| |
| |||||||
Log-Analyse und Auswertung: Trojan.Psuedo.vnc und Trojan.MSIL gefundenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
03.09.2014, 19:32
| #1 |
| |  Trojan.Psuedo.vnc und Trojan.MSIL gefunden Hallo Zusammen Mir ist eine "WindowsUpdate.exe" aufgefallen. Daraufhin habe ich Malwarebytes laufen lassen und folgendes log erhalten: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 03.09.2014 Suchlauf-Zeit: 20:08:25 Logdatei: log_09_03.txt Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.09.03.07 Rootkit Datenbank: v2014.08.21.01 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Self-protection: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Flo Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 313255 Verstrichene Zeit: 8 Min, 37 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristics: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 2 Trojan.Psuedo.vnc, C:\Users\Flo\AppData\Roaming\SVCH\svchost.exe, 3384, Löschen bei Neustart, [0d36519897e4c670e6e83e73fa0712ee] Trojan.MSIL, C:\Users\Flo\AppData\Roaming\WindowsUpdate.exe, 3408, Löschen bei Neustart, [053e6b7eb8c3152161b0b4c7db26bf41] Module: 0 (No malicious items detected) Registrierungsschlüssel: 5 PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\TYPELIB\{DCABB943-792E-44C4-9029-ECBEE6265AF9}, In Quarantäne, [67dc3faab8c3aa8c8f4f1f5f5fa37f81], PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\INTERFACE\{3408AC0D-510E-4808-8F7B-6B70B1F88534}, In Quarantäne, [67dc3faab8c3aa8c8f4f1f5f5fa37f81], PUP.Optional.OutBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3408AC0D-510E-4808-8F7B-6B70B1F88534}, In Quarantäne, [67dc3faab8c3aa8c8f4f1f5f5fa37f81], PUP.Optional.OutBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{DCABB943-792E-44C4-9029-ECBEE6265AF9}, In Quarantäne, [67dc3faab8c3aa8c8f4f1f5f5fa37f81], Malware.Trace, HKU\S-1-5-21-2555853433-4028734650-3843409368-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DC3_FEXEC, Löschen bei Neustart, [7fc47079dd9e87af7f0edee7669d7d83], Registrierungswerte: 2 Trojan.Psuedo.vnc, HKU\S-1-5-21-2555853433-4028734650-3843409368-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|svchost, C:\Users\Flo\AppData\Roaming\SVCH\svchost.exe, Löschen bei Neustart, [0d36519897e4c670e6e83e73fa0712ee] Trojan.MSIL, HKU\S-1-5-21-2555853433-4028734650-3843409368-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Windows Update, C:\Users\Flo\AppData\Roaming\WindowsUpdate.exe, Löschen bei Neustart, [053e6b7eb8c3152161b0b4c7db26bf41] Registrierungsdaten: 0 (No malicious items detected) Ordner: 1 Stolen.Data, C:\Users\Flo\AppData\Roaming\dclogs, In Quarantäne, [3f0445a4cdae8fa780c7cf2538cb5ba5], Dateien: 18 Trojan.Psuedo.vnc, C:\Users\Flo\AppData\Roaming\SVCH\svchost.exe, Löschen bei Neustart, [0d36519897e4c670e6e83e73fa0712ee], Trojan.MSIL, C:\Users\Flo\AppData\Roaming\WindowsUpdate.exe, Löschen bei Neustart, [053e6b7eb8c3152161b0b4c7db26bf41], Trojan.MSIL, C:\Users\Flo\AppData\Roaming\Windows Update.exe, In Quarantäne, [f54e15d44e2ddb5b3fd297e4b54c48b8], Stolen.Data, C:\Users\Flo\AppData\Roaming\dclogs\2014-07-26-7.dc, In Quarantäne, [3f0445a4cdae8fa780c7cf2538cb5ba5], Stolen.Data, C:\Users\Flo\AppData\Roaming\dclogs\2014-07-27-1.dc, In Quarantäne, [3f0445a4cdae8fa780c7cf2538cb5ba5], Stolen.Data, C:\Users\Flo\AppData\Roaming\dclogs\2014-07-28-2.dc, In Quarantäne, [3f0445a4cdae8fa780c7cf2538cb5ba5], Stolen.Data, C:\Users\Flo\AppData\Roaming\dclogs\2014-08-04-2.dc, In Quarantäne, [3f0445a4cdae8fa780c7cf2538cb5ba5], Stolen.Data, C:\Users\Flo\AppData\Roaming\dclogs\2014-08-06-4.dc, In Quarantäne, [3f0445a4cdae8fa780c7cf2538cb5ba5], Stolen.Data, C:\Users\Flo\AppData\Roaming\dclogs\2014-08-07-5.dc, In Quarantäne, [3f0445a4cdae8fa780c7cf2538cb5ba5], Stolen.Data, C:\Users\Flo\AppData\Roaming\dclogs\2014-08-09-7.dc, In Quarantäne, [3f0445a4cdae8fa780c7cf2538cb5ba5], Stolen.Data, C:\Users\Flo\AppData\Roaming\dclogs\2014-08-10-1.dc, In Quarantäne, [3f0445a4cdae8fa780c7cf2538cb5ba5], Stolen.Data, C:\Users\Flo\AppData\Roaming\dclogs\2014-08-16-7.dc, In Quarantäne, [3f0445a4cdae8fa780c7cf2538cb5ba5], Stolen.Data, C:\Users\Flo\AppData\Roaming\dclogs\2014-08-17-1.dc, In Quarantäne, [3f0445a4cdae8fa780c7cf2538cb5ba5], Stolen.Data, C:\Users\Flo\AppData\Roaming\dclogs\2014-08-18-2.dc, In Quarantäne, [3f0445a4cdae8fa780c7cf2538cb5ba5], Stolen.Data, C:\Users\Flo\AppData\Roaming\dclogs\2014-08-29-6.dc, In Quarantäne, [3f0445a4cdae8fa780c7cf2538cb5ba5], Stolen.Data, C:\Users\Flo\AppData\Roaming\dclogs\2014-09-01-2.dc, In Quarantäne, [3f0445a4cdae8fa780c7cf2538cb5ba5], Malware.Trace, C:\Users\Flo\AppData\Roaming\pid.txt, In Quarantäne, [390adb0e24578da9d2fbec6e798bb44c], Malware.Trace, C:\Users\Flo\AppData\Roaming\pidloc.txt, In Quarantäne, [b192ebfe4a31af87f7d666f4a26255ab], Physische Sektoren: 0 (No malicious items detected) (end) Würde gerne wissen, wo die Dateien herkommen und was sie ggf. auspioniert haben. Finde ich das in den logs? Kann ich den Trojaner noch entfernen und hilft nur formatieren? Vielen Dank schonmal! Beste Grüße |
|
03.09.2014, 20:22
| #2 |
| /// Selecta Jahrusso   | Trojan.Psuedo.vnc und Trojan.MSIL gefunden Bitte von einem anderen System alle Zugangsdaten ändern. Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
03.09.2014, 20:33
| #3 |
| | Trojan.Psuedo.vnc und Trojan.MSIL gefunden Super, danke für die schnelle Antwort. Hier geht es los:
__________________FRST FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2014 02 Ran by Flo (administrator) on FLO-PC on 03-09-2014 21:27:42 Running from D:\Downloads Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe (Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe () C:\Users\Flo\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Users\Flo\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Adobe Systems Inc.) C:\Program Files (x86)\PTC\Mathcad PDSi\Acrobat\acrotray.exe (Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe (Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (QNAP Systems, Inc.) C:\Program Files (x86)\QNAP\Qsync\Qsync.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\OFFICE15\CSISYNCCLIENT.EXE (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7194840 2013-07-26] (Realtek Semiconductor) HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation) HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-09-04] (Intel Corporation) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-02-21] (Intel Corporation) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-07] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.) HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2013-12-05] (Brother Industries, Ltd.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\PTC\Mathcad PDSi\Acrobat\Acrotray.exe [640376 2008-10-01] (Adobe Systems Inc.) HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707472 2014-03-12] (Cisco Systems, Inc.) HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2548248 2014-04-23] (Sony Corporation) HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2117632 2014-07-06] (Dominik Reichl) HKLM-x32\...\Run: [Qsync] => C:\Program Files (x86)\QNAP\Qsync\Qsync.exe [13765840 2014-07-02] (QNAP Systems, Inc.) HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [161584 2014-08-04] (Avira Operations GmbH & Co. KG) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-2555853433-4028734650-3843409368-1000\...\Run: [Google Update] => C:\Users\Flo\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-10-27] (Google Inc.) HKU\S-1-5-21-2555853433-4028734650-3843409368-1000\...\Run: [Amazon Cloud Player] => C:\Users\Flo\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3168576 2014-03-07] () HKU\S-1-5-21-2555853433-4028734650-3843409368-1000\...\Run: [GoogleChromeAutoLaunch_113C8DD36E5867E6D61A3F35DE4397B3] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-08-07] (Google Inc.) HKU\S-1-5-21-2555853433-4028734650-3843409368-1000\...\Run: [572764CE8610BAB89B015AF7952C17FE88F4450A._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-08-07] (Google Inc.) HKU\S-1-5-21-2555853433-4028734650-3843409368-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd) HKU\S-1-5-21-2555853433-4028734650-3843409368-1000\...\Run: [SkyDrive] => C:\Users\Flo\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [251040 2014-07-31] (Microsoft Corporation) HKU\S-1-5-21-2555853433-4028734650-3843409368-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Google Update] => C:\Users\Flo\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-10-27] (Google Inc.) HKU\S-1-5-21-2555853433-4028734650-3843409368-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Amazon Cloud Player] => C:\Users\Flo\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3168576 2014-03-07] () HKU\S-1-5-21-2555853433-4028734650-3843409368-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleChromeAutoLaunch_113C8DD36E5867E6D61A3F35DE4397B3] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-08-07] (Google Inc.) HKU\S-1-5-21-2555853433-4028734650-3843409368-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [572764CE8610BAB89B015AF7952C17FE88F4450A._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-08-07] (Google Inc.) HKU\S-1-5-21-2555853433-4028734650-3843409368-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd) HKU\S-1-5-21-2555853433-4028734650-3843409368-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [SkyDrive] => C:\Users\Flo\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [251040 2014-07-31] (Microsoft Corporation) HKU\S-1-5-21-2555853433-4028734650-3843409368-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Google Update] => C:\Users\Flo\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-10-27] (Google Inc.) HKU\S-1-5-21-2555853433-4028734650-3843409368-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Amazon Cloud Player] => C:\Users\Flo\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3168576 2014-03-07] () HKU\S-1-5-21-2555853433-4028734650-3843409368-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [GoogleChromeAutoLaunch_113C8DD36E5867E6D61A3F35DE4397B3] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-08-07] (Google Inc.) HKU\S-1-5-21-2555853433-4028734650-3843409368-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [572764CE8610BAB89B015AF7952C17FE88F4450A._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-08-07] (Google Inc.) HKU\S-1-5-21-2555853433-4028734650-3843409368-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd) HKU\S-1-5-21-2555853433-4028734650-3843409368-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [SkyDrive] => C:\Users\Flo\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [251040 2014-07-31] (Microsoft Corporation) Startup: C:\Users\Flo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk ShortcutTarget: Samsung Magician.lnk -> C:\Windows\System32\schtasks.exe (Microsoft Corporation) ShellIconOverlayIdentifiers: QsyncEx_Icon1 -> {9EF65B94-EC0D-49F7-B46D-006B388EB03E} => C:\Program Files (x86)\QNAP\Qsync\QsyncExt.dll () ShellIconOverlayIdentifiers: QsyncEx_Icon2 -> {40AA64F1-CE90-459F-81A3-2CC2BD43F067} => C:\Program Files (x86)\QNAP\Qsync\QsyncExt.dll () ShellIconOverlayIdentifiers: QsyncEx_Icon3 -> {19F2C0DA-FE3B-44B5-95CA-4F8CAE92238C} => C:\Program Files (x86)\QNAP\Qsync\QsyncExt.dll () ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Hosts: 127.0.0.1 update.sft-loader.de Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll () FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Flo\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Flo\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Flo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) Chrome: ======= CHR HomePage: Default -> hxxp://google.de/ CHR StartupUrls: Default -> "hxxp://www.google.de/" CHR DefaultSearchURL: Default -> https://mail.google.com/mail/?extsrc=mailto&url=%s CHR Profile: C:\Users\Flo\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Drive) - C:\Users\Flo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-19] CHR Extension: (YouTube) - C:\Users\Flo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-19] CHR Extension: (Adblock Plus) - C:\Users\Flo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-01-03] CHR Extension: (JSONView) - C:\Users\Flo\AppData\Local\Google\Chrome\User Data\Default\Extensions\chklaanhfefbnpoihckbnefhakgolnmc [2013-10-19] CHR Extension: (Google-Suche) - C:\Users\Flo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-19] CHR Extension: (Google Kalender) - C:\Users\Flo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2013-10-19] CHR Extension: (Porsche) - C:\Users\Flo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkclphmapdcppbmekmbkcjfanpmoidpg [2013-10-19] CHR Extension: (Google Kalender (von Google)) - C:\Users\Flo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich [2014-01-03] CHR Extension: (feedly) - C:\Users\Flo\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2013-10-19] CHR Extension: (Google Notizen – Notizen und Listen) - C:\Users\Flo\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2013-10-31] CHR Extension: (Google Play Music) - C:\Users\Flo\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2013-10-19] CHR Extension: (HappyGet 1.5) - C:\Users\Flo\AppData\Local\Google\Chrome\User Data\Default\Extensions\idighallhledkolmcaiapjnfngfipcfh [2013-10-31] CHR Extension: (Chrome to Mobile) - C:\Users\Flo\AppData\Local\Google\Chrome\User Data\Default\Extensions\idknbmbdnapjicclomlijcgfpikmndhd [2014-01-03] CHR Extension: (JDownloader Integration for Google Chrome™) - C:\Users\Flo\AppData\Local\Google\Chrome\User Data\Default\Extensions\laeghehalempfenbefbjbhccjcoakpmm [2013-10-19] CHR Extension: (Google Mail-Checker) - C:\Users\Flo\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2013-10-19] CHR Extension: (PhoneMarks Extension) - C:\Users\Flo\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnmkdhaffkikpiaondgpjldfmgmjciom [2013-10-19] CHR Extension: (Hangouts) - C:\Users\Flo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2014-01-03] CHR Extension: (Google Wallet) - C:\Users\Flo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-31] CHR Extension: (Google Mail) - C:\Users\Flo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-19] CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2014-03-27] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-07] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-07] (Avira Operations GmbH & Co. KG) R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [149296 2014-08-04] (Avira Operations GmbH & Co. KG) R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed] R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2369720 2014-08-01] (Microsoft Corporation) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation) R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-08-01] () R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation) R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2013-01-16] (Hewlett-Packard Company) [File not signed] R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [481816 2014-04-23] (Sony Corporation) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-06-01] () R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-04] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-06-03] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-18] (Avira Operations GmbH & Co. KG) S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] () R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [31648 2014-06-19] (REALiX(tm)) R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation) R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21408 2013-08-01] () R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21920 2013-08-01] () R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-01] () R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-08-01] () R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-03] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-04-14] (Duplex Secure Ltd.) S3 USBTINSP; C:\Windows\System32\DRIVERS\tinspusb.sys [142848 2010-03-29] (Texas Instruments) S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52592 2014-03-12] (Cisco Systems, Inc.) R2 WinRing0_1_2_0; C:\Users\Flo\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries25.gadget\WinRing0x64.sys [14544 2013-10-19] (OpenLibSys.org) U3 a9jjrxlx; C:\Windows\System32\Drivers\a9jjrxlx.sys [0 ] (Intel Corporation) S3 MSICDSetup; \??