| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Unerwarteter Traffic - up und downWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
04.08.2015, 22:08
| #1 |
 |  Unerwarteter Traffic - up und down Guten Abend hilfreiche Fachleute! Lange hatte ich ja Ruhe mit meinem System (und wohl Glück  ), aber jetzt macht mich was stutzig.In den meisten Fällen, und besonders auf mir nicht als sicher bekannten Seiten, surfe ich als eingeschränkter Benutzer. Ich habe unerwarteten Traffic festgestellt, auch wenn Browser etc. geschlossen waren - ca. 30-50kB/min. Ein Bekannter meinte, daß sei zuviel. Windows 7 Pro hat da auch keine Updates geholt, meines Wissens sonst auch kein Programm. Avira free hat nie angeschlagen. Ich habe dann mal Kaspersky Rescue durchlaufen lassen; hat nichts gefunden. Der Traffic lief weiter wie beschrieben. Dann habe ich sowohl AntiMalware (MalwareBytes) als auch SUPERAntiSpyware laufen lassen, es wurden in den persönlichen Einstellungen ganz tief in Apps/Microsoft Trackingcookies gefunden, genau wie in der Box von Sandboxie (zweifelhafte Downloads wie Spielelösungen etc. lasse ich immer in der Sandbox laufen). Habe ich alle löschen lassen. Zwei False-positives waren auch dabei, aber die konnte ich ausschliessen, da ich sie vor Jahren schon von Kauf-Cds habe; auch Onlinetests haben sie freigesprochen. Ich habe dann mal TCPView angeschmissen - da taucht eine IP-Adresse auf, die laut Whois-Abfrage zu einer Schule in den USA gehört... Und, obwohl der Browser geschlossen ist, auch welche von Amazon. Ist sowas eigentlich normal? Ich habe dann noch GlassWire installiert, da kann auch ich als Laie sehen, welches Programm Traffic macht (aber die Interpretation ist doch nicht so einfach wie erhofft). Komisch finde ich nur, daß da ein paar Verbindungen zu völlig unerwarteten Ländern dabei waren - Russland, Tschechien, Kanada, z.B. Nach all den Programmdurchläufen ist der Traffic zurückgegangen und zum Teil wieder wie erwartet, kaum Bewegung, wenn alle Programme inaktiv sind. Muß ich mir Sorgen machen? fragt, schon im Voraus dankend, Nervbert Mein System: Win 7 Pro SP1 32bit, alle Updates automatisch installiert Win-Firewall (nichts geändert) IE 11 und FF 39 (aktuell) Avira free (aktuell) Router W504V, Firmware 17.0 (gibt keine neuere), Firewall aktiv LAN-Anbindung |
|
05.08.2015, 05:43
| #2 |
| /// the machine /// TB-Ausbilder    | Unerwarteter Traffic - up und down hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
07.08.2015, 13:50
| #3 | |
| | FRST-Logs Hallo Schrauber,
__________________jetzt bin ich endlich dazu gekommen, FRST laufen zu lassen. Hier die Files: FRST.txt Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:06-08-2015
durchgeführt von Bigboss (Administrator) auf BIGBOSS-PC (06-08-2015 20:21:30)
Gestartet von D:\Downloads\__Hilfe
Geladene Profile: Bigboss (Verfügbare Profile: Bigboss & Surfer)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(SUPERAntiSpyware.com) D:\Programme\SUPERAntiSpyware\SASCore.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\spd.exe
(Foxit Software Inc.) C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(SecureMix LLC) D:\Programme\GlassWire\GWCtlSrv.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(VMware, Inc.) C:\Windows\System32\vmnat.exe
(VMware, Inc.) C:\Windows\System32\vmnetdhcp.exe
(VMware, Inc.) C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(VMware, Inc.) D:\Programme\VMWarePlayer\vmware-authd.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(FNet Co., Ltd.) C:\Program Files\XFastUSB\XFastUsb.exe
(cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\cfosspeed.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD.EXE
(Microsoft Corporation) C:\Windows\System32\CompatTel\wicainventory.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(SecureMix LLC) D:\Programme\GlassWire\GWIdlMon.exe
==================== Registry (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [USB3MON] => C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM\...\Run: [XFastUSB] => C:\Program Files\XFastUSB\XFastUsb.exe [6311104 2014-03-29] (FNet Co., Ltd.)
