| |
| |||||||
Log-Analyse und Auswertung: Ungewöhnlicher datenverkehr aus ihrem netzwerkWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
21.01.2015, 12:03
| #1 |
| |  Ungewöhnlicher datenverkehr aus ihrem netzwerk Google: Ungewöhnlicher Datenverkehr aus ihrem Netzwerk Hallo liebe Mitarbeiter des Trojanerboards. Seit einigen Tagen tritt bei mir folgendes Problem auf. Wenn ich in Firefox die Google-Suchmaschine benutze, werde ich auf eine Seite umgeleitet, mit der Meldung: "Unsere Systeme haben ungewöhnlichen Datenverkehr aus Ihrem Computernetzwerk festgestellt". Anschließend soll ich ein "Captchas" eingeben, um fortzufahren. Jetzt bin ich etwas verunsichert, da dieses Problem nicht immer auftritt. Ich benutze Bitdefender IS und halte mein System immer auf den neuesten Stand. Malwarebytes und Bitdefender geben KEINE Warnung aus. Danke für Eure Hilfe Rolf Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 10:37 on 21/01/2015 (HS)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2015
Ran by HS (administrator) on HS-PC on 21-01-2015 10:54:54
Running from C:\Users\HS\Downloads
Loaded Profiles: HS (Available profiles: HS & Administrator)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(REINER SCT) C:\Windows\SysWOW64\cjpcsc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
() C:\Program Files (x86)\ASRock Utility\AXTU\Bin\AsrXTU.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe
(South Bay Software) D:\AutoSizer.exe
() C:\Program Files\ASRock Utility\XFast RAM\asrRd.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe [1575192 2013-10-24] (Bitdefender)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-398972580-570915619-4107308109-1000\...\Run: [ASRockXTU] => [X]
HKU\S-1-5-21-398972580-570915619-4107308109-1000\...\Run: [AutoSizer] => D:\AutoSizer.exe [131072 2014-02-04] (South Bay Software)
HKU\S-1-5-21-398972580-570915619-4107308109-1000\...\MountPoints2: {ab06f8d1-6005-11e2-a886-806e6f6e6963} - F:\ASRSetup.exe
HKU\S-1-5-21-398972580-570915619-4107308109-1000\...\MountPoints2: {f5408643-5e5d-11e2-811e-806e6f6e6963} - F:\ASRSetup.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [178632 2014-12-13] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [165760 2014-12-13] (NVIDIA Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-398972580-570915619-4107308109-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.focus.de/
SearchScopes: HKLM-x32 -> DefaultScope {1C31D725-18ED-490E-A18B-4C53EEC3E7E0} URL =
SearchScopes: HKU\S-1-5-21-398972580-570915619-4107308109-1000 -> DefaultScope {1C31D725-18ED-490E-A18B-4C53EEC3E7E0} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3312329&CUI=UN29972065413410224&UM=2
SearchScopes: HKU\S-1-5-21-398972580-570915619-4107308109-1000 -> {1C31D725-18ED-490E-A18B-4C53EEC3E7E0} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3312329&CUI=UN29972065413410224&UM=2
SearchScopes: HKU\S-1-5-21-398972580-570915619-4107308109-1000 -> {36377DD7-B3EB-42f5-986F-680BAF59BA9D} URL = hxxp://start.gamesagogo.iplay.com/searchresultsredirect.aspx?o=chrome&q={searchTerms}
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: AusweisApp 1.8.0.0 -> {C9EE92B7-EDD5-4ad9-8029-2EC6818E653A} -> C:\Program Files (x86)\AusweisApp\siqeCardClient.ols (OpenLimit SignCubes AG)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-398972580-570915619-4107308109-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-398972580-570915619-4107308109-1000 -> No Name - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - No File
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\HS\AppData\Roaming\Mozilla\Firefox\Profiles\wgr5pfjk.default
FF Homepage: hxxp://www.spiegel.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @innoplus.de/ino3DViewer -> C:\Program Files (x86)\innoplus\3D-Viewer-innoPlus\npIno3DViewer.dll (INNOVA-engineering GmbH Dresden)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-398972580-570915619-4107308109-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\HS\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Extension: WOT - C:\Users\HS\AppData\Roaming\Mozilla\Firefox\Profiles\wgr5pfjk.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-12-10]
FF Extension: Adblock Plus - C:\Users\HS\AppData\Roaming\Mozilla\Firefox\Profiles\wgr5pfjk.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-11]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext
FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext [2013-02-27]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext
Chrome:
=======
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe [69392 2013-10-24] (Bitdefender)
R2 cjpcsc; C:\Windows\SysWOW64\cjpcsc.exe [514128 2012-03-19] (REINER SCT)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-05] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [149032 2012-08-16] ()
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-08-21] (Intel Corporation)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe [67320 2013-10-24] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe [1645256 2013-10-24] (Bitdefender)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2011-09-21] (Asmedia Technology)
R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [31016 2012-01-13] (ASRock Inc.)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [727592 2013-10-24] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [601360 2013-10-24] (BitDefender)
S3 AVEO; C:\Windows\System32\DRIVERS\AVEOdcnt.sys [305920 2011-10-24] (AVEO)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2013-04-29] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-10-24] (BitDefender SRL)
S3 cjusb; C:\Windows\System32\DRIVERS\cjusb.sys [34672 2011-03-29] (REINER SCT)
S3 cpuz137; C:\Program Files (x86)\CPUID\PC Wizard 2013\pcwiz_x64.sys [26856 2014-02-17] (CPUID)
S2 EIO; C:\Windows\system32\drivers\EIO64.sys [15360 2006-06-14] (ASUSTeK Computer Inc.) [File not signed]
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-10-24] (BitDefender LLC)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [26528 2015-01-06] (REALiX(tm))
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28216 2012-09-01] (Intel Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [20968 2012-08-16] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [19944 2012-08-16] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46016 2012-08-16] ()
R3 MirayVirtualDisk; C:\Windows\System32\DRIVERS\mvd.sys [162384 2013-10-10] (Miray)
S3 NmPar; C:\Windows\System32\DRIVERS\NmPar.sys [95744 2010-07-09] (Windows (R) Codename Longhorn DDK provider)
S3 nmserial; C:\Windows\System32\DRIVERS\nmserial.sys [75264 2010-07-09] (Windows (R) Codename Longhorn DDK provider)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2013-07-01] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2013-07-01] ()
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [389240 2013-10-24] (BitDefender S.R.L.)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2015-01-21] ()
S3 ALSysIO; \??\C:\Users\HS\AppData\Local\Temp\ALSysIO64.sys [X]
R3 AxtuDrv; \??\C:\Windows\SysWOW64\Drivers\AxtuDrv.sys [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-21 10:54 - 2015-01-21 10:54 - 00014108 _____ () C:\Users\HS\Downloads\FRST.txt
2015-01-21 10:54 - 2015-01-21 10:54 - 00000000 ____D () C:\FRST
2015-01-21 10:51 - 2015-01-21 10:51 - 02126848 _____ (Farbar) C:\Users\HS\Downloads\FRST64.exe
2015-01-21 10:37 - 2015-01-21 10:37 - 00000466 _____ () C:\Users\HS\Downloads\defogger_disable.log
2015-01-21 10:37 - 2015-01-21 10:37 - 00000000 _____ () C:\Users\HS\defogger_reenable
2015-01-21 10:36 - 2015-01-21 10:36 - 00050477 _____ () C:\Users\HS\Downloads\Defogger(1).exe
2015-01-21 10:35 - 2015-01-21 10:36 - 00050477 _____ () C:\Users\HS\Downloads\Defogger.exe
2015-01-16 19:43 - 2015-01-16 19:43 - 00076056 _____ () C:\Users\HS\Downloads\74e407c84612bd19ba2823a93333d883_Schwabacher.otf
2015-01-16 19:42 - 2015-01-16 19:42 - 00026952 _____ () C:\Users\HS\Downloads\f8cae009ccd698491debce4a2ecf8f6d_GesType.ttf
2015-01-16 19:28 - 2015-01-16 19:29 - 00056572 _____ () C:\Users\HS\Downloads\LHANDW.TTF
2015-01-16 13:24 - 2015-01-21 10:00 - 00002948 _____ () C:\Windows\System32\Tasks\AsrXTU
2015-01-16 13:22 - 2015-01-21 10:00 - 00003014 _____ () C:\Windows\System32\Tasks\asrRd
2015-01-15 11:35 - 2015-01-15 11:35 - 00000950 _____ () C:\Users\HS\Desktop\Ahnenblatt.lnk
2015-01-15 11:33 - 2015-01-15 11:34 - 06572568 _____ (Dirk Böttcher ) C:\Users\HS\Downloads\absetup.exe
2015-01-14 14:36 - 2015-01-14 14:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-14 10:49 - 2015-01-14 10:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2015-01-14 10:08 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 10:08 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 10:08 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 10:08 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 10:08 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 10:08 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 10:08 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 10:08 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 10:08 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 10:08 - 2014-12-11 18:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 10:08 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 10:08 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 10:08 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-11 15:56 - 2015-01-11 15:57 - 07040424 _____ () C:\Users\HS\Downloads\bitdefender_isecurity2015.exe
2015-01-11 12:48 - 2015-01-11 12:48 - 01866009 _____ () C:\Users\HS\Downloads\com.google.android.apps.adm-1.2.12.apk
2015-01-06 18:05 - 2015-01-21 09:59 - 00016864 _____ () C:\Windows\PFRO.log
2015-01-06 18:05 - 2015-01-21 09:59 - 00006036 _____ () C:\Windows\setupact.log
2015-01-06 18:05 - 2015-01-06 18:05 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-06 16:22 - 2015-01-06 16:22 - 02699320 _____ (Martin Malík - REALiX ) C:\Users\HS\Downloads\hw64_448.exe
2015-01-06 16:22 - 2015-01-06 16:22 - 00026528 _____ (REALiX(tm)) C:\Windows\system32\Drivers\HWiNFO64A.SYS
2015-01-06 16:13 - 2015-01-06 16:13 - 01190544 _____ ( ) C:\Users\HS\Downloads\hwmonitor_1.26-setup.exe
2015-01-06 16:13 - 2015-01-06 16:13 - 00000936 _____ () C:\Users\Public\Desktop\CPUID HWMonitor.lnk
2015-01-06 16:13 - 2015-01-06 16:13 - 00000000 ____D () C:\Program Files\CPUID
2015-01-06 12:49 - 2015-01-06 13:08 - 00003718 _____ () C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2015-01-06 12:49 - 2015-01-06 12:49 - 00003476 _____ () C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2015-01-06 12:49 - 2015-01-06 12:49 - 00000000 ____D () C:\ProgramData\Intel(R) Update Manager
2015-01-04 14:38 - 2014-12-13 11:08 - 32099472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-01-04 14:38 - 2014-12-13 11:08 - 25460552 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-01-04 14:38 - 2014-12-13 11:08 - 24764232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-01-04 14:38 - 2014-12-13 11:08 - 20465808 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-01-04 14:38 - 2014-12-13 11:08 - 17264312 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-01-04 14:38 - 2014-12-13 11:08 - 16040184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-01-04 14:38 - 2014-12-13 11:08 - 13288360 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-01-04 14:38 - 2014-12-13 11:08 - 13202520 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-01-04 14:38 - 2014-12-13 11:08 - 10770120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-01-04 14:38 - 2014-12-13 11:08 - 10710160 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-01-04 14:38 - 2014-12-13 11:08 - 10345280 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-01-04 14:38 - 2014-12-13 11:08 - 03610440 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-01-04 14:38 - 2014-12-13 11:08 - 03248968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-01-04 14:38 - 2014-12-13 11:08 - 02897824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-01-04 14:38 - 2014-12-13 11:08 - 01895056 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434709.dll
2015-01-04 14:38 - 2014-12-13 11:08 - 01556624 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434709.dll
