 4.1.6 - Canon Inc.)
Canon Easy-WebPrint EX (x32 Version: 1.3.6.0 - Canon Inc.)
Canon MG5300 series MP Drivers (Version: - )
Canon My Printer (x32 Version: 3.1.0 - Canon Inc.)
CCleaner (Version: 4.06 - Piriform)
Cinescore Studio 1.0 (x32 Version: 1.0.111 - Sony)
Citrix Online Launcher (x32 Version: 1.0.168 - Citrix)
CloudBerry Explorer for Amazon S3 3.8.5 (Version: 3.8.5 - CloudBerryLab)
Cool Edit Pro 2.1 (x32 Version: - )
CopyPath v1.2 (x32 Version: - )
corz checksum utility for windows (x32 Version: 1.2.3.9 - hxxp://corz.org/windows/software/checksum/)
CPUID CPU-Z 1.66.1 (Version: - )
CrystalDiskMark 3.0.2f (Version: 3.0.2f - Crystal Dew World)
DAEMON Tools Lite (x32 Version: 4.47.1.0333 - Disc Soft Ltd)
Data Lifeguard Diagnostic for Windows 1.24 (x32 Version: - Western Digital Corporation)
DeltaCopy (x32 Version: 1.40.0000 - Synametrics Technologies)
DemoForge Mirage Driver for TightVNC 2.0 (Version: 2.0 - DemoForge LLC)
Dream Pinball 3D (x32 Version: 1.1.0.0 - TopWare Interactive)
Dropbox (HKCU Version: 2.4.11 - Dropbox, Inc.)
DVD Flick 1.3.0.7 (x32 Version: 1.3.0.7 - Dennis Meuwissen)
DVDStyler v2.5.2 (x32 Version: - )
EaseUS Data Recovery Wizard 6.1 (x32 Version: - EaseUS)
Easy HTML5 Video (x32 Version: - )
EasyBCD 2.2 (x32 Version: 2.2 - NeoSmart Technologies)
ETDWare PS/2-X64 11.10.2.2_WHQL (Version: 11.10.2.2 - ELAN Microelectronic Corp.)
Everything 1.2.1.371 (x32 Version: - )
Ext2 IFS 1.11a for Windows Vista/2008 (Version: - )
FCCI (HKCU Version: 1.0.6186.1000 - Free Conferencing Corporation)
Folder Size 2.0.0.0 (x32 Version: 2.0.0.0 - MindGems, Inc.)
FractInt for Windows (x32 Version: 20.99.8 - Stone Soup Group)
FRANZIS onlineTV 8 (x32 Version: 8.5.0.10 - FRANZIS Verlag GmbH)
Fraqtive 0.4.6 (x64) (Version: 0.4.6 - Michał Męciński)
FreeFileSync 5.21 (x32 Version: 5.21 - Zenju)
Freemake Video Converter Version 4.1.1 (x32 Version: 4.1.1 - Ellora Assets Corporation)
FreeScreenSharing (HKCU Version: 0.56.22.0 - Free Conferencing Corporation)
Futuremark SystemInfo (x32 Version: 4.17.0 - Futuremark Corporation)
Geeks3D FurMark 1.11.0 (x32 Version: - Geeks3D)
Google Talk Plugin (x32 Version: 4.9.1.16010 - Google)
GoToMeeting 6.0.0.1259 (HKCU Version: 6.0.0.1259 - CitrixOnline)
GPU Caps Viewer 1.8.6 (x32 Version: - Geeks3D.com)
GUI for dvdauthor 1.07 (x32 Version: 1.07 - Boraxsoft)
Guitar Pro 5.2 (x32 Version: - Arobas Music)
Haali Media Splitter (x32 Version: - )
HandBrake 0.9.9.1 (x32 Version: 0.9.9.1 - )
Hard Disk Sentinel PRO (x32 Version: - HDS)
HD Tune Pro 5.50 (x32 Version: - EFD Software)
Hotkey 6.0053 (x32 Version: 6.0053 - NoteBook)
Hotkey 6.0053 (x32 Version: 6.0053 - NoteBook) Hidden
HTC Driver Installer (x32 Version: 4.6.0.001 - HTC Corporation)
HTC Sync Manager (x32 Version: 2.1.76.0 - HTC)
InfoRapid Suchen & Ersetzen (x32 Version: 3.1f - Ingo Straub Softwareentwicklung)
Intel(R) Control Center (x32 Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (x32 Version: 8.0.10.1464 - Intel Corporation)
Intel(R) Processor Graphics (x32 Version: 9.18.10.3257 - Intel Corporation)
Intel(R) Programm für die Prozessorerkennung (x32 Version: 4.70.0000 - Intel Corporation)
Intel(R) Rapid Storage Technology (x32 Version: 11.0.0.1032 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 3.0.0.66956 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (x32 Version: 1.0.5.235 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.23.943.1 - Intel Corporation) Hidden
IPTInstaller (x32 Version: 4.0.8 - HTC)
iZotope Audio Enhancer (x32 Version: 1.00 - iZotope, Inc.)
Java 7 Update 51 (x32 Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
KeePass Password Safe 1.26 (x32 Version: 1.26 - Dominik Reichl)
KeywordXP (x32 Version: 2.0.1 - PageOneTraffic Ltd)
KeywordXP (x32 Version: 2.0.1 - PageOneTraffic Ltd) Hidden
LAV Filters 0.51.3 (x32 Version: 0.51.3 - Hendrik Leppkes)
LightScribe System Software (x32 Version: 1.18.27.10 - LightScribe)
LightScribe Template Labeler (x32 Version: 1.18.27.10 - LightScribe)
lightshot-4.4.2.10 (x32 Version: 4.4.2.10 - Skillbrains)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
ManyCam 3.1.59 (x32 Version: 3.1.59 - ManyCam LLC)
MediaCoder Web Video Edition x64 0.8.27 (Version: 0.8.27 - Broad Intelligence)
MediaCoder x64 0.8.26.5560 (Version: 0.8.26.5560 - Broad Intelligence)
Mediencenter 3.8.9799.6 (HKCU Version: 3.8.9799.6 - Deutsche Telekom AG)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Expression Web (x32 Version: 12.0.6215.1000 - Microsoft Corporation)
Microsoft Expression Web (x32 Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Expression Web MUI (German) (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Expression Web Service Pack 1 (SP1) (x32 Version: - Microsoft)
Microsoft Network Monitor 3.4 (Version: 3.4.2350.0 - Microsoft Corporation)
Microsoft Network Monitor: NetworkMonitor Parsers 3.4 (Version: 3.4.2350.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Language Pack 2007 - German/Deutsch (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office O MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Hybrid 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office SharePoint Designer MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office X MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Mindjet MindManager 8 (x32 Version: 8.2.328 - Mindjet)
Miro Video Converter (x32 Version: 0.8.0 - Participatory Culture Foundation)
Mozilla Firefox 24.2.0 (x86 de) (x32 Version: 24.2.0 - Mozilla)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
MP3 Diags (x32 Version: - )
Mp3tag v2.58 (x32 Version: v2.58 - Florian Heidenreich)
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT Redists (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
MyDefrag v4.3.1 (Version: 4.0.0.0 - J.C. Kessels)
Nero 12 Kwik Burn Express Essentials (x32 Version: 12.1.00200 - Nero AG)
Nero Blu-ray Player (x32 Version: 12.0.20031 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 11.0.16700 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 15.0.00015 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.22500 - Nero AG) Hidden
Nero CoverDesigner (x32 Version: 12.0.00900 - Nero AG)
Nero CoverDesigner (x32 Version: 12.0.10000 - Nero AG) Hidden
Nero CoverDesigner Help (CHM) (x32 Version: 12.0.2000 - Nero AG) Hidden
Nero Express (x32 Version: 12.5.7000 - Nero AG) Hidden
Nero Express Help (CHM) (x32 Version: 12.0.13000 - Nero AG) Hidden
Nero Kwik Themes Basic (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero MediaHome (x32 Version: 1.20.8300 - Nero AG) Hidden
Nero MediaHome Help (CHM) (x32 Version: 15.0.00018 - Nero AG) Hidden
Nero Prerequisite Installer 2.0 (x32 Version: 12.0.01000 - Nero AG)
Nero SharedVideoCodecs (x32 Version: 1.0.15003 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.13300.42.0 - Nero AG) Hidden
NewBlue Cartoonr for Vegas (x32 Version: - )
NewBlue VideoFX MSPP (x32 Version: - )
nLite 1.4.9.3 (x32 Version: 1.4.9.3 - Dino Nuhagic (nuhi))
Norton Internet Security (x32 Version: 21.1.0.18 - Symantec Corporation)
Notepad++ (x32 Version: 6.4.5 - Notepad++ Team)
NVIDIA Drivers (Version: 1.10 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.6.1 (Version: 1.6.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.58 (Version: 331.58 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.902 - NVIDIA Corporation) Hidden
NVIDIA nTune (x32 Version: 1.00.0000 - NVIDIA Corporation)
NVIDIA nTune (x32 Version: 1.00.0000 - NVIDIA Corporation) Hidden
NVIDIA Optimus 8.3.14 (Version: 8.3.14 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.0725 (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA System Monitor (x32 Version: 6.5 - NVIDIA Corporation)
NVIDIA System Monitor (x32 Version: 6.5 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 331.58 (Version: 331.58 - NVIDIA Corporation) Hidden
NVIDIA Update 8.3.14 (Version: 8.3.14 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 8.3.14 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.5 (Version: 1.2.5 - NVIDIA Corporation)
O&O DiskImage Professional (Version: 7.81.6 - O&O Software GmbH)
OpenAL (x32 Version: - )
Paragon ExtFS for Windows (x32 Version: - )
PCMark Vantage (x32 Version: 1.2.0.0 - Futuremark)
PDF Architect (x32 Version: 1.1.83.9982 - pdfforge GmbH)
PDF Experte 8 Ultimate (x32 Version: 8.0.0140.0 - Avanquest software)
PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
PDFCreator (x32 Version: 1.7.1 - pdfforge)
PDF-XChange 3 (Version: - Tracker Software)
PE Builder 3.1.10a (x32 Version: - Bart Lagerweij)
PLDS OEM Content (x32 Version: 12.0.0004 - Nero AG) Hidden
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
PuTTY version 0.63 (x32 Version: 0.63 - Simon Tatham)
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.0.25.1224 - Qualcomm Atheros) Hidden
Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.0.228 - Qualcomm Atheros Communications) Hidden
Qualcomm Atheros Killer Wireless-N Drivers (Version: 1.0.25.1224 - Qualcomm Atheros) Hidden
Qualcomm Atheros Network Manager (Version: 1.0.25.1224 - Qualcomm Atheros) Hidden
Qualcomm Atheros Performance Suite (x32 Version: 1.0.25.1224 - Qualcomm Atheros)
QuickTime (x32 Version: 7.74.80.86 - Apple Inc.)
RAPID Mode (Version: 1.0.1.42 - Samsung Electronics Co., Ltd.) Hidden
Realtek Ethernet Controller Driver (x32 Version: 7.54.309.2012 - Realtek)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6675 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (x32 Version: 6.2.8400.27024 - Realtek Semiconductor Corp.)
Recuva (Version: 1.48 - Piriform)
Samsung Data Migration (x32 Version: 2.5 - Samsung)
Samsung Magician (x32 Version: 4.3.0 - Samsung Electronics)
Seagate*DiscWizard (x32 Version: 11.0.8330 - Seagate)
SeaTools for Windows (x32 Version: 1.2.0.7 - Seagate Technology)
SHIELD Streaming (Version: 1.05.28 - NVIDIA Corporation) Hidden
Simple DVD Creator 1.3 (x32 Version: - )
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
SmartErase (x32 Version: 1.2.1 - PLDS)
Sony DVD Architect Studio 4.5 (x32 Version: 4.5.107 - Sony)
Sony Vegas Pro 8.1 (Version: 8.1.171 - Sony)
Sothink Video Converter (x32 Version: 3.6 - SourceTec Software Co., LTD)
Sound Forge Audio Studio 10.0 (x32 Version: 10.0.245 - Sony)
SpamBayes 1.1a6 (x32 Version: 1.1a6 - )
SRWare Iron Version SRWare Iron 30.0.1650.0 (x32 Version: SRWare Iron 30.0.1650.0 - SRWare)
SSDlife Free (x32 Version: 2.3.56 - BinarySense Inc.)
STRATO HiDrive (remove only) (x32 Version: - STRATO AG)
StreamTransport version: 2.0.1.2389 (x32 Version: - )
SUPER © v2013.build.57+Recorder (2013/07/13) Version v2013.buil (x32 Version: v2013.build.57+Recorder - eRightSoft)
System Requirements Lab for Intel (x32 Version: 4.5.15.0 - Husdawg, LLC)
TechPowerUp GPU-Z (x32 Version: - TechPowerUp)
TEncoder Video Converter version 3.6.0 64bit (x32 Version: 3.6.0 64bit - ozok)
THX TruStudio Pro (x32 Version: TAMB-CVS1D-1-LB R07 - Creative Technology Limited)
Total Commander 64-bit (Remove or Repair) (Version: 8.01 - Ghisler Software GmbH)
TrueCrypt (x32 Version: 7.0a - TrueCrypt Foundation)
Ubuntu (x32 Version: 12.04.3-rev279 - Ubuntu)
Ultra Fractal 5.04 (x32 Version: - )
UltraVnc (Version: 1.1.9.3 - uvnc bvba)
Update for 2007 Microsoft Office System (KB967642) (x32 Version: - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (x32 Version: - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (x32 Version: - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (x32 Version: - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (x32 Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (x32 Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (x32 Version: - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (x32 Version: - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (x32 Version: - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (x32 Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (x32 Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (x32 Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32 Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (x32 Version: - Microsoft)
USBTrace V2.8.0 (Version: - SysNucleus)
Vegas Movie Studio HD Platinum 10.0 (x32 Version: 10.0.179 - Sony)
Vhd Resizer (x32 Version: 1.0.42 - Xcarab)
VLC media player 2.0.8 (x32 Version: 2.0.8 - VideoLAN)
VMware Player (Version: 6.0.1 - VMware, Inc.) Hidden
VMware Player (x32 Version: 6.0.1 - VMware, Inc)
Vodafone Mobile Connect Lite (x32 Version: 9.4.4.17702 - Vodafone)
Windows XP Mode (Version: 1.3.7600.16422 - Microsoft Corporation)
WinRAR 5.00 (64-bit) (Version: 5.00.0 - win.rar GmbH)
WinX DVD Author 6.2 (x32 Version: - DigiartySoft, Inc.)
WISE-FTP 6 (x32 Version: 6.1.5 - AceBIT)
X1 Search (x32 Version: 8.1.1.0 - X1 Discovery, Inc.)
XAMPP 1.8.1-0 (x32 Version: 1.8.1-0 - BitNami)
XMedia Recode Version 3.1.7.4 (x32 Version: 3.1.7.4 - XMedia Recode)
XYplorer 13.40 (x32 Version: 13.40 - Donald Lessau)
==================== Restore Points =========================
17-01-2014 14:28:08 Installed Microsoft Network Monitor 3.4
17-01-2014 14:28:55 Installed Microsoft Network Monitor: NetworkMonitor Parsers 3.4
18-01-2014 18:47:40 Installed Java 7 Update 51
31-01-2014 12:24:45 Geplanter Prüfpunkt
==================== Hosts content: ==========================
2009-07-14 03:34 - 2014-01-09 23:40 - 00005367 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost.de
==================== Scheduled Tasks (whitelisted) =============
Task: {03F5D3A8-3E76-4E2B-B9FC-1F3D84926BC9} - System32\Tasks\update-S-1-5-21-2954204670-4021530364-4044966424-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2013-09-27] ()
Task: {0681865D-9EFE-4336-98A4-2B80315F5E4D} - System32\Tasks\{45A6868E-C678-48BC-B1A6-FD1E272982D0} => D:\Users\mo9\Downloads\winfract-20.04p12\winfract-20.04p12\WINFRACT.EXE [2012-02-12] ()
Task: {170AA469-83BB-419D-911A-38ED6372CD29} - System32\Tasks\HotSwap! Applet => D:\c\Program Files\HotSwap! 6.1.0.0\64bit\HotSwap!.EXE [2012-06-19] (Kazuyuki Nakayama)
Task: {1C43C0F6-DAFD-46E6-A08B-6E46EC982299} - System32\Tasks\MyDefrag v4.3.1 Monthly => C:\Program Files\MyDefrag v4.3.1\Scripts\AutomaticMonthly.MyD [2010-05-21] ()
Task: {2FC66F37-8E27-4039-9811-7DB345D95289} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2954204670-4021530364-4044966424-1000UA => C:\Users\mo9\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-27] (Google Inc.)