\E:\CDriver64.sys [X] S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-03 21:27 - 2014-09-03 21:27 - 00000000 ____D () C:\FRST 2014-09-03 20:08 - 2014-09-03 21:22 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-09-03 20:07 - 2014-09-03 20:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-09-03 20:07 - 2014-09-03 20:07 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-09-03 20:07 - 2014-09-03 20:07 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-09-03 20:07 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-09-03 20:07 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-09-03 20:07 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-08-28 17:24 - 2014-08-28 17:24 - 00002044 _____ () C:\Users\Flo\AppData\Local\recently-used.xbel 2014-08-28 09:38 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-08-28 09:38 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2014-08-28 09:38 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-08-18 18:31 - 2014-08-18 18:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom 2014-08-18 18:31 - 2014-08-18 18:31 - 00000000 ____D () C:\Program Files (x86)\TomTom HOME 2 2014-08-16 16:11 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll 2014-08-16 16:11 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll 2014-08-16 16:11 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe 2014-08-16 16:11 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe 2014-08-16 16:11 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe 2014-08-16 16:11 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll 2014-08-16 16:11 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe 2014-08-16 16:11 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll 2014-08-16 15:13 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-08-16 15:13 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2014-08-16 15:12 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-08-16 15:12 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-08-16 15:12 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-08-16 15:12 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-08-16 15:12 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-08-16 15:12 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-08-16 15:12 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-08-16 15:12 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-08-16 15:12 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-08-16 15:12 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-08-16 15:12 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-08-16 15:12 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-08-16 15:12 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-08-16 15:12 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-08-16 15:12 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-08-16 15:12 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-08-16 15:12 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-08-16 15:12 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-08-16 15:12 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-08-16 15:12 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-08-16 15:12 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-08-16 15:12 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-08-16 15:12 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-08-16 15:12 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-08-16 15:12 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-08-16 15:12 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-08-16 15:12 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-08-16 15:12 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-08-16 15:12 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-08-16 15:12 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-08-16 15:12 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-08-16 15:12 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-08-16 15:12 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-08-16 15:12 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-08-16 15:12 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-08-16 15:12 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-08-16 15:12 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-08-16 15:12 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-08-16 15:12 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-08-16 15:12 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-08-16 15:12 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-08-16 15:12 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-08-16 15:12 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-08-16 15:12 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-08-16 15:12 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-08-16 15:12 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-08-16 15:12 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-08-16 15:12 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-08-16 15:12 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-08-16 15:12 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-08-16 15:12 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-08-16 15:12 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-08-16 15:12 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-08-16 15:12 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-08-16 15:12 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-08-16 15:12 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-08-16 15:12 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-08-16 15:12 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2014-08-16 15:12 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2014-08-16 15:12 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-08-16 15:12 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2014-08-16 15:12 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll 2014-08-16 15:12 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2014-08-16 15:12 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2014-08-16 15:12 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2014-08-16 15:12 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll 2014-08-16 15:10 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-08-16 15:10 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-08-16 15:10 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2014-08-16 15:10 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2014-08-09 15:18 - 2014-08-09 15:18 - 00002075 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Lightroom 5.4 64-Bit.lnk 2014-08-09 15:18 - 2014-08-09 15:18 - 00000000 ____D () C:\Program Files\Common Files\Adobe 2014-08-09 15:18 - 2014-08-09 15:18 - 00000000 ____D () C:\Program Files\Adobe ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-03 21:27 - 2014-09-03 21:27 - 00000000 ____D () C:\FRST 2014-09-03 21:22 - 2014-09-03 20:08 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-09-03 21:22 - 2014-04-16 17:54 - 00005118 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Flo-PC-Flo Flo-PC 2014-09-03 21:22 - 2013-10-19 12:20 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-09-03 21:20 - 2014-04-13 12:19 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-09-03 21:15 - 2013-10-27 18:40 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2555853433-4028734650-3843409368-1000UA.job 2014-09-03 21:09 - 2009-07-14 06:45 - 00031664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-09-03 21:09 - 2009-07-14 06:45 - 00031664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-09-03 21:07 - 2011-04-12 09:43 - 00718466 _____ () C:\Windows\system32\perfh007.dat 2014-09-03 21:07 - 2011-04-12 09:43 - 00155524 _____ () C:\Windows\system32\perfc007.dat 2014-09-03 21:07 - 2009-07-14 07:13 - 01660026 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-09-03 21:05 - 2013-10-19 11:28 - 01066200 _____ () C:\Windows\WindowsUpdate.log 2014-09-03 21:03 - 2014-06-09 17:59 - 00000542 _____ () C:\Windows\Tasks\MATLAB R2014a Startup Accelerator.job 2014-09-03 21:02 - 2014-04-16 17:56 - 00000000 ___RD () C:\Users\Flo\OneDrive 2014-09-03 21:02 - 2013-11-05 20:43 - 00000000 ___RD () C:\Users\Flo\Qsync 2014-09-03 21:01 - 2013-10-19 12:20 - 00001100 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-09-03 21:01 - 2010-11-21 05:47 - 00403650 _____ () C:\Windows\PFRO.log 2014-09-03 21:01 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-09-03 21:01 - 2009-07-14 06:51 - 00234889 _____ () C:\Windows\setupact.log 2014-09-03 21:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Vss 2014-09-03 20:28 - 2014-07-26 19:20 - 00000000 ____D () C:\Users\Flo\AppData\Roaming\SVCH 2014-09-03 20:07 - 2014-09-03 20:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-09-03 20:07 - 2014-09-03 20:07 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-09-03 20:07 - 2014-09-03 20:07 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-09-02 19:54 - 2013-10-19 16:42 - 00000000 ____D () C:\Users\Flo\AppData\Roaming\vlc 2014-08-28 18:06 - 2014-03-01 11:38 - 00000000 ____D () C:\Users\Flo\.gimp-2.8 2014-08-28 17:24 - 2014-08-28 17:24 - 00002044 _____ () C:\Users\Flo\AppData\Local\recently-used.xbel 2014-08-28 12:32 - 2009-07-14 06:45 - 00455872 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-08-28 09:47 - 2013-10-19 13:16 - 00000000 ____D () C:\Program Files\Microsoft Office 15 2014-08-23 04:07 - 2014-08-28 09:38 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-08-23 03:45 - 2014-08-28 09:38 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2014-08-23 02:59 - 2014-08-28 09:38 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-08-18 21:04 - 2013-11-24 19:24 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-08-18 21:04 - 2013-10-19 13:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2014-08-18 18:31 - 2014-08-18 18:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom 2014-08-18 18:31 - 2014-08-18 18:31 - 00000000 ____D () C:\Program Files (x86)\TomTom HOME 2 2014-08-18 18:30 - 2014-02-07 15:17 - 00000000 ____D () C:\Users\Flo\AppData\Local\Downloaded Installations 2014-08-18 17:21 - 2014-02-04 20:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2014-08-18 17:21 - 2014-02-04 20:41 - 00000000 ____D () C:\Program Files (x86)\Avira 2014-08-18 17:21 - 2014-01-05 12:39 - 00000000 ____D () C:\ProgramData\Package Cache 2014-08-17 21:03 - 2013-10-27 18:50 - 00000000 ____D () C:\Users\Flo\AppData\Local\CrashDumps 2014-08-17 20:42 - 2013-10-27 18:47 - 00000000 ____D () C:\Users\Flo\AppData\Roaming\Mp3tag 2014-08-17 16:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-08-16 16:11 - 2014-05-07 18:06 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-08-14 21:22 - 2013-10-19 12:39 - 00000000 ____D () C:\Windows\system32\MRT 2014-08-14 21:21 - 2013-10-19 12:39 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-08-10 18:20 - 2014-01-23 18:15 - 00000000 ____D () C:\Program Files\Calibre2 2014-08-10 18:19 - 2014-01-23 18:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management 2014-08-09 15:22 - 2013-10-19 12:33 - 00000000 ____D () C:\Users\Flo\AppData\Roaming\Adobe 2014-08-09 15:20 - 2014-04-14 17:24 - 00000000 ____D () C:\Users\Flo\AppData\Local\Adobe 2014-08-09 15:18 - 2014-08-09 15:18 - 00002075 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Lightroom 5.4 64-Bit.lnk 2014-08-09 15:18 - 2014-08-09 15:18 - 00000000 ____D () C:\Program Files\Common Files\Adobe 2014-08-09 15:18 - 2014-08-09 15:18 - 00000000 ____D () C:\Program Files\Adobe 2014-08-09 15:18 - 2014-04-14 17:24 - 00000000 ____D () C:\ProgramData\Adobe 2014-08-07 11:15 - 2013-10-27 18:40 - 00001060 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2555853433-4028734650-3843409368-1000Core.job 2014-08-07 04:06 - 2014-08-16 15:10 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-08-07 04:01 - 2014-08-16 15:10 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll Some content of TEMP: ==================== C:\Users\Flo\AppData\Local\Temp\avgnt.exe C:\Users\Flo\AppData\Local\Temp\proxy_vole4108516490639937565.dll C:\Users\Flo\AppData\Local\Temp\Samsung_Magician_Setup_v44.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2013-10-19 14:10 ==================== End Of Log ============================ Die zugehörige Addition: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-09-2014 02
Ran by Flo at 2014-09-03 21:28:03
Running from D:\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 11 Plugin (HKLM-x32\...\{F83DD803-2467-4D07-9D6F-87AF0434410A}) (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.4 64-bit (HKLM\...\{558B5965-CC1B-4AF1-BA07-5D6832404050}) (Version: 5.4.0 - Adobe Systems Incorporated)
Amazon Cloud Player (HKCU\...\Amazon Amazon Cloud Player) (Version: 2.4.0.26 - Amazon Services LLC)
Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version: - Amazon)
Ashampoo Burning Studio FREE v.1.12.0 (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.12.0 - Ashampoo GmbH & Co. KG)
Avira (HKLM-x32\...\{e67154a7-9cc5-4167-b782-f3982bc6c70d}) (Version: 1.1.19.30000 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.19.30000 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.570 - Avira)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
BeamNG-Techdemo-0.3 (remove only) (HKCU\...\BeamNG-Techdemo-0.3) (Version: - )
Brother MFL-Pro Suite DCP-J4110DW MFC-J4510DW (HKLM-x32\...\{DD98C438-D769-4677-AA87-3481FA32D20C}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
Bugbear Retro Demo 2002 (HKLM-x32\...\Bugbear Retro Demo 2002) (Version: - Bugbear Entertainment)
calibre 64bit (HKLM\...\{5F63ABE2-91EB-489E-9F33-EBFBB6CE0DC9}) (Version: 1.48.0 - Kovid Goyal)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4478 - CDBurnerXP)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.05160 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.05160 - Cisco Systems, Inc.) Hidden
Colin McRae Rally Remastered (HKLM-x32\...\Colin McRae Rally Remastered_is1) (Version: - )
Counter-Strike (HKLM-x32\...\Steam App 10) (Version: - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
CPUID CPU-Z 1.69.2 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{0B79C91F-978F-4C2E-9FE4-D4B567808858}) (Version: - Microsoft)
DxO Optics Pro 7 (HKLM\...\{64579E10-6249-4BB1-B1D1-8EF55042DB45}) (Version: 7.5.5 - DxO Labs)
Euro Truck Simulator 2 Demo (HKLM-x32\...\Steam App 231120) (Version: - SCS Software)
FileBot (HKLM\...\{15003E45-BBE8-4CAE-AA60-A56E3FC4E9BB}) (Version: 4.2 - Reinhard Pointner)
FileZilla Client 3.9.0.1 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.1 - Tim Kosse)
Fotogalerie (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.12.31.325 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.31.325 - DVDVideoSoft Ltd.)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.14) (Version: 9.14 - Artifex Software Inc.)
GRID Autosport (HKLM-x32\...\R1JJREF1dG9zcG9ydA==_is1) (Version: 1 - )
GT Power Expansion (HKLM-x32\...\Steam App 44650) (Version: - SimBin)
GTR Evolution (HKLM-x32\...\Steam App 8660) (Version: - SimBin)
HWiNFO64 Version 4.40 (HKLM\...\HWiNFO64_is1) (Version: 4.40 - Martin Malík - REALiX)
Image Data Converter (HKLM-x32\...\{87998E4E-6D9C-411B-AAE9-B8523FFE357D}) (Version: 4.2.03.16101 - Sony Corporation)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3277 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.8.0.1016 - Intel Corporation) Hidden
Intel(R) Smart Connect Technology (HKLM\...\{B1AC3709-3E98-4F2C-A84E-4BCA2A452E64}) (Version: 4.2.40.2418 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.16 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) Hidden
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
KeePass Password Safe 2.27 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.27 - Dominik Reichl)
LightScribe System Software (HKLM-x32\...\{F132000C-1CBA-458F-BF2F-FD43D59410F9}) (Version: 1.18.27.10 - LightScribe)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Mathcad 15 F000 (HKLM-x32\...\{DC8F6C78-7231-44A2-B66E-6C4FCB3A3364}) (Version: 15.0.0.0 - PTC)
Mathcad PDSi viewable support (HKLM-x32\...\Mathcad PDSi viewable support) (Version: 9.0.0 - Adobe Systems)
Mathcad PDSi viewable support (x32 Version: 9.0.0 - Adobe Systems) Hidden
MATLAB R2014a (HKLM\...\Matlab R2014a) (Version: 8.3 - The MathWorks, Inc.)