2015-01-04 14:38 - 2014-12-13 11:08 - 00994384 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-01-04 14:38 - 2014-12-13 11:08 - 00968336 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-01-04 14:38 - 2014-12-13 11:08 - 00942400 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-01-04 14:38 - 2014-12-13 11:08 - 00928072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-01-04 14:38 - 2014-12-13 11:08 - 00906560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-01-04 14:38 - 2014-12-13 11:08 - 00876976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-01-04 14:38 - 2014-12-13 11:08 - 00496272 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-01-04 14:38 - 2014-12-13 11:08 - 00399688 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-01-04 14:38 - 2014-12-13 11:08 - 00391488 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-01-04 14:38 - 2014-12-13 11:08 - 00353224 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-01-04 14:38 - 2014-12-13 11:08 - 00346944 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-01-04 14:38 - 2014-12-13 11:08 - 00306328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-01-04 14:02 - 2014-12-13 11:08 - 14128496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-01-04 14:02 - 2014-11-17 23:18 - 01538880 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-01-04 14:02 - 2014-11-17 23:18 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-01-04 14:02 - 2014-11-17 23:18 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-01-04 14:02 - 2014-11-13 01:20 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434475.dll
2015-01-04 14:02 - 2014-11-13 01:20 - 01540424 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434475.dll
2015-01-04 13:18 - 2015-01-04 13:39 - 308364224 _____ (NVIDIA Corporation) C:\Users\HS\Downloads\344.75-desktop-win8-win7-winvista-64bit-international-whql.exe
2015-01-04 09:50 - 2015-01-04 13:59 - 00001161 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk
2015-01-04 09:50 - 2015-01-04 13:59 - 00001111 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2015-01-04 09:50 - 2015-01-04 13:59 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2015-01-04 09:48 - 2015-01-04 09:48 - 05641056 _____ (Canneverbe Limited ) C:\Users\HS\Downloads\cdbxp_setup_4.5.4.5306.exe
2015-01-02 15:23 - 2015-01-02 15:23 - 07005576 _____ (Microsoft Corporation) C:\Users\HS\Downloads\proofingtools_nl-nl-x64(3).exe
2015-01-02 15:19 - 2015-01-02 15:20 - 07005576 _____ (Microsoft Corporation) C:\Users\HS\Downloads\proofingtools_nl-nl-x64(2).exe
2015-01-02 12:52 - 2015-01-02 12:52 - 00000000 ____D () C:\Users\HS\.jivex
2015-01-01 14:50 - 2015-01-01 16:05 - 00000000 ____D () C:\Users\HS\AppData\Roaming\MyPhoneExplorer
2015-01-01 14:50 - 2015-01-01 14:50 - 00000799 _____ () C:\Users\Public\Desktop\MyPhoneExplorer.lnk
2015-01-01 14:50 - 2015-01-01 14:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPhoneExplorer
2015-01-01 14:48 - 2015-01-01 14:48 - 07403840 _____ () C:\Users\HS\Downloads\MyPhoneExplorer_Setup_v1.8.6.exe
2014-12-31 14:38 - 2014-12-31 14:38 - 00000000 ____D () C:\Windows\system32\Neuer Ordner
2014-12-22 13:32 - 2014-12-22 13:33 - 17925296 _____ (Adobe Systems Incorporated) C:\Users\HS\Downloads\flashplayer_16_ax_debug.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-21 10:37 - 2013-01-14 16:52 - 00000000 ____D () C:\Users\HS
2015-01-21 10:14 - 2013-03-06 09:58 - 00000501 _____ () C:\Windows\system32\checkdnsid.xml
2015-01-21 10:08 - 2009-07-14 05:45 - 00035776 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-21 10:08 - 2009-07-14 05:45 - 00035776 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-21 10:07 - 2013-01-26 14:16 - 01264580 _____ () C:\Windows\WindowsUpdate.log
2015-01-21 10:04 - 2013-01-15 01:18 - 00700470 _____ () C:\Windows\system32\perfh007.dat
2015-01-21 10:04 - 2013-01-15 01:18 - 00150108 _____ () C:\Windows\system32\perfc007.dat
2015-01-21 10:04 - 2009-07-14 06:13 - 01624106 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-21 10:00 - 2013-01-14 18:28 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-21 09:59 - 2014-12-10 12:07 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2015-01-21 09:59 - 2014-10-17 12:43 - 00034752 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys
2015-01-21 09:59 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-20 20:15 - 2014-07-02 14:31 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-20 20:07 - 2013-07-23 13:26 - 00000459 _____ () C:\Users\HS\Desktop\FRITZ!Box.website
2015-01-20 19:57 - 2013-01-14 18:28 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-20 19:28 - 2013-02-01 20:01 - 01597450 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-01-20 12:07 - 2011-05-15 17:05 - 00000000 ____D () C:\WsWin-Cresta
2015-01-20 12:04 - 2013-09-23 14:47 - 00000000 ____D () C:\WsWin-Davis
2015-01-19 12:17 - 2013-01-14 22:33 - 00000000 ____D () C:\Users\HS\AppData\Roaming\ALFBanCo5
2015-01-18 15:41 - 2013-01-14 22:46 - 00000000 ____D () C:\Users\HS\AppData\Roaming\Skype
2015-01-17 16:07 - 2013-05-19 20:35 - 00000000 ____D () C:\Users\HS\AppData\Roaming\Ahnenblatt
2015-01-17 15:26 - 2014-09-13 19:48 - 00000000 ____D () C:\ProgramData\Stammbaumdrucker 7 Premium
2015-01-16 19:45 - 2009-07-14 05:45 - 00417464 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-16 19:39 - 2013-01-14 17:16 - 00110856 _____ () C:\Users\HS\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-15 16:27 - 2013-11-20 21:51 - 00000000 ____D () C:\ProgramData\tmp
2015-01-15 15:11 - 2013-11-20 21:51 - 00000000 ____D () C:\ProgramData\hps
2015-01-15 10:24 - 2013-07-12 11:17 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-15 10:22 - 2013-01-16 19:02 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-14 20:15 - 2013-01-17 20:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-11 10:45 - 2013-01-14 22:46 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-01-11 10:45 - 2013-01-14 22:46 - 00000000 ____D () C:\ProgramData\Skype
2015-01-06 16:22 - 2013-01-29 20:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
2015-01-06 16:13 - 2014-08-24 09:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2015-01-06 14:00 - 2014-01-29 19:15 - 00000000 ____D () C:\Users\HS\AppData\Local\NVIDIA Corporation
2015-01-06 14:00 - 2013-01-14 17:06 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-01-06 14:00 - 2013-01-14 17:06 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-01-06 14:00 - 2013-01-14 17:06 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-01-06 13:08 - 2013-01-16 21:09 - 00000000 ____D () C:\ProgramData\Intel
2015-01-06 12:49 - 2013-01-16 20:55 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-01-06 12:49 - 2013-01-16 20:45 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-01-06 12:47 - 2013-01-16 19:37 - 00000000 ____D () C:\temp
2015-01-06 12:46 - 2013-01-14 17:06 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-06 04:36 - 2010-11-21 04:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-02 13:16 - 2014-09-25 15:15 - 00000001 ____R () C:\Users\HS\serverport
2015-01-02 13:16 - 2013-02-27 13:43 - 00000000 ____D () C:\Users\HS\AppData\Temp
2014-12-25 19:28 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\TAPI
2014-12-23 09:47 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-22 13:34 - 2013-01-14 17:13 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-22 13:34 - 2013-01-14 17:13 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
==================== Files in the root of some directories =======
2013-02-26 15:19 - 2013-02-26 15:19 - 0000288 _____ () C:\Users\HS\AppData\Roaming\.backup.dm
2013-01-16 21:13 - 2013-01-16 21:13 - 0000003 _____ () C:\Users\HS\AppData\Local\user_data.ini
2013-02-27 13:22 - 2013-02-27 13:22 - 0867058 _____ () C:\ProgramData\1361966845.bdinstall.bin
2013-01-23 13:21 - 2013-01-23 13:21 - 0000057 _____ () C:\ProgramData\Ament.ini
Some content of TEMP:
====================
C:\Users\Administrator\AppData\Local\Temp\_is7E07.exe
C:\Users\HS\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-14 10:35
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2015
Ran by HS at 2015-01-21 10:55:29
Running from C:\Users\HS\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Bitdefender Virenschutz (Enabled - Up to date) {9B5F5313-CAF9-DD97-C460-E778420237B4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
FW: Bitdefender Firewall (Enabled) {A364D236-8096-DCCF-EF3F-4E4DBCD170CF}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
3D-Viewer-innoplus (HKLM-x32\...\{B96DB037-DBEA-4186-9081-9CBD537F82E8}) (Version: 14.00.231 - INNOVA-engineering GmbH)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Ahnenblatt 2.86 (HKLM-x32\...\Ahnenblatt_is1) (Version: 2.86.0.1 - Dirk Böttcher)
ALF-BanCo 5 (HKLM-x32\...\Alf-BanCo5_is1) (Version: - ALF AG)
ALNO AG Küchenplaner (HKLM-x32\...\{A89131FD-3D18-4DA8-84C8-622423011B51}_is1) (Version: 14a - ALNO AG)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: - )
ASRock eXtreme Tuner v0.1.188 (HKLM-x32\...\ASRock eXtreme Tuner_is1) (Version: - )
ASRock XFast RAM v2.0.9 (HKLM\...\ASRock XFast RAM_is1) (Version: - ASRock Inc.)
ASUS nVidia Driver (x32 Version: 4.00.0000 - Ihr Firmenname) Hidden
AusweisApp (HKLM-x32\...\{6E2E92F9-A81B-426F-8F35-4F3718A7D0AF}) (Version: 1.11.0 - OpenLimit SignCubes AG)
AutoSizer (HKLM-x32\...\AutoSizer) (Version: - )
AVM FRITZ!fax für FRITZ!Box (HKLM-x32\...\FRITZ! 2.0) (Version: - AVM Berlin)
Bitdefender Internet Security 2013 (HKLM\...\Bitdefender) (Version: 16.26.0.1739 - Bitdefender)
Brother MFL-Pro Suite DCP-165C (HKLM-x32\...\{48D082B9-18F6-4426-AFAC-8B6A3E7021B1}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 4.00 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5306 - CDBurnerXP)
CloudReading (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 1.0.27.1025 - Foxit Corporation)
Corel Paint Shop Pro X (HKLM-x32\...\{1A15507A-8551-4626-915D-3D5FA095CC1B}) (Version: 10.01 - Corel Inc)
CPUID HWMonitor 1.26 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
CrystalDiskInfo 5.6.2 Shizuku Edition (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 5.6.2 - Crystal Dew World)
CrystalDiskMark 3.0.2f (HKLM\...\CrystalDiskMark_is1) (Version: 3.0.2f - Crystal Dew World)
cyberJack Base Components (HKLM-x32\...\{FC338210-F594-11D3-BA24-00001C3AB4DF}) (Version: 6.10.0 - REINER SCT)
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
dm-Fotowelt (HKLM-x32\...\dm-Fotowelt) (Version: 5.1.6 - CEWE Stiftung u Co. KGaA)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 15.2.13992 - Landesfinanzdirektion Thüringen)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.1.1.1031 - Foxit Corporation)
GenDaLim7ES (HKLM-x32\...\{56693A2D-F918-46CD-8F13-BAA4E5FA1089}) (Version: 7.0.2.0 - LGGI)
GIMP 2.6.8 (HKLM-x32\...\WinGimp-2.0_is1) (Version: - )
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
HDClone 4.2 Standard Edition (HKLM-x32\...\HDClone.Standard.4.2.8.1031-{128829BF-F190-4B7D-88C9-889EFB557284}) (Version: 4.2 - Miray Software AG)
HijackThis 2.0.2 (HKLM-x32\...\HijackThis) (Version: 2.0.2 - TrendMicro)
HP Photosmart 6510 series - Grundlegende Software für das Gerät (HKLM\...\{B21D3221-335D-45B0-B5F8-DC9EA1F30558}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart Essential (HKLM-x32\...\{6994491D-D491-48F1-AE1F-E179C1FFFC2F}) (Version: 1.9.1.2 - HP)
HWiNFO64 Version 4.48 (HKLM\...\HWiNFO64_is1) (Version: 4.48 - Martin Malík - REALiX)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) Smart Connect Technology 3.0 x64 (HKLM\...\{01C324B7-3744-4EC0-9C4F-40BCCDD47CFB}) (Version: 3.0.41.1571 - Intel)
Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Java SE Development Kit 7 Update 51 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170510}) (Version: 1.7.0.510 - Oracle)
MailStore Home 8.1.0.9075 (HKLM-x32\...\MailStore Home_universal1) (Version: 8.1.0.9075 - MailStore Software GmbH)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Proofing Tools 2013 - Nederlands (HKLM\...\{90150000-001F-0413-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
MiniTool Partition Wizard Home Edition 8.0 (HKLM-x32\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 35.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0 (x86 de)) (Version: 35.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
Mozilla Thunderbird 31.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.4.0 (x86 de)) (Version: 31.4.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
NVIDIA Grafiktreiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.09 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
Paragon Alignment Tool™ 3.0 (HKLM-x32\...\{4D83E500-4D0C-11DF-A750-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PC Wizard 2013.2.12 (HKLM-x32\...\PC Wizard 2013_is1) (Version: - CPUID)
Phase 5 HTML-Editor (HKLM-x32\...\{20B1B020-DEAE-48D1-9960-D4C3185D758B}) (Version: 5.6.2.3 - Systemberatung Schommer)
Pixum Fotobuch (HKLM-x32\...\Pixum Fotobuch) (Version: 5.1.2 - CEWE COLOR AG u Co. OHG)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6482 - Realtek Semiconductor Corp.)
Samsung Data Migration (HKLM-x32\...\{D4DE3DB4-7734-47E5-8D92-B80146311406}) (Version: 2.6 - Samsung)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SSDlife Free (HKLM-x32\...\{18302BF2-AA3C-46E3-B039-996FD0DB5639}) (Version: 2.5.82 - BinarySense Inc.)
TAPI Services for FRITZ!Box (HKLM\...\{8505C641-422E-4E3C-B6B0-0F070E289FDD}) (Version: 1.0.4 - AVM Berlin)
Turbo Lister 2 (HKLM-x32\...\{8927E07C-97F7-4A54-88FB-D976F50DD46E}) (Version: 2.00.0000 - eBay Inc.)