Task: {46A2BBCA-527C-49B4-8B2A-76F3790FA857} - System32\Tasks\MyDefrag v4.3.1 Daily => C:\Program Files\MyDefrag v4.3.1\Scripts\AutomaticDaily.MyD [2010-05-21] ()
Task: {603BF7EF-6EE4-49C7-9210-85B7840D41B3} - System32\Tasks\BatteryCareAuto => C:\Program Files (x86)\BatteryCare\BatteryCare.exe [2013-10-28] (Filipe Lourenço)
Task: {7868D784-AC90-4E11-9702-B3385D05C5AF} - System32\Tasks\Core Temp Autostart Admin => C:\Users\Admin\Downloads\CoreTemp32_rc5\Core Temp.exe [2013-03-01] ()
Task: {8DF3A7AE-F83B-478C-8867-1C7888624AA6} - System32\Tasks\HardDiskSentinel\Hard Disk Sentinel_Admin => C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe [2013-07-11] (H.D.S. Hungary)
Task: {96FB03B6-19F9-4BF6-BBB9-F332D29B0DC0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2954204670-4021530364-4044966424-1000Core => C:\Users\mo9\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-27] (Google Inc.)
Task: {9D618F95-8825-42AD-B750-2837AE2EAAE9} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2013-09-27] ()
Task: {AD7C80BC-CE82-4322-8EED-CBCFF15BFC3B} - System32\Tasks\Paragon ExtFS for Windows => C:\Program Files (x86)\Paragon Software\Paragon ExtFS for Windows\Paragon ExtFS for Windows.exe [2013-11-29] ()
Task: {B8C27042-2966-402D-9736-F0CE55592359} - System32\Tasks\HardDiskSentinel\Hard Disk Sentinel_mo9 => C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe [2013-07-11] (H.D.S. Hungary)
Task: {C9D234F7-9053-41DE-B5DE-38C14F16E7DD} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {D7AE9B7E-40EE-4D28-970D-3554444AF1AA} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {E0BE0C74-83FB-4291-961F-0B1F225E2F3B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-09-19] (Piriform Ltd)
Task: {F2C517CB-C43C-4C10-8FE9-9AA3ABDECBE4} - System32\Tasks\test => D:\DeltaCopy\test.dcp [2014-01-13] ()
Task: {F6F69EF2-8F17-4080-92E8-ABAE7B545877} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\WSCStub.exe [2013-10-08] (Symantec Corporation)
Task: {F81534C5-6445-4ED0-85AD-23D325B2C5EB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-05] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2954204670-4021530364-4044966424-1000Core.job => C:\Users\mo9\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2954204670-4021530364-4044966424-1000UA.job => C:\Users\mo9\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\test.job => ?
Task: C:\Windows\Tasks\update-S-1-5-21-2954204670-4021530364-4044966424-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
==================== Loaded Modules (whitelisted) =============
2013-09-09 16:35 - 2013-09-09 16:35 - 00344880 _____ () C:\Program Files\OO Software\DiskImage\oodishrs.dll
2013-05-31 00:19 - 2013-05-31 00:19 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-09-20 12:50 - 2010-11-12 11:38 - 00241152 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL
2013-09-20 12:34 - 2012-03-25 19:33 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-09-09 16:35 - 2013-09-09 16:35 - 00537904 _____ () C:\Program Files\OO Software\DiskImage\ooditrrs.dll
2013-09-09 16:36 - 2013-09-09 16:36 - 00069936 _____ () C:\Program Files\OO Software\DiskImage\oodiagpsx64.dll
2013-09-21 17:28 - 2012-07-26 08:27 - 00252928 _____ () C:\Program Files (x86)\BatteryCare\OpenHardwareMonitorLib.dll
2013-09-13 18:05 - 2013-09-13 18:05 - 00030056 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2013-09-13 18:05 - 2013-09-13 18:05 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2013-09-13 18:06 - 2013-09-13 18:06 - 00044392 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2013-09-13 18:06 - 2013-09-13 18:06 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2013-09-13 18:06 - 2013-09-13 18:06 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2013-09-13 18:13 - 2013-09-13 18:13 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
2008-11-09 19:36 - 2008-11-09 19:36 - 01000960 _____ () D:\DeltaCopy\cygiconv-2.dll
2002-06-09 00:50 - 2002-06-09 00:50 - 00022528 _____ () D:\DeltaCopy\cygpopt-0.dll
2013-10-18 12:46 - 2013-10-18 12:46 - 01260624 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll
2013-09-21 21:12 - 2013-09-21 21:12 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\991a8d378a3e64b31c0f4770ba9ae071\IsdiInterop.ni.dll
2013-09-20 12:51 - 2011-11-29 19:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-09-20 12:46 - 2012-03-28 00:18 - 01198872 ____R () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-01-16 10:58 - 2013-01-16 10:58 - 02408448 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
2013-01-16 10:58 - 2013-01-16 10:58 - 08626176 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
2013-01-16 10:58 - 2013-01-16 10:58 - 00212992 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2009-06-06 13:50 - 2009-06-06 13:50 - 00019968 _____ () C:\Program Files (x86)\Hotkey\Audiodll.dll
2013-10-19 00:55 - 2013-10-19 00:55 - 25100288 ____C () C:\Users\mo9\AppData\Roaming\Dropbox\bin\libcef.dll
2013-09-20 12:50 - 2010-11-01 16:34 - 00159744 ____N () C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\de-DE\THXAudio.resources.dll
2013-10-15 13:31 - 2013-11-28 12:14 - 00013824 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SAMSUNG_SSD.dll
2013-12-11 17:57 - 2013-11-28 18:59 - 00098816 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\PAL.dll
2013-12-11 17:57 - 2013-11-28 18:59 - 00034304 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SATA.dll
2013-12-11 17:57 - 2013-11-28 18:59 - 00032768 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SAT.dll
2013-12-11 17:57 - 2013-11-28 19:00 - 00031232 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SMINI.dll
2013-12-11 17:57 - 2013-11-28 18:59 - 00029696 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SAS.dll
2009-12-18 12:20 - 2009-12-18 12:20 - 00150856 _____ () C:\Program Files (x86)\Mindjet\MindManager 8\zlib.dll
2009-11-10 16:39 - 2009-11-10 16:39 - 01332576 _____ () C:\Program Files (x86)\Seagate\DiscWizard\fox.dll
2009-07-13 22:03 - 2009-07-14 02:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2013-11-09 21:23 - 2012-04-11 19:06 - 01186816 _____ () C:\Program Files (x86)\Avanquest\PDF Experte 8 Ultimate\TMSlite160.bpl
2013-11-09 21:23 - 2012-04-11 19:06 - 00087552 _____ () C:\Program Files (x86)\Avanquest\PDF Experte 8 Ultimate\vspropsaver160.bpl
2013-11-09 21:23 - 2012-04-11 19:06 - 02478080 _____ () C:\Program Files (x86)\Avanquest\PDF Experte 8 Ultimate\vsvector160.bpl
2013-11-09 21:23 - 2012-04-11 19:06 - 04680704 _____ () C:\Program Files (x86)\Avanquest\PDF Experte 8 Ultimate\vspdfcore160.bpl
2013-11-09 21:23 - 2012-04-11 19:06 - 02693120 _____ () C:\Program Files (x86)\Avanquest\PDF Experte 8 Ultimate\BBlite160.bpl
2013-11-09 21:23 - 2012-02-23 15:11 - 00025088 _____ () C:\Program Files (x86)\Avanquest\PDF Experte 8 Ultimate\vstrees160.bpl
2013-11-09 21:23 - 2012-04-11 19:06 - 00064512 _____ () C:\Program Files (x86)\Avanquest\PDF Experte 8 Ultimate\vsprinters160.bpl
2013-11-09 21:23 - 2012-04-11 19:06 - 00064512 _____ () C:\Program Files (x86)\Avanquest\PDF Experte 8 Ultimate\vspdfprinter160.bpl
2013-11-09 21:23 - 2011-09-30 18:10 - 00684032 _____ () C:\Program Files (x86)\Avanquest\PDF Experte 8 Ultimate\js32.dll
2013-11-09 21:23 - 2012-04-11 19:06 - 00097280 _____ () C:\Program Files (x86)\Avanquest\PDF Experte 8 Ultimate\expertpdfcore160.bpl
2013-11-09 21:23 - 2012-04-11 19:06 - 02253824 _____ () C:\Program Files (x86)\Avanquest\PDF Experte 8 Ultimate\PKIECtrl160.bpl
2013-11-09 21:23 - 2012-04-11 19:06 - 00517120 _____ () C:\Program Files (x86)\Avanquest\PDF Experte 8 Ultimate\vspdfeditor160.bpl
2014-01-10 10:25 - 2014-01-10 10:25 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox 25.0.1\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\Temp:4FC01C57
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
Name: VMware Virtual Ethernet Adapter for VMnet1
Description: VMware Virtual Ethernet Adapter for VMnet1
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: VMware Virtual Ethernet Adapter for VMnet8
Description: VMware Virtual Ethernet Adapter for VMnet8
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/04/2014 05:15:57 PM) (Source: VMCService) (User: )
Description: conflictManagerTypeValue
Error: (02/04/2014 09:05:47 AM) (Source: VMCService) (User: )
Description: conflictManagerTypeValue
Error: (02/03/2014 10:27:19 PM) (Source: Application Hang) (User: )
Description: Programm firefox.exe, Version 26.0.0.5087 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1978
Startzeit: 01cf20b6b2ecba55
Endzeit: 30
Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox 25.0.1\firefox.exe
Berichts-ID: e8943fed-8d19-11e3-9836-0090f5da6521
Error: (02/03/2014 09:01:34 AM) (Source: VMCService) (User: )
Description: conflictManagerTypeValue
Error: (02/02/2014 06:25:55 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: wmprph.exe, Version: 12.0.7600.16385, Zeitstempel: 0x4a5bd018
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000004e4e4
ID des fehlerhaften Prozesses: 0x1fe0
Startzeit der fehlerhaften Anwendung: 0xwmprph.exe0
Pfad der fehlerhaften Anwendung: wmprph.exe1
Pfad des fehlerhaften Moduls: wmprph.exe2
Berichtskennung: wmprph.exe3
Error: (02/02/2014 09:33:43 AM) (Source: VMCService) (User: )
Description: conflictManagerTypeValue
Error: (02/01/2014 09:28:55 AM) (Source: VMCService) (User: )
Description: conflictManagerTypeValue
Error: (01/31/2014 08:48:37 AM) (Source: VMCService) (User: )
Description: conflictManagerTypeValue
Error: (01/30/2014 08:04:27 PM) (Source: VMCService) (User: )
Description: GetLoggedOnUser
Error: (01/30/2014 08:03:51 PM) (Source: VMCService) (User: )
Description: conflictManagerTypeValue
System errors:
=============
Error: (02/04/2014 05:16:56 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (02/04/2014 05:15:59 PM) (Source: VDS Basic Provider) (User: )
Description: Unerwarteter Fehler. Fehlercode: 490@01010004
Error: (02/04/2014 05:15:58 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVR0Dev" wurde aufgrund folgenden Fehlers nicht gestartet:
%%183
Error: (02/04/2014 05:15:58 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVR0Dev" wurde aufgrund folgenden Fehlers nicht gestartet:
%%183
Error: (02/04/2014 05:15:10 PM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Error: (02/04/2014 09:06:43 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (02/04/2014 09:05:53 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVR0Dev" wurde aufgrund folgenden Fehlers nicht gestartet:
%%183
Error: (02/04/2014 09:05:52 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVR0Dev" wurde aufgrund folgenden Fehlers nicht gestartet:
%%183
Error: (02/04/2014 09:05:49 AM) (Source: VDS Basic Provider) (User: )
Description: Unerwarteter Fehler. Fehlercode: 490@01010004
Error: (02/03/2014 10:27:30 PM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Microsoft Office Sessions:
=========================
Error: (10/07/2013 08:04:52 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 35983 seconds with 1500 seconds of active time. This session ended with a crash.
Error: (09/27/2013 06:20:52 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 79 seconds with 60 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2013-10-11 09:20:01.131
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\c\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22379_none_b5bfb7f5e210be96\appid.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-11 09:20:00.763
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\c\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22379_none_b5bfb7f5e210be96\appid.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-11 09:20:00.398
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\c\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22379_none_b5bfb7f5e210be96\appid.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-11 09:20:00.030
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\c\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22379_none_b5bfb7f5e210be96\appid.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-11 09:19:59.643
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\c\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22379_none_b5bfb7f5e210be96\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-11 09:19:59.238
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\c\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22379_none_b5bfb7f5e210be96\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-11 09:19:58.963
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\c\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22379_none_b5bfb7f5e210be96\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-11 09:19:58.690
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\c\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22379_none_b5bfb7f5e210be96\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-11 08:58:45.403
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\c\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22379_none_c014624816718091\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-11 08:58:45.110
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\c\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22379_none_c014624816718091\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 25%
Total physical RAM: 16276.31 MB
Available physical RAM: 12132.31 MB
Total Pagefile: 17274.49 MB
Available Pagefile: 13153.64 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: (C) (Fixed) (Total:232.79 GB) (Free:67.63 GB) NTFS
Drive d: (D) (Fixed) (Total:698.63 GB) (Free:61.17 GB) NTFS
Drive f: (MovieStudioPE9) (CDROM) (Total:1.57 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
==================== End Of Log ============================
|
|
05.02.2014, 12:30
| #4 |
| /// the machine /// TB-Ausbilder | Gehackte Fritzbox - Verdacht: PC infiziert hi, Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
05.02.2014, 13:23
| #5 |
| | Gehackte Fritzbox - Verdacht: PC infiziert Vielen Dank. TDSSKILLER hat nichts gefunden. (EDIT: Statt Attachment - Log in separaten Posts weiter unten.) Geändert von mo9 (05.02.2014 um 13:45 Uhr) |
|
05.02.2014, 13:47
| #6 |
| | Gehackte Fritzbox - Verdacht: PC infiziertCode:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.07.0.1009
www.malwarebytes.org
Database version: v2014.02.05.05
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16750
Admin :: X [administrator]
05.02.2014 13:26:04
mbar-log-2014-02-05 (13-26-04).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Kernel memory modifications detected. Deep Anti-Rootkit Scan engaged.