MediaInfo 0.7.69 (HKLM\...\MediaInfo) (Version: 0.7.69 - MediaArea.net)
Medieval CUE Splitter (HKLM-x32\...\{B96D2269-568B-4CBF-9332-12FAE8B158F7}) (Version: 1.2.0 - Medieval Software)
MergeModule_x64 (Version: 8.0.00 - Sony Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4641.1003 - Microsoft Corporation)
Microsoft Office 64-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Core Components (x64) ENU (HKLM\...\{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x64) ENU (HKLM\...\{03AC245F-4C64-425C-89CF-7783C1D3AB2C}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Visio MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Visio Professional 2013 (HKLM-x32\...\Office15.VISPROR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visio Professional 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
mIRC (HKLM-x32\...\mIRC) (Version: 7.32 - mIRC Co. Ltd.)
Movie Maker (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Mp3tag v2.60 (HKLM-x32\...\Mp3tag) (Version: v2.60 - Florian Heidenreich)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser und SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Music Manager (HKCU\...\MusicManager) (Version: - Google, Inc.)
MusicBrainz Picard (HKLM-x32\...\MusicBrainz Picard) (Version: 1.2 - MusicBrainz)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.1 - Notepad++ Team)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4641.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4641.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4641.1003 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.1 - pdfforge)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.212.0 - Tracker Software Products Ltd)
Pflanzen gegen Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
Photo Gallery (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
PlayMemories Home (HKLM-x32\...\{7EA1A4E8-A5CE-4626-87DC-6DEF99BAE931}) (Version: 3.1.11.04230 - Sony Corporation)
PTC Quality Agent (HKLM-x32\...\{5B7F8A19-AF71-4517-B49C-683AFC5B639C}) (Version: 2.0.0.0 - PTC)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Python 2.7.6 (HKLM-x32\...\{C3CC4DF5-39A5-4027-B136-2B3E1F5AB6E2}) (Version: 2.7.6150 - Python Software Foundation)
QNAP Qget (HKLM-x32\...\Qget) (Version: 3.1.4.1125 - QNAP Systems, Inc.)
QNAP Qsync (HKLM-x32\...\Qsync) (Version: 1.3.0.0702 - QNAP Systems, Inc.)
RACE 07 - Formula RaceRoom Add-On (HKLM-x32\...\Steam App 44630) (Version: - )
RACE 07 (HKLM-x32\...\Steam App 8600) (Version: - SimBin)
RACE 07: Andy Priaulx Crowne Plaza Raceway (HKLM-x32\...\Steam App 8650) (Version: - SimBin)
Race Injection (HKLM-x32\...\Steam App 44680) (Version: - SimBin Studios AB)
RaceRoom Racing Experience (HKLM-x32\...\Steam App 211500) (Version: - SimBin Studios AB)
RaceRoom Racing Experience Launcher (HKLM-x32\...\{1FD9F07F-7BBF-4C91-B3F0-A23714A3A913}_is1) (Version: 1.0 - SimBin)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.67.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.4.0 - Samsung Electronics)
SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
Secure Download Manager (HKLM-x32\...\{C58626D6-7EBD-460D-8B6C-75B3C3464879}) (Version: 3.1.60 - Kivuto Solutions Inc.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{8D2E04ED-3350-4ECE-9D6E-3BC9A9A93A47}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (x32 Version: - Microsoft) Hidden
Siemens NX 8.5 (HKLM\...\{2AA26D1D-F4D8-428C-8B5B-B6B81A74383B}) (Version: 8.5.0.23 - Siemens)
Skype™ 6.13 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.13.104 - Skype Technologies S.A.)
SOHLib for PlayMemories Home (Version: 1.0.3.02170 - Sony Corporation) Hidden
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.13.14.201311281309 - Sony Mobile Communications AB)
Sony RAW Driver (HKLM-x32\...\{166FCF01-AC98-4288-A01C-90BEB808C059}) (Version: 2.0.00.08130 - Sony Corporation)
STCC II (HKLM-x32\...\Steam App 44620) (Version: - SimBin)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SyncToy 2.1 (x64) (HKLM\...\{88DAAF05-5A72-46D2-A7C5-C3759697E943}) (Version: 2.1.0 - Microsoft)
System Requirements Lab for Intel (HKLM-x32\...\{53C63F43-B827-42D9-8886-4698D91EA33B}) (Version: 4.5.15.0 - Husdawg, LLC)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.25942 - TeamViewer)
The Retro Expansion (HKLM-x32\...\Steam App 44660) (Version: - SimBin)
The WTCC 2010 Pack (HKLM-x32\...\Steam App 44670) (Version: - SimBin)
TomTom HOME (HKLM-x32\...\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
UGS NX 7.5 (HKLM\...\{1A3B7925-AAFC-42BA-9E1F-A87CB777D0F6}) (Version: 7.5.0.32 - UGS)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.5.2f1 - Unity Technologies ApS)
Update for Microsoft Excel 2013 (KB2883061) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.VISPROR_{4CFCE804-3034-4F3A-84E2-3C97665F80EC}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2881070) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.VISPROR_{35E5FACD-A5AA-46AD-93C7-F6D7969044E7}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{A7610F07-E844-4444-8E1D-D5BC8AD0B4C5}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{66421820-D3CA-450A-898C-78D7E40108E6}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2826040) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{B7EA8070-C37F-4617-82F4-52CF3304595A}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.VISPROR_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880457) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{D27F6360-AE1E-4C8C-8ECD-C0375E20B923}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.VISPROR_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{7C5CEE0F-6823-4BB7-A28F-76FEC14EB6AC}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881009) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{7A3EF4FF-A9C8-4F7E-8020-A45F7D319387}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883036) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{B8E73381-09B1-4895-ACD0-34385B0F526D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883049) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{1C6260FD-A280-49FE-89D0-CCEC647FBD8E}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883052) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.VISPROR_{3F3A95FF-9F40-4B19-8227-53DF683B4CF9}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883052) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{3F3A95FF-9F40-4B19-8227-53DF683B4CF9}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0407-0000-0000000FF1CE}_Office15.VISPROR_{0F5FFEB6-2F66-4592-8A34-CC85FF318951}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0409-0000-0000000FF1CE}_Office15.VISPROR_{DA288EB3-648C-433C-88AC-71AEAAFAACF7}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 32-Bit Edition (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}_Office15.VISPROR_{51865C36-97D4-4210-A33E-50BCC8CDDF72}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0410-0000-0000000FF1CE}_Office15.VISPROR_{D533D4E6-5056-487A-8F18-7FA51AF0E283}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883062) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.VISPROR_{EE35EB6C-7768-433F-B9A0-73C97699A08C}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883062) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{EE35EB6C-7768-433F-B9A0-73C97699A08C}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2883066) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.VISPROR_{90EEAEDF-CD51-4E8C-B781-7A071EC53C36}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2883066) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0407-1000-0000000FF1CE}_Office15.VISPROR_{90EEAEDF-CD51-4E8C-B781-7A071EC53C36}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.VISPROR_{CA0F0611-10FB-47D4-A642-E3BABCC73393}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{1BCA67A6-5329-48D0-A088-C097AC7A14BD}) (Version: - Microsoft)
Update for Microsoft Visio 2013 (KB2881079) 32-Bit Edition (HKLM-x32\...\{90150000-0054-0407-0000-0000000FF1CE}_Office15.VISPROR_{62B80EFA-7AC3-4DA2-92AE-BFFC457509E0}) (Version: - Microsoft)
Update for Microsoft Visio 2013 (KB2881079) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{62B80EFA-7AC3-4DA2-92AE-BFFC457509E0}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.VISPROR_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version: - Microsoft)
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinDirStat 1.1.2 (HKCU\...\WinDirStat) (Version: - )
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live Communications Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
WISO Steuer-Sparbuch 2014 (HKLM-x32\...\{A9919C3A-1D8F-42C8-A943-D029B8AEFACE}) (Version: 21.01.8499 - Buhl Data Service GmbH)
wxPython 2.8.12.1 (unicode) for Python 2.7 (HKLM-x32\...\wxPython2.8-unicode-py27_is1) (Version: 2.8.12.1-unicode - Total Control Software)
zebNet® Windows Keyfinder TNG 5.0.1.2 (HKLM\...\{1A3C22F2-D546-4EC0-927E-EFAEDAC18C52}) (Version: 5.0.1.2 - zebNet® Ltd)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2555853433-4028734650-3843409368-1000_Classes\CLSID\{07474513-7B58-45c7-B3E6-13A3669B1AFD}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2555853433-4028734650-3843409368-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Flo\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2555853433-4028734650-3843409368-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Flo\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2555853433-4028734650-3843409368-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Flo\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2555853433-4028734650-3843409368-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Flo\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2555853433-4028734650-3843409368-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Flo\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2555853433-4028734650-3843409368-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Flo\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2555853433-4028734650-3843409368-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Flo\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2555853433-4028734650-3843409368-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Flo\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2555853433-4028734650-3843409368-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Flo\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
==================== Restore Points =========================
10-08-2014 16:19:43 Installed calibre 64bit
14-08-2014 19:20:51 Windows Update
16-08-2014 14:11:21 Windows Update
18-08-2014 16:30:54 Installed TomTom HOME.
18-08-2014 19:04:18 Windows Update
28-08-2014 08:25:36 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2013-11-02 11:33 - 00000856 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 update.sft-loader.de
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0E2056FE-78AA-425F-8D77-6DC82FA1964D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-13] (Adobe Systems Incorporated)
Task: {144534CA-78A1-4391-BEF8-6D4D3EDD5CF3} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {1F32B481-24D1-4E56-9029-B169FE42AC7B} - System32\Tasks\Sony Corporation\Sony Home Network Library\SOHLib SOHDms => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2014-01-16] (Sony Corporation)
Task: {209EBD9C-2EE7-4D75-B4B8-016D518364F6} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-08-28] (Microsoft Corporation)
Task: {338E6D82-9091-4062-AF97-3F1C5BA0420C} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-08-01] (Microsoft Corporation)
Task: {37D985B6-8B62-4853-90B3-F5A3BFAFC623} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2014-05-19] (Samsung Electronics.)
Task: {38E867D4-43C3-46D8-829A-CD5B3952B253} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2555853433-4028734650-3843409368-1000Core => C:\Users\Flo\AppData\Local\Google\Update\GoogleUpdate.exe [2013-10-27] (Google Inc.)
Task: {716EB3EC-E690-4904-B369-5C9AC2C1E765} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {90A77332-8DBF-47A4-86B9-135F55C673F4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {A4067781-8DAD-4561-99DE-A867B0521A45} - System32\Tasks\MATLAB R2014a Startup Accelerator => D:\Program Files\MATLAB\R2014a\bin\win64\MATLABStartupAccelerator.exe [2014-01-29] ()
Task: {A5D1AA20-DE79-4387-9A26-A9EDAF1416CE} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Flo-PC-Flo Flo-PC => C:\Program Files\Microsoft Office 15\root\Office15\MsoSync.exe [2014-08-28] (Microsoft Corporation)
Task: {C211A934-F08E-4E47-A9FD-B2F51D7F295C} - System32\Tasks\Amazon Music Helper => C:\Users\Flo\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [2014-03-07] ()
Task: {C7C88E2F-BCDB-4177-B1CF-ACAB1E0070F7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-19] (Google Inc.)
Task: {EBD078C5-7FFA-4337-8313-B36E6C1D3189} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-19] (Google Inc.)
Task: {FC85F987-FE04-45D8-8D81-50B494B16C74} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2555853433-4028734650-3843409368-1000UA => C:\Users\Flo\AppData\Local\Google\Update\GoogleUpdate.exe [2013-10-27] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2555853433-4028734650-3843409368-1000Core.job => C:\Users\Flo\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2555853433-4028734650-3843409368-1000UA.job => C:\Users\Flo\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\MATLAB R2014a Startup Accelerator.job => D:\Program Files\MATLAB\R2014a\bin\win64\MATLABStartupAccelerator.exe
==================== Loaded Modules (whitelisted) =============
2014-03-22 10:03 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-08-01 17:31 - 2013-08-01 17:31 - 00198120 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-08-01 17:31 - 2013-08-01 17:31 - 00054760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2013-08-01 17:31 - 2013-08-01 17:31 - 00034792 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll
2013-11-26 21:38 - 2014-03-07 22:39 - 03168576 _____ () C:\Users\Flo\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
2014-06-01 13:20 - 2014-06-01 13:20 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-03-01 12:19 - 2005-04-22 06:36 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll
2014-04-29 10:33 - 2014-04-29 10:33 - 00297680 _____ () C:\Program Files (x86)\QNAP\Qsync\QsyncExt.dll
2014-03-12 22:53 - 2014-03-12 22:53 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2014-08-04 14:20 - 2014-08-04 14:20 - 00139056 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-08-04 14:20 - 2014-08-04 14:20 - 00067832 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2013-12-11 17:35 - 2014-05-06 11:24 - 00013824 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SAMSUNG_SSD.dll
2013-12-11 17:35 - 2014-05-19 20:20 - 00103424 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\PAL.dll
2013-12-11 17:35 - 2014-05-19 20:20 - 00039424 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SATA.dll
2013-12-11 17:35 - 2014-05-19 20:19 - 00038400 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SAT.dll
2013-12-11 17:35 - 2014-05-19 20:20 - 00031232 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SMINI.dll
2013-12-11 17:35 - 2014-05-19 20:19 - 00029696 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SAS.dll
2014-02-04 20:43 - 2014-08-04 14:20 - 00052472 _____ () C:\Users\Flo\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-03-01 12:19 - 2009-02-27 17:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-06-18 10:44 - 2014-06-18 10:44 - 00116224 _____ () C:\Program Files (x86)\QNAP\Qsync\RdiffDll.dll
2014-06-18 10:43 - 2014-06-18 10:43 - 00151552 _____ () C:\Program Files (x86)\QNAP\Qsync\IOTCAPIs.dll
2014-06-18 10:43 - 2014-06-18 10:43 - 00086016 _____ () C:\Program Files (x86)\QNAP\Qsync\P2PTunnelAPIs.dll
2014-06-18 10:43 - 2014-06-18 10:43 - 00098304 _____ () C:\Program Files (x86)\QNAP\Qsync\RDTAPIs.dll
2014-08-16 15:26 - 2014-08-07 05:20 - 00718152 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libglesv2.dll
2014-08-16 15:26 - 2014-08-07 05:20 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libegl.dll
2014-08-16 15:26 - 2014-08-07 05:20 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll
2014-08-16 15:26 - 2014-08-07 05:20 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll
2014-08-16 15:26 - 2014-08-07 05:20 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll
2013-10-19 12:13 - 2013-09-04 07:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: Cisco AnyConnect Secure Mobility Agent for Windows => "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
==================== Faulty Device Manager Devices =============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (09/03/2014 09:03:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/03/2014 08:01:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/02/2014 05:43:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/01/2014 05:31:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/01/2014 05:30:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SpfService64.exe, Version: 1.3.0.9090, Zeitstempel: 0x4e684dec
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000057c3c
ID des fehlerhaften Prozesses: 0x1b7c
Startzeit der fehlerhaften Anwendung: 0xSpfService64.exe0
Pfad der fehlerhaften Anwendung: SpfService64.exe1
Pfad des fehlerhaften Moduls: SpfService64.exe2
Berichtskennung: SpfService64.exe3
Error: (08/31/2014 02:40:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/30/2014 05:52:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/29/2014 06:32:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/28/2014 00:33:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/28/2014 09:48:02 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (09/03/2014 09:06:04 PM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: Unerwarteter Fehler. Fehlercode: 490@01010004
Error: (09/03/2014 08:15:23 PM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: Unerwarteter Fehler. Fehlercode: 490@01010004
Error: (09/01/2014 05:30:24 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Sony Digital Media Server" wurde mit folgendem Fehler beendet:
%%-2147194947
Error: (09/01/2014 05:30:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "VAIO Entertainment Common Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/18/2014 06:31:11 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "TomTomHOMEService" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (08/18/2014 06:31:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "TomTomHOMEService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/07/2014 03:01:05 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
Error: (08/07/2014 01:15:55 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR6 gefunden.