Unity Web Player (HKU\S-1-5-21-398972580-570915619-4107308109-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
VCRedistSetup (x32 Version: 1.0.0 - Nero AG) Hidden
Visitenkarten in 2 Minuten (HKLM-x32\...\Visitenkarten in 2 Minuten) (Version: - )
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
Weather Capture Advance 1.1 (HKLM-x32\...\{E10017D0-CDC3-4205-87F8-B1AC58124DE9}_is1) (Version: - Hideki Electronics Limited)
WsWin V2.97.0 - 2013-03-30 (HKLM-x32\...\PC-Wetterstation_is1) (Version: 2.97.0 - Werner Krenn)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
13-01-2015 11:19:31 Geplanter Prüfpunkt
15-01-2015 10:22:37 Windows Update
16-01-2015 19:08:26 Windows Update
20-01-2015 09:51:53 Windows Update
20-01-2015 19:28:31 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {02A07B2D-F71B-411B-A6FE-DF44C79FE30C} - System32\Tasks\{4E028CFE-4CB4-4225-9A7C-6030701A6E13} => pcalua.exe -a F:\AutoRun\setup32.exe -d F:\
Task: {1785D2F7-3C29-4062-8F0F-7C32677479A1} - System32\Tasks\{18E38F82-0A01-4821-A98F-A1F9BAD8D13E} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.14.0.104/de/abandoninstall?page=tsMain
Task: {230B2D9F-585F-4C72-B388-C1E7ACF68225} - System32\Tasks\asrRd => C:\Program Files\ASRock Utility\XFast RAM\asrRd.exe [2012-01-13] ()
Task: {2606A93F-DD3C-40FC-8C90-88DC182C569F} - System32\Tasks\{55E7B22C-1028-4AAB-8ABE-CC8DA23ACA7E} => pcalua.exe -a F:\AutoRun\setup32.exe -d F:\
Task: {267E4AC9-40A2-4B1E-853C-8F64311CD8BA} - System32\Tasks\{5D05DA9B-599D-43A3-A092-F429B025D984} => pcalua.exe -a "D:\Revo unlocker\Revo Uninstaller\Revouninstaller.exe" -d "D:\Revo unlocker\Revo Uninstaller"
Task: {5F582DE8-CF67-4497-9B70-B1CC07A664AA} - System32\Tasks\{A85746E7-0943-469D-9E07-F8A2DC77ED96} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.11.0.102/de/abandoninstall?page=tsMain
Task: {6F58A212-ED5B-4EF7-87B3-9559A105E347} - System32\Tasks\AsrXTU => C:\Program Files (x86)\ASRock Utility\AXTU\Bin\AsrXTU.exe [2012-03-06] ()
Task: {7228BE87-343C-475B-8FF1-CFA0DA752161} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {73B980B4-6F9C-4102-B0DB-5B2F9D2138CE} - System32\Tasks\{774669B2-DD19-4CE6-A6EE-F3A794D0CEF7} => pcalua.exe -a D:\Irfan\IrfanView\i_view32.exe
Task: {7E530D5D-EAEE-4649-9357-DD60825C91D8} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {86DEB3C9-A59A-4A30-B89C-2945E4F50B57} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {8C774AAD-5518-478D-AE39-1FAEB4601166} - System32\Tasks\{166380E5-3AFA-4CA7-A9F3-086175797D50} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.10.0.104/de/abandoninstall?page=tsMain
Task: {91F5E202-6293-464B-8701-3AE13C347915} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-15] (Adobe Systems Incorporated)
Task: {936F9441-7B45-43CA-A547-2C150F20F630} - System32\Tasks\{30F1A4F0-047A-412D-B760-78F298FFA481} => pcalua.exe -a C:\Users\HS\Downloads\CC3up_1.30.0020(1).EXE
Task: {9B44DB43-D2E3-4644-A76D-1DA24FFBA99D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner64.exe [2013-03-25] (Piriform Ltd)
Task: {9C91ABA5-1224-4F47-9267-FE1A1E4DB57C} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {A4DB31C2-72BB-44C3-8041-A5C2FBF1083C} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {A7D01E30-26DF-4EA9-B149-FC4C11E6E660} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {B51702D4-C8FB-4543-ACA6-6860942988D5} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {C74AAFC5-0DB5-4E82-A835-DB9BB8AD890B} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {C8F61A30-9FFE-4B3B-85CA-83460EDBD1FD} - System32\Tasks\{559ABFF1-06A0-4998-994F-9662FD815A34} => pcalua.exe -a D:\Tools\HiJackThis\HiJackThis.exe -d D:\Tools\HiJackThis
Task: {D1F73893-0946-40AB-B855-853462D520E0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-14] (Google Inc.)
Task: {E3DC853C-8E7F-45AA-BE9F-5EEF1064EAD9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-14] (Google Inc.)
Task: {FAF1FAA4-D1C3-40F9-A695-8872A2B7401B} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {FE6CCA61-7B75-4024-90E3-B37D2F0A7E90} - System32\Tasks\Lüftersteuerung => D:\Speedfan\speedfan.exe
Task: {FFD43660-069C-43A1-ABE3-0815BDDC4BE9} - System32\Tasks\{EE999195-4E55-4278-943A-3E22E5A61A83} => pcalua.exe -a G:\AVM\Fritz!Fax\FRITZ!fax_3.07.04.exe -d C:\Users\Administrator\Desktop
Task: C:\Windows\Tasks\Ad-Aware Update (Weekly).job => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-03-30 11:15 - 2013-10-24 15:48 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\txmlutil.dll
2013-10-24 15:51 - 2013-10-24 15:51 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\UI\accessl.ui
2013-02-27 13:22 - 2011-11-14 19:17 - 00153680 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\bdfwcore.dll
2013-03-30 11:15 - 2013-10-24 15:47 - 00005120 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\UI\IMSecurityAL.ui
2014-07-24 08:35 - 2014-07-24 08:35 - 00780592 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\otengines_00047_027\ashttpbr.mdl
2014-07-24 08:35 - 2014-07-24 08:35 - 00568400 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\otengines_00047_027\ashttpdsp.mdl
2014-07-24 08:35 - 2014-07-24 08:36 - 02602680 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\otengines_00047_027\ashttpph.mdl
2014-07-24 08:35 - 2014-07-24 08:36 - 01323408 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\otengines_00047_027\ashttprbl.mdl
2013-01-14 17:06 - 2014-12-13 09:03 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-09-25 12:17 - 2006-02-23 10:35 - 00020480 _____ () C:\Windows\System32\FritzColorPort64.dll
2013-09-25 12:17 - 2006-02-22 09:39 - 00020480 _____ () C:\Windows\System32\FritzPort64.dll
2012-08-16 19:36 - 2012-08-16 19:36 - 00149032 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2012-08-16 19:36 - 2012-08-16 19:36 - 00058920 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2013-02-27 11:13 - 2012-03-06 18:14 - 08238376 _____ () C:\Program Files (x86)\ASRock Utility\AXTU\Bin\AsrXTU.exe
2013-02-27 11:13 - 2012-01-13 15:47 - 01448744 _____ () C:\Program Files\ASRock Utility\XFast RAM\asrRd.exe
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-01-18 10:20 - 2007-05-31 07:38 - 00167936 ____N () C:\Windows\SysWOW64\SerialXP.dll
2013-02-27 11:13 - 2012-02-24 10:53 - 00094208 _____ () C:\Program Files (x86)\ASRock Utility\AXTU\Bin\IccLibDll.DLL
2014-02-04 10:40 - 2014-02-04 10:40 - 00086016 _____ () D:\AutoSizer.dll
2015-01-14 10:49 - 2015-01-14 10:49 - 03347056 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2015-01-14 10:49 - 2015-01-14 10:49 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2015-01-14 10:49 - 2015-01-14 10:49 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2015-01-17 11:20 - 2015-01-17 11:20 - 00016384 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\bc9bcf53b97e0180a22783ef8b2567c2\PSIClient.ni.dll
2013-01-16 21:09 - 2012-07-18 06:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2015-01-14 14:36 - 2015-01-14 14:36 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\HS\Downloads\344.75-desktop-win8-win7-winvista-64bit-international-whql.exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\385-INST-WIN7-A.EXE:BDU
AlternateDataStreams: C:\Users\HS\Downloads\absetup.exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\ALNO_KPLSetup14a(1).exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\ALNO_KPLSetup14a.exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\ALNO_KPLSetup14a_CB-DL-Manager.exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\bitdefender_isecurity2015.exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\CC3up_1.30.0020(1).EXE:BDU
AlternateDataStreams: C:\Users\HS\Downloads\CC3up_1.30.0020(2).EXE:BDU
AlternateDataStreams: C:\Users\HS\Downloads\CC3up_1.30.0020.EXE:BDU
AlternateDataStreams: C:\Users\HS\Downloads\cdbxp_setup_4.5.4.5306.exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\Defogger(1).exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\Defogger.exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\delinf_10200(1).EXE:BDU
AlternateDataStreams: C:\Users\HS\Downloads\delinf_10200.EXE:BDU
AlternateDataStreams: C:\Users\HS\Downloads\flashplayer_16_ax_debug.exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\FRST64.exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\Google Earth - CHIP-Installer.exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\googleearth-win-bundle-7.1.2.2041.1.exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\GoogleEarthSetup.exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\googleupdatesetup.exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\hw64_448.exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\hwmonitor_1.26-setup.exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\install_flashplayer13x32_mssa_aaa_aih.exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\install_flashplayer16x32au_mssa_aaa_aih(1).exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\iview438_setup.exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\jdk-8u11-windows-x64(1).exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\jdk-8u11-windows-x64.exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\jre-8u20-windows-x64.exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\Manuals.exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\MyPhoneExplorer_Setup_v1.8.6.exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\proofingtools_nl-nl-x64(1).exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\proofingtools_nl-nl-x64(2).exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\proofingtools_nl-nl-x64(3).exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\proofingtools_nl-nl-x64.exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\setup_dm_Fotowelt(1).exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\setup_dm_Fotowelt.exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\SoftonicDownloader_fuer_java-runtime-environment(1).exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\SoftonicDownloader_fuer_java-runtime-environment.exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\SSDlife - CHIP-Installer(1).exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\SSDlife - CHIP-Installer.exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\SSDTweaker(1).exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\SSDTweaker(2).exe:BDU
AlternateDataStreams: C:\Users\HS\Downloads\SSDTweaker.exe:BDU
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^iSCTsysTray.lnk => C:\Windows\pss\iSCTsysTray.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk => C:\Windows\pss\Microsoft Office.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^HS^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk => C:\Windows\pss\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk.Startup
MSCONFIG\startupfolder: C:^Users^HS^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Tintenwarnungen überwachen - HP Photosmart 6510 series.lnk => C:\Windows\pss\Tintenwarnungen überwachen - HP Photosmart 6510 series.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Speed Launcher => 1418738232
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BrMfcWnd => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
MSCONFIG\startupreg: Browser Infrastructure Helper => C:\Users\HS\AppData\Local\Smartbar\Application\QuickShare.exe startup
MSCONFIG\startupreg: BrowserChoice => "C:\Windows\System32\browserchoice.exe" /run
MSCONFIG\startupreg: ControlCenter3 => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun
MSCONFIG\startupreg: FlashPlayerUpdate => C:\Windows\system32\Macromed\Flash\FlashUtil64_11_6_602_171_ActiveX.exe -update activex
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: iTunesHelper => "D:\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: MSC => "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: NBKeyScan => "D:\Nero\Nero 8\Nero BackItUp\NBKeyScan.exe"
MSCONFIG\startupreg: NeroFilterCheck => C:\Windows\system32\NeroCheck.exe
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
========================= Accounts: ==========================
Administrator (S-1-5-21-398972580-570915619-4107308109-500 - Administrator - Enabled) => C:\Users\Administrator
Gast (S-1-5-21-398972580-570915619-4107308109-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-398972580-570915619-4107308109-1002 - Limited - Enabled)
HS (S-1-5-21-398972580-570915619-4107308109-1000 - Administrator - Enabled) => C:\Users\HS
==================== Faulty Device Manager Devices =============
Name: Intel(R) HD Graphics
Description: Intel(R) HD Graphics
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: igfx
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (01/21/2015 10:01:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/20/2015 07:32:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/20/2015 06:22:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/20/2015 00:06:21 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Wswin32.exe, Version 2.97.8.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 15bc
Startzeit: 01d034a0b732a321
Endzeit: 0
Anwendungspfad: C:\WsWin-Davis\Wswin32.exe
Berichts-ID:
Error: (01/20/2015 09:49:24 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/19/2015 04:11:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/19/2015 03:43:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/19/2015 01:51:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/19/2015 10:25:07 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/18/2015 04:24:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (01/21/2015 09:59:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "EIO" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577
Error: (01/20/2015 07:30:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "EIO" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577
Error: (01/20/2015 06:21:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "EIO" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577
Error: (01/20/2015 09:47:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "EIO" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577
Error: (01/19/2015 04:09:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "EIO" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577
Error: (01/19/2015 03:41:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "EIO" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577
Error: (01/19/2015 01:49:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "EIO" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577
Error: (01/19/2015 00:19:02 PM) (Source: SCardSvr) (EventID: 610) (User: )
Description: Das Gerät ist nicht angeschlossen.REINER SCT cyberJack pinpad/e-com USB 52GET_STATEXX XX XX XX
Error: (01/19/2015 10:23:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "EIO" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577
Error: (01/18/2015 04:22:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "EIO" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577
Microsoft Office Sessions:
=========================
Error: (01/21/2015 10:01:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/20/2015 07:32:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/20/2015 06:22:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/20/2015 00:06:21 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Wswin32.exe2.97.8.015bc01d034a0b732a3210C:\WsWin-Davis\Wswin32.exe
Error: (01/20/2015 09:49:24 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/19/2015 04:11:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/19/2015 03:43:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/19/2015 01:51:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/19/2015 10:25:07 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/18/2015 04:24:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2015-01-21 09:59:54.467
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\EIO64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-01-21 09:59:54.447
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\EIO64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-01-20 19:30:18.132
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\EIO64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-01-20 19:30:18.112
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\EIO64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-01-20 18:21:02.786
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\EIO64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-01-20 18:21:02.766
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\EIO64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-01-20 09:47:35.360
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\EIO64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-01-20 09:47:35.340
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\EIO64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-01-19 16:09:56.268
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\EIO64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-01-19 16:09:56.248
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\EIO64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz
Percentage of memory in use: 32%
Total physical RAM: 8078.16 MB
Available physical RAM: 5462.74 MB
Total Pagefile: 8276.34 MB
Available Pagefile: 5231.54 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB
==================== Drives ================================
Drive c: (Volume) (Fixed) (Total:90.4 GB) (Free:28.22 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Progs/ Treiber/ Tools) (Fixed) (Total:39.27 GB) (Free:27.63 GB) NTFS
Drive e: (Daten/ Grafiken) (Fixed) (Total:103.22 GB) (Free:64.11 GB) NTFS
Drive h: (Volume) (Fixed) (Total:111.66 GB) (Free:78.46 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: E58904D8)
Partition 1: (Active) - (Size=90.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=142.5 GB) - (Type=05)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End Of Log ============================
Gmer.txt folgt (weil zu groß) |
|
21.01.2015, 12:06
| #2 |
| /// the machine /// TB-Ausbilder    | Ungewöhnlicher datenverkehr aus ihrem netzwerk Hi,
__________________ist das der einzige Rechner im Netzwerk? Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
21.01.2015, 13:13
| #3 |
| | Ungewöhnlicher datenverkehr aus ihrem netzwerk Es ist der einzige Rechner.