Objects scanned: 306622
Time elapsed: 5 minute(s), 43 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 13:00:13.0222 0x2710 TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
13:00:17.0137 0x2710 ============================================================
13:00:17.0137 0x2710 Current date / time: 2014/02/05 13:00:17.0137
13:00:17.0137 0x2710 SystemInfo:
13:00:17.0137 0x2710
13:00:17.0137 0x2710 OS Version: 6.1.7601 ServicePack: 1.0
13:00:17.0137 0x2710 Product type: Workstation
13:00:17.0137 0x2710 ComputerName: X
13:00:17.0137 0x2710 UserName: Admin
13:00:17.0137 0x2710 Windows directory: C:\Windows
13:00:17.0137 0x2710 System windows directory: C:\Windows
13:00:17.0137 0x2710 Running under WOW64
13:00:17.0138 0x2710 Processor architecture: Intel x64
13:00:17.0138 0x2710 Number of processors: 8
13:00:17.0138 0x2710 Page size: 0x1000
13:00:17.0138 0x2710 Boot type: Normal boot
13:00:17.0138 0x2710 ============================================================
13:00:17.0350 0x2710 KLMD registered as C:\Windows\system32\drivers\39569482.sys
13:00:17.0509 0x2710 System UUID: {5E532650-FCE1-8A01-60FA-A2B9756016D5}
13:00:18.0372 0x2710 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:00:18.0386 0x2710 Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:00:18.0401 0x2710 ============================================================
13:00:18.0401 0x2710 \Device\Harddisk0\DR0:
13:00:18.0402 0x2710 MBR partitions:
13:00:18.0402 0x2710 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x57545000
13:00:18.0402 0x2710 \Device\Harddisk1\DR1:
13:00:18.0402 0x2710 MBR partitions:
13:00:18.0402 0x2710 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
13:00:18.0402 0x2710 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D192970
13:00:18.0402 0x2710 ============================================================
13:00:18.0404 0x2710 C: <-> \Device\Harddisk1\DR1\Partition2
13:00:18.0438 0x2710 D: <-> \Device\Harddisk0\DR0\Partition1
13:00:18.0439 0x2710 ============================================================
13:00:18.0439 0x2710 Initialize success
13:00:18.0439 0x2710 ============================================================
13:00:59.0020 0x21e8 ============================================================
13:00:59.0020 0x21e8 Scan started
13:00:59.0020 0x21e8 Mode: Manual; SigCheck; TDLFS;
13:00:59.0020 0x21e8 ============================================================
13:00:59.0020 0x21e8 KSN ping started
13:01:07.0258 0x21e8 KSN ping finished: true
13:01:08.0405 0x21e8 ================ Scan system memory ========================
13:01:08.0405 0x21e8 System memory - ok
13:01:08.0406 0x21e8 ================ Scan services =============================
13:01:08.0463 0x21e8 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
13:01:08.0621 0x21e8 1394ohci - ok
13:01:08.0656 0x21e8 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
13:01:08.0689 0x21e8 ACPI - ok
13:01:08.0695 0x21e8 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
13:01:08.0725 0x21e8 AcpiPmi - ok
13:01:08.0741 0x21e8 [ E8FE4FCE23D2809BD88BCC1D0F8408CE, D744A1052BF104490A8D9BDE2B331F2C0157FCF58B54867E192B62CEE85F697E ] AdobeActiveFileMonitor6.0 C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
13:01:08.0764 0x21e8 AdobeActiveFileMonitor6.0 - ok
13:01:08.0774 0x21e8 [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:01:08.0795 0x21e8 AdobeARMservice - ok
13:01:08.0834 0x21e8 [ 1BA1AB4141A92EB34DA99F1249CA2D4D, 43ADF35146E61E0DE58D2ACC2994538F6025135ECEB30073BEF05A804BB38107 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:01:08.0860 0x21e8 AdobeFlashPlayerUpdateSvc - ok
13:01:08.0885 0x21e8 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
13:01:08.0926 0x21e8 adp94xx - ok
13:01:08.0946 0x21e8 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
13:01:08.0979 0x21e8 adpahci - ok
13:01:08.0992 0x21e8 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
13:01:09.0018 0x21e8 adpu320 - ok
13:01:09.0032 0x21e8 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:01:09.0122 0x21e8 AeLookupSvc - ok
13:01:09.0148 0x21e8 [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD C:\Windows\system32\drivers\afd.sys
13:01:09.0195 0x21e8 AFD - ok
13:01:09.0204 0x21e8 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
13:01:09.0227 0x21e8 agp440 - ok
13:01:09.0376 0x21e8 [ 23078F9F287311648F5030A4708D2803, 07C718EC1E8BAF49839B587B44B886899D7491A91503FB1FFF6C8F2889F19345 ] Ak27x64 C:\Windows\system32\DRIVERS\Ak27x64.sys
13:01:09.0570 0x21e8 Ak27x64 - ok
13:01:09.0584 0x21e8 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
13:01:09.0613 0x21e8 ALG - ok
13:01:09.0620 0x21e8 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
13:01:09.0640 0x21e8 aliide - ok
13:01:09.0648 0x21e8 ALSysIO - ok
13:01:09.0653 0x21e8 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
13:01:09.0673 0x21e8 amdide - ok
13:01:09.0681 0x21e8 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
13:01:09.0708 0x21e8 AmdK8 - ok
13:01:09.0717 0x21e8 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
13:01:09.0744 0x21e8 AmdPPM - ok
13:01:09.0755 0x21e8 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
13:01:09.0779 0x21e8 amdsata - ok
13:01:09.0794 0x21e8 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
13:01:09.0822 0x21e8 amdsbs - ok
13:01:09.0830 0x21e8 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
13:01:09.0850 0x21e8 amdxata - ok
13:01:09.0858 0x21e8 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
13:01:09.0920 0x21e8 AppID - ok
13:01:09.0928 0x21e8 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
13:01:09.0990 0x21e8 AppIDSvc - ok
13:01:09.0999 0x21e8 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
13:01:10.0026 0x21e8 Appinfo - ok
13:01:10.0040 0x21e8 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
13:01:10.0071 0x21e8 AppMgmt - ok
13:01:10.0081 0x21e8 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
13:01:10.0104 0x21e8 arc - ok
13:01:10.0115 0x21e8 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
13:01:10.0139 0x21e8 arcsas - ok
13:01:10.0159 0x21e8 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:01:10.0185 0x21e8 aspnet_state - ok
13:01:10.0191 0x21e8 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:01:10.0253 0x21e8 AsyncMac - ok
13:01:10.0260 0x21e8 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
13:01:10.0279 0x21e8 atapi - ok
13:01:10.0291 0x21e8 [ 65DD42A358451920A703EEEC1AB4995B, 7690EFB12E928ECF3D3D3155F7D1F7A8FEEE742212ABE5319166EA8DB5601884 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
13:01:10.0314 0x21e8 AthBTPort - ok
13:01:10.0339 0x21e8 [ 2DC097FE207EC7576B8C8BC357558BA0, FDD51224716DC7E5859A82B751DB75E88026F371B19785A57E4426556C9E11F8 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
13:01:10.0365 0x21e8 AtherosSvc - ok
13:01:10.0397 0x21e8 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:01:10.0490 0x21e8 AudioEndpointBuilder - ok
13:01:10.0522 0x21e8 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
13:01:10.0612 0x21e8 AudioSrv - ok
13:01:10.0623 0x21e8 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
13:01:10.0661 0x21e8 AxInstSV - ok
13:01:10.0684 0x21e8 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
13:01:10.0730 0x21e8 b06bdrv - ok
13:01:10.0746 0x21e8 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
13:01:10.0784 0x21e8 b57nd60a - ok
13:01:10.0797 0x21e8 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
13:01:10.0824 0x21e8 BDESVC - ok
13:01:10.0833 0x21e8 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
13:01:10.0893 0x21e8 Beep - ok
13:01:10.0926 0x21e8 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
13:01:10.0984 0x21e8 BFE - ok
13:01:10.0992 0x21e8 [ 35BAC943C9C9C501B2DB888858D41F99, 4EDA511CC7029ECB757E2B7B90903503DC649B7B5060238D6418EF4506E172A5 ] BfLwf C:\Windows\system32\DRIVERS\bflwfx64.sys
13:01:11.0014 0x21e8 BfLwf - ok
13:01:11.0078 0x21e8 [ F14F048B4D05FBCE536250EA74BF9FDC, 63E25E916209B6AF7AAC98B665E0128842F1EFDDEF95D50095514A9FDDC522A9 ] BHDrvx64 C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140121.001\BHDrvx64.sys
13:01:11.0159 0x21e8 BHDrvx64 - ok
13:01:11.0198 0x21e8 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
13:01:11.0300 0x21e8 BITS - ok
13:01:11.0308 0x21e8 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
13:01:11.0334 0x21e8 blbdrive - ok
13:01:11.0349 0x21e8 [ 73686FE0B2E0469F89FD2075BE724704, 4BC5BBA7ACB5BDA77251B82B9CF16C6A9EBBCC29760860A0F37ABDDF9288143F ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
13:01:11.0370 0x21e8 Bonjour Service - detected UnsignedFile.Multi.Generic ( 1 )
13:01:13.0755 0x21e8 Detect skipped due to KSN trusted
13:01:13.0755 0x21e8 Bonjour Service - ok
13:01:13.0766 0x21e8 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:01:13.0800 0x21e8 bowser - ok
13:01:13.0811 0x21e8 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:01:13.0845 0x21e8 BrFiltLo - ok
13:01:13.0857 0x21e8 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:01:13.0887 0x21e8 BrFiltUp - ok
13:01:13.0906 0x21e8 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
13:01:13.0941 0x21e8 Browser - ok
13:01:13.0960 0x21e8 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
13:01:14.0008 0x21e8 Brserid - ok
13:01:14.0024 0x21e8 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
13:01:14.0060 0x21e8 BrSerWdm - ok
13:01:14.0068 0x21e8 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
13:01:14.0101 0x21e8 BrUsbMdm - ok
13:01:14.0109 0x21e8 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
13:01:14.0135 0x21e8 BrUsbSer - ok
13:01:14.0154 0x21e8 [ BCDB654338FA6C4BEE20A8EA47092171, CE0408F126F23E8C51CE59F3A56B41C78AB8918512FB9866F055077E5428EA37 ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
13:01:14.0189 0x21e8 BTATH_A2DP - ok
13:01:14.0201 0x21e8 [ A71E33AEF3289BE2BA6CAD032BF9BFBA, A390F0BAC83143489F7191E4595973D8E1EA6CDF0937B4A441848CF7345C8808 ] btath_avdt C:\Windows\system32\drivers\btath_avdt.sys
13:01:14.0227 0x21e8 btath_avdt - ok
13:01:14.0235 0x21e8 [ C6978F7EBA6F37D626482AC6B9390630, B4BF939AB9962A61DE9518604C20347DC2A6FCDCEB3D8AEF295AF12E6F2CDCF3 ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys
13:01:14.0255 0x21e8 BTATH_BUS - ok
13:01:14.0269 0x21e8 [ 4AF7C20F94DAC343C01ED671C82DCB99, 2AABD85D9D76461DE883E0F13F61C391BA81E6198FF88268B319474E25A196C8 ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys
13:01:14.0296 0x21e8 BTATH_HCRP - ok
13:01:14.0305 0x21e8 [ 785C38070043BEEE9E9D591DE4067244, 1C8D15B8A9E80A2799E7094C4AE111FEA9FBC6EAA4A61B13EFE59314C9794949 ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
13:01:14.0328 0x21e8 BTATH_LWFLT - ok
13:01:14.0519 0x21e8 [ 8ECEE2F3B212672AA2B3646F0A7EA57A, E2533C6231BC8163EF64C8574CF0319EEB08BAD82EF12367E64568EE9ED1823E ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys
13:01:14.0547 0x21e8 BTATH_RCP - ok
13:01:14.0585 0x21e8 [ B22C4DC8E240811B3D13DE638F06F371, 474EDE678442F1BACDF5D27619EB955C8E2D88DE1A062F4D5115AE36E1746D28 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
13:01:14.0635 0x21e8 BtFilter - ok
13:01:14.0644 0x21e8 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
13:01:14.0670 0x21e8 BthEnum - ok
13:01:14.0678 0x21e8 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
13:01:14.0709 0x21e8 BTHMODEM - ok
13:01:14.0718 0x21e8 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
13:01:14.0753 0x21e8 BthPan - ok
13:01:14.0780 0x21e8 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
13:01:14.0834 0x21e8 BTHPORT - ok
13:01:14.0845 0x21e8 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
13:01:14.0908 0x21e8 bthserv - ok
13:01:14.0919 0x21e8 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
13:01:14.0947 0x21e8 BTHUSB - ok
13:01:14.0963 0x21e8 [ 0510396A957E9FD7205BA62D3CAE4528, C80C39EB3A87C5111132E96E966CF74ACABA36DE7714B545A707027D35995792 ] ccSet_NIS C:\Windows\system32\drivers\NISx64\1501000.012\ccSetx64.sys
13:01:14.0988 0x21e8 ccSet_NIS - ok
13:01:14.0998 0x21e8 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:01:15.0065 0x21e8 cdfs - ok
13:01:15.0076 0x21e8 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
13:01:15.0107 0x21e8 cdrom - ok
13:01:15.0116 0x21e8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
13:01:15.0184 0x21e8 CertPropSvc - ok
13:01:15.0191 0x21e8 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
13:01:15.0221 0x21e8 circlass - ok
13:01:15.0244 0x21e8 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
13:01:15.0278 0x21e8 CLFS - ok
13:01:15.0289 0x21e8 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:01:15.0311 0x21e8 clr_optimization_v2.0.50727_32 - ok
13:01:15.0322 0x21e8 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:01:15.0344 0x21e8 clr_optimization_v2.0.50727_64 - ok
13:01:15.0360 0x21e8 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:01:15.0386 0x21e8 clr_optimization_v4.0.30319_32 - ok
13:01:15.0396 0x21e8 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:01:15.0423 0x21e8 clr_optimization_v4.0.30319_64 - ok
13:01:15.0430 0x21e8 clwvd - ok
13:01:15.0436 0x21e8 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
13:01:15.0459 0x21e8 CmBatt - ok
13:01:15.0466 0x21e8 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
13:01:15.0486 0x21e8 cmdide - ok
13:01:15.0509 0x21e8 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
13:01:15.0559 0x21e8 CNG - ok
13:01:15.0565 0x21e8 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
13:01:15.0584 0x21e8 Compbatt - ok
13:01:15.0591 0x21e8 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
13:01:15.0620 0x21e8 CompositeBus - ok
13:01:15.0629 0x21e8 COMSysApp - ok
13:01:15.0664 0x21e8 [ 810AEE49542435945749E1175036315B, 82AF488144260DFB06951EF860A4B56BF7F05F7FDB27282E598BB23BEA9C78E4 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