Error: (08/07/2014 01:15:53 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR5 gefunden.
Error: (08/07/2014 01:15:51 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk4\DR4 gefunden.
Microsoft Office Sessions:
=========================
Error: (09/03/2014 09:03:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/03/2014 08:01:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/02/2014 05:43:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/01/2014 05:31:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/01/2014 05:30:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SpfService64.exe1.3.0.90904e684decntdll.dll6.1.7601.18247521eaf24c00000050000000000057c3c1b7c01cfc5f9a57000aaC:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exeC:\Windows\SYSTEM32\ntdll.dlle3e28629-31ec-11e4-8db5-d43d7ed8257a
Error: (08/31/2014 02:40:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/30/2014 05:52:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/29/2014 06:32:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/28/2014 00:33:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/28/2014 09:48:02 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4570 CPU @ 3.20GHz
Percentage of memory in use: 34%
Total physical RAM: 8031.16 MB
Available physical RAM: 5238.76 MB
Total Pagefile: 8229.34 MB
Available Pagefile: 5016.22 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.57 GB) (Free:33.47 GB) NTFS
Drive d: () (Fixed) (Total:465.76 GB) (Free:3.94 GB) NTFS
Drive z: () (Network) (Total:1832.31 GB) (Free:846.08 GB)
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 4589916A)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End Of Log ============================
|
|
03.09.2014, 20:34
| #4 |
| | Trojan.Psuedo.vnc und Trojan.MSIL gefunden war leider zu lang, daher hier das Log vom TDSSKiller: Code:
ATTFilter 21:29:21.0556 0x190c TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
21:29:21.0556 0x190c UEFI system
21:29:25.0733 0x190c ============================================================
21:29:25.0733 0x190c Current date / time: 2014/09/03 21:29:25.0733
21:29:25.0733 0x190c SystemInfo:
21:29:25.0733 0x190c
21:29:25.0733 0x190c OS Version: 6.1.7601 ServicePack: 1.0
21:29:25.0733 0x190c Product type: Workstation
21:29:25.0733 0x190c ComputerName: FLO-PC
21:29:25.0733 0x190c UserName: Flo
21:29:25.0733 0x190c Windows directory: C:\Windows
21:29:25.0733 0x190c System windows directory: C:\Windows
21:29:25.0733 0x190c Running under WOW64
21:29:25.0734 0x190c Processor architecture: Intel x64
21:29:25.0734 0x190c Number of processors: 4
21:29:25.0734 0x190c Page size: 0x1000
21:29:25.0734 0x190c Boot type: Normal boot
21:29:25.0734 0x190c ============================================================
21:29:25.0915 0x190c KLMD registered as C:\Windows\system32\drivers\84219183.sys
21:29:26.0042 0x190c System UUID: {16AF162E-8EC6-3DDA-0918-21EFDC7E9519}
21:29:26.0462 0x190c Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:29:26.0462 0x190c Drive \Device\Harddisk1\DR1 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:29:26.0487 0x190c ============================================================
21:29:26.0487 0x190c \Device\Harddisk0\DR0:
21:29:26.0487 0x190c MBR partitions:
21:29:26.0487 0x190c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385000
21:29:26.0487 0x190c \Device\Harddisk1\DR1:
21:29:26.0487 0x190c GPT partitions:
21:29:26.0487 0x190c \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {66EB2A18-5102-4B46-A4DD-B81932EB7213}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
21:29:26.0487 0x190c \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {FCB6BDCD-83A2-4649-AC68-C3FD0069CA16}, Name: Microsoft reserved partition, StartLBA 0x32800, BlocksNum 0x40000
21:29:26.0487 0x190c \Device\Harddisk1\DR1\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {2D8F5256-E282-418A-91E3-88705BE5F29B}, Name: Basic data partition, StartLBA 0x72800, BlocksNum 0xDF22000
21:29:26.0487 0x190c MBR partitions:
21:29:26.0487 0x190c ============================================================
21:29:26.0488 0x190c C: <-> \Device\Harddisk1\DR1\Partition3
21:29:26.0505 0x190c D: <-> \Device\Harddisk0\DR0\Partition1
21:29:26.0505 0x190c ============================================================
21:29:26.0505 0x190c Initialize success
21:29:26.0505 0x190c ============================================================
21:29:48.0351 0x120c ============================================================
21:29:48.0351 0x120c Scan started
21:29:48.0351 0x120c Mode: Manual; SigCheck; TDLFS;
21:29:48.0351 0x120c ============================================================
21:29:48.0351 0x120c KSN ping started
21:29:51.0045 0x120c KSN ping finished: true
21:29:51.0502 0x120c ================ Scan system memory ========================
21:29:51.0502 0x120c System memory - ok
21:29:51.0502 0x120c ================ Scan services =============================
21:29:51.0550 0x120c [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
21:29:51.0659 0x120c 1394ohci - ok
21:29:51.0682 0x120c [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:29:51.0694 0x120c ACPI - ok
21:29:51.0698 0x120c [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
21:29:51.0713 0x120c AcpiPmi - ok
21:29:51.0718 0x120c [ D0B11E40EA74A98A5E133DF1F5276240, BAD5885CD8CC271D59DFA95159EFC3AC36D2BA11B6DA593AAED0C45F1C2F280F ] acsock C:\Windows\system32\DRIVERS\acsock64.sys
21:29:51.0769 0x120c acsock - ok
21:29:51.0799 0x120c [ 1BA1AB4141A92EB34DA99F1249CA2D4D, 43ADF35146E61E0DE58D2ACC2994538F6025135ECEB30073BEF05A804BB38107 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:29:51.0808 0x120c AdobeFlashPlayerUpdateSvc - ok
21:29:51.0837 0x120c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
21:29:51.0850 0x120c adp94xx - ok
21:29:51.0877 0x120c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
21:29:51.0897 0x120c adpahci - ok
21:29:51.0908 0x120c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
21:29:51.0916 0x120c adpu320 - ok
21:29:51.0924 0x120c [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:29:51.0948 0x120c AeLookupSvc - ok
21:29:51.0957 0x120c [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
21:29:51.0972 0x120c AFD - ok
21:29:51.0977 0x120c [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
21:29:51.0984 0x120c agp440 - ok
21:29:51.0991 0x120c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
21:29:51.0999 0x120c ALG - ok
21:29:52.0001 0x120c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
21:29:52.0007 0x120c aliide - ok
21:29:52.0009 0x120c [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
21:29:52.0015 0x120c amdide - ok
21:29:52.0032 0x120c [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
21:29:52.0039 0x120c AmdK8 - ok
21:29:52.0044 0x120c [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
21:29:52.0051 0x120c AmdPPM - ok
21:29:52.0055 0x120c [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:29:52.0062 0x120c amdsata - ok
21:29:52.0073 0x120c [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
21:29:52.0088 0x120c amdsbs - ok
21:29:52.0091 0x120c [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:29:52.0106 0x120c amdxata - ok
21:29:52.0119 0x120c [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
21:29:52.0132 0x120c AntiVirSchedulerService - ok
21:29:52.0141 0x120c [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
21:29:52.0151 0x120c AntiVirService - ok
21:29:52.0159 0x120c [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
21:29:52.0191 0x120c AppID - ok
21:29:52.0195 0x120c [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:29:52.0215 0x120c AppIDSvc - ok
21:29:52.0219 0x120c [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
21:29:52.0226 0x120c Appinfo - ok
21:29:52.0238 0x120c [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
21:29:52.0249 0x120c AppMgmt - ok
21:29:52.0254 0x120c [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
21:29:52.0261 0x120c arc - ok
21:29:52.0267 0x120c [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
21:29:52.0276 0x120c arcsas - ok
21:29:52.0285 0x120c [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:29:52.0297 0x120c aspnet_state - ok
21:29:52.0302 0x120c [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:29:52.0324 0x120c AsyncMac - ok
21:29:52.0328 0x120c [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
21:29:52.0340 0x120c atapi - ok
21:29:52.0368 0x120c [ 36322190763845975E0D001E90687BF2, EA3DB2D112015CA5C744C5A84CDEFF6D02CE7D0E7E6E141AE3E527C2FAB5600E ] athur C:\Windows\system32\DRIVERS\athurx.sys
21:29:52.0409 0x120c athur - ok
21:29:52.0453 0x120c [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:29:52.0492 0x120c AudioEndpointBuilder - ok
21:29:52.0536 0x120c [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
21:29:52.0582 0x120c AudioSrv - ok
21:29:52.0586 0x120c [ 4663C5AD76FE8E19592DE808156FA07D, 605827B4A9D6930BC752D124BF75D55D4927B0ABEF881CDE66F3C5CC1DB215FE ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
21:29:52.0593 0x120c avgntflt - ok
21:29:52.0599 0x120c [ 8902AEC2382A37E9E99A4E0D52DBD42B, 138F2D7E7430132B2C527D413BC845CC467F084F39C232EC3A17DD2A74EE401E ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
21:29:52.0607 0x120c avipbb - ok
21:29:52.0611 0x120c [ A59D07E02A75EDC8FA141470C5EC96C3, A20416444B3C15F85651383F8D40F4F93400B1B78A60174A2AD3A6308836ED93 ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
21:29:52.0618 0x120c Avira.OE.ServiceHost - ok
21:29:52.0620 0x120c [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
21:29:52.0626 0x120c avkmgr - ok
21:29:52.0633 0x120c [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:29:52.0645 0x120c AxInstSV - ok
21:29:52.0673 0x120c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
21:29:52.0691 0x120c b06bdrv - ok
21:29:52.0707 0x120c [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
21:29:52.0722 0x120c b57nd60a - ok
21:29:52.0732 0x120c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
21:29:52.0740 0x120c BDESVC - ok
21:29:52.0743 0x120c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
21:29:52.0762 0x120c Beep - ok
21:29:52.0801 0x120c [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
21:29:52.0820 0x120c BFE - ok
21:29:52.0862 0x120c [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
21:29:52.0910 0x120c BITS - ok
21:29:52.0916 0x120c [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
21:29:52.0923 0x120c blbdrive - ok
21:29:52.0926 0x120c [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:29:52.0934 0x120c bowser - ok
21:29:52.0937 0x120c [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
21:29:52.0944 0x120c BrFiltLo - ok
21:29:52.0947 0x120c [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
21:29:52.0955 0x120c BrFiltUp - ok
21:29:52.0959 0x120c [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
21:29:52.0967 0x120c Browser - ok
21:29:52.0990 0x120c [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:29:53.0009 0x120c Brserid - ok
21:29:53.0014 0x120c [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:29:53.0022 0x120c BrSerWdm - ok
21:29:53.0025 0x120c [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:29:53.0038 0x120c BrUsbMdm - ok
21:29:53.0041 0x120c [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:29:53.0048 0x120c BrUsbSer - ok
21:29:53.0053 0x120c [ DB109DA005B6FE2A350C5DD7CA768DFD, 241A0BFAEFB1B165C00EE75E8CA382B5935F5DF447DAD5AE9022B2B78317668E ] BrYNSvc C:\Program Files (x86)\Browny02\BrYNSvc.exe
21:29:53.0060 0x120c BrYNSvc - detected UnsignedFile.Multi.Generic ( 1 )
21:30:03.0105 0x120c BrYNSvc ( UnsignedFile.Multi.Generic ) - warning
21:30:03.0105 0x120c Force sending object to P2P due to detect: BrYNSvc
21:30:06.0504 0x120c Object send P2P result: true
21:30:08.0879 0x120c [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
21:30:08.0915 0x120c BTHMODEM - ok
21:30:08.0922 0x120c [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
21:30:08.0949 0x120c bthserv - ok
21:30:08.0958 0x120c [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:30:08.0995 0x120c cdfs - ok
21:30:09.0005 0x120c [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:30:09.0018 0x120c cdrom - ok
21:30:09.0023 0x120c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
21:30:09.0055 0x120c CertPropSvc - ok
21:30:09.0060 0x120c [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
21:30:09.0069 0x120c circlass - ok
21:30:09.0110 0x120c [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
21:30:09.0127 0x120c CLFS - ok
21:30:09.0168 0x120c [ FE0CFEDA0CFC71F1FF0F77E85CA1FE1F, D067024F9110CEEF573152275DAB100943B59A36E58B342B5CC764FC3C917834 ] ClickToRunSvc C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
21:30:09.0209 0x120c ClickToRunSvc - ok
21:30:09.0217 0x120c [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:30:09.0224 0x120c clr_optimization_v2.0.50727_32 - ok
21:30:09.0229 0x120c [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:30:09.0245 0x120c clr_optimization_v2.0.50727_64 - ok
21:30:09.0253 0x120c [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:30:09.0262 0x120c clr_optimization_v4.0.30319_32 - ok
21:30:09.0267 0x120c [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:30:09.0277 0x120c clr_optimization_v4.0.30319_64 - ok
21:30:09.0280 0x120c [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
21:30:09.0297 0x120c CmBatt - ok
21:30:09.0301 0x120c [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:30:09.0307 0x120c cmdide - ok
21:30:09.0327 0x120c [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
21:30:09.0348 0x120c CNG - ok
21:30:09.0352 0x120c [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
21:30:09.0358 0x120c Compbatt - ok
21:30:09.0364 0x120c [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
21:30:09.0373 0x120c CompositeBus - ok
21:30:09.0378 0x120c COMSysApp - ok
21:30:09.0422 0x120c [ 3F254EE50F4098616C7D8F7F3BF3C955, 416D558A02A272D78DD21AF6A258CB03599228EDF04E38E488C0046397655D5A ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
21:30:09.0432 0x120c cphs - ok
21:30:09.0434 0x120c [ 3CA734CE373E5675FBC15CA2C45228E5, A6C6E9FABDE5EA18D266DB71C0CC6B51D682116D1898CCB4E9BA730F15C44B32 ] cpudrv64 C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys
21:30:09.0439 0x120c cpudrv64 - ok
21:30:09.0443 0x120c [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