__________________Code:
ATTFilter 13:05:52.0631 0x0464 TDSS rootkit removing tool 3.0.0.43 Jan 19 2015 18:43:19
13:05:58.0122 0x0464 ============================================================
13:05:58.0122 0x0464 Current date / time: 2015/01/21 13:05:58.0122
13:05:58.0122 0x0464 SystemInfo:
13:05:58.0122 0x0464
13:05:58.0122 0x0464 OS Version: 6.1.7601 ServicePack: 1.0
13:05:58.0122 0x0464 Product type: Workstation
13:05:58.0122 0x0464 ComputerName: HS-PC
13:05:58.0122 0x0464 UserName: HS
13:05:58.0122 0x0464 Windows directory: C:\Windows
13:05:58.0122 0x0464 System windows directory: C:\Windows
13:05:58.0122 0x0464 Running under WOW64
13:05:58.0122 0x0464 Processor architecture: Intel x64
13:05:58.0122 0x0464 Number of processors: 4
13:05:58.0122 0x0464 Page size: 0x1000
13:05:58.0122 0x0464 Boot type: Normal boot
13:05:58.0122 0x0464 ============================================================
13:05:58.0278 0x0464 KLMD registered as C:\Windows\system32\drivers\06293461.sys
13:05:58.0356 0x0464 System UUID: {28092D1B-A480-BE63-A092-B51112240BC1}
13:05:58.0606 0x0464 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:05:58.0606 0x0464 Drive \Device\Harddisk1\DR1 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:05:58.0762 0x0464 ============================================================
13:05:58.0762 0x0464 \Device\Harddisk0\DR0:
13:05:58.0762 0x0464 MBR partitions:
13:05:58.0762 0x0464 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1000, BlocksNum 0xB4CBED9
13:05:58.0762 0x0464 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xB4CD800, BlocksNum 0x4E8835F
13:05:58.0762 0x0464 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x10356800, BlocksNum 0xCE6F170
13:05:58.0762 0x0464 \Device\Harddisk1\DR1:
13:05:58.0762 0x0464 GPT partitions:
13:05:58.0762 0x0464 \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {C6A5D127-256F-455B-95BC-DEB3E6554E0B}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
13:05:58.0762 0x0464 \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {7914006A-E3F1-4646-B215-182A63CDA362}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0xDF54000
13:05:58.0762 0x0464 MBR partitions:
13:05:58.0762 0x0464 ============================================================
13:05:58.0762 0x0464 C: <-> \Device\Harddisk0\DR0\Partition1
13:05:58.0762 0x0464 D: <-> \Device\Harddisk0\DR0\Partition2
13:05:58.0777 0x0464 E: <-> \Device\Harddisk0\DR0\Partition3
13:05:58.0777 0x0464 H: <-> \Device\Harddisk1\DR1\Partition2
13:05:58.0777 0x0464 ============================================================
13:05:58.0777 0x0464 Initialize success
13:05:58.0777 0x0464 ============================================================
13:06:52.0426 0x128c ============================================================
13:06:52.0426 0x128c Scan started
13:06:52.0426 0x128c Mode: Manual; SigCheck; TDLFS;
13:06:52.0426 0x128c ============================================================
13:06:52.0426 0x128c KSN ping started
13:06:54.0859 0x128c KSN ping finished: true
13:06:55.0156 0x128c ================ Scan system memory ========================
13:06:55.0156 0x128c System memory - ok
13:06:55.0156 0x128c ================ Scan services =============================
13:06:55.0171 0x128c [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
13:06:55.0218 0x128c 1394ohci - ok
13:06:55.0218 0x128c [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
13:06:55.0234 0x128c ACPI - ok
13:06:55.0234 0x128c [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
13:06:55.0249 0x128c AcpiPmi - ok
13:06:55.0249 0x128c [ 4C72FDD915D62EAEF149BD9C73AB9CF4, 8EA45A1B88DFD819F0ADA3AF36D464E1BF52574269592370E0CC8D0490680E1F ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:06:55.0249 0x128c AdobeARMservice - ok
13:06:55.0265 0x128c [ 4E48A7DF7ECACB38C686B2BEBAA687A3, D4DEE6BD464855B24A6D40BC6A9279B2041099615C6A319D869DA113AD896EA3 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:06:55.0280 0x128c AdobeFlashPlayerUpdateSvc - ok
13:06:55.0296 0x128c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
13:06:55.0312 0x128c adp94xx - ok
13:06:55.0312 0x128c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
13:06:55.0327 0x128c adpahci - ok
13:06:55.0327 0x128c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
13:06:55.0343 0x128c adpu320 - ok
13:06:55.0343 0x128c [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:06:55.0358 0x128c AeLookupSvc - ok
13:06:55.0374 0x128c [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
13:06:55.0390 0x128c AFD - ok
13:06:55.0390 0x128c [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
13:06:55.0405 0x128c agp440 - ok
13:06:55.0405 0x128c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
13:06:55.0421 0x128c ALG - ok
13:06:55.0421 0x128c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
13:06:55.0421 0x128c aliide - ok
13:06:55.0421 0x128c ALSysIO - ok
13:06:55.0421 0x128c [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
13:06:55.0436 0x128c amdide - ok
13:06:55.0436 0x128c [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
13:06:55.0452 0x128c AmdK8 - ok
13:06:55.0452 0x128c [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
13:06:55.0452 0x128c AmdPPM - ok
13:06:55.0468 0x128c [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
13:06:55.0468 0x128c amdsata - ok
13:06:55.0468 0x128c [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
13:06:55.0483 0x128c amdsbs - ok
13:06:55.0483 0x128c [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
13:06:55.0499 0x128c amdxata - ok
13:06:55.0499 0x128c [ 80B9412C4DE09147581FC935FB4C97AB, 0C9661F7B5EF7F9D61981790B7AB64E3375BD117962166619D0CC546A2D014D3 ] AppID C:\Windows\system32\drivers\appid.sys
13:06:55.0499 0x128c AppID - ok
13:06:55.0514 0x128c [ F71CA01C24FC3798A717B5A6F682F9AD, 8CF1C209E7BBBAD02D6D087293C0B681CDA3170AF119CA2916C2708D8801E749 ] AppIDSvc C:\Windows\System32\appidsvc.dll
13:06:55.0514 0x128c AppIDSvc - ok
13:06:55.0514 0x128c [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
13:06:55.0530 0x128c Appinfo - ok
13:06:55.0530 0x128c [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:06:55.0546 0x128c Apple Mobile Device - ok
13:06:55.0561 0x128c [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
13:06:55.0561 0x128c AppMgmt - ok
13:06:55.0577 0x128c [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
13:06:55.0577 0x128c arc - ok
13:06:55.0577 0x128c [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
13:06:55.0592 0x128c arcsas - ok
13:06:55.0592 0x128c [ 4DFF4312661F54EE87DC9A13CAEE60E0, 8821D2CA4036E764EFF71108735148FF54D3275DDCE1860EC7D67B2355E8DF82 ] asahci64 C:\Windows\system32\DRIVERS\asahci64.sys
13:06:55.0608 0x128c asahci64 - ok
13:06:55.0608 0x128c [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:06:55.0624 0x128c aspnet_state - ok
13:06:55.0624 0x128c [ 0C3F9E39C0B10D351026D580D9FF6F86, 0A19F09FD2EF200BED07CDBC4AAF41261A0C0468F680A5AAEBCD26B371676D53 ] AsrRamDisk C:\Windows\system32\DRIVERS\AsrRamDisk.sys
13:06:55.0624 0x128c AsrRamDisk - ok
13:06:55.0639 0x128c [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:06:55.0655 0x128c AsyncMac - ok
13:06:55.0655 0x128c [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
13:06:55.0655 0x128c atapi - ok
13:06:55.0670 0x128c [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:06:55.0686 0x128c AudioEndpointBuilder - ok
13:06:55.0702 0x128c [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv C:\Windows\System32\Audiosrv.dll
13:06:55.0717 0x128c AudioSrv - ok
13:06:55.0733 0x128c [ E058520EEE9DAC4613D846596FF82D92, 0291075CA16ACB79F4989DE44D381F5742A2A3601F22C3600AE236D864E3370E ] avc3 C:\Windows\system32\DRIVERS\avc3.sys
13:06:55.0748 0x128c avc3 - ok
13:06:55.0764 0x128c [ 3B9549FEF98AB1768A1D6A919F355B70, 0014914051CB54CD7CC25561D29099A19DCFB2E1810FF635F9B6AD3D9C6FBC4B ] avchv C:\Windows\system32\DRIVERS\avchv.sys
13:06:55.0780 0x128c avchv - ok
13:06:55.0780 0x128c [ 62C4DB41DAEA0FC1F5CB103B023D1068, 8C04FDF08CB487A775C8970527AE8115D9CE538781C607F703EE49674C63BA56 ] avckf C:\Windows\system32\DRIVERS\avckf.sys
13:06:55.0811 0x128c avckf - ok
13:06:55.0811 0x128c [ 528FFA0794B3A84413C35F149917105E, 42CC7CB752062D34C21A115E71B749BBFC22F74880AA1A14EB8C46FC87905BA3 ] AVEO C:\Windows\system32\DRIVERS\AVEOdcnt.sys
13:06:55.0826 0x128c AVEO - ok
13:06:55.0826 0x128c [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
13:06:55.0842 0x128c AxInstSV - ok
13:06:55.0842 0x128c AxtuDrv - ok
13:06:55.0858 0x128c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
13:06:55.0873 0x128c b06bdrv - ok
13:06:55.0873 0x128c [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
13:06:55.0889 0x128c b57nd60a - ok
13:06:55.0889 0x128c [ 6618F3780323393458130C1BEA90AFEC, 78084BB9C5797C99EA693AC7E51E44D05C55BD99745AAFD3FC7A62CF86FF2AC2 ] BdDesktopParental C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe
13:06:55.0904 0x128c BdDesktopParental - ok
13:06:55.0904 0x128c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
13:06:55.0920 0x128c BDESVC - ok
13:06:55.0920 0x128c [ 3FAFE12C5D1D4D5F3567E7A0A2F15A7C, B77455872683563C12963E1D8FC349FB33B048D615FD299571A2DCF1598C0A9F ] BdfNdisf c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys
13:06:55.0920 0x128c BdfNdisf - ok
13:06:55.0936 0x128c [ 4CE4B0098FC315C237FA8867F07886C4, 475B2D86EE7658372D868ABC9ACA965FDD8212D3AE2C6E4749DC53DBA3DC19D6 ] bdfwfpf C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys
13:06:55.0936 0x128c bdfwfpf - ok
13:06:55.0936 0x128c [ 5B9DECBB17E58AB7C3A41EEF6B216768, EBBEB7E48308F7C6D52DC232345C4C52DA079F0441B3F7139080BA28A7F5AE0D ] BDSandBox C:\Windows\system32\drivers\bdsandbox.sys
13:06:55.0951 0x128c BDSandBox - ok
13:06:55.0951 0x128c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
13:06:55.0967 0x128c Beep - ok
13:06:55.0982 0x128c [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
13:06:55.0998 0x128c BFE - ok
13:06:56.0014 0x128c [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
13:06:56.0045 0x128c BITS - ok
13:06:56.0060 0x128c [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
13:06:56.0060 0x128c blbdrive - ok
13:06:56.0060 0x128c [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:06:56.0076 0x128c bowser - ok
13:06:56.0076 0x128c [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
13:06:56.0092 0x128c BrFiltLo - ok
13:06:56.0092 0x128c [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
13:06:56.0092 0x128c BrFiltUp - ok
13:06:56.0107 0x128c [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
13:06:56.0107 0x128c Browser - ok
13:06:56.0123 0x128c [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
13:06:56.0123 0x128c Brserid - ok
13:06:56.0138 0x128c [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
13:06:56.0138 0x128c BrSerWdm - ok
13:06:56.0138 0x128c [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
13:06:56.0154 0x128c BrUsbMdm - ok
13:06:56.0154 0x128c [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
13:06:56.0170 0x128c BrUsbSer - ok
13:06:56.0170 0x128c [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
13:06:56.0185 0x128c BTHMODEM - ok
13:06:56.0185 0x128c [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
13:06:56.0201 0x128c bthserv - ok
13:06:56.0201 0x128c [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:06:56.0232 0x128c cdfs - ok
13:06:56.0232 0x128c [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
13:06:56.0248 0x128c cdrom - ok
13:06:56.0248 0x128c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
13:06:56.0263 0x128c CertPropSvc - ok
13:06:56.0263 0x128c [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
13:06:56.0279 0x128c circlass - ok
13:06:56.0294 0x128c [ ED81E81752CA817AFA740C14AD05BC6C, 9E4B04D4604B96866B3ED18433914BF7ECF3F746CDB34ED856FFC418AAB3C04F ] cjpcsc C:\Windows\SysWOW64\cjpcsc.exe
13:06:56.0326 0x128c cjpcsc - ok
13:06:56.0326 0x128c [ 06E1F5228399FC49A8D026DA38DB6784, 5554071E5C55FC7EF3C7C95F0BC565509C3F0C03E0814C98376932A9D1C32AA6 ] cjusb C:\Windows\system32\DRIVERS\cjusb.sys
13:06:56.0341 0x128c cjusb - ok
13:06:56.0341 0x128c [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
13:06:56.0357 0x128c CLFS - ok
13:06:56.0357 0x128c [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:06:56.0372 0x128c clr_optimization_v2.0.50727_32 - ok
13:06:56.0372 0x128c [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:06:56.0388 0x128c clr_optimization_v2.0.50727_64 - ok
13:06:56.0388 0x128c [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:06:56.0388 0x128c clr_optimization_v4.0.30319_32 - ok
13:06:56.0404 0x128c [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:06:56.0404 0x128c clr_optimization_v4.0.30319_64 - ok
13:06:56.0419 0x128c [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
13:06:56.0419 0x128c CmBatt - ok
13:06:56.0419 0x128c [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
13:06:56.0435 0x128c cmdide - ok
13:06:56.0435 0x128c [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
13:06:56.0450 0x128c CNG - ok