13:01:15.0697 0x21e8 cphs - ok
13:01:15.0728 0x21e8 cpuz130 - ok
13:01:15.0757 0x21e8 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
13:01:15.0777 0x21e8 crcdisk - ok
13:01:15.0791 0x21e8 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:01:15.0823 0x21e8 CryptSvc - ok
13:01:15.0833 0x21e8 [ 5228B7A738DC90A06AE4F4A7412CB1E9, 7049F3C939EFE76A5556C2A2C04386DB51DAF61D56B679F4868BB0983C996EBB ] CrystalSysInfo C:\Program Files\MediaCoder2\SysInfoX64.sys
13:01:15.0859 0x21e8 CrystalSysInfo - ok
13:01:15.0885 0x21e8 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
13:01:15.0934 0x21e8 CSC - ok
13:01:15.0966 0x21e8 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
13:01:16.0023 0x21e8 CscService - ok
13:01:16.0052 0x21e8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
13:01:16.0138 0x21e8 DcomLaunch - ok
13:01:16.0155 0x21e8 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
13:01:16.0230 0x21e8 defragsvc - ok
13:01:16.0293 0x21e8 DeltaCopyService - ok
13:01:16.0299 0x21e8 [ 178A6E9A0DCE42959FC5AD129F60CBA9, 215CB36C6178D47CAA6600B4CA7036DCEFF412141BE4511ED7220A1831820355 ] dfmirage C:\Windows\system32\DRIVERS\dfmirage.sys
13:01:16.0319 0x21e8 dfmirage - ok
13:01:16.0331 0x21e8 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:01:16.0393 0x21e8 DfsC - ok
13:01:16.0412 0x21e8 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
13:01:16.0451 0x21e8 Dhcp - ok
13:01:16.0458 0x21e8 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
13:01:16.0518 0x21e8 discache - ok
13:01:16.0530 0x21e8 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
13:01:16.0552 0x21e8 Disk - ok
13:01:16.0565 0x21e8 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:01:16.0596 0x21e8 Dnscache - ok
13:01:16.0608 0x21e8 [ 55862BFDFB5C4EF3FD16213B429E16B6, 5D72A19868FC39B057391F03C06687E9C1F77B13727146B9AF9FEB3AB387FCEA ] Dokan C:\Windows\system32\drivers\dokan.sys
13:01:16.0637 0x21e8 Dokan - ok
13:01:16.0646 0x21e8 [ 9FB887C83956EE800B7E6B8416F1CF92, D49C6FEE540F2302D320C76F18EBD18C04636F1A57D851BFEA344D9E08FE8F6F ] DokanMounter C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe
13:01:16.0656 0x21e8 DokanMounter - detected UnsignedFile.Multi.Generic ( 1 )
13:01:19.0038 0x21e8 Detect skipped due to KSN trusted
13:01:19.0038 0x21e8 DokanMounter - ok
13:01:19.0056 0x21e8 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
13:01:19.0129 0x21e8 dot3svc - ok
13:01:19.0142 0x21e8 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
13:01:19.0208 0x21e8 DPS - ok
13:01:19.0213 0x21e8 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:01:19.0237 0x21e8 drmkaud - ok
13:01:19.0281 0x21e8 [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:01:19.0341 0x21e8 DXGKrnl - ok
13:01:19.0354 0x21e8 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
13:01:19.0420 0x21e8 EapHost - ok
13:01:19.0554 0x21e8 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
13:01:19.0759 0x21e8 ebdrv - ok
13:01:19.0802 0x21e8 [ 1B7AA375F711F66D5FF2B855F9EC987F, 151E3897A31F0E828D08EBBB9C10A60047B48534BB38349EF1C8D9245524CA58 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
13:01:19.0844 0x21e8 eeCtrl - ok
13:01:19.0852 0x21e8 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS C:\Windows\System32\lsass.exe
13:01:19.0876 0x21e8 EFS - ok
13:01:19.0909 0x21e8 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:01:19.0966 0x21e8 ehRecvr - ok
13:01:19.0977 0x21e8 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
13:01:20.0003 0x21e8 ehSched - ok
13:01:20.0028 0x21e8 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
13:01:20.0072 0x21e8 elxstor - ok
13:01:20.0084 0x21e8 [ 7230C8B80DDE1F0524C353240B78CC0E, 15F73EBFB9152010E7736AFE518A47C209E17DDB347A40C4CDA0D9BBD26D1176 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
13:01:20.0103 0x21e8 EraserUtilRebootDrv - detected UnsignedFile.Multi.Generic ( 1 )
13:01:22.0482 0x21e8 Detect skipped due to KSN trusted
13:01:22.0482 0x21e8 EraserUtilRebootDrv - ok
13:01:22.0489 0x21e8 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
13:01:22.0513 0x21e8 ErrDev - ok
13:01:22.0535 0x21e8 [ C9BAC074D6E241EAA626B2AA97F16B97, 7326037E787B1959AB9C637514F846838E50DFB388E566A5961F2934869DBE1B ] ETD C:\Windows\system32\DRIVERS\ETD.sys
13:01:22.0567 0x21e8 ETD - ok
13:01:22.0592 0x21e8 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
13:01:22.0671 0x21e8 EventSystem - ok
13:01:22.0684 0x21e8 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
13:01:22.0755 0x21e8 exfat - ok
13:01:22.0773 0x21e8 [ A08ACAD7835C27415BAB7E5A16E78EEB, 4529ED0A90265966EDE035F31E99302C894DCDCA9DCDD811594F3E95751CDBE4 ] Ext2fs C:\Windows\system32\DRIVERS\ext2fs.sys
13:01:22.0806 0x21e8 Ext2fs - ok
13:01:22.0820 0x21e8 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:01:22.0891 0x21e8 fastfat - ok
13:01:22.0923 0x21e8 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
13:01:22.0980 0x21e8 Fax - ok
13:01:22.0987 0x21e8 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
13:01:23.0012 0x21e8 fdc - ok
13:01:23.0018 0x21e8 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
13:01:23.0079 0x21e8 fdPHost - ok
13:01:23.0087 0x21e8 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
13:01:23.0148 0x21e8 FDResPub - ok
13:01:23.0157 0x21e8 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:01:23.0178 0x21e8 FileInfo - ok
13:01:23.0185 0x21e8 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:01:23.0246 0x21e8 Filetrace - ok
13:01:23.0291 0x21e8 [ 8669BE94F63944E4F899C3950B520241, 9991E57B3C366D59BD186CEAA78D4590EDB2BC127250CF4D1522CBE413453E72 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
13:01:23.0353 0x21e8 FLEXnet Licensing Service - ok
13:01:23.0363 0x21e8 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
13:01:23.0388 0x21e8 flpydisk - ok
13:01:23.0405 0x21e8 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:01:23.0436 0x21e8 FltMgr - ok
13:01:23.0485 0x21e8 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
13:01:23.0567 0x21e8 FontCache - ok
13:01:23.0579 0x21e8 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:01:23.0600 0x21e8 FontCache3.0.0.0 - ok
13:01:23.0608 0x21e8 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
13:01:23.0630 0x21e8 FsDepends - ok
13:01:23.0638 0x21e8 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:01:23.0657 0x21e8 Fs_Rec - ok
13:01:23.0670 0x21e8 [ B99C240DEA85007044E178C1C9C75659, 3EBF269FDCBAC46F47CC0670D6932D62A134EC489CDE4E87A8ED5F392A98EC76 ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
13:01:23.0695 0x21e8 Futuremark SystemInfo Service - ok
13:01:23.0711 0x21e8 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
13:01:23.0744 0x21e8 fvevol - ok
13:01:23.0753 0x21e8 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
13:01:23.0775 0x21e8 gagp30kx - ok
13:01:23.0811 0x21e8 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
13:01:23.0906 0x21e8 gpsvc - ok
13:01:23.0915 0x21e8 [ 96E7F6770E12DD05A8ECF7B5D5DCD2FD, F9418B5E90A235339A4A1A889490FACA39CD117A51BA4446DAA1011DA06C7ECD ] GPU-Z C:\Users\mo9\AppData\Local\Temp\GPU-Z.sys
13:01:23.0970 0x21e8 GPU-Z - ok
13:01:23.0979 0x21e8 [ 6E02DDFFA0E8C069A92A0888B0CB8415, 44816EA24121AD0C9EB8048BED9250D7992CD0C0ABA69C3269A633D48297B7A7 ] hcmon C:\Windows\system32\drivers\hcmon.sys
13:01:24.0000 0x21e8 hcmon - ok
13:01:24.0007 0x21e8 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
13:01:24.0031 0x21e8 hcw85cir - ok
13:01:24.0051 0x21e8 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:01:24.0096 0x21e8 HdAudAddService - ok
13:01:24.0108 0x21e8 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
13:01:24.0142 0x21e8 HDAudBus - ok
13:01:24.0150 0x21e8 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
13:01:24.0175 0x21e8 HidBatt - ok
13:01:24.0185 0x21e8 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
13:01:24.0218 0x21e8 HidBth - ok
13:01:24.0228 0x21e8 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
13:01:24.0258 0x21e8 HidIr - ok
13:01:24.0265 0x21e8 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
13:01:24.0327 0x21e8 hidserv - ok
13:01:24.0334 0x21e8 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
13:01:24.0357 0x21e8 HidUsb - ok
13:01:24.0366 0x21e8 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
13:01:24.0430 0x21e8 hkmsvc - ok
13:01:24.0444 0x21e8 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:01:24.0479 0x21e8 HomeGroupListener - ok
13:01:24.0492 0x21e8 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:01:24.0524 0x21e8 HomeGroupProvider - ok
13:01:24.0534 0x21e8 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
13:01:24.0557 0x21e8 HpSAMD - ok
13:01:24.0565 0x21e8 [ F47CEC45FB85791D4AB237563AD0FA8F, 1035066D48BD179855BCA7F62EFA1B951E6E839D2E29E15A31844E18A126DD41 ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
13:01:24.0595 0x21e8 HTCAND64 - ok
13:01:24.0606 0x21e8 [ 5C8BC8A28798FD010E7ABC4E0D588CAA, 622CAFD3DCBB05E15539589FDD4002DA6F24790FC55BDF05AA3D043E8A34E53E ] HTCMonitorService C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
13:01:24.0625 0x21e8 HTCMonitorService - ok
13:01:24.0659 0x21e8 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:01:24.0753 0x21e8 HTTP - ok
13:01:24.0764 0x21e8 [ 8F9B0FC4EC3A8194BD4CBC5ED3E7ABEB, 23B58B2F5BC894742D1B7A52F2D87AAA4BA9032F25FF58015B12F32BE962788A ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
13:01:24.0794 0x21e8 hwdatacard - ok
13:01:24.0801 0x21e8 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
13:01:24.0820 0x21e8 hwpolicy - ok
13:01:24.0831 0x21e8 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
13:01:24.0859 0x21e8 i8042prt - ok
13:01:24.0891 0x21e8 [ C224331A54571C8C9162F7714400BBBD, C2CA4881ACD46071E67435BE5E3DB133D0743B026FD20D6D6E26B2FE7A03FCAA ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
13:01:24.0933 0x21e8 iaStor - ok
13:01:24.0941 0x21e8 [ 7D4B9A48430ED57ACA6373B71D5904CA, 6ED72DAA7A4951142F036364E8F237E74246EF3E9EA089448DEF15380DAB0DB3 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
13:01:24.0960 0x21e8 IAStorDataMgrSvc - ok
13:01:24.0981 0x21e8 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
13:01:25.0018 0x21e8 iaStorV - ok
13:01:25.0032 0x21e8 [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
13:01:25.0057 0x21e8 ICCS - ok
13:01:25.0095 0x21e8 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:01:25.0150 0x21e8 idsvc - ok
13:01:25.0178 0x21e8 [ 777612849691B0D9EE064F93481FEFF1, BA970CE9F13EE25AA54E7E9B3BE7DE0C271D9067A317F8AE5F60F93B3D18E912 ] IDSVia64 C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140205.001\IDSvia64.sys
13:01:25.0217 0x21e8 IDSVia64 - ok
13:01:25.0231 0x21e8 [ 4374219378FDCEC86F68CC2A103FA783, 9D4FAF9BB29903FB07ED358B7DF0212D4020A2F9A577B2570A5AD1C43AB59FD4 ] IfsMount C:\Windows\system32\DRIVERS\ifsmount.sys
13:01:25.0255 0x21e8 IfsMount - ok
13:01:25.0426 0x21e8 [ A8603209615AFC99FB71C3A886A2ED4F, F99936C4E6459554BE3DCA317A9CA888F29ACFE8D5B37BC06192C57BF31BC3D9 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
13:01:25.0682 0x21e8 igfx - ok
13:01:25.0697 0x21e8 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
13:01:25.0717 0x21e8 iirsp - ok
13:01:25.0759 0x21e8 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
13:01:25.0823 0x21e8 IKEEXT - ok
13:01:25.0981 0x21e8 [ 60E17BAF7A93E1BFC37971C0A3AB1B5E, E25F3535523B992ACC11B22EE9123B88A68D135DB19CCDCB4317894EC6135C65 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
13:01:26.0162 0x21e8 IntcAzAudAddService - ok
13:01:26.0187 0x21e8 [ EEE7376243CD8A4B49B885EF122D25E5, A3B89E7B513C95558C4DA41D3C136D464381263BA43E00EC136FC776DAA0BA94 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
13:01:26.0226 0x21e8 IntcDAud - ok
13:01:26.0253 0x21e8 [ 0043EC20C06FD9FE339B5D37474B731E, E84A078BDBEC7EA29257D758030271B62F3ED2C954DC1EEECC5B24B39EDB2A59 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
13:01:26.0289 0x21e8 Intel(R) Capability Licensing Service Interface - ok
13:01:26.0299 0x21e8 [ 50CA8F1A4B0AEC4EE583594F0A8EB719, D5CCADAA5510DDE82910C4782D2A4FF9419A832D5493BCD2DF5194D239763850 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
13:01:26.0317 0x21e8 Intel(R) ME Service - ok
13:01:26.0326 0x21e8 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
13:01:26.0343 0x21e8 intelide - ok
13:01:26.0356 0x21e8 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
13:01:26.0381 0x21e8 intelppm - ok
13:01:26.0390 0x21e8 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:01:26.0455 0x21e8 IPBusEnum - ok
13:01:26.0466 0x21e8 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:01:26.0528 0x21e8 IpFilterDriver - ok
13:01:26.0554 0x21e8 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
13:01:26.0606 0x21e8 iphlpsvc - ok
13:01:26.0616 0x21e8 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
13:01:26.0644 0x21e8 IPMIDRV - ok
13:01:26.0655 0x21e8 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
13:01:26.0721 0x21e8 IPNAT - ok
13:01:26.0730 0x21e8 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:01:26.0767 0x21e8 IRENUM - ok
13:01:26.0774 0x21e8 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:01:26.0793 0x21e8 isapnp - ok
13:01:26.0810 0x21e8 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
13:01:26.0841 0x21e8 iScsiPrt - ok
13:01:26.0849 0x21e8 [ D596D915CF091DA1F8CE4BD38BB5D509, 9B4D246B6886FFD9BE329F3543B819FC010661B0F70206F16ECBF25A7B12AA6F ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
13:01:26.0867 0x21e8 iusb3hcs - ok
13:01:26.0887 0x21e8 [ 023896E23B61543A15A230EED996D911, 2F8D15B67AB2C1E87EA46F2CB9DBA564865D89DEA93A83B44A9B148883B96731 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
13:01:26.0919 0x21e8 iusb3hub - ok
13:01:26.0957 0x21e8 [ 7FAEC13F1ADD619F4B5B2D2CBF841E8E, E7ED64DD26FD4EA04C2C32C33BDA16FB985F3C6F1F8451480A0D24375B7F57AC ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