21:30:09.0450 0x120c crcdisk - ok
21:30:09.0458 0x120c [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:30:09.0468 0x120c CryptSvc - ok
21:30:09.0486 0x120c [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
21:30:09.0502 0x120c CSC - ok
21:30:09.0529 0x120c [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
21:30:09.0548 0x120c CscService - ok
21:30:09.0574 0x120c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:30:09.0602 0x120c DcomLaunch - ok
21:30:09.0620 0x120c [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
21:30:09.0651 0x120c defragsvc - ok
21:30:09.0658 0x120c [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:30:09.0685 0x120c DfsC - ok
21:30:09.0701 0x120c [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
21:30:09.0718 0x120c Dhcp - ok
21:30:09.0721 0x120c [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
21:30:09.0761 0x120c discache - ok
21:30:09.0768 0x120c [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
21:30:09.0775 0x120c Disk - ok
21:30:09.0781 0x120c [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
21:30:09.0796 0x120c dmvsc - ok
21:30:09.0802 0x120c [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:30:09.0811 0x120c Dnscache - ok
21:30:09.0832 0x120c [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
21:30:09.0865 0x120c dot3svc - ok
21:30:09.0877 0x120c [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
21:30:09.0899 0x120c DPS - ok
21:30:09.0901 0x120c [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:30:09.0910 0x120c drmkaud - ok
21:30:09.0935 0x120c [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:30:09.0980 0x120c DXGKrnl - ok
21:30:09.0990 0x120c [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
21:30:10.0031 0x120c EapHost - ok
21:30:10.0201 0x120c [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
21:30:10.0263 0x120c ebdrv - ok
21:30:10.0269 0x120c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
21:30:10.0276 0x120c EFS - ok
21:30:10.0320 0x120c [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:30:10.0340 0x120c ehRecvr - ok
21:30:10.0351 0x120c [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
21:30:10.0365 0x120c ehSched - ok
21:30:10.0400 0x120c [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
21:30:10.0424 0x120c elxstor - ok
21:30:10.0427 0x120c [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:30:10.0434 0x120c ErrDev - ok
21:30:10.0463 0x120c [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
21:30:10.0501 0x120c EventSystem - ok
21:30:10.0514 0x120c [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
21:30:10.0543 0x120c exfat - ok
21:30:10.0556 0x120c [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:30:10.0580 0x120c fastfat - ok
21:30:10.0620 0x120c [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
21:30:10.0639 0x120c Fax - ok
21:30:10.0643 0x120c [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
21:30:10.0650 0x120c fdc - ok
21:30:10.0655 0x120c [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
21:30:10.0676 0x120c fdPHost - ok
21:30:10.0686 0x120c [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
21:30:10.0706 0x120c FDResPub - ok
21:30:10.0713 0x120c [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:30:10.0721 0x120c FileInfo - ok
21:30:10.0729 0x120c [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:30:10.0749 0x120c Filetrace - ok
21:30:10.0757 0x120c [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
21:30:10.0764 0x120c flpydisk - ok
21:30:10.0801 0x120c [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:30:10.0811 0x120c FltMgr - ok
21:30:10.0878 0x120c [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
21:30:10.0906 0x120c FontCache - ok
21:30:10.0922 0x120c [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:30:10.0928 0x120c FontCache3.0.0.0 - ok
21:30:10.0934 0x120c [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:30:10.0940 0x120c FsDepends - ok
21:30:10.0957 0x120c [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:30:10.0963 0x120c Fs_Rec - ok
21:30:10.0991 0x120c [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:30:11.0003 0x120c fvevol - ok
21:30:11.0009 0x120c [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
21:30:11.0023 0x120c gagp30kx - ok
21:30:11.0025 0x120c [ 16C2A6BCDDA8952C2035DEC861492A19, 9023CD3A2C1009786A48EF7FBCC97ED1724C836279424A4D465CCE1AFA2DBDDA ] ggflt C:\Windows\system32\DRIVERS\ggflt.sys
21:30:11.0030 0x120c ggflt - ok
21:30:11.0032 0x120c [ 6B503DF845EABF3457E49FBBDA26C10E, A1553E3822EDEA26D8E67FCC7F9EA40DFBED49EC92FD5674AAF938F2D58CF964 ] ggsemc C:\Windows\system32\DRIVERS\ggsemc.sys
21:30:11.0037 0x120c ggsemc - ok
21:30:11.0092 0x120c [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
21:30:11.0126 0x120c gpsvc - ok
21:30:11.0131 0x120c [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:30:11.0137 0x120c gupdate - ok
21:30:11.0141 0x120c [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:30:11.0148 0x120c gupdatem - ok
21:30:11.0152 0x120c [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:30:11.0160 0x120c hcw85cir - ok
21:30:11.0168 0x120c [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:30:11.0181 0x120c HdAudAddService - ok
21:30:11.0190 0x120c [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
21:30:11.0200 0x120c HDAudBus - ok
21:30:11.0204 0x120c [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
21:30:11.0214 0x120c HidBatt - ok
21:30:11.0223 0x120c [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
21:30:11.0233 0x120c HidBth - ok
21:30:11.0238 0x120c [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
21:30:11.0247 0x120c HidIr - ok
21:30:11.0252 0x120c [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
21:30:11.0274 0x120c hidserv - ok
21:30:11.0276 0x120c [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
21:30:11.0283 0x120c HidUsb - ok
21:30:11.0288 0x120c [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:30:11.0309 0x120c hkmsvc - ok
21:30:11.0323 0x120c [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:30:11.0334 0x120c HomeGroupListener - ok
21:30:11.0344 0x120c [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:30:11.0355 0x120c HomeGroupProvider - ok
21:30:11.0363 0x120c [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:30:11.0370 0x120c HpSAMD - ok
21:30:11.0418 0x120c [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:30:11.0451 0x120c HTTP - ok
21:30:11.0454 0x120c [ D7E0591E2BA1289C875A9D948377441E, 9FDBC10A4FBCE2E9521DF84E177A08530DF6FBF1F830B3D3788367DF8F8ED327 ] HWiNFO32 C:\Windows\system32\drivers\HWiNFO64A.SYS
21:30:11.0460 0x120c HWiNFO32 - ok
21:30:11.0463 0x120c [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:30:11.0469 0x120c hwpolicy - ok
21:30:11.0476 0x120c [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
21:30:11.0484 0x120c i8042prt - ok
21:30:11.0496 0x120c [ 57CD95DEB3529181BCC931DD2DFB2341, 03ACF906E4C3CF954F503900F42C7A60FCD5624772B90A956F032484146E42B7 ] iaStorA C:\Windows\system32\DRIVERS\iaStorA.sys
21:30:11.0512 0x120c iaStorA - ok
21:30:11.0518 0x120c [ 20E83F4632E15A5E9E716FF2E8AC7FAE, 7CA1A4924F432AD30ED7FA6247C6513DA173EE31132AE115E85C0ED7E5971029 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
21:30:11.0523 0x120c IAStorDataMgrSvc - ok
21:30:11.0526 0x120c [ CE5CD8CBE940965867D507AB8EA2795A, 1CC2C23A1436E4C911DD3B942D8F6DABB7249AB04426F9AB6B6045034226DD25 ] iaStorF C:\Windows\system32\DRIVERS\iaStorF.sys
21:30:11.0532 0x120c iaStorF - ok
21:30:11.0540 0x120c [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:30:11.0561 0x120c iaStorV - ok
21:30:11.0566 0x120c [ D9A9FFC89F61CAD4AD9EF31FBB17E634, F81184889B30DA8947F22A9C9ED5C542295ED70F0A1C27D1C91BAC21F4BCD987 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
21:30:11.0574 0x120c ICCS - ok
21:30:11.0590 0x120c [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:30:11.0611 0x120c idsvc - ok
21:30:11.0614 0x120c IEEtwCollectorService - ok
21:30:11.0807 0x120c [ FFDCE455DA8BD9344494993897237AAF, 0CAB5926FE0F16F717858484DCD81F184108F1C6D8530280BC982E4C0CC24D0B ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
21:30:11.0917 0x120c igfx - ok
21:30:11.0926 0x120c [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
21:30:11.0932 0x120c iirsp - ok
21:30:11.0935 0x120c [ 39F3C7E218CE9118106D166F09AE1352, B78ADFC87AACF868D62A7FB0971B8786C1315A9B4D34D3E3159AD3F24D78AD62 ] ikbevent C:\Windows\system32\DRIVERS\ikbevent.sys
21:30:11.0940 0x120c ikbevent - ok
21:30:11.0954 0x120c [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
21:30:11.0976 0x120c IKEEXT - ok
21:30:11.0979 0x120c [ 404906005D768E48BF16218B420249C7, 78409A077F244FCAC806180384C240F3BB1FF7ECF02EDB5E5D3188F458AB23D1 ] imsevent C:\Windows\system32\DRIVERS\imsevent.sys
21:30:11.0987 0x120c imsevent - ok
21:30:11.0990 0x120c [ 3F2BB021CB280880F8C1B7A6FEF9B447, CEC0BF9D6C9CF6E6A9F9B4E656BD47208AC977EDDC11C1C3BCD07EB50BABC017 ] INETMON C:\Windows\System32\Drivers\INETMON.sys
21:30:11.0996 0x120c INETMON - ok
21:30:12.0065 0x120c [ E9740A3BC0AE6EA035FF7ECE3A1B27B6, 4CA3E094B0057E143955DE5D41C3344688B6D2C4FFC0417235FF46312B600F99 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:30:12.0143 0x120c IntcAzAudAddService - ok
21:30:12.0173 0x120c [ 56BF61A0F2CB461DFC78AC5260739D5C, DE6C0B6B614BE4BFEB7A2D992C4881BD720278247A0053B9154B453311B7E510 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
21:30:12.0188 0x120c IntcDAud - ok
21:30:12.0217 0x120c [ 0DB1E3F6189C628675F855C0EB510419, 989F539E82105019D2D81255369B96DC65826CD2A421DA09809155B26F69C555 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
21:30:12.0233 0x120c Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
21:30:14.0622 0x120c Detect skipped due to KSN trusted
21:30:14.0622 0x120c Intel(R) Capability Licensing Service Interface - ok
21:30:14.0659 0x120c [ 492AAF2FF66F437F0E796574B116EFC3, 6BF21C61ED05705DD58203952A750D1AB4D4B62F3A2B640BBBD9B85D1ECC3E5C ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
21:30:14.0676 0x120c Intel(R) Capability Licensing Service TCP IP Interface - ok
21:30:14.0679 0x120c [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
21:30:14.0685 0x120c intelide - ok
21:30:14.0690 0x120c [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:30:14.0697 0x120c intelppm - ok
21:30:14.0704 0x120c [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:30:14.0726 0x120c IPBusEnum - ok
21:30:14.0734 0x120c [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:30:14.0770 0x120c IpFilterDriver - ok
21:30:14.0781 0x120c [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:30:14.0803 0x120c iphlpsvc - ok
21:30:14.0811 0x120c [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
21:30:14.0818 0x120c IPMIDRV - ok
21:30:14.0828 0x120c [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:30:14.0857 0x120c IPNAT - ok
21:30:14.0861 0x120c [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:30:14.0870 0x120c IRENUM - ok
21:30:14.0877 0x120c [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:30:14.0883 0x120c isapnp - ok
21:30:14.0890 0x120c [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
21:30:14.0899 0x120c iScsiPrt - ok
21:30:14.0902 0x120c [ 4EE2423C38F43D37F8497A672FD10BDC, 031C5272DD28809255CF4FA8E6DE45DBFBD9A363BBD5156D0AEE0787C4297980 ] ISCT C:\Windows\system32\DRIVERS\ISCTD64.sys
21:30:14.0909 0x120c ISCT - ok
21:30:14.0917 0x120c [ 5215D12B13FC2BC7717AA4884846D34F, B97B8FFC6FB212398BF772C08B318411EA70B683B816906F30EF35DEB5B1C130 ] ISCTAgent C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
21:30:14.0931 0x120c ISCTAgent - ok
21:30:14.0934 0x120c [ 45392E76EE30DC9C8F0181C785F0BA48, 7FB522E1AA9B877B9FB1A29C2ADC42EA794E8864AD2411AD275F00F00547F8F3 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
21:30:14.0939 0x120c iusb3hcs - ok
21:30:14.0947 0x120c [ C6E8FB7FF41877378CCB30DE6E9941DF, CA808A00C0CC21C1C7BE54F0D1E5D3F24C0032BE821C064E0A63901F20F3C6BC ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
21:30:14.0957 0x120c iusb3hub - ok
21:30:14.0973 0x120c [ 6FBA980433B2B21604CE990FBF542D3F, ACB35A5558DD9EF9A339C9D061207AF5527D3AEFC9AC99AB6CFBA1CE92F8B62D ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
21:30:14.0990 0x120c iusb3xhc - ok
21:30:14.0997 0x120c [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
21:30:15.0005 0x120c jhi_service - ok
21:30:15.0010 0x120c [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
21:30:15.0016 0x120c kbdclass - ok
21:30:15.0020 0x120c [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
21:30:15.0027 0x120c kbdhid - ok
21:30:15.0030 0x120c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
21:30:15.0037 0x120c KeyIso - ok
21:30:15.0040 0x120c [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:30:15.0047 0x120c KSecDD - ok
21:30:15.0051 0x120c [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:30:15.0063 0x120c KSecPkg - ok
21:30:15.0067 0x120c [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:30:15.0090 0x120c ksthunk - ok
21:30:15.0100 0x120c [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
21:30:15.0127 0x120c KtmRm - ok
21:30:15.0141 0x120c [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
21:30:15.0172 0x120c LanmanServer - ok
21:30:15.0179 0x120c [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:30:15.0201 0x120c LanmanWorkstation - ok
21:30:15.0205 0x120c [ ADA0C09E8AEDC17F11D8E1731986A88A, 1B25D7137E89149BB61FF52BE0259F48E374FC4F7114FAF267AF7A19F3B89BD3 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
21:30:15.0210 0x120c LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
21:30:17.0598 0x120c Detect skipped due to KSN trusted
21:30:17.0599 0x120c LightScribeService - ok
21:30:17.0604 0x120c [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:30:17.0626 0x120c lltdio - ok
21:30:17.0646 0x120c [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:30:17.0672 0x120c lltdsvc - ok
21:30:17.0675 0x120c [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:30:17.0699 0x120c lmhosts - ok
21:30:17.0709 0x120c [ 90C864827E1722F5BB6EEA8896A4E8EF, 6F9D96B7A65BD79ED5A384025393F36A5DEAC4EE01CA173874906B54F57150EF ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
21:30:17.0732 0x120c LMS - ok
21:30:17.0742 0x120c [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
21:30:17.0749 0x120c LSI_FC - ok
21:30:17.0758 0x120c [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