13:06:56.0450 0x128c [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
13:06:56.0466 0x128c Compbatt - ok
13:06:56.0466 0x128c [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
13:06:56.0482 0x128c CompositeBus - ok
13:06:56.0482 0x128c COMSysApp - ok
13:06:56.0482 0x128c [ 815F3180B5117E42E422188E9CCC89C6, 69E539D33F3B9F3562FE4B21D853EEBB15DBD2106509FEBD476D04562F34AC08 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
13:06:56.0528 0x128c cphs - ok
13:06:56.0528 0x128c [ 5212E0957468D3F94D90FA7A0F06B58F, 955DAC77A0148E9F9ED744F5D341CB9C9118261E52FE622AC6213965F2BC4CAD ] cpuz137 C:\Program Files (x86)\CPUID\PC Wizard 2013\pcwiz_x64.sys
13:06:56.0528 0x128c cpuz137 - ok
13:06:56.0528 0x128c [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
13:06:56.0544 0x128c crcdisk - ok
13:06:56.0544 0x128c [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:06:56.0560 0x128c CryptSvc - ok
13:06:56.0560 0x128c [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
13:06:56.0575 0x128c CSC - ok
13:06:56.0591 0x128c [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
13:06:56.0606 0x128c CscService - ok
13:06:56.0622 0x128c [ D06E443457FADC6B1AFAF3AA4B6936F6, 109B4D05E156604AFB3D63B380CC063B900AEB12F57A1D235B9F9399EE0909C7 ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
13:06:56.0622 0x128c dc3d - ok
13:06:56.0638 0x128c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
13:06:56.0669 0x128c DcomLaunch - ok
13:06:56.0669 0x128c [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
13:06:56.0700 0x128c defragsvc - ok
13:06:56.0700 0x128c [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:06:56.0716 0x128c DfsC - ok
13:06:56.0731 0x128c [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
13:06:56.0731 0x128c Dhcp - ok
13:06:56.0747 0x128c [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
13:06:56.0762 0x128c discache - ok
13:06:56.0762 0x128c [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
13:06:56.0762 0x128c Disk - ok
13:06:56.0778 0x128c [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
13:06:56.0778 0x128c dmvsc - ok
13:06:56.0794 0x128c [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:06:56.0794 0x128c Dnscache - ok
13:06:56.0809 0x128c [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
13:06:56.0825 0x128c dot3svc - ok
13:06:56.0825 0x128c [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
13:06:56.0856 0x128c DPS - ok
13:06:56.0856 0x128c [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:06:56.0856 0x128c drmkaud - ok
13:06:56.0872 0x128c [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:06:56.0903 0x128c DXGKrnl - ok
13:06:56.0903 0x128c [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
13:06:56.0934 0x128c EapHost - ok
13:06:56.0981 0x128c [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
13:06:57.0028 0x128c ebdrv - ok
13:06:57.0043 0x128c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
13:06:57.0043 0x128c EFS - ok
13:06:57.0059 0x128c [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:06:57.0074 0x128c ehRecvr - ok
13:06:57.0090 0x128c [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
13:06:57.0090 0x128c ehSched - ok
13:06:57.0090 0x128c [ BF59ED37F8F555E8CE35D62DE9794CAC, BD8D7E5413461B4EF8692E5E46E67F13D2FFE109B450BB3610D884EAB3E9A6A7 ] EIO C:\Windows\system32\drivers\EIO64.sys
13:06:57.0106 0x128c EIO - detected UnsignedFile.Multi.Generic ( 1 )
13:06:59.0570 0x128c Detect skipped due to KSN trusted
13:06:59.0570 0x128c EIO - ok
13:06:59.0586 0x128c [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
13:06:59.0602 0x128c elxstor - ok
13:06:59.0602 0x128c [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
13:06:59.0602 0x128c ErrDev - ok
13:06:59.0617 0x128c [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
13:06:59.0648 0x128c EventSystem - ok
13:06:59.0648 0x128c [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
13:06:59.0680 0x128c exfat - ok
13:06:59.0680 0x128c [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:06:59.0695 0x128c fastfat - ok
13:06:59.0711 0x128c [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
13:06:59.0726 0x128c Fax - ok
13:06:59.0726 0x128c [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
13:06:59.0742 0x128c fdc - ok
13:06:59.0742 0x128c [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
13:06:59.0758 0x128c fdPHost - ok
13:06:59.0773 0x128c [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
13:06:59.0789 0x128c FDResPub - ok
13:06:59.0789 0x128c [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:06:59.0804 0x128c FileInfo - ok
13:06:59.0804 0x128c [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:06:59.0820 0x128c Filetrace - ok
13:06:59.0820 0x128c [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
13:06:59.0836 0x128c flpydisk - ok
13:06:59.0836 0x128c [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:06:59.0851 0x128c FltMgr - ok
13:06:59.0867 0x128c [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
13:06:59.0898 0x128c FontCache - ok
13:06:59.0898 0x128c [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:06:59.0898 0x128c FontCache3.0.0.0 - ok
13:06:59.0898 0x128c [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
13:06:59.0914 0x128c FsDepends - ok
13:06:59.0914 0x128c [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:06:59.0914 0x128c Fs_Rec - ok
13:06:59.0929 0x128c [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
13:06:59.0945 0x128c fvevol - ok
13:06:59.0945 0x128c [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
13:06:59.0945 0x128c gagp30kx - ok
13:06:59.0945 0x128c [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:06:59.0960 0x128c GEARAspiWDM - ok
13:06:59.0976 0x128c [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
13:07:00.0007 0x128c gpsvc - ok
13:07:00.0007 0x128c [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:07:00.0007 0x128c gupdate - ok
13:07:00.0023 0x128c [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:07:00.0023 0x128c gupdatem - ok
13:07:00.0023 0x128c [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
13:07:00.0054 0x128c gusvc - ok
13:07:00.0054 0x128c [ 0A9D58AABD01DA97B1D101473EFA7659, C18EA4F5BF569C230AD682A418F69B6E4209AD467BCCBDABD0515DBB582BF04B ] gzflt C:\Windows\system32\DRIVERS\gzflt.sys
13:07:00.0070 0x128c gzflt - ok
13:07:00.0070 0x128c [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
13:07:00.0085 0x128c hcw85cir - ok
13:07:00.0085 0x128c [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:07:00.0101 0x128c HdAudAddService - ok
13:07:00.0101 0x128c [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
13:07:00.0116 0x128c HDAudBus - ok
13:07:00.0116 0x128c [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
13:07:00.0132 0x128c HidBatt - ok
13:07:00.0132 0x128c [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
13:07:00.0148 0x128c HidBth - ok
13:07:00.0148 0x128c [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
13:07:00.0148 0x128c HidIr - ok
13:07:00.0163 0x128c [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
13:07:00.0179 0x128c hidserv - ok
13:07:00.0179 0x128c [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
13:07:00.0194 0x128c HidUsb - ok
13:07:00.0194 0x128c [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
13:07:00.0210 0x128c hkmsvc - ok
13:07:00.0226 0x128c [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:07:00.0226 0x128c HomeGroupListener - ok
13:07:00.0241 0x128c [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:07:00.0241 0x128c HomeGroupProvider - ok
13:07:00.0241 0x128c [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
13:07:00.0257 0x128c HpSAMD - ok
13:07:00.0272 0x128c [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:07:00.0304 0x128c HTTP - ok
13:07:00.0304 0x128c [ E5805896A55D4166C20F216249F40FA3, F426BF60D5B916E7A778EF24C49FE1FFE1B2977C2ABD2977FD5C38C6E6CB139F ] HWiNFO32 C:\Windows\system32\drivers\HWiNFO64A.SYS
13:07:00.0304 0x128c HWiNFO32 - ok
13:07:00.0304 0x128c [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
13:07:00.0319 0x128c hwpolicy - ok
13:07:00.0319 0x128c [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
13:07:00.0335 0x128c i8042prt - ok
13:07:00.0335 0x128c [ C224331A54571C8C9162F7714400BBBD, C2CA4881ACD46071E67435BE5E3DB133D0743B026FD20D6D6E26B2FE7A03FCAA ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
13:07:00.0350 0x128c iaStor - ok
13:07:00.0366 0x128c [ 6C91E425ACE29594BD574DE38AC9B76D, 697784E4C7AF08B1F35662D8AD871E6890CECE22B6E64985B7C1A66C10DA390D ] iaStorA C:\Windows\system32\DRIVERS\iaStorA.sys
13:07:00.0382 0x128c iaStorA - ok
13:07:00.0382 0x128c [ 0AB254994A460550258446950BB58311, BD10811912680DD3B814B7D1303785C996D892C79108110A2257E9BD0C28245C ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
13:07:00.0397 0x128c IAStorDataMgrSvc - ok
13:07:00.0397 0x128c [ 2B38F13E18E272459CD2CE83E6722C12, 58FB127C05FF7399F88F3B53CE4B460A7D3EA739AFCD273C0E687053BBA074D6 ] iaStorF C:\Windows\system32\DRIVERS\iaStorF.sys
13:07:00.0413 0x128c iaStorF - ok
13:07:00.0413 0x128c [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
13:07:00.0428 0x128c iaStorV - ok
13:07:00.0444 0x128c [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:07:00.0460 0x128c idsvc - ok
13:07:00.0460 0x128c IEEtwCollectorService - ok
13:07:00.0538 0x128c [ 348214F96642FD4FEF630DE021BA3540, B6A7D2EA41F6866F5AFF5022BB459E5AFF683FF2FF470B84F3E911C8AEC47C30 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
13:07:00.0631 0x128c igfx - ok
13:07:00.0631 0x128c [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
13:07:00.0647 0x128c iirsp - ok
13:07:00.0647 0x128c [ F2C300C2E56F016B485B88080CD7D2FE, 3C4904B3BA45C0DCCD6789E9C7FC1191BCA3C6B498CDE5D77CA06359FBBDD5E7 ] ikbevent C:\Windows\system32\DRIVERS\ikbevent.sys
13:07:00.0647 0x128c ikbevent - ok
13:07:00.0663 0x128c [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
13:07:00.0694 0x128c IKEEXT - ok
13:07:00.0694 0x128c [ 5082439C30729042C60075A1176DA19C, 3747C6740EF33BF21FB9DE44025436D42085116341EBD2D6FD6CC5518A7E42F4 ] imsevent C:\Windows\system32\DRIVERS\imsevent.sys
13:07:00.0694 0x128c imsevent - ok
13:07:00.0741 0x128c [ F2744FD54BE1580BE05916D1C755C92A, 27FAC146876B6C6EBE0C00CDEC3E01C69DACB2584BEC85DD0FE5B55AD2157452 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
13:07:00.0787 0x128c IntcAzAudAddService - ok
13:07:00.0803 0x128c [ 6C9FFFECA9FED31347D211C5D1FFBD2D, 36CF8B847FAED0D978B3169ED550CC958025902CAC1D7D304E2684B2483E72B8 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
13:07:00.0819 0x128c IntcDAud - ok
13:07:00.0834 0x128c [ B353F1834FCD36D77BE3F74992C147D4, BFBC42B500FC7D6D2B523F988DD54156D2B6132CBE366EB591BF45556959A8E9 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
13:07:00.0850 0x128c Intel(R) Capability Licensing Service Interface - ok
13:07:00.0850 0x128c [ 125BED41A1AFDA9CAB2B6177553D5758, 00A6267AACC467FA09B49ECC6076F4C666BE98931C97D821E3225D68A3FF1BF1 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
13:07:00.0865 0x128c Intel(R) ME Service - ok
13:07:00.0881 0x128c [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
13:07:00.0881 0x128c intelide - ok
13:07:00.0881 0x128c [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
13:07:00.0897 0x128c intelppm - ok
13:07:00.0897 0x128c [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:07:00.0928 0x128c IPBusEnum - ok
13:07:00.0928 0x128c [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:07:00.0943 0x128c IpFilterDriver - ok
13:07:00.0959 0x128c [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
13:07:00.0975 0x128c iphlpsvc - ok
13:07:00.0975 0x128c [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
13:07:00.0990 0x128c IPMIDRV - ok
13:07:00.0990 0x128c [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
13:07:01.0006 0x128c IPNAT - ok
13:07:01.0006 0x128c [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:07:01.0021 0x128c IRENUM - ok
13:07:01.0021 0x128c [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:07:01.0037 0x128c isapnp - ok
13:07:01.0037 0x128c [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
13:07:01.0053 0x128c iScsiPrt - ok
13:07:01.0053 0x128c [ 5AB18D8055A4280C0F377A6262F3157E, 091366AE17601407E2A882BFF7901F1970C1111DA935B913BEAA2AFA76D4EEA2 ] ISCT C:\Windows\system32\DRIVERS\ISCTD64.sys
13:07:01.0053 0x128c ISCT - ok
13:07:01.0068 0x128c [ B1010068CC23F73B874A70B94D6C8373, 9B11E1CE020F003153261F676B7AA479AF70E3A7CD748A0E79CF5E97C02A8FA5 ] ISCTAgent C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
13:07:01.0068 0x128c ISCTAgent - ok
13:07:01.0084 0x128c [ 5C9B001D8970C2DA36254A916F3DA8F7, 625AC5C3DFAE52BD34EC3F93742D1D2C229785E4F0F3484CFB7B8728A1C830DF ] iumsvc C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
13:07:01.0099 0x128c iumsvc - ok
13:07:01.0099 0x128c [ 6BCEF45131C8B8E1C558BE540B190B3C, DFFED7FD9DCC15808184E65065DE6138FE010AC01217E5016B2D20A5B89AC570 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
13:07:01.0115 0x128c iusb3hcs - ok