13:01:27.0007 0x21e8 iusb3xhc - ok
13:01:27.0020 0x21e8 [ EF27B3B58E393E9F10FB6A6643BD8185, 8671AB0159CCACA39F6D072EFFDE984BAFE56137965AA0ADEC880D00893B8E8A ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
13:01:27.0042 0x21e8 jhi_service - ok
13:01:27.0051 0x21e8 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
13:01:27.0071 0x21e8 kbdclass - ok
13:01:27.0078 0x21e8 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
13:01:27.0104 0x21e8 kbdhid - ok
13:01:27.0113 0x21e8 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso C:\Windows\system32\lsass.exe
13:01:27.0137 0x21e8 KeyIso - ok
13:01:27.0149 0x21e8 [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:01:27.0171 0x21e8 KSecDD - ok
13:01:27.0184 0x21e8 [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
13:01:27.0208 0x21e8 KSecPkg - ok
13:01:27.0215 0x21e8 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
13:01:27.0276 0x21e8 ksthunk - ok
13:01:27.0296 0x21e8 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
13:01:27.0375 0x21e8 KtmRm - ok
13:01:27.0391 0x21e8 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
13:01:27.0462 0x21e8 LanmanServer - ok
13:01:27.0472 0x21e8 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:01:27.0537 0x21e8 LanmanWorkstation - ok
13:01:27.0550 0x21e8 [ ADA0C09E8AEDC17F11D8E1731986A88A, 1B25D7137E89149BB61FF52BE0259F48E374FC4F7114FAF267AF7A19F3B89BD3 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
13:01:27.0563 0x21e8 LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
13:01:29.0943 0x21e8 Detect skipped due to KSN trusted
13:01:29.0943 0x21e8 LightScribeService - ok
13:01:29.0951 0x21e8 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:01:30.0015 0x21e8 lltdio - ok
13:01:30.0033 0x21e8 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:01:30.0107 0x21e8 lltdsvc - ok
13:01:30.0114 0x21e8 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:01:30.0176 0x21e8 lmhosts - ok
13:01:30.0191 0x21e8 [ 2526FECED1625752EF4F8ABB367CAA7E, EB90022051D5A6AE5FC2C7B0AD05AEF15730160FD611F652E5E7AD00C774881A ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
13:01:30.0217 0x21e8 LMS - ok
13:01:30.0235 0x21e8 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
13:01:30.0258 0x21e8 LSI_FC - ok
13:01:30.0269 0x21e8 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
13:01:30.0292 0x21e8 LSI_SAS - ok
13:01:30.0300 0x21e8 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:01:30.0323 0x21e8 LSI_SAS2 - ok
13:01:30.0336 0x21e8 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:01:30.0361 0x21e8 LSI_SCSI - ok
13:01:30.0370 0x21e8 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
13:01:30.0435 0x21e8 luafv - ok
13:01:30.0454 0x21e8 [ EF586B959F747E74C76603FF16AE417B, 751AAB31D7B5542C06F1E9145AC2DCB073EAF7FE5FDE100ED404564D21317417 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
13:01:30.0488 0x21e8 LVRS64 - ok
13:01:30.0649 0x21e8 [ EDF73BFA1BD24D74D1D64DC0ED28A7CD, BD8D9D15C83EF1C9467A137764E128D80CFE58A2B728CDB57CB272D426702318 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
13:01:30.0846 0x21e8 LVUVC64 - ok
13:01:30.0860 0x21e8 [ DE585D1D266805E5EEDAE911FDD16F38, D954C1795D98653F1FB0AE8650FF0DEDDAA730B98C9449E6F608154D573DAB27 ] ManyCam C:\Windows\system32\DRIVERS\mcvidrv_x64.sys
13:01:30.0885 0x21e8 ManyCam - ok
13:01:30.0896 0x21e8 [ 7AEAC0B5B185CB5601673A0462C7EC36, B79FB5094F32F11CE2969CD08DB0EBC695D150BA2200179EB6C3BBAEEDB857B2 ] massfilter C:\Windows\system32\DRIVERS\massfilter.sys
13:01:30.0918 0x21e8 massfilter - ok
13:01:30.0928 0x21e8 [ 5858C4ABE87D0A842A941D6BD08038F1, FA082135752ECE107AC5E94066541F07FC1D56CE070CE8476A30375308F290A9 ] mcaudrv_simple C:\Windows\system32\drivers\mcaudrv_x64.sys
13:01:30.0952 0x21e8 mcaudrv_simple - ok
13:01:30.0961 0x21e8 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
13:01:30.0991 0x21e8 Mcx2Svc - ok
13:01:31.0010 0x21e8 [ 7CF1B716372B89568AE4C0FE769F5869, 0D70A7A594BCFBB26D7249C0F4B0AF9EF874F2318B3FDCE44648CC61279594ED ] MDM C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
13:01:31.0036 0x21e8 MDM - detected UnsignedFile.Multi.Generic ( 1 )
13:01:33.0417 0x21e8 Detect skipped due to KSN trusted
13:01:33.0418 0x21e8 MDM - ok
13:01:33.0430 0x21e8 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
13:01:33.0451 0x21e8 megasas - ok
13:01:33.0469 0x21e8 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
13:01:33.0500 0x21e8 MegaSR - ok
13:01:33.0508 0x21e8 [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
13:01:33.0529 0x21e8 MEIx64 - ok
13:01:33.0541 0x21e8 [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
13:01:33.0562 0x21e8 Microsoft Office Groove Audit Service - ok
13:01:33.0571 0x21e8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
13:01:33.0634 0x21e8 MMCSS - ok
13:01:33.0642 0x21e8 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
13:01:33.0703 0x21e8 Modem - ok
13:01:33.0710 0x21e8 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:01:33.0739 0x21e8 monitor - ok
13:01:33.0748 0x21e8 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\drivers\mouclass.sys
13:01:33.0768 0x21e8 mouclass - ok
13:01:33.0777 0x21e8 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:01:33.0802 0x21e8 mouhid - ok
13:01:33.0812 0x21e8 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
13:01:33.0835 0x21e8 mountmgr - ok
13:01:33.0846 0x21e8 [ A7A117CB1104D0829466F48E17BE0A71, 040F18FC1AF72BE2B7123170C2F5F131A9518B8AA57C20F23203625D213C792B ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:01:33.0870 0x21e8 MozillaMaintenance - ok
13:01:33.0882 0x21e8 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
13:01:33.0907 0x21e8 mpio - ok
13:01:33.0916 0x21e8 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:01:33.0980 0x21e8 mpsdrv - ok
13:01:34.0016 0x21e8 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
13:01:34.0116 0x21e8 MpsSvc - ok
13:01:34.0130 0x21e8 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:01:34.0160 0x21e8 MRxDAV - ok
13:01:34.0172 0x21e8 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:01:34.0202 0x21e8 mrxsmb - ok
13:01:34.0219 0x21e8 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:01:34.0266 0x21e8 mrxsmb10 - ok
13:01:34.0276 0x21e8 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:01:34.0305 0x21e8 mrxsmb20 - ok
13:01:34.0312 0x21e8 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
13:01:34.0332 0x21e8 msahci - ok
13:01:34.0344 0x21e8 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
13:01:34.0369 0x21e8 msdsm - ok
13:01:34.0380 0x21e8 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
13:01:34.0413 0x21e8 MSDTC - ok
13:01:34.0430 0x21e8 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:01:34.0491 0x21e8 Msfs - ok
13:01:34.0499 0x21e8 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
13:01:34.0559 0x21e8 mshidkmdf - ok
13:01:34.0567 0x21e8 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
13:01:34.0586 0x21e8 msisadrv - ok
13:01:34.0598 0x21e8 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:01:34.0667 0x21e8 MSiSCSI - ok
13:01:34.0672 0x21e8 msiserver - ok
13:01:34.0678 0x21e8 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:01:34.0740 0x21e8 MSKSSRV - ok
13:01:34.0746 0x21e8 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:01:34.0806 0x21e8 MSPCLOCK - ok
13:01:34.0813 0x21e8 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:01:34.0874 0x21e8 MSPQM - ok
13:01:34.0894 0x21e8 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:01:34.0929 0x21e8 MsRPC - ok
13:01:34.0938 0x21e8 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
13:01:34.0958 0x21e8 mssmbios - ok
13:01:34.0965 0x21e8 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:01:35.0024 0x21e8 MSTEE - ok
13:01:35.0032 0x21e8 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
13:01:35.0056 0x21e8 MTConfig - ok
13:01:35.0065 0x21e8 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
13:01:35.0085 0x21e8 Mup - ok
13:01:35.0092 0x21e8 [ E7640525189AC4AFC6A6E81C51DA16EB, E77DE5F4EB0DA1163171381C798EEA1398BF76826F957ECAE7BF011A8734B011 ] mv2 C:\Windows\system32\DRIVERS\mv2.sys
13:01:35.0112 0x21e8 mv2 - ok
13:01:35.0137 0x21e8 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
13:01:35.0218 0x21e8 napagent - ok
13:01:35.0240 0x21e8 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:01:35.0285 0x21e8 NativeWifiP - ok
13:01:35.0320 0x21e8 [ E59AFB64C2F6E0C99350E1C944C75088, 10A9044192D0A83857A57286EABB05037922860483DA2B05AFCC485A8311E4EF ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
13:01:35.0367 0x21e8 NAUpdate - ok
13:01:35.0379 0x21e8 [ 702E07EC32F96ACDB873E9A5465D4401, 2C6B1C8BA0BF4791AEA064062DCA3678AE4443DF19DB37D6CB55BA6297D8A238 ] NAVENG C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140204.024\ENG64.SYS
13:01:35.0402 0x21e8 NAVENG - ok
13:01:35.0484 0x21e8 [ 302EA314A1AF0D7CEF0A3D0195F79561, 046DBC2D9D028F2D2E8BAE745CA2ADEF42741689BFF743A13B81EA4228DDCDC6 ] NAVEX15 C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140204.024\EX64.SYS
13:01:35.0587 0x21e8 NAVEX15 - ok
13:01:35.0632 0x21e8 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
13:01:35.0690 0x21e8 NDIS - ok
13:01:35.0700 0x21e8 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
13:01:35.0762 0x21e8 NdisCap - ok
13:01:35.0769 0x21e8 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:01:35.0831 0x21e8 NdisTapi - ok
13:01:35.0840 0x21e8 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:01:35.0901 0x21e8 Ndisuio - ok
13:01:35.0912 0x21e8 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:01:35.0980 0x21e8 NdisWan - ok
13:01:35.0988 0x21e8 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:01:36.0049 0x21e8 NDProxy - ok
13:01:36.0058 0x21e8 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:01:36.0120 0x21e8 NetBIOS - ok
13:01:36.0138 0x21e8 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
13:01:36.0208 0x21e8 NetBT - ok
13:01:36.0215 0x21e8 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon C:\Windows\system32\lsass.exe
13:01:36.0239 0x21e8 Netlogon - ok
13:01:36.0259 0x21e8 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
13:01:36.0338 0x21e8 Netman - ok
13:01:36.0354 0x21e8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:01:36.0381 0x21e8 NetMsmqActivator - ok
13:01:36.0391 0x21e8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:01:36.0418 0x21e8 NetPipeActivator - ok
|
|
05.02.2014, 13:48
| #7 |
| | Gehackte Fritzbox - Verdacht: PC infiziert TDSSKILLER Teil 2 Code:
ATTFilter 13:01:36.0445 0x21e8 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
13:01:36.0528 0x21e8 netprofm - ok
13:01:36.0538 0x21e8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:01:36.0564 0x21e8 NetTcpActivator - ok
13:01:36.0575 0x21e8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:01:36.0602 0x21e8 NetTcpPortSharing - ok
13:01:36.0611 0x21e8 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
13:01:36.0633 0x21e8 nfrd960 - ok
13:01:36.0652 0x21e8 [ C87442B6D17912785DC143CEDCA508C9, 58599BC7EE1FFC66291BF38F1800AFE087195EE3E2305BAB9C7F18F9033A93E0 ] NIS C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe
13:01:36.0681 0x21e8 NIS - ok
13:01:36.0699 0x21e8 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
13:01:36.0738 0x21e8 NlaSvc - ok
13:01:36.0751 0x21e8 [ F554C5FD7BD1EFA4DA5CFE2EED86391F, 808D16D4547FA332F52523BD40D55606E722BC441786040B6C26B28B323D249C ] nm3 C:\Windows\system32\DRIVERS\nm3.sys
13:01:36.0772 0x21e8 nm3 - ok
13:01:36.0781 0x21e8 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:01:36.0843 0x21e8 Npfs - ok
13:01:36.0852 0x21e8 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
13:01:36.0913 0x21e8 nsi - ok
13:01:36.0921 0x21e8 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:01:36.0982 0x21e8 nsiproxy - ok
13:01:37.0050 0x21e8 [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:01:37.0139 0x21e8 Ntfs - ok
13:01:37.0151 0x21e8 nTuneService - ok
13:01:37.0156 0x21e8 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
13:01:37.0216 0x21e8 Null - ok
13:01:37.0662 0x21e8 [ 5A81DCCDA60D41BAC26C00B650D8769D, 47B8D349F6AA01BB019920761BCC92583EF15057E19B7AEFECB512D4EF24B92C ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:01:38.0115 0x21e8 nvlddmkm - ok
13:01:38.0139 0x21e8 [ 8C1D181480796D7D3366A9381FD7782D, 642857FC8D737E92DB8771E46E8638A37D9743928C959ED056C15427C6197A54 ] nvoclk64 C:\Windows\system32\DRIVERS\nvoclk64.sys
13:01:38.0161 0x21e8 nvoclk64 - ok
13:01:38.0168 0x21e8 [ 17902FF6CAD1BA9B4E362CB7D7C9CBD6, D0A2B2D4CBF1D9A180E30280D2B5419C802F5B090D5C383352EC04265649B5CB ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
13:01:38.0189 0x21e8 nvpciflt - ok
13:01:38.0201 0x21e8 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
13:01:38.0228 0x21e8 nvraid - ok
13:01:38.0240 0x21e8 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
13:01:38.0266 0x21e8 nvstor - ok
13:01:38.0806 0x21e8 [ 63B5DCF3A9EEA1C418468A312B54E612, 1094032CA6D6C6E06868483667B454781C10E820E3A727B59FA9AF727D713360 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
13:01:39.0446 0x21e8 NvStreamSvc - ok
13:01:39.0508 0x21e8 [ A81B621DDD83D3D016C32E6C6D45C898, 6ECB12A21B64E80E90788342120D56B8FC185A8B748B814DF07BD34B113931A4 ] nvsvc C:\Windows\system32\nvvsvc.exe
13:01:39.0566 0x21e8 nvsvc - ok
13:01:39.0650 0x21e8 [ 005E474630A7AA05A617C574B702FEED, E7B8181232DAA787EE8B98DDB5775E4B33C82B4D2E4A27D3DCD9FBAA6663BD97 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
13:01:39.0758 0x21e8 nvUpdatusService - ok
13:01:39.0771 0x21e8 [ 220B120EF4C36B4A3E23FAEC91E2FCE3, 84F34F8CF0B7040F0C6DCF3AF70533E9E2D7CBA5E422CD21A7BF831135E42453 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
13:01:39.0792 0x21e8 nvvad_WaveExtensible - ok