21:30:17.0765 0x120c LSI_SAS - ok
21:30:17.0772 0x120c [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
21:30:17.0779 0x120c LSI_SAS2 - ok
21:30:17.0790 0x120c [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
21:30:17.0798 0x120c LSI_SCSI - ok
21:30:17.0807 0x120c [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
21:30:17.0829 0x120c luafv - ok
21:30:17.0832 0x120c [ F92B0E478C0FAA6D6661E6E977247E60, 8B26B57C2C60C98CD6273ACA126B2CD0356ADB13A59FEC12882357A6B973123C ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
21:30:17.0838 0x120c MBAMProtector - ok
21:30:17.0871 0x120c [ D84AEA3F3329D622DFC1297DDDF6163B, 316FE56CC30ED1473A917253F46B79EAA12F4ABD5B4B1ADB03929DFEE940F577 ] MBAMScheduler C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
21:30:17.0903 0x120c MBAMScheduler - ok
21:30:17.0920 0x120c [ 4F45ED469906494F9BF754E476390DBD, D8FF6AFD73D8C191F5732DF9737E6F83B2B52B06A3A6CD4CC6EAC9464CBB2772 ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
21:30:17.0938 0x120c MBAMService - ok
21:30:17.0943 0x120c [ 8A50D5304E6AE48664CF5838EC32F647, C76943FABEE1B5E1B641AA610668CCD4227E2C4B191DD30B79D3AB31A9E8B5BE ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
21:30:17.0955 0x120c MBAMSwissArmy - ok
21:30:17.0959 0x120c [ 15E8ABC06843672955CE26A009533BAD, E7221B7DE9DB45447C68E79C6BFD064713C5974F7E79925BD7DEEF71F73F3E83 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
21:30:17.0969 0x120c MBAMWebAccessControl - ok
21:30:17.0972 0x120c [ 8FF2D95CBA49B405C5DE27039FF0BF35, 03BF7FC7F1C2C76EDB583BA342EA1C325DB8058517744EF2A78529D3938F4DC1 ] MBfilt C:\Windows\system32\drivers\MBfilt64.sys
21:30:17.0978 0x120c MBfilt - ok
21:30:17.0985 0x120c [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:30:17.0995 0x120c Mcx2Svc - ok
21:30:17.0999 0x120c [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
21:30:18.0005 0x120c megasas - ok
21:30:18.0025 0x120c [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
21:30:18.0034 0x120c MegaSR - ok
21:30:18.0038 0x120c [ 926C135CFB0C75B32FB714B5C0C58FAA, AF627CD125794B69D450D298D5608D357F2C91FB89EBFAA0DA2A0F07C6A304A8 ] MEIx64 C:\Windows\system32\DRIVERS\TeeDriverx64.sys
21:30:18.0045 0x120c MEIx64 - ok
21:30:18.0049 0x120c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
21:30:18.0072 0x120c MMCSS - ok
21:30:18.0078 0x120c [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
21:30:18.0099 0x120c Modem - ok
21:30:18.0103 0x120c [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:30:18.0112 0x120c monitor - ok
21:30:18.0117 0x120c [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:30:18.0123 0x120c mouclass - ok
21:30:18.0127 0x120c [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:30:18.0134 0x120c mouhid - ok
21:30:18.0142 0x120c [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:30:18.0148 0x120c mountmgr - ok
21:30:18.0159 0x120c [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
21:30:18.0167 0x120c mpio - ok
21:30:18.0172 0x120c [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:30:18.0193 0x120c mpsdrv - ok
21:30:18.0245 0x120c [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:30:18.0279 0x120c MpsSvc - ok
21:30:18.0284 0x120c [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:30:18.0293 0x120c MRxDAV - ok
21:30:18.0297 0x120c [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:30:18.0306 0x120c mrxsmb - ok
21:30:18.0313 0x120c [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:30:18.0327 0x120c mrxsmb10 - ok
21:30:18.0331 0x120c [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:30:18.0340 0x120c mrxsmb20 - ok
21:30:18.0343 0x120c [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
21:30:18.0349 0x120c msahci - ok
21:30:18.0359 0x120c [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:30:18.0366 0x120c msdsm - ok
21:30:18.0373 0x120c [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
21:30:18.0383 0x120c MSDTC - ok
21:30:18.0388 0x120c [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:30:18.0414 0x120c Msfs - ok
21:30:18.0416 0x120c [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:30:18.0455 0x120c mshidkmdf - ok
21:30:18.0456 0x120c MSICDSetup - ok
21:30:18.0460 0x120c [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:30:18.0466 0x120c msisadrv - ok
21:30:18.0477 0x120c [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:30:18.0500 0x120c MSiSCSI - ok
21:30:18.0502 0x120c msiserver - ok
21:30:18.0505 0x120c [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:30:18.0525 0x120c MSKSSRV - ok
21:30:18.0528 0x120c [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:30:18.0549 0x120c MSPCLOCK - ok
21:30:18.0552 0x120c [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:30:18.0572 0x120c MSPQM - ok
21:30:18.0596 0x120c [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:30:18.0608 0x120c MsRPC - ok
21:30:18.0612 0x120c [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
21:30:18.0619 0x120c mssmbios - ok
21:30:18.0621 0x120c [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:30:18.0641 0x120c MSTEE - ok
21:30:18.0644 0x120c [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
21:30:18.0651 0x120c MTConfig - ok
21:30:18.0656 0x120c [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
21:30:18.0664 0x120c Mup - ok
21:30:18.0688 0x120c [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
21:30:18.0718 0x120c napagent - ok
21:30:18.0739 0x120c [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:30:18.0758 0x120c NativeWifiP - ok
21:30:18.0775 0x120c [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
21:30:18.0795 0x120c NDIS - ok
21:30:18.0801 0x120c [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:30:18.0822 0x120c NdisCap - ok
21:30:18.0825 0x120c [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:30:18.0846 0x120c NdisTapi - ok
21:30:18.0852 0x120c [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:30:18.0872 0x120c Ndisuio - ok
21:30:18.0885 0x120c [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:30:18.0907 0x120c NdisWan - ok
21:30:18.0914 0x120c [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:30:18.0934 0x120c NDProxy - ok
21:30:18.0939 0x120c [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:30:18.0960 0x120c NetBIOS - ok
21:30:18.0975 0x120c [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:30:18.0998 0x120c NetBT - ok
21:30:19.0000 0x120c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
21:30:19.0011 0x120c Netlogon - ok
21:30:19.0037 0x120c [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
21:30:19.0074 0x120c Netman - ok
21:30:19.0082 0x120c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:30:19.0092 0x120c NetMsmqActivator - ok
21:30:19.0096 0x120c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:30:19.0104 0x120c NetPipeActivator - ok
21:30:19.0135 0x120c [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
21:30:19.0164 0x120c netprofm - ok
21:30:19.0167 0x120c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:30:19.0176 0x120c NetTcpActivator - ok
21:30:19.0180 0x120c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:30:19.0189 0x120c NetTcpPortSharing - ok
21:30:19.0193 0x120c [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
21:30:19.0199 0x120c nfrd960 - ok
21:30:19.0206 0x120c [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:30:19.0218 0x120c NlaSvc - ok
21:30:19.0223 0x120c [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:30:19.0250 0x120c Npfs - ok
21:30:19.0255 0x120c [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
21:30:19.0277 0x120c nsi - ok
21:30:19.0280 0x120c [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:30:19.0312 0x120c nsiproxy - ok
21:30:19.0339 0x120c [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:30:19.0373 0x120c Ntfs - ok
21:30:19.0375 0x120c NTIOLib_1_0_C - ok
21:30:19.0382 0x120c [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
21:30:19.0422 0x120c Null - ok
21:30:19.0426 0x120c [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:30:19.0433 0x120c nvraid - ok
21:30:19.0438 0x120c [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:30:19.0447 0x120c nvstor - ok
21:30:19.0460 0x120c [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:30:19.0477 0x120c nv_agp - ok
21:30:19.0484 0x120c [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
21:30:19.0501 0x120c ohci1394 - ok
21:30:19.0505 0x120c [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:30:19.0514 0x120c ose - ok
21:30:19.0590 0x120c [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:30:19.0701 0x120c osppsvc - ok
21:30:19.0725 0x120c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:30:19.0737 0x120c p2pimsvc - ok
21:30:19.0763 0x120c [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
21:30:19.0777 0x120c p2psvc - ok
21:30:19.0784 0x120c [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
21:30:19.0792 0x120c Parport - ok
21:30:19.0795 0x120c [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:30:19.0801 0x120c partmgr - ok
21:30:19.0812 0x120c [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
21:30:19.0825 0x120c PcaSvc - ok
21:30:19.0839 0x120c [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
21:30:19.0855 0x120c pci - ok
21:30:19.0858 0x120c [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
21:30:19.0864 0x120c pciide - ok
21:30:19.0880 0x120c [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
21:30:19.0889 0x120c pcmcia - ok
21:30:19.0894 0x120c [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
21:30:19.0901 0x120c pcw - ok
21:30:19.0937 0x120c [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:30:19.0968 0x120c PEAUTH - ok
21:30:20.0022 0x120c [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
21:30:20.0052 0x120c PeerDistSvc - ok
21:30:20.0081 0x120c [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:30:20.0089 0x120c PerfHost - ok
21:30:20.0154 0x120c [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
21:30:20.0198 0x120c pla - ok
21:30:20.0207 0x120c [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:30:20.0221 0x120c PlugPlay - ok
21:30:20.0232 0x120c [ B8AA36AB051D45220FD9E4CCD8DFF399, 789F21819A6DF1386DC23D061844A1B428936C4EC8B7D342B92B047D75D86F90 ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
21:30:20.0244 0x120c PMBDeviceInfoProvider - ok
21:30:20.0248 0x120c PnkBstrA - ok
21:30:20.0251 0x120c [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:30:20.0259 0x120c PNRPAutoReg - ok
21:30:20.0276 0x120c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:30:20.0289 0x120c PNRPsvc - ok
21:30:20.0317 0x120c [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:30:20.0345 0x120c PolicyAgent - ok
21:30:20.0355 0x120c [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
21:30:20.0379 0x120c Power - ok
21:30:20.0388 0x120c [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:30:20.0409 0x120c PptpMiniport - ok
21:30:20.0415 0x120c [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
21:30:20.0423 0x120c Processor - ok
21:30:20.0428 0x120c [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
21:30:20.0439 0x120c ProfSvc - ok
21:30:20.0442 0x120c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:30:20.0449 0x120c ProtectedStorage - ok
21:30:20.0457 0x120c [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:30:20.0479 0x120c Psched - ok
21:30:20.0574 0x120c [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
21:30:20.0616 0x120c ql2300 - ok
21:30:20.0627 0x120c [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
21:30:20.0635 0x120c ql40xx - ok
21:30:20.0646 0x120c [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
21:30:20.0661 0x120c QWAVE - ok
21:30:20.0667 0x120c [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:30:20.0678 0x120c QWAVEdrv - ok
21:30:20.0681 0x120c [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:30:20.0700 0x120c RasAcd - ok
21:30:20.0705 0x120c [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:30:20.0726 0x120c RasAgileVpn - ok
21:30:20.0733 0x120c [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
21:30:20.0773 0x120c RasAuto - ok
21:30:20.0782 0x120c [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:30:20.0803 0x120c Rasl2tp - ok
21:30:20.0819 0x120c [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
21:30:20.0844 0x120c RasMan - ok
21:30:20.0852 0x120c [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:30:20.0874 0x120c RasPppoe - ok
21:30:20.0881 0x120c [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:30:20.0902 0x120c RasSstp - ok
21:30:20.0918 0x120c [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:30:20.0943 0x120c rdbss - ok
21:30:20.0948 0x120c [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
21:30:20.0956 0x120c rdpbus - ok
21:30:20.0961 0x120c [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:30:20.0981 0x120c RDPCDD - ok
21:30:20.0995 0x120c [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
21:30:21.0004 0x120c RDPDR - ok
21:30:21.0006 0x120c [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:30:21.0046 0x120c RDPENCDD - ok
21:30:21.0050 0x120c [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:30:21.0070 0x120c RDPREFMP - ok
21:30:21.0073 0x120c [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:30:21.0080 0x120c RdpVideoMiniport - ok
21:30:21.0086 0x120c [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:30:21.0097 0x120c RDPWD - ok
21:30:21.0106 0x120c [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:30:21.0116 0x120c rdyboost - ok
21:30:21.0123 0x120c [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:30:21.0153 0x120c RemoteAccess - ok
21:30:21.0163 0x120c [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:30:21.0202 0x120c RemoteRegistry - ok
21:30:21.0208 0x120c [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:30:21.0230 0x120c RpcEptMapper - ok
21:30:21.0232 0x120c [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
21:30:21.0240 0x120c RpcLocator - ok
21:30:21.0266 0x120c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
21:30:21.0302 0x120c RpcSs - ok
21:30:21.0309 0x120c [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:30:21.0329 0x120c rspndr - ok
21:30:21.0344 0x120c [ 61A04C0C084D560BBEF1D09604608262, 27230BDFB479FBD1B18BB4035059A52F8BE74B19190951EAC95D569E284421B3 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
21:30:21.0363 0x120c RTL8167 - ok
21:30:21.0366 0x120c [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