13:07:01.0115 0x128c [ F080EADA8715F811B58BD35BB774F2F9, 06D5A70CBA89561A71B9CB64D7A298767F098395411A7022F414C7D0AC89A44D ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
13:07:01.0131 0x128c iusb3hub - ok
13:07:01.0146 0x128c [ 0F1756D9396740F053221FA6260FCE66, 0B722BF6BCF66BBD49DE0E92555742976AB33319CF504461A50181BF7A77E886 ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
13:07:01.0162 0x128c iusb3xhc - ok
13:07:01.0162 0x128c [ 5B14FDE79871F83A5E0DCDC01F78BECF, B3103D4671F7BD4843C62D6080894E068F7E794CB02D7A84AEFB5AC10EA23BDE ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
13:07:01.0177 0x128c jhi_service - ok
13:07:01.0193 0x128c [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
13:07:01.0193 0x128c kbdclass - ok
13:07:01.0193 0x128c [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
13:07:01.0209 0x128c kbdhid - ok
13:07:01.0209 0x128c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
13:07:01.0209 0x128c KeyIso - ok
13:07:01.0224 0x128c [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:07:01.0224 0x128c KSecDD - ok
13:07:01.0224 0x128c [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
13:07:01.0240 0x128c KSecPkg - ok
13:07:01.0240 0x128c [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
13:07:01.0255 0x128c ksthunk - ok
13:07:01.0271 0x128c [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
13:07:01.0302 0x128c KtmRm - ok
13:07:01.0302 0x128c [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
13:07:01.0318 0x128c LanmanServer - ok
13:07:01.0333 0x128c [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:07:01.0349 0x128c LanmanWorkstation - ok
13:07:01.0349 0x128c [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:07:01.0380 0x128c lltdio - ok
13:07:01.0380 0x128c [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:07:01.0411 0x128c lltdsvc - ok
13:07:01.0411 0x128c [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:07:01.0427 0x128c lmhosts - ok
13:07:01.0443 0x128c [ 3974B7CE015A6EEF30DA4ADD5F1203D0, ED776F1C1B1834550F3D45591EB1F0829BBA07F9F7CB73F7FBB0AFDEF8F4411B ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
13:07:01.0458 0x128c LMS - ok
13:07:01.0474 0x128c [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
13:07:01.0474 0x128c LSI_FC - ok
13:07:01.0474 0x128c [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
13:07:01.0489 0x128c LSI_SAS - ok
13:07:01.0489 0x128c [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
13:07:01.0505 0x128c LSI_SAS2 - ok
13:07:01.0505 0x128c [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
13:07:01.0505 0x128c LSI_SCSI - ok
13:07:01.0521 0x128c [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
13:07:01.0536 0x128c luafv - ok
13:07:01.0536 0x128c [ 8FF2D95CBA49B405C5DE27039FF0BF35, 03BF7FC7F1C2C76EDB583BA342EA1C325DB8058517744EF2A78529D3938F4DC1 ] MBfilt C:\Windows\system32\drivers\MBfilt64.sys
13:07:01.0552 0x128c MBfilt - ok
13:07:01.0552 0x128c [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
13:07:01.0567 0x128c Mcx2Svc - ok
13:07:01.0567 0x128c [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
13:07:01.0567 0x128c megasas - ok
13:07:01.0583 0x128c [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
13:07:01.0583 0x128c MegaSR - ok
13:07:01.0599 0x128c [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
13:07:01.0599 0x128c MEIx64 - ok
13:07:01.0599 0x128c [ 8D0E52F36A153D099DE7D5A1E233FAC7, 8E908122262C54E166F2E4D0B5C91EEC94E1B231B221B0841CDD932DD8B1B782 ] mf C:\Windows\system32\DRIVERS\mf.sys
13:07:01.0614 0x128c mf - ok
13:07:01.0614 0x128c [ 9148ECE338B0D9E3D97479459FE282A7, AD3ADE91EF6AA58DA6982041851AFBA4F6D52ADDBEED033BEA023B5CA6313B72 ] MirayVirtualDisk C:\Windows\system32\DRIVERS\mvd.sys
13:07:01.0630 0x128c MirayVirtualDisk - ok
13:07:01.0630 0x128c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
13:07:01.0645 0x128c MMCSS - ok
13:07:01.0661 0x128c [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
13:07:01.0677 0x128c Modem - ok
13:07:01.0677 0x128c [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:07:01.0692 0x128c monitor - ok
13:07:01.0692 0x128c [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
13:07:01.0692 0x128c mouclass - ok
13:07:01.0692 0x128c [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:07:01.0708 0x128c mouhid - ok
13:07:01.0708 0x128c [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
13:07:01.0723 0x128c mountmgr - ok
13:07:01.0723 0x128c [ 9E587AFE2AD4873C809F1E0C598AB435, 0B0ECFF265120BCBAC37CF9B53B18462725AB991D00B90DBEE8DD9375121DA4F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:07:01.0723 0x128c MozillaMaintenance - ok
13:07:01.0739 0x128c [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
13:07:01.0739 0x128c mpio - ok
13:07:01.0739 0x128c [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:07:01.0770 0x128c mpsdrv - ok
13:07:01.0786 0x128c [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
13:07:01.0817 0x128c MpsSvc - ok
13:07:01.0817 0x128c [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:07:01.0833 0x128c MRxDAV - ok
13:07:01.0833 0x128c [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:07:01.0848 0x128c mrxsmb - ok
13:07:01.0848 0x128c [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:07:01.0864 0x128c mrxsmb10 - ok
13:07:01.0864 0x128c [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:07:01.0879 0x128c mrxsmb20 - ok
13:07:01.0879 0x128c [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
13:07:01.0879 0x128c msahci - ok
13:07:01.0879 0x128c [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
13:07:01.0895 0x128c msdsm - ok
13:07:01.0895 0x128c [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
13:07:01.0911 0x128c MSDTC - ok
13:07:01.0911 0x128c [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:07:01.0926 0x128c Msfs - ok
13:07:01.0942 0x128c [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
13:07:01.0957 0x128c mshidkmdf - ok
13:07:01.0957 0x128c [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
13:07:01.0957 0x128c msisadrv - ok
13:07:01.0973 0x128c [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:07:01.0989 0x128c MSiSCSI - ok
13:07:01.0989 0x128c msiserver - ok
13:07:02.0004 0x128c [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:07:02.0020 0x128c MSKSSRV - ok
13:07:02.0020 0x128c [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:07:02.0035 0x128c MSPCLOCK - ok
13:07:02.0035 0x128c [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:07:02.0067 0x128c MSPQM - ok
13:07:02.0067 0x128c [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:07:02.0082 0x128c MsRPC - ok
13:07:02.0082 0x128c [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
13:07:02.0098 0x128c mssmbios - ok
13:07:02.0098 0x128c [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:07:02.0113 0x128c MSTEE - ok
13:07:02.0113 0x128c [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
13:07:02.0129 0x128c MTConfig - ok
13:07:02.0129 0x128c [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
13:07:02.0129 0x128c Mup - ok
13:07:02.0145 0x128c [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
13:07:02.0176 0x128c napagent - ok
13:07:02.0176 0x128c [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:07:02.0191 0x128c NativeWifiP - ok
13:07:02.0207 0x128c [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
13:07:02.0223 0x128c NDIS - ok
13:07:02.0223 0x128c [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
13:07:02.0254 0x128c NdisCap - ok
13:07:02.0254 0x128c [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:07:02.0269 0x128c NdisTapi - ok
13:07:02.0269 0x128c [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:07:02.0301 0x128c Ndisuio - ok
13:07:02.0301 0x128c [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:07:02.0316 0x128c NdisWan - ok
13:07:02.0332 0x128c [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:07:02.0347 0x128c NDProxy - ok
13:07:02.0347 0x128c [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:07:02.0363 0x128c NetBIOS - ok
13:07:02.0379 0x128c [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
13:07:02.0394 0x128c NetBT - ok
13:07:02.0394 0x128c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
13:07:02.0410 0x128c Netlogon - ok
13:07:02.0425 0x128c [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
13:07:02.0457 0x128c Netman - ok
13:07:02.0457 0x128c [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:07:02.0472 0x128c NetMsmqActivator - ok
13:07:02.0472 0x128c [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:07:02.0488 0x128c NetPipeActivator - ok
13:07:02.0488 0x128c [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
13:07:02.0519 0x128c netprofm - ok
13:07:02.0519 0x128c [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:07:02.0535 0x128c NetTcpActivator - ok
13:07:02.0535 0x128c [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:07:02.0535 0x128c NetTcpPortSharing - ok
13:07:02.0550 0x128c [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
13:07:02.0550 0x128c nfrd960 - ok
13:07:02.0566 0x128c [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
13:07:02.0566 0x128c NlaSvc - ok
13:07:02.0581 0x128c [ 2F48AB72B6D554A41817020171DC53D6, 1A38EB92C47A3481E27BE91DDC525952A8B01C0D2B7327116C5F78703A75105A ] NmPar C:\Windows\system32\DRIVERS\NmPar.sys
13:07:02.0581 0x128c NmPar - ok
13:07:02.0581 0x128c [ F88743804730A94A0CDDC043AC75D193, C1FCFB39375FA5661A3C5490F09E32D5C43392B24D628B959358BF21A2C9AA2F ] nmserial C:\Windows\system32\DRIVERS\nmserial.sys
13:07:02.0597 0x128c nmserial - ok
13:07:02.0597 0x128c [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:07:02.0613 0x128c Npfs - ok
13:07:02.0613 0x128c [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
13:07:02.0644 0x128c nsi - ok
13:07:02.0644 0x128c [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:07:02.0659 0x128c nsiproxy - ok
13:07:02.0691 0x128c [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:07:02.0722 0x128c Ntfs - ok
13:07:02.0722 0x128c [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
13:07:02.0737 0x128c Null - ok
13:07:02.0753 0x128c [ 786DB821BFD57C0551DBBE4F75384A7D, F956D636F834F2BA5F019E187FDB9CC33940363C75A60E53CD81310A4DB6A6AB ] nusb3hub C:\Windows\system32\drivers\nusb3hub.sys
13:07:02.0753 0x128c nusb3hub - ok
13:07:02.0769 0x128c [ DAA8005CAF745042BB427A1ED7433354, 3019002F174783B76D5D8AA47F7A465B7FEC7C14235B70E5C9277FE534839226 ] nusb3xhc C:\Windows\system32\drivers\nusb3xhc.sys
13:07:02.0769 0x128c nusb3xhc - ok
13:07:02.0784 0x128c [ C87B11EB78428853F9E8495C47E53C10, FAE479DB0812967B3FF968773BA998591B4F50BE4329B8349BCA7E6EAB1B0474 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
13:07:02.0784 0x128c NVHDA - ok
13:07:02.0925 0x128c [ ED4D88A04D22E6B00DB6BC8FACDBAFED, 38DDB9B353D3A24DD8390C6FB58FD513B46F9F715BC7E68D0958E78EACC3D3FA ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:07:03.0081 0x128c nvlddmkm - ok
13:07:03.0096 0x128c [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
13:07:03.0112 0x128c nvraid - ok
13:07:03.0112 0x128c [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
13:07:03.0127 0x128c nvstor - ok
13:07:03.0143 0x128c [ B7CD89EFA562A991F2864EFD3147473A, D38BAE7883BC073562C3C77DF59663B820CFE8305A3319C6E5CF8E48752E18C1 ] nvsvc C:\Windows\system32\nvvsvc.exe
13:07:03.0159 0x128c nvsvc - ok
13:07:03.0159 0x128c nvvad_WaveExtensible - ok
13:07:03.0159 0x128c [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
13:07:03.0174 0x128c nv_agp - ok
13:07:03.0174 0x128c [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
13:07:03.0190 0x128c ohci1394 - ok
13:07:03.0190 0x128c [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:07:03.0205 0x128c ose - ok
13:07:03.0268 0x128c [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
13:07:03.0346 0x128c osppsvc - ok
13:07:03.0361 0x128c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
13:07:03.0377 0x128c p2pimsvc - ok
13:07:03.0377 0x128c [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
13:07:03.0393 0x128c p2psvc - ok
13:07:03.0393 0x128c [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
13:07:03.0408 0x128c Parport - ok
13:07:03.0408 0x128c [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:07:03.0424 0x128c partmgr - ok
13:07:03.0424 0x128c [ 256390425414F90FCBC12F525A84EB11, A4992020BF6A239AD8A77125426E2C39980C9ABC971C4DBCB24B358F946AD7F9 ] PcaSvc C:\Windows\System32\pcasvc.dll
13:07:03.0439 0x128c PcaSvc - ok
13:07:03.0439 0x128c [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
13:07:03.0455 0x128c pci - ok
13:07:03.0455 0x128c [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
13:07:03.0455 0x128c pciide - ok
13:07:03.0455 0x128c [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
13:07:03.0471 0x128c pcmcia - ok
13:07:03.0471 0x128c [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
13:07:03.0486 0x128c pcw - ok
13:07:03.0486 0x128c [ 946010CDFA91469351B22E2620CEBCD8, F099C92706D42ADC289B72724F7932E5D4F62A427AEC967DDB0A1D728AE59A63 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:07:03.0517 0x128c PEAUTH - ok