13:01:39.0802 0x21e8 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
13:01:39.0827 0x21e8 nv_agp - ok
13:01:39.0851 0x21e8 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:01:39.0888 0x21e8 odserv - ok
13:01:39.0898 0x21e8 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
13:01:39.0926 0x21e8 ohci1394 - ok
13:01:40.0161 0x21e8 [ 8584710043B451C66C593BD822426826, 5A1698917ADECD9E52CDA9DB7916D5DA2BF8E0D77073BF7900B5E87D048ACF62 ] OO DiskImage C:\Program Files\OO Software\DiskImage\oodiag.exe
13:01:40.0428 0x21e8 OO DiskImage - ok
13:01:40.0446 0x21e8 [ DB80EF922C8FD42165B275EF7ADF23BA, C7B21DC3B41D1677D91FBD0AD6B012F8F4445B613FE6D7B50BDB9E62DE6F8DF1 ] oodisr C:\Windows\system32\DRIVERS\oodisr.sys
13:01:40.0466 0x21e8 oodisr - ok
13:01:40.0473 0x21e8 [ 5E964C4B33939B95FB06A29433531139, FD7F162F2F8364C9DBDDFE2B327DB11B57748997EF0069A4AC4B828805725EDD ] oodisrh C:\Windows\system32\DRIVERS\oodisrh.sys
13:01:40.0490 0x21e8 oodisrh - ok
13:01:40.0505 0x21e8 [ 8E0F6C3BB9AE7C9BE279ABA1AC4673CD, D33947B84F2459311E7D6208551FA701ABB53FA27AD6497834735AB05596E6DE ] oodivd C:\Windows\system32\DRIVERS\oodivd.sys
13:01:40.0531 0x21e8 oodivd - ok
13:01:40.0539 0x21e8 [ 50E46E388707A0AA5DCDF30C8348D9FB, 91092E56FC3F31ED1C1F5C709C3898B517C1250162E7AEF1066967ACA3C3194B ] oodivdh C:\Windows\system32\DRIVERS\oodivdh.sys
13:01:40.0559 0x21e8 oodivdh - ok
13:01:40.0571 0x21e8 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:01:40.0594 0x21e8 ose - ok
13:01:40.0616 0x21e8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
13:01:40.0657 0x21e8 p2pimsvc - ok
13:01:40.0679 0x21e8 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
13:01:40.0724 0x21e8 p2psvc - ok
13:01:40.0733 0x21e8 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
13:01:40.0762 0x21e8 Parport - ok
13:01:40.0771 0x21e8 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:01:40.0793 0x21e8 partmgr - ok
13:01:40.0806 0x21e8 [ 3CAE2BBC86FCF7F94C9696994AF30386, 4DA063A60523567272CFB35DF5D7CA142B100EF9123B1F23A6F11AB89DB83486 ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
13:01:40.0823 0x21e8 PassThru Service - detected UnsignedFile.Multi.Generic ( 1 )
13:01:43.0254 0x21e8 Detect skipped due to KSN trusted
13:01:43.0254 0x21e8 PassThru Service - ok
13:01:43.0269 0x21e8 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
13:01:43.0310 0x21e8 PcaSvc - ok
13:01:43.0323 0x21e8 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
13:01:43.0350 0x21e8 pci - ok
13:01:43.0356 0x21e8 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
13:01:43.0375 0x21e8 pciide - ok
13:01:43.0390 0x21e8 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
13:01:43.0419 0x21e8 pcmcia - ok
13:01:43.0429 0x21e8 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
13:01:43.0450 0x21e8 pcw - ok
13:01:43.0504 0x21e8 [ 20372BE109FEE1C37E2D5216680DB9EB, 2C3737FB3C6BCF81D0A7293667412DDEA649A8AEA40B7ADCFCB9893E8B3C4AF3 ] PDF Architect Helper Service C:\Program Files (x86)\PDF Architect\HelperService.exe
13:01:43.0575 0x21e8 PDF Architect Helper Service - ok
13:01:43.0612 0x21e8 [ B90A279073A815A4AA2C45A09EE004FA, 9EA27630C47F5FF99CBBE513C113F3ED01FABA0D59B9D9637764027BCC6EA24A ] PDF Architect Service C:\Program Files (x86)\PDF Architect\ConversionService.exe
13:01:43.0659 0x21e8 PDF Architect Service - ok
13:01:43.0691 0x21e8 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:01:43.0782 0x21e8 PEAUTH - ok
13:01:43.0849 0x21e8 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
13:01:43.0945 0x21e8 PeerDistSvc - ok
13:01:43.0982 0x21e8 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
13:01:44.0007 0x21e8 PerfHost - ok
13:01:44.0072 0x21e8 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
13:01:44.0198 0x21e8 pla - ok
13:01:44.0221 0x21e8 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:01:44.0264 0x21e8 PlugPlay - ok
13:01:44.0271 0x21e8 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
13:01:44.0294 0x21e8 PNRPAutoReg - ok
13:01:44.0312 0x21e8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
13:01:44.0349 0x21e8 PNRPsvc - ok
13:01:44.0376 0x21e8 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:01:44.0458 0x21e8 PolicyAgent - ok
13:01:44.0473 0x21e8 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
13:01:44.0542 0x21e8 Power - ok
13:01:44.0550 0x21e8 [ CA1BA673AD28BA75D7EC2665EEC3206D, E99F9E2FC725CC4E9CA50D75B46012E5C6F05DDB43A919A5C0BE9B4F6AFBF1D6 ] PowerBiosServer C:\Program Files (x86)\Hotkey\PowerBiosServer.exe
13:01:44.0560 0x21e8 PowerBiosServer - detected UnsignedFile.Multi.Generic ( 1 )
13:01:46.0941 0x21e8 Detect skipped due to KSN trusted
13:01:46.0941 0x21e8 PowerBiosServer - ok
13:01:46.0953 0x21e8 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:01:47.0016 0x21e8 PptpMiniport - ok
13:01:47.0025 0x21e8 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
13:01:47.0051 0x21e8 Processor - ok
13:01:47.0064 0x21e8 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
13:01:47.0098 0x21e8 ProfSvc - ok
13:01:47.0104 0x21e8 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
13:01:47.0127 0x21e8 ProtectedStorage - ok
13:01:47.0139 0x21e8 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
13:01:47.0202 0x21e8 Psched - ok
13:01:47.0211 0x21e8 [ A6BF0A9B5A30D743623CA0D3BE35DF05, 0AA2DAE7ADC38F4197548DE174D551A0CF9281D2680B07E6C84914CA199C0661 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
13:01:47.0232 0x21e8 PxHlpa64 - ok
13:01:47.0294 0x21e8 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
13:01:47.0378 0x21e8 ql2300 - ok
13:01:47.0390 0x21e8 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
13:01:47.0414 0x21e8 ql40xx - ok
13:01:47.0433 0x21e8 [ 26C420AF0972F0C597EC36BB3E5531D7, 106B853CEC64D674B337897959C861786587DA34920D60752755D1D08BA6968A ] Qualcomm Atheros Killer Service V2 C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
13:01:47.0458 0x21e8 Qualcomm Atheros Killer Service V2 - detected UnsignedFile.Multi.Generic ( 1 )
13:01:49.0840 0x21e8 Detect skipped due to KSN trusted
13:01:49.0841 0x21e8 Qualcomm Atheros Killer Service V2 - ok
13:01:49.0857 0x21e8 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
13:01:49.0902 0x21e8 QWAVE - ok
13:01:49.0909 0x21e8 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:01:49.0942 0x21e8 QWAVEdrv - ok
13:01:49.0948 0x21e8 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:01:50.0011 0x21e8 RasAcd - ok
13:01:50.0019 0x21e8 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
13:01:50.0081 0x21e8 RasAgileVpn - ok
13:01:50.0090 0x21e8 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
13:01:50.0157 0x21e8 RasAuto - ok
13:01:50.0167 0x21e8 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:01:50.0231 0x21e8 Rasl2tp - ok
13:01:50.0250 0x21e8 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
13:01:50.0325 0x21e8 RasMan - ok
13:01:50.0334 0x21e8 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:01:50.0398 0x21e8 RasPppoe - ok
13:01:50.0408 0x21e8 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:01:50.0471 0x21e8 RasSstp - ok
13:01:50.0489 0x21e8 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:01:50.0562 0x21e8 rdbss - ok
13:01:50.0569 0x21e8 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
13:01:50.0597 0x21e8 rdpbus - ok
13:01:50.0603 0x21e8 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:01:50.0663 0x21e8 RDPCDD - ok
13:01:50.0681 0x21e8 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
13:01:50.0714 0x21e8 RDPDR - ok
13:01:50.0721 0x21e8 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:01:50.0780 0x21e8 RDPENCDD - ok
13:01:50.0789 0x21e8 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
13:01:50.0849 0x21e8 RDPREFMP - ok
13:01:50.0858 0x21e8 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
13:01:50.0881 0x21e8 RdpVideoMiniport - ok
13:01:50.0897 0x21e8 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:01:50.0930 0x21e8 RDPWD - ok
13:01:50.0944 0x21e8 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
13:01:50.0971 0x21e8 rdyboost - ok
13:01:50.0982 0x21e8 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
13:01:51.0048 0x21e8 RemoteAccess - ok
13:01:51.0060 0x21e8 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:01:51.0128 0x21e8 RemoteRegistry - ok
13:01:51.0140 0x21e8 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
13:01:51.0174 0x21e8 RFCOMM - ok
13:01:51.0184 0x21e8 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
13:01:51.0247 0x21e8 RpcEptMapper - ok
13:01:51.0253 0x21e8 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
13:01:51.0278 0x21e8 RpcLocator - ok
13:01:51.0287 0x21e8 [ 675C575444AAFD56B4E8A99EF8A570CD, 22B068C69B4FA360601250E003DCBB96FED30966A4D01D29ACAE7A6687C25B6D ] rpcnet C:\Windows\SysWOW64\rpcnet.exe
13:01:51.0307 0x21e8 rpcnet - ok
13:01:51.0332 0x21e8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
13:01:51.0414 0x21e8 RpcSs - ok
13:01:51.0434 0x21e8 [ CED82FC17230CAE5AE7DE24A19D31361, 47FAA0184C4035A39E767E42EE43716A638BA3FDA13448C01DDCB2D66B6B8D5C ] RSBASTOR C:\Windows\system32\DRIVERS\RtsBaStor.sys
13:01:51.0464 0x21e8 RSBASTOR - ok
13:01:51.0473 0x21e8 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:01:51.0536 0x21e8 rspndr - ok
13:01:51.0568 0x21e8 [ C5CD940EFFADE1F6246730BCA14E9FE6, 89DA870C50765D6E7344DCE56CDEB590BAC6927EA6C41B4F05B1C5C3D6ECA1FA ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
13:01:51.0614 0x21e8 RTL8167 - ok
13:01:51.0621 0x21e8 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs C:\Windows\system32\lsass.exe
13:01:51.0644 0x21e8 SamSs - ok
13:01:51.0660 0x21e8 [ CE57304512561458C6610C92A71C5C72, DAFF148FF36226F953E09BAE77F804401F9415D67AFAFA909C574F3E94AF40E4 ] SamsungRapidDiskFltr C:\Windows\system32\DRIVERS\SamsungRapidDiskFltr.sys
13:01:51.0689 0x21e8 SamsungRapidDiskFltr - ok
13:01:51.0700 0x21e8 [ D4F2ECFB2900CFDC0FE975049F30B98E, 9EEF8202FA628BAB97C99FC2DB8BCCDC01220E3FF81D966DEB5F3CAAD8953DDA ] SamsungRapidFSFltr C:\Windows\system32\DRIVERS\SamsungRapidFSFltr.sys
13:01:51.0724 0x21e8 SamsungRapidFSFltr - ok
13:01:51.0732 0x21e8 [ 1F0A636E89FE17882F62241B6AA143F9, 8BD1D4A7CC1D9E602833A5C114DDFEAE18B3BCDE7213DE894C2FF283EB282B28 ] SamsungRapidSvc C:\Windows\system32\RAPID\SamsungRapidSvc.exe
13:01:51.0751 0x21e8 SamsungRapidSvc - ok
13:01:51.0761 0x21e8 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
13:01:51.0785 0x21e8 sbp2port - ok
13:01:51.0798 0x21e8 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:01:51.0869 0x21e8 SCardSvr - ok
13:01:51.0876 0x21e8 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
13:01:51.0936 0x21e8 scfilter - ok
13:01:51.0982 0x21e8 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
13:01:52.0095 0x21e8 Schedule - ok
13:01:52.0106 0x21e8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
13:01:52.0166 0x21e8 SCPolicySvc - ok
13:01:52.0179 0x21e8 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:01:52.0211 0x21e8 SDRSVC - ok
13:01:52.0218 0x21e8 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:01:52.0278 0x21e8 secdrv - ok
13:01:52.0286 0x21e8 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
13:01:52.0346 0x21e8 seclogon - ok
13:01:52.0355 0x21e8 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
13:01:52.0419 0x21e8 SENS - ok
13:01:52.0430 0x21e8 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
13:01:52.0455 0x21e8 SensrSvc - ok
13:01:52.0461 0x21e8 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
13:01:52.0485 0x21e8 Serenum - ok
13:01:52.0495 0x21e8 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
13:01:52.0523 0x21e8 Serial - ok
13:01:52.0532 0x21e8 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
13:01:52.0556 0x21e8 sermouse - ok
13:01:52.0574 0x21e8 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
13:01:52.0639 0x21e8 SessionEnv - ok
13:01:52.0646 0x21e8 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
13:01:52.0673 0x21e8 sffdisk - ok
13:01:52.0679 0x21e8 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
13:01:52.0706 0x21e8 sffp_mmc - ok
13:01:52.0714 0x21e8 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
13:01:52.0742 0x21e8 sffp_sd - ok
13:01:52.0750 0x21e8 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
13:01:52.0773 0x21e8 sfloppy - ok
13:01:52.0805 0x21e8 [ 4F5535FA582ABBAF354BC5A6BB513265, E2B8CF1B05FBA08A111451522F5FE0AE0863C82D723DAF81C087716C7C928C2C ] SgtSch2Svc C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe
13:01:52.0845 0x21e8 SgtSch2Svc - ok
13:01:52.0866 0x21e8 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
13:01:52.0943 0x21e8 SharedAccess - ok
13:01:52.0963 0x21e8 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:01:53.0040 0x21e8 ShellHWDetection - ok
13:01:53.0049 0x21e8 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:01:53.0070 0x21e8 SiSRaid2 - ok
13:01:53.0079 0x21e8 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
13:01:53.0101 0x21e8 SiSRaid4 - ok
13:01:53.0116 0x21e8 [ F5BBEDF602C310B00036EB2DBF4348A5, AC2712E639F0C54BCF00EB4E90E805335871EA27AE8A45DFC53EDF28822318C4 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
13:01:53.0145 0x21e8 SkypeUpdate - ok
13:01:53.0156 0x21e8 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:01:53.0221 0x21e8 Smb - ok
13:01:53.0246 0x21e8 [ 8AC15211EB4BF019AAB0022781CC8AD0, 56EBD1F50E22615D3C4FB98C2FD7D241E114AE83C0B225906FC81A7F1AF87AE5 ] snapman C:\Windows\system32\DRIVERS\snapman.sys
13:01:53.0274 0x21e8 snapman - ok
13:01:53.0281 0x21e8 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:01:53.0306 0x21e8 SNMPTRAP - ok
13:01:53.0313 0x21e8 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
13:01:53.0333 0x21e8 spldr - ok
13:01:53.0361 0x21e8 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
13:01:53.0409 0x21e8 Spooler - ok
13:01:53.0545 0x21e8 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