21:30:21.0373 0x120c s3cap - ok
21:30:21.0376 0x120c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
21:30:21.0383 0x120c SamSs - ok
21:30:21.0390 0x120c [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:30:21.0397 0x120c sbp2port - ok
21:30:21.0409 0x120c [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:30:21.0433 0x120c SCardSvr - ok
21:30:21.0437 0x120c [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:30:21.0458 0x120c scfilter - ok
21:30:21.0513 0x120c [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
21:30:21.0555 0x120c Schedule - ok
21:30:21.0563 0x120c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
21:30:21.0596 0x120c SCPolicySvc - ok
21:30:21.0610 0x120c [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:30:21.0619 0x120c SDRSVC - ok
21:30:21.0625 0x120c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:30:21.0651 0x120c secdrv - ok
21:30:21.0655 0x120c [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
21:30:21.0678 0x120c seclogon - ok
21:30:21.0684 0x120c [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
21:30:21.0706 0x120c SENS - ok
21:30:21.0711 0x120c [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:30:21.0717 0x120c SensrSvc - ok
21:30:21.0721 0x120c [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
21:30:21.0727 0x120c Serenum - ok
21:30:21.0733 0x120c [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
21:30:21.0741 0x120c Serial - ok
21:30:21.0747 0x120c [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
21:30:21.0753 0x120c sermouse - ok
21:30:21.0766 0x120c [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
21:30:21.0790 0x120c SessionEnv - ok
21:30:21.0793 0x120c [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:30:21.0802 0x120c sffdisk - ok
21:30:21.0804 0x120c [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:30:21.0812 0x120c sffp_mmc - ok
21:30:21.0816 0x120c [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:30:21.0824 0x120c sffp_sd - ok
21:30:21.0828 0x120c [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
21:30:21.0834 0x120c sfloppy - ok
21:30:21.0857 0x120c [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:30:21.0883 0x120c SharedAccess - ok
21:30:21.0906 0x120c [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:30:21.0933 0x120c ShellHWDetection - ok
21:30:21.0939 0x120c [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
21:30:21.0945 0x120c SiSRaid2 - ok
21:30:21.0952 0x120c [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
21:30:21.0959 0x120c SiSRaid4 - ok
21:30:21.0964 0x120c [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
21:30:21.0973 0x120c SkypeUpdate - ok
21:30:21.0979 0x120c [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:30:22.0005 0x120c Smb - ok
21:30:22.0010 0x120c [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:30:22.0017 0x120c SNMPTRAP - ok
21:30:22.0027 0x120c [ 3C1865D8E8C2DD9ADB29B1A21A8B1972, 4AA1E676545A52749325CB7EE3F24CAF550308804BE833F36A76A32E71BAC6CD ] SOHDms C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
21:30:22.0043 0x120c SOHDms - ok
21:30:22.0046 0x120c [ FA4AC5624B245FA03D4CCBA9C48D385E, 3125359763D34EE51EB1125217050DB29045154E76673F7CFED25B6301C7EEBE ] SOHDs C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
21:30:22.0053 0x120c SOHDs - ok
21:30:22.0059 0x120c [ C03E480E63A80D73FABE28D24D3B6B47, F8C68DC63A5492587F9343158348ADD99A99AF34DC7ED29E5562EE90C0AB8F25 ] SpfService C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
21:30:22.0068 0x120c SpfService - ok
21:30:22.0071 0x120c [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
21:30:22.0079 0x120c spldr - ok
21:30:22.0089 0x120c [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
21:30:22.0104 0x120c Spooler - ok
21:30:22.0290 0x120c [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
21:30:22.0396 0x120c sppsvc - ok
21:30:22.0406 0x120c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:30:22.0428 0x120c sppuinotify - ok
21:30:22.0438 0x120c [ 74D30C2EF66C2EB19F17ED5423AA8038, F79AB2B2B60620565FB2169255F95F4B37F6113F0AF776D1BAD02681EBE0DB54 ] sptd C:\Windows\System32\Drivers\sptd.sys
21:30:22.0449 0x120c sptd - ok
21:30:22.0461 0x120c [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
21:30:22.0475 0x120c srv - ok
21:30:22.0488 0x120c [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:30:22.0500 0x120c srv2 - ok
21:30:22.0507 0x120c [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:30:22.0517 0x120c srvnet - ok
21:30:22.0529 0x120c [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:30:22.0553 0x120c SSDPSRV - ok
21:30:22.0559 0x120c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:30:22.0581 0x120c SstpSvc - ok
21:30:22.0592 0x120c [ BC76D75A372BC02831A6A6AEA66510F8, 98EABF22D16E5326CE4FD4B7092E7A6BD52118698792D98A25C477ACCFDE7FF6 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
21:30:22.0605 0x120c Steam Client Service - ok
21:30:22.0609 0x120c [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
21:30:22.0615 0x120c stexstor - ok
21:30:22.0617 0x120c [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
21:30:22.0623 0x120c StillCam - ok
21:30:22.0654 0x120c [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
21:30:22.0674 0x120c stisvc - ok
21:30:22.0681 0x120c [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
21:30:22.0687 0x120c storflt - ok
21:30:22.0690 0x120c [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
21:30:22.0698 0x120c StorSvc - ok
21:30:22.0701 0x120c [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
21:30:22.0707 0x120c storvsc - ok
21:30:22.0711 0x120c [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
21:30:22.0717 0x120c swenum - ok
21:30:22.0748 0x120c [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
21:30:22.0777 0x120c swprv - ok
21:30:22.0871 0x120c [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
21:30:22.0911 0x120c SysMain - ok
21:30:22.0920 0x120c [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:30:22.0931 0x120c TabletInputService - ok
21:30:22.0952 0x120c [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
21:30:22.0978 0x120c TapiSrv - ok
21:30:22.0984 0x120c [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
21:30:23.0020 0x120c TBS - ok
21:30:23.0056 0x120c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:30:23.0098 0x120c Tcpip - ok
21:30:23.0129 0x120c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:30:23.0173 0x120c TCPIP6 - ok
21:30:23.0178 0x120c [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:30:23.0185 0x120c tcpipreg - ok
21:30:23.0188 0x120c [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:30:23.0195 0x120c TDPIPE - ok
21:30:23.0197 0x120c [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:30:23.0203 0x120c TDTCP - ok
21:30:23.0212 0x120c [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:30:23.0232 0x120c tdx - ok
21:30:23.0308 0x120c [ C32E6295D7D024B2302EFF1A7FEFD720, A9E5C78FD8765367863FFCA4954E52EEC77BE4956A6910CD09BBBF9D5BC96D4E ] TeamViewer9 C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
21:30:23.0383 0x120c TeamViewer9 - ok
21:30:23.0393 0x120c [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
21:30:23.0399 0x120c TermDD - ok
21:30:23.0436 0x120c [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
21:30:23.0467 0x120c TermService - ok
21:30:23.0472 0x120c [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
21:30:23.0483 0x120c Themes - ok
21:30:23.0487 0x120c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
21:30:23.0509 0x120c THREADORDER - ok
21:30:23.0515 0x120c [ 0A03E85A641F2672796D34F506066594, B2AA139CC53F25DB1709844483D404A8FA1D010167BCF164B4A31A029C606F7D ] TomTomHOMEService C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
21:30:23.0520 0x120c TomTomHOMEService - ok
21:30:23.0528 0x120c [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
21:30:23.0549 0x120c TrkWks - ok
21:30:23.0560 0x120c [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:30:23.0583 0x120c TrustedInstaller - ok
21:30:23.0587 0x120c [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:30:23.0594 0x120c tssecsrv - ok
21:30:23.0597 0x120c [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:30:23.0604 0x120c TsUsbFlt - ok
21:30:23.0607 0x120c [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
21:30:23.0614 0x120c TsUsbGD - ok
21:30:23.0622 0x120c [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:30:23.0642 0x120c tunnel - ok
21:30:23.0649 0x120c [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
21:30:23.0656 0x120c uagp35 - ok
21:30:23.0677 0x120c [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:30:23.0719 0x120c udfs - ok
21:30:23.0724 0x120c [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:30:23.0732 0x120c UI0Detect - ok
21:30:23.0736 0x120c [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:30:23.0743 0x120c uliagpkx - ok
21:30:23.0748 0x120c [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
21:30:23.0755 0x120c umbus - ok
21:30:23.0759 0x120c [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
21:30:23.0768 0x120c UmPass - ok
21:30:23.0780 0x120c [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
21:30:23.0791 0x120c UmRdpService - ok
21:30:23.0809 0x120c [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
21:30:23.0836 0x120c upnphost - ok
21:30:23.0840 0x120c [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:30:23.0852 0x120c usbccgp - ok
21:30:23.0856 0x120c [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:30:23.0867 0x120c usbcir - ok
21:30:23.0870 0x120c [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
21:30:23.0880 0x120c usbehci - ok
21:30:23.0887 0x120c [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:30:23.0902 0x120c usbhub - ok
21:30:23.0907 0x120c [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
21:30:23.0914 0x120c usbohci - ok
21:30:23.0918 0x120c [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
21:30:23.0929 0x120c usbprint - ok
21:30:23.0932 0x120c [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:30:23.0940 0x120c USBSTOR - ok
21:30:23.0945 0x120c [ C44D96B1CDDE705B23F55AB423CCA73D, AB9842E90DD3D686E66BDBE043EB0068272B611D6F63C818EB9D1B6FE2FE23BD ] USBTINSP C:\Windows\system32\DRIVERS\tinspusb.sys
21:30:23.0958 0x120c USBTINSP - ok
21:30:23.0961 0x120c [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
21:30:23.0967 0x120c usbuhci - ok
21:30:23.0971 0x120c [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
21:30:23.0993 0x120c UxSms - ok
21:30:23.0995 0x120c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
21:30:24.0002 0x120c VaultSvc - ok
21:30:24.0006 0x120c [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:30:24.0019 0x120c vdrvroot - ok
21:30:24.0046 0x120c [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
21:30:24.0075 0x120c vds - ok
21:30:24.0079 0x120c [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:30:24.0088 0x120c vga - ok
21:30:24.0092 0x120c [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
21:30:24.0112 0x120c VgaSave - ok
21:30:24.0129 0x120c [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
21:30:24.0138 0x120c vhdmp - ok
21:30:24.0140 0x120c [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
21:30:24.0147 0x120c viaide - ok
21:30:24.0160 0x120c [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
21:30:24.0179 0x120c vmbus - ok
21:30:24.0182 0x120c [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
21:30:24.0189 0x120c VMBusHID - ok
21:30:24.0195 0x120c [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:30:24.0203 0x120c volmgr - ok
21:30:24.0227 0x120c [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:30:24.0239 0x120c volmgrx - ok
21:30:24.0256 0x120c [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:30:24.0267 0x120c volsnap - ok
21:30:24.0279 0x120c [ 78836108CF5AC6A0B365AC50A72F16D6, 53130B29A84E1CB5E96B81137DF7CFA69BF2A3C7E884ED45069BA9F5438776C1 ] vpnagent C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
21:30:24.0292 0x120c vpnagent - ok
21:30:24.0296 0x120c [ 0F42C39016F82F345C0F2DB2D5B90EB4, 2E957E72BB8D0293F61FA7385BA9400DF7759E1E3D35FE24F3877A6460988F4D ] vpnva C:\Windows\system32\DRIVERS\vpnva64-6.sys
21:30:24.0302 0x120c vpnva - ok
21:30:24.0315 0x120c [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
21:30:24.0323 0x120c vsmraid - ok
21:30:24.0402 0x120c [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
21:30:24.0493 0x120c VSS - ok
21:30:24.0503 0x120c [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
21:30:24.0515 0x120c vwifibus - ok
21:30:24.0518 0x120c [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
21:30:24.0528 0x120c vwififlt - ok
21:30:24.0553 0x120c [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
21:30:24.0594 0x120c W32Time - ok
21:30:24.0599 0x120c [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
21:30:24.0606 0x120c WacomPen - ok
21:30:24.0616 0x120c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:30:24.0658 0x120c WANARP - ok
21:30:24.0667 0x120c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:30:24.0688 0x120c Wanarpv6 - ok
21:30:24.0759 0x120c [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
21:30:24.0795 0x120c wbengine - ok
21:30:24.0807 0x120c [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:30:24.0821 0x120c WbioSrvc - ok
21:30:24.0842 0x120c [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:30:24.0867 0x120c wcncsvc - ok
21:30:24.0872 0x120c [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:30:24.0880 0x120c WcsPlugInService - ok
21:30:24.0884 0x120c [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
21:30:24.0890 0x120c Wd - ok
21:30:24.0904 0x120c [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:30:24.0923 0x120c Wdf01000 - ok
21:30:24.0930 0x120c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:30:24.0948 0x120c WdiServiceHost - ok
21:30:24.0953 0x120c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:30:24.0965 0x120c WdiSystemHost - ok
21:30:24.0971 0x120c [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
21:30:24.0984 0x120c WebClient - ok
21:30:24.0999 0x120c [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:30:25.0024 0x120c Wecsvc - ok
21:30:25.0032 0x120c [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:30:25.0054 0x120c wercplsupport - ok
21:30:25.0060 0x120c [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