13:07:03.0533 0x128c [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
13:07:03.0564 0x128c PeerDistSvc - ok
13:07:03.0580 0x128c [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
13:07:03.0580 0x128c PerfHost - ok
13:07:03.0611 0x128c [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
13:07:03.0642 0x128c pla - ok
13:07:03.0658 0x128c [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:07:03.0673 0x128c PlugPlay - ok
13:07:03.0673 0x128c [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
13:07:03.0689 0x128c PNRPAutoReg - ok
13:07:03.0689 0x128c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
13:07:03.0705 0x128c PNRPsvc - ok
13:07:03.0705 0x128c [ E4799B87675C59AA1F620DE5C6F113BB, 094EE16D4CEC68DB316002994482344A6BFCFDE399131F7FA11BB46C2DCBF218 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
13:07:03.0705 0x128c Point64 - ok
13:07:03.0720 0x128c [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:07:03.0751 0x128c PolicyAgent - ok
13:07:03.0751 0x128c [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
13:07:03.0783 0x128c Power - ok
13:07:03.0783 0x128c [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:07:03.0798 0x128c PptpMiniport - ok
13:07:03.0814 0x128c [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
13:07:03.0814 0x128c Processor - ok
13:07:03.0814 0x128c [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
13:07:03.0829 0x128c ProfSvc - ok
13:07:03.0829 0x128c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:07:03.0845 0x128c ProtectedStorage - ok
13:07:03.0845 0x128c [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
13:07:03.0861 0x128c Psched - ok
13:07:03.0876 0x128c [ 6DAD398D60B9F6BAF0D3C53184C3CA4D, A63819B9CB38BD9E6DC4DADDBAB38CA8A3CEA1D8DB33AF4057A2135C160B40EC ] pwdrvio C:\Windows\system32\pwdrvio.sys
13:07:03.0876 0x128c pwdrvio - ok
13:07:03.0876 0x128c [ FE194DD23B549C1C397EB1102EC84EDC, E1C9355A647584A8527B9BBBD3450E814FF0876C7C79496E8C718D9D5177591B ] pwdspio C:\Windows\system32\pwdspio.sys
13:07:03.0892 0x128c pwdspio - ok
13:07:03.0907 0x128c [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
13:07:03.0939 0x128c ql2300 - ok
13:07:03.0954 0x128c [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
13:07:03.0954 0x128c ql40xx - ok
13:07:03.0970 0x128c [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
13:07:03.0985 0x128c QWAVE - ok
13:07:03.0985 0x128c [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:07:04.0001 0x128c QWAVEdrv - ok
13:07:04.0001 0x128c [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:07:04.0017 0x128c RasAcd - ok
13:07:04.0017 0x128c [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
13:07:04.0048 0x128c RasAgileVpn - ok
13:07:04.0048 0x128c [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
13:07:04.0063 0x128c RasAuto - ok
13:07:04.0063 0x128c [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:07:04.0095 0x128c Rasl2tp - ok
13:07:04.0095 0x128c [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
13:07:04.0126 0x128c RasMan - ok
13:07:04.0126 0x128c [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:07:04.0157 0x128c RasPppoe - ok
13:07:04.0157 0x128c [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:07:04.0173 0x128c RasSstp - ok
13:07:04.0188 0x128c [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:07:04.0204 0x128c rdbss - ok
13:07:04.0204 0x128c [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
13:07:04.0219 0x128c rdpbus - ok
13:07:04.0219 0x128c [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:07:04.0235 0x128c RDPCDD - ok
13:07:04.0251 0x128c [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
13:07:04.0251 0x128c RDPDR - ok
13:07:04.0251 0x128c [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:07:04.0282 0x128c RDPENCDD - ok
13:07:04.0282 0x128c [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
13:07:04.0297 0x128c RDPREFMP - ok
13:07:04.0297 0x128c [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
13:07:04.0313 0x128c RdpVideoMiniport - ok
13:07:04.0313 0x128c [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:07:04.0329 0x128c RDPWD - ok
13:07:04.0329 0x128c [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
13:07:04.0344 0x128c rdyboost - ok
13:07:04.0344 0x128c [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
13:07:04.0375 0x128c RemoteAccess - ok
13:07:04.0375 0x128c [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:07:04.0391 0x128c RemoteRegistry - ok
13:07:04.0407 0x128c [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
13:07:04.0422 0x128c RpcEptMapper - ok
13:07:04.0422 0x128c [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
13:07:04.0438 0x128c RpcLocator - ok
13:07:04.0438 0x128c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
13:07:04.0469 0x128c RpcSs - ok
13:07:04.0469 0x128c [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:07:04.0500 0x128c rspndr - ok
13:07:04.0500 0x128c [ B88880586ACD3EDEFCD0F9C2A6C1EE27, 901EEA6C7CC4AA19C3D79E52D4892F9965B61D51DBE0855ACCB64BB6B2260353 ] RTL2832UBDA C:\Windows\system32\drivers\RTL2832UBDA.sys
13:07:04.0516 0x128c RTL2832UBDA - ok
13:07:04.0516 0x128c [ 4C04300EE6A5E780FD4E2F0806AECA0E, 85C01DDABEC393D85DD5F243EDF4792036209BCC01CE23296F0305AD1D2CFA71 ] RTL2832UUSB C:\Windows\system32\Drivers\RTL2832UUSB.sys
13:07:04.0516 0x128c RTL2832UUSB - ok
13:07:04.0531 0x128c [ C24DF587D59345FCA718FE550EB036D7, 50B3D26C0F633B90B399C2E466108CE0B6A592CBE969CEE4A44E5F4EC9F07258 ] RTL2832U_IRHID C:\Windows\system32\DRIVERS\RTL2832U_IRHID.sys
13:07:04.0531 0x128c RTL2832U_IRHID - ok
13:07:04.0547 0x128c [ 9140DB0911DE035FED0A9A77A2D156EA, 07C9D7E2978062ABD84B58B390360D4C0F72C6A5A2310444579DC095943BD008 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
13:07:04.0563 0x128c RTL8167 - ok
13:07:04.0563 0x128c [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
13:07:04.0563 0x128c s3cap - ok
13:07:04.0578 0x128c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
13:07:04.0578 0x128c SamSs - ok
13:07:04.0578 0x128c [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
13:07:04.0594 0x128c sbp2port - ok
13:07:04.0594 0x128c [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:07:04.0625 0x128c SCardSvr - ok
13:07:04.0625 0x128c [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
13:07:04.0641 0x128c scfilter - ok
13:07:04.0656 0x128c [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
13:07:04.0703 0x128c Schedule - ok
13:07:04.0703 0x128c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
13:07:04.0719 0x128c SCPolicySvc - ok
13:07:04.0719 0x128c [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:07:04.0734 0x128c SDRSVC - ok
13:07:04.0734 0x128c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:07:04.0765 0x128c secdrv - ok
13:07:04.0765 0x128c [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
13:07:04.0781 0x128c seclogon - ok
13:07:04.0781 0x128c [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
13:07:04.0812 0x128c SENS - ok
13:07:04.0812 0x128c [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
13:07:04.0812 0x128c SensrSvc - ok
13:07:04.0828 0x128c [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
13:07:04.0828 0x128c Serenum - ok
13:07:04.0828 0x128c [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
13:07:04.0843 0x128c Serial - ok
13:07:04.0843 0x128c [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
13:07:04.0859 0x128c sermouse - ok
13:07:04.0859 0x128c [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
13:07:04.0875 0x128c SessionEnv - ok
13:07:04.0875 0x128c [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
13:07:04.0890 0x128c sffdisk - ok
13:07:04.0890 0x128c [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
13:07:04.0906 0x128c sffp_mmc - ok
13:07:04.0906 0x128c [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
13:07:04.0921 0x128c sffp_sd - ok
13:07:04.0921 0x128c [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
13:07:04.0921 0x128c sfloppy - ok
13:07:04.0937 0x128c [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
13:07:04.0953 0x128c SharedAccess - ok
13:07:04.0968 0x128c [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:07:04.0984 0x128c ShellHWDetection - ok
13:07:04.0999 0x128c [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
13:07:04.0999 0x128c SiSRaid2 - ok
13:07:04.0999 0x128c [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
13:07:05.0015 0x128c SiSRaid4 - ok
13:07:05.0015 0x128c [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
13:07:05.0031 0x128c SkypeUpdate - ok
13:07:05.0031 0x128c [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:07:05.0062 0x128c Smb - ok
13:07:05.0062 0x128c [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:07:05.0062 0x128c SNMPTRAP - ok
13:07:05.0077 0x128c [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
13:07:05.0077 0x128c spldr - ok
13:07:05.0093 0x128c [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
13:07:05.0109 0x128c Spooler - ok
13:07:05.0155 0x128c [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
13:07:05.0233 0x128c sppsvc - ok
13:07:05.0233 0x128c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
13:07:05.0265 0x128c sppuinotify - ok
13:07:05.0265 0x128c [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
13:07:05.0280 0x128c srv - ok
13:07:05.0296 0x128c [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:07:05.0311 0x128c srv2 - ok
13:07:05.0311 0x128c [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:07:05.0327 0x128c srvnet - ok
13:07:05.0327 0x128c [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:07:05.0343 0x128c SSDPSRV - ok
13:07:05.0358 0x128c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:07:05.0374 0x128c SstpSvc - ok
13:07:05.0374 0x128c [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
13:07:05.0389 0x128c stexstor - ok
13:07:05.0389 0x128c [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
13:07:05.0421 0x128c stisvc - ok
13:07:05.0421 0x128c [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
13:07:05.0421 0x128c storflt - ok
13:07:05.0421 0x128c [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
13:07:05.0436 0x128c StorSvc - ok
13:07:05.0436 0x128c [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
13:07:05.0452 0x128c storvsc - ok
13:07:05.0452 0x128c [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
13:07:05.0452 0x128c swenum - ok
13:07:05.0467 0x128c [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
13:07:05.0499 0x128c swprv - ok
13:07:05.0514 0x128c [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
13:07:05.0561 0x128c SysMain - ok
13:07:05.0561 0x128c [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:07:05.0577 0x128c TabletInputService - ok
13:07:05.0577 0x128c [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
13:07:05.0608 0x128c TapiSrv - ok
13:07:05.0608 0x128c [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
13:07:05.0623 0x128c TBS - ok
13:07:05.0655 0x128c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:07:05.0686 0x128c Tcpip - ok
13:07:05.0717 0x128c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
13:07:05.0764 0x128c TCPIP6 - ok
13:07:05.0764 0x128c [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:07:05.0764 0x128c tcpipreg - ok
13:07:05.0779 0x128c [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:07:05.0779 0x128c TDPIPE - ok
13:07:05.0779 0x128c [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:07:05.0795 0x128c TDTCP - ok
13:07:05.0795 0x128c [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:07:05.0811 0x128c tdx - ok
13:07:05.0811 0x128c [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
13:07:05.0811 0x128c TermDD - ok
13:07:05.0826 0x128c [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
13:07:05.0842 0x128c TermService - ok
13:07:05.0842 0x128c [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
13:07:05.0857 0x128c Themes - ok
13:07:05.0857 0x128c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
13:07:05.0889 0x128c THREADORDER - ok
13:07:05.0889 0x128c [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
13:07:05.0904 0x128c TrkWks - ok
13:07:05.0920 0x128c [ 325A512F98BEB97B1FFBE88927B8090D, 2A0C10516E3506D63290345DFAC98D5A623584767E034EBF652B9DBE6CF70547 ] trufos C:\Windows\system32\DRIVERS\trufos.sys
13:07:05.0935 0x128c trufos - ok
13:07:05.0935 0x128c [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:07:05.0967 0x128c TrustedInstaller - ok
13:07:05.0967 0x128c [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:07:05.0967 0x128c tssecsrv - ok
13:07:05.0982 0x128c [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
13:07:05.0982 0x128c TsUsbFlt - ok
13:07:05.0982 0x128c [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
13:07:05.0998 0x128c TsUsbGD - ok
13:07:05.0998 0x128c [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:07:06.0013 0x128c tunnel - ok
13:07:06.0029 0x128c [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
13:07:06.0029 0x128c uagp35 - ok