13:01:53.0781 0x21e8 sppsvc - ok
13:01:53.0795 0x21e8 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
13:01:53.0862 0x21e8 sppuinotify - ok
13:01:53.0890 0x21e8 [ D6AB7C13FCDD2E4CAC35244D2C172D9A, 64A66368F5336B7A5879D083C2FE57DFD384410ADCC18004F327A4004A4F4300 ] sptd C:\Windows\System32\Drivers\sptd.sys
13:01:53.0935 0x21e8 sptd - ok
13:01:53.0976 0x21e8 [ 8BFD1752AAA15BF47D668E9AC5AF96FB, EEC6CDA06A971D2E2C2634987228E550970C9246659C25DCCF87AC9CD08F55F3 ] SRTSP C:\Windows\system32\drivers\NISx64\1501000.012\SRTSP64.SYS
13:01:54.0029 0x21e8 SRTSP - ok
13:01:54.0037 0x21e8 [ B18CE01B9C09C59422BA7C7064248B35, B355EE2FBB37C4B0EFFE4DC5E0788A26579266828E7988EDC497B0AE7375F8AB ] SRTSPX C:\Windows\system32\drivers\NISx64\1501000.012\SRTSPX64.SYS
13:01:54.0056 0x21e8 SRTSPX - ok
13:01:54.0081 0x21e8 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
13:01:54.0128 0x21e8 srv - ok
13:01:54.0149 0x21e8 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:01:54.0190 0x21e8 srv2 - ok
13:01:54.0203 0x21e8 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:01:54.0234 0x21e8 srvnet - ok
13:01:54.0248 0x21e8 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:01:54.0318 0x21e8 SSDPSRV - ok
13:01:54.0330 0x21e8 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:01:54.0394 0x21e8 SstpSvc - ok
13:01:54.0402 0x21e8 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
13:01:54.0423 0x21e8 stexstor - ok
13:01:54.0451 0x21e8 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
13:01:54.0511 0x21e8 stisvc - ok
13:01:54.0520 0x21e8 [ DD7F11E64E90043B895724DBDC668CD7, FDDA7F0D2221557C6A6E0F3603A4DFB4369ADD3195FF1AC8F4A2BE40C1C28CC6 ] STRATO HiDrive Service C:\Program Files (x86)\STRATO AG\STRATO HiDrive\STRATO HiDrive Service.exe
13:01:54.0530 0x21e8 STRATO HiDrive Service - detected UnsignedFile.Multi.Generic ( 1 )
13:01:56.0922 0x21e8 Detect skipped due to KSN trusted
13:01:56.0922 0x21e8 STRATO HiDrive Service - ok
13:01:56.0933 0x21e8 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
13:01:56.0952 0x21e8 swenum - ok
13:01:56.0978 0x21e8 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
13:01:57.0064 0x21e8 swprv - ok
13:01:57.0090 0x21e8 [ 5C9EE2303CA7F267665D75237862B39C, 5DECD977A823C14B4D980D3DB621BC875231B741653F0450A027FC9E87725F9D ] SymDS C:\Windows\system32\drivers\NISx64\1501000.012\SYMDS64.SYS
13:01:57.0129 0x21e8 SymDS - ok
13:01:57.0181 0x21e8 [ 08AF51153E441687130B759A8F6892ED, C9DFC0667EF9CE7FACBBB0DE53BD6E0DC9E0ED582CB89FBB2E7FE91CEAC47C5B ] SymEFA C:\Windows\system32\drivers\NISx64\1501000.012\SYMEFA64.SYS
13:01:57.0248 0x21e8 SymEFA - ok
13:01:57.0262 0x21e8 [ 97E11C50CE52277B377396EA8838E539, E17D03F80E14F961C41F2D54D1EF73D29BF01F38459C5710D786234F8BA3C835 ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
13:01:57.0288 0x21e8 SymEvent - ok
13:01:57.0305 0x21e8 [ 48C2934683CBD06F662B088EEF49EF6A, 2212A3588C28F33EFCB1D34618B3054EBBAC6731D177A581D21D1F969FE040C0 ] SymIRON C:\Windows\system32\drivers\NISx64\1501000.012\Ironx64.SYS
13:01:57.0333 0x21e8 SymIRON - ok
13:01:57.0362 0x21e8 [ 78A2F073AD9EA5EBC04A70931EA36C9A, 011395F07D7879D30E1700F060CA8C02407F8FFC99998B2E7507E7AF22578B68 ] SymNetS C:\Windows\system32\drivers\NISx64\1501000.012\SYMNETS.SYS
13:01:57.0404 0x21e8 SymNetS - ok
13:01:57.0411 0x21e8 Synth3dVsc - ok
13:01:57.0483 0x21e8 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
13:01:57.0602 0x21e8 SysMain - ok
13:01:57.0616 0x21e8 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:01:57.0652 0x21e8 TabletInputService - ok
13:01:57.0659 0x21e8 [ BCD6A90D6FD757CE9C29DDC850F7F231, 8E736A42B28BE11EC524C40DFA1C7A88BBE10CBC97320F128BCBE44051BBCC81 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
13:01:57.0683 0x21e8 tap0901 - ok
13:01:57.0700 0x21e8 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
13:01:57.0774 0x21e8 TapiSrv - ok
13:01:57.0783 0x21e8 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
13:01:57.0848 0x21e8 TBS - ok
13:01:57.0928 0x21e8 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:01:58.0016 0x21e8 Tcpip - ok
13:01:58.0086 0x21e8 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
13:01:58.0170 0x21e8 TCPIP6 - ok
13:01:58.0182 0x21e8 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:01:58.0202 0x21e8 tcpipreg - ok
13:01:58.0236 0x21e8 [ 4124DE3CB72F5DFD7288389862B03F2A, E34AFE0A8C5459D13E7A11F20D62C7762B2A55613AAF6DBEB887E014B5F19295 ] TDKLIB C:\Users\mo9\AppData\Local\Temp\TdkLib64.sys
13:01:58.0289 0x21e8 TDKLIB - ok
13:01:58.0296 0x21e8 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:01:58.0315 0x21e8 TDPIPE - ok
13:01:58.0341 0x21e8 [ AC1FC18D04B92BAC16CBD85DE2A08A0B, 07758732DEC2EE22F6AA9BEE928E49B577C59BDBD3FD886D31E9F459010F74BE ] tdrpman C:\Windows\system32\DRIVERS\tdrpman.sys
13:01:58.0378 0x21e8 tdrpman - ok
13:01:58.0385 0x21e8 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:01:58.0404 0x21e8 TDTCP - ok
13:01:58.0414 0x21e8 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:01:58.0469 0x21e8 tdx - ok
13:01:58.0476 0x21e8 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
13:01:58.0494 0x21e8 TermDD - ok
13:01:58.0521 0x21e8 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
13:01:58.0601 0x21e8 TermService - ok
13:01:58.0608 0x21e8 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
13:01:58.0636 0x21e8 Themes - ok
13:01:58.0643 0x21e8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
13:01:58.0696 0x21e8 THREADORDER - ok
13:01:58.0704 0x21e8 [ 3E24B7FE52BC455DA8D6E2CC2B4CA23F, 0AC9C626F0ED7F27CCE0236897D44836789331953AA0A73B2A88E4A91CF996B6 ] tifsfilter C:\Windows\system32\DRIVERS\tifsfilt.sys
13:01:58.0723 0x21e8 tifsfilter - ok
13:01:58.0751 0x21e8 [ EC4FD4D147985A97E881729E808E6F34, 6C1B15AE8E1F4E3B50856EF2CBFEE28D5FAC9C7276D0922E286A7BD6514DA74A ] timounter C:\Windows\system32\DRIVERS\timntr.sys
13:01:58.0793 0x21e8 timounter - ok
13:01:58.0802 0x21e8 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
13:01:58.0859 0x21e8 TrkWks - ok
13:01:58.0874 0x21e8 [ EA43DE1743C1BA0D2D17B8DB90C91D88, 54115F3002D2C87B82DDA62E96AD8296FFC59DC83E9F3D7F22325325DB73C486 ] truecrypt C:\Windows\system32\drivers\truecrypt.sys
13:01:58.0899 0x21e8 truecrypt - ok
13:01:58.0910 0x21e8 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:01:58.0970 0x21e8 TrustedInstaller - ok
13:01:58.0980 0x21e8 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:01:59.0001 0x21e8 tssecsrv - ok
13:01:59.0008 0x21e8 [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
13:01:59.0030 0x21e8 TsUsbFlt - ok
13:01:59.0035 0x21e8 tsusbhub - ok
13:01:59.0049 0x21e8 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:01:59.0105 0x21e8 tunnel - ok
13:01:59.0113 0x21e8 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
13:01:59.0133 0x21e8 uagp35 - ok
13:01:59.0151 0x21e8 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:01:59.0225 0x21e8 udfs - ok
13:01:59.0239 0x21e8 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:01:59.0267 0x21e8 UI0Detect - ok
13:01:59.0275 0x21e8 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:01:59.0296 0x21e8 uliagpkx - ok
13:01:59.0304 0x21e8 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
13:01:59.0330 0x21e8 umbus - ok
13:01:59.0336 0x21e8 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
13:01:59.0360 0x21e8 UmPass - ok
13:01:59.0376 0x21e8 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
13:01:59.0410 0x21e8 UmRdpService - ok
13:01:59.0433 0x21e8 [ 8B802B483CBDE06F62DBC04DC7AFAF8E, 92E20096D2953DF8C4812EED2ED1A8AD1AF9CE20740B3ACDA33A1DC5B4D0E00B ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
13:01:59.0467 0x21e8 UMVPFSrv - ok
13:01:59.0488 0x21e8 [ 5A5D20BD5BA50B8F671CDA78585729D5, 1B537183E883D64F8D6B6FC6CC01F62ED6EE744AB43124CB25EF55CA3A775558 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
13:01:59.0518 0x21e8 UNS - ok
13:01:59.0542 0x21e8 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
13:01:59.0620 0x21e8 upnphost - ok
13:01:59.0635 0x21e8 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
13:01:59.0661 0x21e8 usbaudio - ok
13:01:59.0670 0x21e8 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
13:01:59.0697 0x21e8 usbccgp - ok
13:01:59.0707 0x21e8 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
13:01:59.0735 0x21e8 usbcir - ok
13:01:59.0757 0x21e8 [ 699E43C9C9396009DDA7A87C16E4C12A, 1B3C186CD55F6C79F08857A603A40A138BC8AE5C10EE6F011FAB47997E68F8F5 ] USBDLM C:\Program Files\USBDLM\USBDLM.exe
13:01:59.0792 0x21e8 USBDLM - detected UnsignedFile.Multi.Generic ( 1 )
13:02:02.0173 0x21e8 Detect skipped due to KSN trusted
13:02:02.0173 0x21e8 USBDLM - ok
13:02:02.0181 0x21e8 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
13:02:02.0207 0x21e8 usbehci - ok
13:02:02.0227 0x21e8 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:02:02.0265 0x21e8 usbhub - ok
13:02:02.0272 0x21e8 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
13:02:02.0296 0x21e8 usbohci - ok
13:02:02.0303 0x21e8 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
13:02:02.0332 0x21e8 usbprint - ok
13:02:02.0342 0x21e8 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:02:02.0368 0x21e8 USBSTOR - ok
13:02:02.0375 0x21e8 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
13:02:02.0399 0x21e8 usbuhci - ok
13:02:02.0412 0x21e8 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
13:02:02.0443 0x21e8 usbvideo - ok
13:02:02.0451 0x21e8 [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
13:02:02.0474 0x21e8 usb_rndisx - ok
13:02:02.0482 0x21e8 [ 108CC06C5DBFA33F84F72E8626B8D117, 3BADC6A031A660FF46DCF2DE206AABD6A76EF242718E7178E3CA69C26414486C ] utdrv C:\Windows\system32\drivers\utdrv.sys
13:02:02.0507 0x21e8 utdrv - ok
13:02:02.0515 0x21e8 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
13:02:02.0578 0x21e8 UxSms - ok
13:02:02.0585 0x21e8 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc C:\Windows\system32\lsass.exe
13:02:02.0608 0x21e8 VaultSvc - ok
13:02:02.0616 0x21e8 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
13:02:02.0637 0x21e8 vdrvroot - ok
13:02:02.0663 0x21e8 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
13:02:02.0746 0x21e8 vds - ok
13:02:02.0755 0x21e8 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:02:02.0782 0x21e8 vga - ok
13:02:02.0789 0x21e8 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
13:02:02.0849 0x21e8 VgaSave - ok
13:02:02.0855 0x21e8 VGPU - ok
13:02:02.0869 0x21e8 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
13:02:02.0897 0x21e8 vhdmp - ok
13:02:02.0904 0x21e8 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
13:02:02.0924 0x21e8 viaide - ok
13:02:02.0937 0x21e8 [ C69A784BEC737CD7460EBF3C3834D65E, 3D4CEC9E677FD6B08BE43DC19B3E422D403137E26A3B72443A513CD4AE5F41A2 ] vidsflt53 C:\Windows\system32\DRIVERS\vsflt53.sys
13:02:02.0960 0x21e8 vidsflt53 - ok
13:02:02.0972 0x21e8 [ 549CD7035F5CF5CEE4DE11539C9715F4, 6FED4D5161420890A92C3B811B4CBD18A1A106D5F5E674166E538E65A1C68E04 ] VMAuthdService C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
13:02:02.0993 0x21e8 VMAuthdService - ok
13:02:03.0003 0x21e8 [ BE8E5E5D53ACF71D4E8E686B68C99B04, 4F30A360095FCB2627068FA6A65A951688058E8FDDF5CE895E2AE39500A413B1 ] vmci C:\Windows\system32\DRIVERS\vmci.sys
13:02:03.0026 0x21e8 vmci - ok
13:02:03.0034 0x21e8 [ 60C4B117ED03861379B2EE54EBFC8581, DED937CFA1228459B280FB8551B126EE1F0A837E99458E058612B54B390D0D34 ] VMCService C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
13:02:03.0043 0x21e8 VMCService - detected UnsignedFile.Multi.Generic ( 1 )
13:02:06.0151 0x21e8 Detect skipped due to KSN trusted
13:02:06.0151 0x21e8 VMCService - ok
13:02:06.0161 0x21e8 [ CCB2A61113D093B9B5CCCF1D60D65E7A, 4459DD26ACF1B7675016B16BA02814E2A35FE862DEDA31AC7110CE2C2E3947AA ] vmkbd C:\Windows\system32\drivers\VMkbd.sys
13:02:06.0179 0x21e8 vmkbd - ok
13:02:06.0187 0x21e8 [ 18AA5F4A3B1204AD00045EE5AD39BCDB, 0211A8E94F169A2A52CD39CD580293907EBE104E52038DC36B988DE1CA7F2392 ] VMnetAdapter C:\Windows\system32\DRIVERS\vmnetadapter.sys
13:02:06.0207 0x21e8 VMnetAdapter - ok
13:02:06.0215 0x21e8 [ 04CD4347CD9E8C40F78AD51F7FF426D0, BCA3E593E118BCA30142B23CD1CBE6905442D31C3DEB4C71B06D721E601F7BD8 ] VMnetBridge C:\Windows\system32\DRIVERS\vmnetbridge.sys
13:02:06.0235 0x21e8 VMnetBridge - ok
13:02:06.0241 0x21e8 VMnetDHCP - ok
13:02:06.0248 0x21e8 [ 668C12E04D5AB4981864B12494AF907F, 20D94E5E060EB04558B39B33A81C989D7F9DB52C7378FECF9D430F1DC385E4E0 ] VMnetuserif C:\Windows\system32\drivers\vmnetuserif.sys
13:02:06.0267 0x21e8 VMnetuserif - ok
13:02:06.0306 0x21e8 [ 093B967896BA9EF2ADFCD75E185B9DA9, 3D6F5FF56311D4B506D02F77620B80EDB54E6E560BDF53AC9F3CDBB037D0ACA0 ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
13:02:06.0361 0x21e8 VMUSBArbService - ok
13:02:06.0370 0x21e8 VMware NAT Service - ok
13:02:06.0378 0x21e8 [ EBAC38A198308359FD89C10704265E5E, 7C234FE34D6A65D754F8B2EA0458365997CF97B88779B01551E5227910943224 ] vmx86 C:\Windows\system32\drivers\vmx86.sys
13:02:06.0398 0x21e8 vmx86 - ok
13:02:06.0407 0x21e8 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
13:02:06.0429 0x21e8 volmgr - ok
13:02:06.0449 0x21e8 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:02:06.0484 0x21e8 volmgrx - ok
13:02:06.0501 0x21e8 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
13:02:06.0533 0x21e8 volsnap - ok
13:02:06.0547 0x21e8 [ ABD9B4A7E2D0AE51A3B8DF1AF3152D61, 1EAA4D8D35008E4D5C4AEA91C3ABD3D5BB5F8DF2D95D35792B3F3BB31EABB7CF ] vpcbus C:\Windows\system32\DRIVERS\vpchbus.sys
13:02:06.0578 0x21e8 vpcbus - ok
13:02:06.0587 0x21e8 [ 8ACDA395841538CE9713A67FE8B2A3EB, D74D6AF8059C1CD59A5DDB03095BC46FF7808DA358FB64D71B53940DEE6356D9 ] vpcnfltr C:\Windows\system32\DRIVERS\vpcnfltr.sys
13:02:06.0608 0x21e8 vpcnfltr - ok