21:30:25.0082 0x120c WerSvc - ok
21:30:25.0084 0x120c [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:30:25.0104 0x120c WfpLwf - ok
21:30:25.0109 0x120c [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:30:25.0115 0x120c WIMMount - ok
21:30:25.0117 0x120c WinDefend - ok
21:30:25.0120 0x120c WinHttpAutoProxySvc - ok
21:30:25.0137 0x120c [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:30:25.0168 0x120c Winmgmt - ok
21:30:25.0172 0x120c [ 0C0195C48B6B8582FA6F6373032118DA, 11BD2C9F9E2397C9A16E0990E4ED2CF0679498FE0FD418A3DFDAC60B5C160EE5 ] WinRing0_1_2_0 C:\Users\Flo\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries25.gadget\WinRing0x64.sys
21:30:25.0178 0x120c WinRing0_1_2_0 - ok
21:30:25.0289 0x120c [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
21:30:25.0343 0x120c WinRM - ok
21:30:25.0350 0x120c [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
21:30:25.0359 0x120c WinUsb - ok
21:30:25.0416 0x120c [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
21:30:25.0457 0x120c Wlansvc - ok
21:30:25.0492 0x120c [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:30:25.0532 0x120c wlidsvc - ok
21:30:25.0537 0x120c [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
21:30:25.0546 0x120c WmiAcpi - ok
21:30:25.0557 0x120c [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:30:25.0568 0x120c wmiApSrv - ok
21:30:25.0570 0x120c WMPNetworkSvc - ok
21:30:25.0573 0x120c [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:30:25.0581 0x120c WPCSvc - ok
21:30:25.0588 0x120c [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:30:25.0598 0x120c WPDBusEnum - ok
21:30:25.0602 0x120c [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:30:25.0642 0x120c ws2ifsl - ok
21:30:25.0649 0x120c [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
21:30:25.0662 0x120c wscsvc - ok
21:30:25.0665 0x120c [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
21:30:25.0675 0x120c WSDPrintDevice - ok
21:30:25.0679 0x120c [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
21:30:25.0685 0x120c WSDScan - ok
21:30:25.0688 0x120c WSearch - ok
21:30:25.0727 0x120c [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
21:30:25.0770 0x120c wuauserv - ok
21:30:25.0775 0x120c [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:30:25.0783 0x120c WudfPf - ok
21:30:25.0791 0x120c [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:30:25.0811 0x120c WUDFRd - ok
21:30:25.0815 0x120c [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:30:25.0824 0x120c wudfsvc - ok
21:30:25.0830 0x120c [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
21:30:25.0841 0x120c WwanSvc - ok
21:30:25.0847 0x120c [ 2C6BC21B2D5B58D8B1D638C1704CB494, 0AABCEB627E274E338DDD9BA664BAA128D7C00AF04C95C776C2AFFA6BB17F680 ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
21:30:25.0853 0x120c xusb21 - ok
21:30:25.0856 0x120c ================ Scan global ===============================
21:30:25.0860 0x120c [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
21:30:25.0865 0x120c [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
21:30:25.0873 0x120c [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
21:30:25.0879 0x120c [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
21:30:25.0900 0x120c [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
21:30:25.0905 0x120c [ Global ] - ok
21:30:25.0905 0x120c ================ Scan MBR ==================================
21:30:25.0921 0x120c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:30:25.0982 0x120c \Device\Harddisk0\DR0 - ok
21:30:25.0983 0x120c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
21:30:26.0000 0x120c \Device\Harddisk1\DR1 - ok
21:30:26.0001 0x120c ================ Scan VBR ==================================
21:30:26.0003 0x120c [ 40E216B2C2B1DCBCAC29700D5BF9D3C0 ] \Device\Harddisk0\DR0\Partition1
21:30:26.0004 0x120c \Device\Harddisk0\DR0\Partition1 - ok
21:30:26.0006 0x120c [ 31BA176DF69534EC1D577C7B83054366 ] \Device\Harddisk1\DR1\Partition1
21:30:26.0007 0x120c \Device\Harddisk1\DR1\Partition1 - ok
21:30:26.0009 0x120c [ 7648013189EBDE8D99C619E27CA52C2D ] \Device\Harddisk1\DR1\Partition2
21:30:26.0009 0x120c \Device\Harddisk1\DR1\Partition2 - ok
21:30:26.0011 0x120c [ 78A5916346A256103D7670AE78D88603 ] \Device\Harddisk1\DR1\Partition3
21:30:26.0012 0x120c \Device\Harddisk1\DR1\Partition3 - ok
21:30:26.0012 0x120c ================ Scan generic autorun ======================
21:30:26.0036 0x120c [ 79F5103C1098501C552DD2EF622FCADD, 7A746FA75D1DBE37692AA98201BD6C89D9A0E84F28D39648450A0C3835754905 ] C:\Windows\system32\igfxtray.exe
21:30:26.0062 0x120c IgfxTray - ok
21:30:26.0101 0x120c [ D7614FA0BEC32E2989EC4281CB8B22C2, C6C1F4ADBEB0662784ADBFA3F2F9AD4597F6DD7EAABA5F91B978210872F1F4BB ] C:\Windows\system32\hkcmd.exe
21:30:26.0159 0x120c HotKeysCmds - ok
21:30:26.0205 0x120c [ 8B24451ED1FF26BC20384DC35AEA7048, CE3923770034231A7A1C6F900D6D7FF0F8A473825E8DB9A7ED26151386AD419E ] C:\Windows\system32\igfxpers.exe
21:30:26.0260 0x120c Persistence - ok
21:30:26.0263 0x120c [ 4A0477ADCD07EC9D21257A2E456B16C5, CEF9C81730C12283A7600C3D921D89A62B14D1C46544B493F3AF7520DD2D1F79 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
21:30:26.0267 0x120c IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
21:30:28.0658 0x120c Detect skipped due to KSN trusted
21:30:28.0658 0x120c IAStorIcon - ok
21:30:29.0006 0x120c [ 2166853BF49ECB1870385736CFA0068C, 37FF80713C4EFDF1248D90253DF501351245A9ECD4CA2C85E5ACAACFF1895C38 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
21:30:29.0368 0x120c RTHDVCPL - ok
21:30:29.0387 0x120c [ ED43758BF94B8A5221D69F1B7F63F13D, F6E7418823E45085F4D4F50DD25A55ED517C0A335C6C2F69A1139B30677D3DA9 ] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe
21:30:29.0415 0x120c XboxStat - ok
21:30:29.0419 0x120c [ 1907517A11D41C24BD3A8F9137E334B7, 18AC567D9F1284B5CF60D5E98759D691E1BB1DE2637E55CEBEE88C1B68C10CD9 ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
21:30:29.0426 0x120c IMSS - ok
21:30:29.0432 0x120c [ E4E7B29D050F5480071984FE6543C311, 9A4D8D1702AE74AB4FE4367EAF4AD6500F59D4F25B3CCACE3EF07613B7B5853C ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
21:30:29.0445 0x120c USB3MON - ok
21:30:29.0470 0x120c [ 2AA5DD75EA1281432C40D22B5FD87D3A, 9868D4176C8F08EB72B0B992D3E2A480C587930CA025B4FDF3212F99B79C3017 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
21:30:29.0485 0x120c avgnt - ok
21:30:29.0606 0x120c [ 63E9C23A386FFFA84B5E03BFF9B628F0, A370962791EFC4B10548AAD31F89A2B288FBD5BDBF5749323C2D98C14DFB8B49 ] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
21:30:29.0692 0x120c BrStsMon00 - detected UnsignedFile.Multi.Generic ( 1 )
21:30:32.0081 0x120c Detect skipped due to KSN trusted
21:30:32.0081 0x120c BrStsMon00 - ok
21:30:32.0086 0x120c [ 2D0DCEE9E12C986D1ABDFD4ED456F542, 0F59D776C8D1148A845B56EB8B3C4D40CAB82CF3767F07C9444EAF7044B16A2E ] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe
21:30:32.0092 0x120c ControlCenter4 - detected UnsignedFile.Multi.Generic ( 1 )
21:30:34.0477 0x120c Detect skipped due to KSN trusted
21:30:34.0477 0x120c ControlCenter4 - ok
21:30:34.0518 0x120c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
21:30:34.0584 0x120c Sidebar - ok
21:30:34.0595 0x120c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
21:30:34.0613 0x120c mctadmin - ok
21:30:34.0658 0x120c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
21:30:34.0687 0x120c Sidebar - ok
21:30:34.0697 0x120c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
21:30:34.0708 0x120c mctadmin - ok
21:30:34.0797 0x120c [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
21:30:34.0908 0x120c Sidebar - ok
21:30:34.0915 0x120c [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] C:\Users\Flo\AppData\Local\Google\Update\GoogleUpdate.exe
21:30:34.0922 0x120c Google Update - ok
21:30:34.0972 0x120c [ B8C93930C5F4F8C8EC46BFACD32078ED, C219B07C13DE0C45CB0D51CCD6971A389DCEDA316964CCBBF4F87CA60B31D01A ] C:\Users\Flo\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
21:30:35.0031 0x120c Amazon Cloud Player - ok
21:30:35.0054 0x120c [ 0BDAE865738D27A4D84D50591C8C9D2D, 70010EBA09129858AF32F03079E70E974EBFF8700F5F93DCA2EC8A6B0991E2AC ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
21:30:35.0091 0x120c GoogleChromeAutoLaunch_113C8DD36E5867E6D61A3F35DE4397B3 - ok
21:30:35.0110 0x120c [ 0BDAE865738D27A4D84D50591C8C9D2D, 70010EBA09129858AF32F03079E70E974EBFF8700F5F93DCA2EC8A6B0991E2AC ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
21:30:35.0138 0x120c 572764CE8610BAB89B015AF7952C17FE88F4450A._service_run - ok
21:30:35.0206 0x120c [ F73154E180105822A5F9B755BA933737, 1CD775B6CE3736A70EC5FC7A6B77A2FEDA70D59B49A66046CC20B341005501D9 ] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
21:30:35.0294 0x120c DAEMON Tools Lite - ok
21:30:35.0302 0x120c [ 1EAEAFAF61F7DB321A005F8FF64FA8CC, A5A9A02CC618D4963F700F3BA460BFCAD3916252FD8E1D7B8D61E80A5F34C67C ] C:\Users\Flo\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
21:30:35.0313 0x120c SkyDrive - ok
21:30:35.0314 0x120c Waiting for KSN requests completion. In queue: 11
21:30:36.0314 0x120c Waiting for KSN requests completion. In queue: 11
21:30:37.0314 0x120c Waiting for KSN requests completion. In queue: 11
21:30:38.0437 0x120c AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.6.548 ), 0x41000 ( enabled : updated )
21:30:38.0473 0x120c Win FW state via NFP2: enabled
21:30:40.0798 0x120c ============================================================
21:30:40.0798 0x120c Scan finished
21:30:40.0798 0x120c ============================================================
21:30:40.0804 0x07fc Detected object count: 1
21:30:40.0804 0x07fc Actual detected object count: 1
21:30:56.0649 0x07fc BrYNSvc ( UnsignedFile.Multi.Generic ) - skipped by user
21:30:56.0650 0x07fc BrYNSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:31:01.0409 0x0b0c Deinitialize success
|
|
03.09.2014, 20:47
| #5 |
| /// Selecta Jahrusso | Trojan.Psuedo.vnc und Trojan.MSIL gefunden Macht der Rechner irgendwelche Probleme ?
__________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie |
|
03.09.2014, 20:59
| #6 |
| | Trojan.Psuedo.vnc und Trojan.MSIL gefunden Nein, soweit nicht. Sollte ich irgendetwas ausprobieren? Habe bisher nur die von Malwarebytes empfohlenen Dateien gelöscht/ in Quarantäne verschoben. |
|
04.09.2014, 15:03
| #7 |
| /// Selecta Jahrusso | Trojan.Psuedo.vnc und Trojan.MSIL gefunden Ja, MBAM ist schon sehr gründlich. Ich würde denoch das System erneut scannen und sehen ob noch was gefunden wird. Die Logfiles ansich sehen sauber aus. ESET Online Scanner
__________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie |
|
04.09.2014, 22:15
| #8 |
| | Trojan.Psuedo.vnc und Trojan.MSIL gefunden So, endlich fertig: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=cd056571e0688842a8eaa9ff2175f13e
# engine=20004
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-09-04 09:07:37
# local_time=2014-09-04 11:07:37 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 100 22397 22512882 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 18336213 161494707 0 0
# scanned=1161248
# found=0
# cleaned=0
# scan_time=9699
Habe mir mal die von MBAM gefundenen Logdateien angeschaut. Sieht aus, als wären die Titel der geöffneten Fenster und damit verbundene Tastatureingaben geloggt worden. Kann man sagen, woher der Trojaner kam und wo die Daten hin gingen? Die Hosts Datei ist unverändert und irgendwie wurden auch nicht alle Tage, an denen der PC lief geloggt (Dateien sind sogar mit Zeitstempel im Dateinamen versehen worden). |
|
05.09.2014, 11:27
| #9 |
| /// Selecta Jahrusso | Trojan.Psuedo.vnc und Trojan.MSIL gefunden Woher das Teil kommt, kann wenn dann nur du selbst sagen. Wir tun uns da ein bisschen schwerer. Wohin die Daten gehen weiß nur der Autor selbst oder eben Analytiker zu denen ich nicht gehöre. Kann man sicher irgendwo nachlesen. Downloade Dir bitte  SecurityCheck und:
__________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie |
|
05.09.2014, 16:00
| #10 |
| | Trojan.Psuedo.vnc und Trojan.MSIL gefundenCode:
ATTFilter Results of screen317's Security Check version 0.99.87 Windows 7 Service Pack 1 x64 (UAC is disabled!) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Avira Desktop Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Java 7 Update 45 Java version out of Date! Adobe Flash Player 11.9.900.170 Flash Player out of Date! Google Chrome 36.0.1985.143 Google Chrome 37.0.2062.103 ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbam.exe Avira Antivir avgnt.exe Avira Antivir avguard.exe Malwarebytes Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` Fragmentation of Drive C: ist völlig in Ordnung, da es eine SSD ist  Nochmal gecheckt: Code:
ATTFilter Results of screen317's Security Check version 0.99.87 Windows 7 Service Pack 1 x64 (UAC is disabled!) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Avira Desktop Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Java 7 Update 67 Adobe Flash Player 14.0.0.179 Google Chrome 36.0.1985.143 Google Chrome 37.0.2062.103 ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbam.exe Avira Antivir avgnt.exe Avira Antivir avguard.exe Malwarebytes Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` Geändert von bruder-tuc (05.09.2014 um 16:19 Uhr) |
|
05.09.2014, 18:22
| #11 | |
| /// Selecta Jahrusso | Trojan.Psuedo.vnc und Trojan.MSIL gefunden Hy Zitat:
 ESET haben wir auch im Unternehmen. Aber ein AVP bringt generell nichts ohne ein konkretes Konzept. Here we go Die Reihenfolge ist hier entscheidend.
Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie |
|
08.09.2014, 16:41
| #12 |
| | Trojan.Psuedo.vnc und Trojan.MSIL gefunden So, bin fertig. Hab alles erledigt und einen aktuellen Schutz installiert. Vielen Dank Larusso! Kann man dem Board irgendwie etwas gutes tun (Spenden)? Beste Grüße |
|
08.09.2014, 19:11
| #13 |
| /// Selecta Jahrusso | Trojan.Psuedo.vnc und Trojan.MSIL gefunden
__________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie |
|
| Themen zu Trojan.Psuedo.vnc und Trojan.MSIL gefunden |
| appdata, beste grüße, bewusst, detected, entfernen, formatieren, malware.trace, malwarebytes, microsoft, programm, pup.optional.outbrowse, quarantäne, schutz, software, stolen.data, svchost.exe, trojan.msil, trojan.psuedo.vnc, trojaner, webseite, webseiten, windows 7 |
Linear-Darstellung