13:07:06.0029 0x128c [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:07:06.0060 0x128c udfs - ok
13:07:06.0060 0x128c [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:07:06.0076 0x128c UI0Detect - ok
13:07:06.0076 0x128c [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:07:06.0091 0x128c uliagpkx - ok
13:07:06.0091 0x128c [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
13:07:06.0091 0x128c umbus - ok
13:07:06.0091 0x128c [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
13:07:06.0107 0x128c UmPass - ok
13:07:06.0107 0x128c [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
13:07:06.0123 0x128c UmRdpService - ok
13:07:06.0138 0x128c [ 1E9A5658E0EBDBC381F52123363F74CB, 62CB592F32BCC10FC9C3AF44941CC473F2F62EEBF829CA383F118650451F8F7E ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
13:07:06.0154 0x128c UNS - ok
13:07:06.0154 0x128c [ 745B247DFB4C2466B382AE4B2062EB02, A391BFC9A2AD02D2A23112F16FF3CE8E291CAAA93F7C91FB2B2C1A8E1853DA5F ] UPDATESRV C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe
13:07:06.0169 0x128c UPDATESRV - ok
13:07:06.0185 0x128c [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
13:07:06.0201 0x128c upnphost - ok
13:07:06.0201 0x128c [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
13:07:06.0216 0x128c USBAAPL64 - ok
13:07:06.0216 0x128c [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
13:07:06.0232 0x128c usbccgp - ok
13:07:06.0232 0x128c [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
13:07:06.0247 0x128c usbcir - ok
13:07:06.0247 0x128c [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
13:07:06.0247 0x128c usbehci - ok
13:07:06.0263 0x128c [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:07:06.0279 0x128c usbhub - ok
13:07:06.0279 0x128c [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
13:07:06.0279 0x128c usbohci - ok
13:07:06.0279 0x128c [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
13:07:06.0294 0x128c usbprint - ok
13:07:06.0294 0x128c [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
13:07:06.0310 0x128c usbscan - ok
13:07:06.0310 0x128c [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:07:06.0325 0x128c USBSTOR - ok
13:07:06.0325 0x128c [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
13:07:06.0325 0x128c usbuhci - ok
13:07:06.0325 0x128c [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
13:07:06.0357 0x128c UxSms - ok
13:07:06.0357 0x128c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
13:07:06.0357 0x128c VaultSvc - ok
13:07:06.0372 0x128c [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
13:07:06.0372 0x128c vdrvroot - ok
13:07:06.0388 0x128c [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
13:07:06.0403 0x128c vds - ok
13:07:06.0419 0x128c [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:07:06.0419 0x128c vga - ok
13:07:06.0419 0x128c [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
13:07:06.0450 0x128c VgaSave - ok
13:07:06.0450 0x128c [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
13:07:06.0466 0x128c vhdmp - ok
13:07:06.0466 0x128c [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
13:07:06.0466 0x128c viaide - ok
13:07:06.0481 0x128c [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
13:07:06.0481 0x128c vmbus - ok
13:07:06.0481 0x128c [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
13:07:06.0497 0x128c VMBusHID - ok
13:07:06.0497 0x128c [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
13:07:06.0513 0x128c volmgr - ok
13:07:06.0513 0x128c [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:07:06.0528 0x128c volmgrx - ok
13:07:06.0528 0x128c [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
13:07:06.0544 0x128c volsnap - ok
13:07:06.0544 0x128c [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
13:07:06.0559 0x128c vsmraid - ok
13:07:06.0575 0x128c [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
13:07:06.0622 0x128c VSS - ok
13:07:06.0653 0x128c [ 53A2A86E95BEF00587A8A1DEA201FF69, 57118954C1D2FB6993BF2947A807ECA5B5C98FD92C3B73D4107D8445A1115ED2 ] VSSERV C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe
13:07:06.0684 0x128c VSSERV - ok
13:07:06.0684 0x128c [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
13:07:06.0700 0x128c vwifibus - ok
13:07:06.0700 0x128c [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
13:07:06.0731 0x128c W32Time - ok
13:07:06.0731 0x128c [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
13:07:06.0747 0x128c WacomPen - ok
13:07:06.0747 0x128c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
13:07:06.0762 0x128c WANARP - ok
13:07:06.0778 0x128c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:07:06.0793 0x128c Wanarpv6 - ok
13:07:06.0809 0x128c [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
13:07:06.0840 0x128c wbengine - ok
13:07:06.0856 0x128c [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
13:07:06.0871 0x128c WbioSrvc - ok
13:07:06.0871 0x128c [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:07:06.0887 0x128c wcncsvc - ok
13:07:06.0887 0x128c [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:07:06.0903 0x128c WcsPlugInService - ok
13:07:06.0903 0x128c [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
13:07:06.0918 0x128c Wd - ok
13:07:06.0918 0x128c [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:07:06.0949 0x128c Wdf01000 - ok
13:07:06.0949 0x128c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:07:06.0965 0x128c WdiServiceHost - ok
13:07:06.0965 0x128c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:07:06.0981 0x128c WdiSystemHost - ok
13:07:06.0981 0x128c [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
13:07:06.0996 0x128c WebClient - ok
13:07:06.0996 0x128c [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:07:07.0027 0x128c Wecsvc - ok
13:07:07.0027 0x128c [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:07:07.0043 0x128c wercplsupport - ok
13:07:07.0043 0x128c [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
13:07:07.0074 0x128c WerSvc - ok
13:07:07.0074 0x128c [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
13:07:07.0090 0x128c WfpLwf - ok
13:07:07.0090 0x128c [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
13:07:07.0105 0x128c WIMMount - ok
13:07:07.0105 0x128c WinDefend - ok
13:07:07.0105 0x128c WinHttpAutoProxySvc - ok
13:07:07.0121 0x128c [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:07:07.0137 0x128c Winmgmt - ok
13:07:07.0168 0x128c [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
13:07:07.0215 0x128c WinRM - ok
13:07:07.0215 0x128c [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
13:07:07.0230 0x128c WinUsb - ok
13:07:07.0246 0x128c [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
13:07:07.0261 0x128c Wlansvc - ok
13:07:07.0261 0x128c [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
13:07:07.0277 0x128c WmiAcpi - ok
13:07:07.0277 0x128c [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:07:07.0293 0x128c wmiApSrv - ok
13:07:07.0293 0x128c WMPNetworkSvc - ok
13:07:07.0293 0x128c [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:07:07.0308 0x128c WPCSvc - ok
13:07:07.0308 0x128c [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:07:07.0324 0x128c WPDBusEnum - ok
13:07:07.0324 0x128c [ 7CA09731EB7FC99B910C7F239E57720F, 502F8917A0811F37C39B2B3F5E9B4F38A0E899C30CB29D3ECD87A50FF228E536 ] WPRO_41_2001 C:\Windows\system32\drivers\WPRO_41_2001.sys
13:07:07.0324 0x128c WPRO_41_2001 - ok
13:07:07.0339 0x128c [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:07:07.0355 0x128c ws2ifsl - ok
13:07:07.0355 0x128c [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
13:07:07.0371 0x128c wscsvc - ok
13:07:07.0371 0x128c WSearch - ok
13:07:07.0417 0x128c [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
13:07:07.0449 0x128c wuauserv - ok
13:07:07.0464 0x128c [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:07:07.0464 0x128c WudfPf - ok
13:07:07.0464 0x128c [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:07:07.0480 0x128c WUDFRd - ok
13:07:07.0480 0x128c [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:07:07.0495 0x128c wudfsvc - ok
13:07:07.0495 0x128c [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
13:07:07.0511 0x128c WwanSvc - ok
13:07:07.0511 0x128c ================ Scan global ===============================
13:07:07.0511 0x128c [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
13:07:07.0527 0x128c [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
13:07:07.0527 0x128c [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
13:07:07.0527 0x128c [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
13:07:07.0542 0x128c [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
13:07:07.0542 0x128c [ Global ] - ok
13:07:07.0542 0x128c ================ Scan MBR ==================================
13:07:07.0542 0x128c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:07:07.0605 0x128c \Device\Harddisk0\DR0 - ok
13:07:07.0620 0x128c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
13:07:07.0636 0x128c \Device\Harddisk1\DR1 - ok
13:07:07.0636 0x128c ================ Scan VBR ==================================
13:07:07.0636 0x128c [ 9AC902210801241C6014F7DECD9F4123 ] \Device\Harddisk0\DR0\Partition1
13:07:07.0636 0x128c \Device\Harddisk0\DR0\Partition1 - ok
13:07:07.0636 0x128c [ 2D1C07D980A6C8F5A400BAAFF5B3C158 ] \Device\Harddisk0\DR0\Partition2
13:07:07.0636 0x128c \Device\Harddisk0\DR0\Partition2 - ok
13:07:07.0636 0x128c [ 6AB261E4D331AABA7DF4FF979BC30176 ] \Device\Harddisk0\DR0\Partition3
13:07:07.0636 0x128c \Device\Harddisk0\DR0\Partition3 - ok
13:07:07.0636 0x128c [ 6AA03CC068792D4DD3394ED0FB6BA289 ] \Device\Harddisk1\DR1\Partition1
13:07:07.0636 0x128c \Device\Harddisk1\DR1\Partition1 - ok
13:07:07.0651 0x128c [ DC1C43D6F06103D086733703E5830A86 ] \Device\Harddisk1\DR1\Partition2
13:07:07.0651 0x128c \Device\Harddisk1\DR1\Partition2 - ok
13:07:07.0651 0x128c ================ Scan generic autorun ======================
13:07:07.0667 0x128c [ 11D13705AEA930EFFFD56D63F1675D63, D2699B5180CC3C0365924F794FEE6997ED9441FBC677270E89CD392A2CAB872D ] C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe
13:07:07.0698 0x128c Bdagent - ok
13:07:07.0729 0x128c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
13:07:07.0745 0x128c Sidebar - ok
13:07:07.0761 0x128c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
13:07:07.0761 0x128c mctadmin - ok
13:07:07.0776 0x128c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
13:07:07.0807 0x128c Sidebar - ok
13:07:07.0807 0x128c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
13:07:07.0823 0x128c mctadmin - ok
13:07:07.0823 0x128c [ 55DCE1FF1490F1CE21A388AF96A57EE3, 6DA438C2646D3B1E7C9DDB2435D760844B94C82D2D6F373DCB06FB64A5A15DAA ] D:\AutoSizer.exe
13:07:07.0854 0x128c AutoSizer - detected UnsignedFile.Multi.Generic ( 1 )
13:07:10.0319 0x128c Detect skipped due to KSN trusted
13:07:10.0319 0x128c AutoSizer - ok
13:07:10.0319 0x128c Waiting for KSN requests completion. In queue: 48
13:07:11.0333 0x128c Waiting for KSN requests completion. In queue: 48
13:07:12.0347 0x128c Waiting for KSN requests completion. In queue: 48
13:07:13.0361 0x128c AV detected via SS2: Bitdefender Virenschutz, C:\Program Files\Bitdefender\Bitdefender 2013\wscfix.exe ( 16.34.0.1909 ), 0x41000 ( enabled : updated )
13:07:13.0361 0x128c FW detected via SS2: Bitdefender Firewall, C:\Program Files\Bitdefender\Bitdefender 2013\wscfix.exe ( 16.34.0.1909 ), 0x41010 ( enabled )
13:07:15.0810 0x128c ============================================================
13:07:15.0810 0x128c Scan finished
13:07:15.0810 0x128c ============================================================
13:07:15.0810 0x0684 Detected object count: 0
13:07:15.0810 0x0684 Actual detected object count: 0
|
|
21.01.2015, 15:08
| #4 |
| /// the machine /// TB-Ausbilder | Ungewöhnlicher datenverkehr aus ihrem netzwerk Sieht gut aus. Trenn mal den Router 30 min vom Strom.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
21.01.2015, 19:46
| #5 |
| | Ungewöhnlicher datenverkehr aus ihrem netzwerk Hallo Schrauber, das habe ich gemacht und werde abwarten, ob der Effekt nochmal auftritt. Vielen Dank für die Hilfe bisher. LG Rolf |
|
22.01.2015, 12:15
| #6 |
| | Ungewöhnlicher datenverkehr aus ihrem netzwerk Leider habe ich heute das gleiche Problem wieder. Habe die gezippte Gmer-Datei angehängt (war zu groß) Gruß Rolf |
|
22.01.2015, 17:39
| #7 |
| /// the machine /// TB-Ausbilder | Ungewöhnlicher datenverkehr aus ihrem netzwerk Melde dich mal dort über das Kontaktformular: https://support.google.com/websearch/answer/86640?hl=de
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Ungewöhnlicher datenverkehr aus ihrem netzwerk |
| ad-aware, adware, autorun, browser, böttcher, computer, ebay, firefox, flash player, google, helper, homepage, iexplore.exe, karte, launch, mozilla, netzwerk, nvbackend, problem, registry, revo uninstaller, rundll, scan, schutz, services.exe, software, svchost.exe, warnung, windows |
Linear-Darstellung