13:02:06.0620 0x21e8 [ 31924E31BC315773E6D149B157DB46D5, 8E2A8785D2D7327F9DE046E6245F233280395AA42D5BAD1048021109628840C2 ] vpcusb C:\Windows\system32\DRIVERS\vpcusb.sys
13:02:06.0648 0x21e8 vpcusb - ok
13:02:06.0667 0x21e8 [ C5B651E52540E6F46DA66574C74B4898, 4292E1D574FB0AF1D61F17F88D82A1A77738A3F7ECECB49FF20997FEC99078B2 ] vpcvmm C:\Windows\system32\drivers\vpcvmm.sys
13:02:06.0700 0x21e8 vpcvmm - ok
13:02:06.0712 0x21e8 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
13:02:06.0739 0x21e8 vsmraid - ok
13:02:06.0749 0x21e8 [ CB4D2E3C5E8BFA3CF6AFFF6DDC6CC70D, 32A891045AF36FEAC62373894B98ABDCEA437978BDE027169C22EBC2C72D586E ] vsock C:\Windows\system32\drivers\vsock.sys
13:02:06.0771 0x21e8 vsock - ok
13:02:06.0836 0x21e8 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
13:02:06.0973 0x21e8 VSS - ok
13:02:06.0982 0x21e8 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\drivers\vwifibus.sys
13:02:07.0009 0x21e8 vwifibus - ok
13:02:07.0017 0x21e8 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
13:02:07.0050 0x21e8 vwififlt - ok
13:02:07.0070 0x21e8 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
13:02:07.0149 0x21e8 W32Time - ok
13:02:07.0159 0x21e8 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
13:02:07.0184 0x21e8 WacomPen - ok
13:02:07.0194 0x21e8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
13:02:07.0255 0x21e8 WANARP - ok
13:02:07.0264 0x21e8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:02:07.0324 0x21e8 Wanarpv6 - ok
13:02:07.0387 0x21e8 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
13:02:07.0485 0x21e8 wbengine - ok
13:02:07.0503 0x21e8 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
13:02:07.0545 0x21e8 WbioSrvc - ok
13:02:07.0565 0x21e8 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:02:07.0615 0x21e8 wcncsvc - ok
13:02:07.0624 0x21e8 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:02:07.0651 0x21e8 WcsPlugInService - ok
13:02:07.0660 0x21e8 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
13:02:07.0679 0x21e8 Wd - ok
13:02:07.0715 0x21e8 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:02:07.0770 0x21e8 Wdf01000 - ok
13:02:07.0781 0x21e8 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:02:07.0816 0x21e8 WdiServiceHost - ok
13:02:07.0824 0x21e8 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:02:07.0860 0x21e8 WdiSystemHost - ok
13:02:07.0875 0x21e8 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
13:02:07.0911 0x21e8 WebClient - ok
13:02:07.0926 0x21e8 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:02:08.0000 0x21e8 Wecsvc - ok
13:02:08.0009 0x21e8 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:02:08.0074 0x21e8 wercplsupport - ok
13:02:08.0083 0x21e8 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
13:02:08.0146 0x21e8 WerSvc - ok
13:02:08.0153 0x21e8 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
13:02:08.0212 0x21e8 WfpLwf - ok
13:02:08.0218 0x21e8 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
13:02:08.0239 0x21e8 WIMMount - ok
13:02:08.0244 0x21e8 WinDefend - ok
13:02:08.0254 0x21e8 WinHttpAutoProxySvc - ok
13:02:08.0273 0x21e8 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:02:08.0344 0x21e8 Winmgmt - ok
13:02:08.0352 0x21e8 [ 0C0195C48B6B8582FA6F6373032118DA, 11BD2C9F9E2397C9A16E0990E4ED2CF0679498FE0FD418A3DFDAC60B5C160EE5 ] WinRing0_1_2_0 C:\Program Files (x86)\BatteryCare\WinRing0x64.sys
13:02:08.0376 0x21e8 WinRing0_1_2_0 - ok
13:02:08.0458 0x21e8 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
13:02:08.0616 0x21e8 WinRM - ok
13:02:08.0637 0x21e8 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
13:02:08.0666 0x21e8 WinUsb - ok
13:02:08.0705 0x21e8 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
13:02:08.0779 0x21e8 Wlansvc - ok
13:02:08.0786 0x21e8 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
13:02:08.0809 0x21e8 WmiAcpi - ok
13:02:08.0826 0x21e8 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:02:08.0858 0x21e8 wmiApSrv - ok
13:02:08.0864 0x21e8 WMPNetworkSvc - ok
13:02:08.0871 0x21e8 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:02:08.0896 0x21e8 WPCSvc - ok
13:02:08.0906 0x21e8 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:02:08.0938 0x21e8 WPDBusEnum - ok
13:02:08.0946 0x21e8 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:02:09.0006 0x21e8 ws2ifsl - ok
13:02:09.0016 0x21e8 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
13:02:09.0053 0x21e8 wscsvc - ok
13:02:09.0061 0x21e8 [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
13:02:09.0088 0x21e8 WSDPrintDevice - ok
13:02:09.0096 0x21e8 [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan C:\Windows\system32\drivers\WSDScan.sys
13:02:09.0118 0x21e8 WSDScan - ok
13:02:09.0127 0x21e8 WSearch - ok
13:02:09.0150 0x21e8 [ F051DFD96AC5D15BCFFC9C4A5B29935C, 8636E02E50A1017EA784ACA6C90F335836334F533D87FC612EACF4E59002ED6A ] WTGService C:\Program Files (x86)\3DataManager\WTGService.exe
13:02:09.0179 0x21e8 WTGService - ok
13:02:09.0274 0x21e8 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
13:02:09.0400 0x21e8 wuauserv - ok
13:02:09.0414 0x21e8 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:02:09.0441 0x21e8 WudfPf - ok
13:02:09.0455 0x21e8 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:02:09.0486 0x21e8 WUDFRd - ok
13:02:09.0495 0x21e8 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:02:09.0523 0x21e8 wudfsvc - ok
13:02:09.0538 0x21e8 [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc C:\Windows\System32\wwansvc.dll
13:02:09.0574 0x21e8 WwanSvc - ok
13:02:09.0588 0x21e8 [ BCD008C9FC4B57C107CBCFC3E77B58BA, 3FB91B79A1D8B60859D9FB96F7207E678836183F0D2193FF6F44CD6F12D99F06 ] ZTEusbmdm6k C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
13:02:09.0616 0x21e8 ZTEusbmdm6k - ok
13:02:09.0627 0x21e8 [ 9E74E0D096F8023A68A262A012153182, 133EE39960D9F9E7A24566B5784E8E247ABC0F127CAC7AFA1CF5A4E2C9CC7A9F ] ZTEusbnet C:\Windows\system32\DRIVERS\ZTEusbnet.sys
13:02:09.0654 0x21e8 ZTEusbnet - ok
13:02:09.0666 0x21e8 [ BCD008C9FC4B57C107CBCFC3E77B58BA, 3FB91B79A1D8B60859D9FB96F7207E678836183F0D2193FF6F44CD6F12D99F06 ] ZTEusbnmea C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
13:02:09.0691 0x21e8 ZTEusbnmea - ok
13:02:09.0702 0x21e8 [ BCD008C9FC4B57C107CBCFC3E77B58BA, 3FB91B79A1D8B60859D9FB96F7207E678836183F0D2193FF6F44CD6F12D99F06 ] ZTEusbser6k C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
13:02:09.0728 0x21e8 ZTEusbser6k - ok
13:02:09.0739 0x21e8 [ BCD008C9FC4B57C107CBCFC3E77B58BA, 3FB91B79A1D8B60859D9FB96F7207E678836183F0D2193FF6F44CD6F12D99F06 ] ZTEusbvoice C:\Windows\system32\DRIVERS\ZTEusbvoice.sys
13:02:09.0765 0x21e8 ZTEusbvoice - ok
13:02:09.0797 0x21e8 ================ Scan global ===============================
13:02:09.0803 0x21e8 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
13:02:09.0817 0x21e8 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
13:02:09.0839 0x21e8 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
13:02:09.0853 0x21e8 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
13:02:09.0872 0x21e8 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
13:02:09.0885 0x21e8 [ Global ] - ok
13:02:09.0886 0x21e8 ================ Scan MBR ==================================
13:02:10.0226 0x21e8 [ ABB2F84CBBEED6A61DFADB54D3068405 ] \Device\Harddisk0\DR0
13:02:10.0410 0x21e8 \Device\Harddisk0\DR0 - ok
13:02:10.0415 0x21e8 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
13:02:10.0551 0x21e8 \Device\Harddisk1\DR1 - ok
13:02:10.0552 0x21e8 ================ Scan VBR ==================================
13:02:10.0555 0x21e8 [ E85BA60774C579A0F983541F2CE266C4 ] \Device\Harddisk0\DR0\Partition1
13:02:10.0558 0x21e8 \Device\Harddisk0\DR0\Partition1 - ok
13:02:10.0563 0x21e8 [ 43625AE0147E0957DA10F622FDF736C7 ] \Device\Harddisk1\DR1\Partition1
13:02:10.0566 0x21e8 \Device\Harddisk1\DR1\Partition1 - ok
13:02:10.0569 0x21e8 [ 43D9E71DBBFDB527708354B411C5D8D6 ] \Device\Harddisk1\DR1\Partition2
13:02:10.0572 0x21e8 \Device\Harddisk1\DR1\Partition2 - ok
13:02:10.0574 0x21e8 Waiting for KSN requests completion. In queue: 123
13:02:11.0574 0x21e8 Waiting for KSN requests completion. In queue: 123
13:02:12.0574 0x21e8 Waiting for KSN requests completion. In queue: 123
13:02:13.0574 0x21e8 Waiting for KSN requests completion. In queue: 123
13:02:14.0575 0x21e8 Waiting for KSN requests completion. In queue: 123
13:02:15.0575 0x21e8 Waiting for KSN requests completion. In queue: 123
13:02:16.0575 0x21e8 Waiting for KSN requests completion. In queue: 123
13:02:17.0575 0x21e8 Waiting for KSN requests completion. In queue: 123
13:02:18.0575 0x21e8 Waiting for KSN requests completion. In queue: 123
13:02:19.0575 0x21e8 Waiting for KSN requests completion. In queue: 123
13:02:20.0575 0x21e8 Waiting for KSN requests completion. In queue: 123
13:02:21.0575 0x21e8 Waiting for KSN requests completion. In queue: 123
13:02:22.0575 0x21e8 Waiting for KSN requests completion. In queue: 123
13:02:23.0575 0x21e8 Waiting for KSN requests completion. In queue: 123
13:02:24.0601 0x21e8 AV detected via SS2: Norton Internet Security, C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\WSCStub.exe ( 21.1.0.0 ), 0x51000 ( enabled : updated )
13:02:24.0604 0x21e8 FW detected via SS2: Norton Internet Security, C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\WSCStub.exe ( 21.1.0.0 ), 0x51010 ( enabled )
13:02:27.0050 0x21e8 ============================================================
13:02:27.0050 0x21e8 Scan finished
13:02:27.0050 0x21e8 ============================================================
13:02:27.0065 0x2998 Detected object count: 0
13:02:27.0065 0x2998 Actual detected object count: 0
|
|
05.02.2014, 14:03
| #8 |
| | Gehackte Fritzbox - Verdacht: PC infiziert FYI: MBAR zeigte beim Start: |
|
06.02.2014, 10:11
| #9 |
| /// the machine /// TB-Ausbilder | Gehackte Fritzbox - Verdacht: PC infiziert Hast Du nein oder ja gemacht? Bitte MBAR nochmal ,ausserdem bitte einen Scan mit GMER machen.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
06.02.2014, 12:54
| #10 | |
| | Gehackte Fritzbox - Verdacht: PC infiziertZitat:
FYI: Registry Einträge AppInit_DLLs beziehen sich auf C:\Windows\system32\nvinitx.dll und C:\Windows\SysWOW64\nvinit.dll Deren Properties zeigen: Beides sind von NVIDIA signierte Dateien. Vermutlich gehören die zum Grafik-System. GMER (QuickScan) Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-02-06 11:46:07
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-2 Samsung_ rev.EXT0 232,89GB
Running: Gmer-19357.exe; Driver: C:\Users\Admin\AppData\Local\Temp\uxldipow.sys
---- Devices - GMER 2.1 ----
Device \Driver\a5it6sca \Device\Scsi\a5it6sca1Port1Path0Target0Lun0 fffffa80126892c0
Device \Driver\a5it6sca \Device\Scsi\a5it6sca1 fffffa80126892c0
Device \FileSystem\Ntfs \Ntfs fffffa800ca472c0
---- Modules - GMER 2.1 ----
Module \SystemRoot\System32\Drivers\a5it6sca.SYS fffff8800fa4f000-fffff8800faa0000 (331776 bytes)
---- EOF - GMER 2.1 ----
Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.07.0.1009
www.malwarebytes.org
Database version: v2014.02.06.04
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16750
Admin :: X [administrator]
06.02.2014 12:30:36
mbar-log-2014-02-06 (12-30-36).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Kernel memory modifications detected. Deep Anti-Rootkit Scan engaged.
Objects scanned: 305627
Time elapsed: 8 minute(s), 10 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Geändert von mo9 (06.02.2014 um 13:00 Uhr) |
|
07.02.2014, 09:27
| #11 |
| /// the machine /// TB-Ausbilder | Gehackte Fritzbox - Verdacht: PC infiziert Hi, Rechner ist sauber. Ist das ne Fritzbox 7390 oder ähnliches mit MediaCenter udn Fernzugriff per Handy? Mail von AVM bekommen? Ich schon, die haben masive Probleme mit der Security, wurden gehackt, UDP Ports und Co, und Fernzugriff per Handy abschalten in der Fritzbox.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
07.02.2014, 11:51
| #12 |
| | Gehackte Fritzbox - Verdacht: PC infiziert Hi, jemand war in meiner Fritzbox und hat auf meine Kosten teuer ins Ausland telefoniert. Dazu wurde in meiner Fritzbox am Anschluss LAN/WLAN ein sogenanntes IP-Telefon installiert. Hier der entsprechende Warnhinweis von AVM. Sicherheitshinweis: mutmaßlicher Telefonmissbrauch | AVM - Heimnetz mit FRITZ! - DSL, LTE, Kabel, WLAN, DECT und Powerline Man fragt sich wie die wohl das Passwort aus der Box ausgelesen hatten. Erraten haben sie es auf jeden fall sicher nicht können. Dazu ist es bei mir zu lang und zu kompliziert. Wenn mein PC sauber ist und woanders habe ich es auch nicht benutzt. Wie kann man es dann bekommen? Zum guten Schluss noch mal. VIELEN DANK Hier nochmal die Seite von AVM: h**p://www.avm.de/de/Sicherheit/hinweis.html |
|
08.02.2014, 11:17
| #13 |
| /// the machine /// TB-Ausbilder | Gehackte Fritzbox - Verdacht: PC infiziert Ich sag ja ich hab die gleiche Meldng bekommen. War bei Dir deses Handy-ich kann von aussen auf die FritzBox und NAS-Teil aktiviert? Das ist die Ursache in den meisten Fällen.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
08.02.2014, 16:20
| #14 | |
| | Gehackte Fritzbox - Verdacht: PC infiziertZitat:
Ja der war aktiviert. Aber ein sicheres Passwort war gesetzt. Softwareupdates sollen das Problem ja nun wohl hoffentlich beheben. |
|
09.02.2014, 09:29
| #15 |
| /// the machine /// TB-Ausbilder | Gehackte Fritzbox - Verdacht: PC infiziert Gibt seit gestern ne neue Firmware.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Gehackte Fritzbox - Verdacht: PC infiziert |
| anti-malware, auffälliges, frage, fritzbox, gehackt, gehackte, guten, infiziert, inter, interne, internet, keylogger, malwarebytes, nichts, opfer, passwort, pc infiziert, prophylaxe, rechner, router, security, sicheres, spyware, troja, verdacht, verhält, überprüfe |
Linear-Darstellung