HKLM\...\Run: [XFast LAN] => C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe [1546080 2013-05-31] (cFos Software GmbH)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [782008 2015-07-23] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12000984 2013-07-26] (Realtek Semiconductor)
HKLM\...\Run: [NeroFilterCheck] => C:\Windows\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-24] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [412264 2015-01-10] ()
HKLM\...\Run: [HotKeysCmds] => "C:\Windows\system32\hkcmd.exe"
HKLM\...\Run: [Persistence] => "C:\Windows\system32\igfxpers.exe"
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\Launcher\Avira.Systray.exe [134368 2015-07-02] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2014-03-31] (Microsoft Corporation)
GroupPolicyScripts: Gruppenrichtline erkannt <======= ACHTUNG
GroupPolicyScripts\User: Gruppenrichtline erkannt <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
HKU\S-1-5-21-2005339768-4040350731-2661024586-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2005339768-4040350731-2661024586-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-05-14] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-14] (Oracle Corporation)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{4E7DA4F7-1A70-4A16-B48B-362188FCAA3D}: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Bigboss\AppData\Roaming\Mozilla\Firefox\Profiles\wcip4x18.BigBoss
FF Homepage: about:blank
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-19] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1214154.dll [2014-11-26] (Adobe Systems, Inc.)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-09-11] (Foxit Corporation)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-14] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-14] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Extension: Flashblock - C:\Users\Bigboss\AppData\Roaming\Mozilla\Firefox\Profiles\wcip4x18.BigBoss\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2015-06-12]
FF Extension: FEBE - C:\Users\Bigboss\AppData\Roaming\Mozilla\Firefox\Profiles\wcip4x18.BigBoss\Extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} [2015-06-12]
FF Extension: Classic Theme Restorer (Customize UI) - C:\Users\Bigboss\AppData\Roaming\Mozilla\Firefox\Profiles\wcip4x18.BigBoss\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2014-10-11]
FF Extension: FlashStopper - C:\Users\Bigboss\AppData\Roaming\Mozilla\Firefox\Profiles\wcip4x18.BigBoss\Extensions\flashstopper@byo.co.il.xpi [2015-01-18]
FF Extension: Video DownloadHelper - C:\Users\Bigboss\AppData\Roaming\Mozilla\Firefox\Profiles\wcip4x18.BigBoss\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-03-16]
FF Extension: Adblock Plus - C:\Users\Bigboss\AppData\Roaming\Mozilla\Firefox\Profiles\wcip4x18.BigBoss\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-30]
FF Extension: Extended Statusbar - C:\Users\Bigboss\AppData\Roaming\Mozilla\Firefox\Profiles\wcip4x18.BigBoss\Extensions\{daf44bf7-a45e-4450-979c-91cf07434c3d}.xpi [2014-03-30]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 !SASCORE; D:\Programme\SUPERAntiSpyware\SASCORE.EXE [142648 2014-07-23] (SUPERAntiSpyware.com)
S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc7.exe [887128 2015-07-23] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [461672 2015-07-23] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [461672 2015-07-23] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [1213072 2015-07-23] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [218816 2015-07-02] (Avira Operations GmbH & Co. KG)
R2 cFosSpeedS; C:\Program Files\ASRock\XFast LAN\spd.exe [550240 2013-05-31] (cFos Software GmbH)
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [279144 2015-01-10] (Intel Corporation)
R2 FoxitCloudUpdateService; C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [244392 2015-06-02] (Foxit Software Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [919184 2015-06-24] (NVIDIA Corporation)
R2 GlassWire; D:\Programme\GlassWire\GWCtlSrv.exe [7438880 2015-07-30] (SecureMix LLC)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [291432 2015-01-10] (Intel Corporation)
R2 Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [129792 2013-07-08] (Intel Corporation)
S2 MBAMService; D:\Programme\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1868432 2015-06-24] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [20694160 2015-06-24] (NVIDIA Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe [167640 2013-06-18] (Realtek Semiconductor)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [131272 2014-01-17] (Sandboxie Holdings, LLC)
S3 Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [838336 2015-07-24] (Valve Corporation) [Datei ist nicht signiert]
R2 VMAuthdService; D:\Programme\VMWarePlayer\vmware-authd.exe [86744 2014-06-12] (VMware, Inc.)
R2 VMnetDHCP; C:\Windows\system32\vmnetdhcp.exe [359128 2014-06-12] (VMware, Inc.)
R2 VMUSBArbService; C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe [722624 2014-02-27] (VMware, Inc.)
R2 VMware NAT Service; C:\Windows\system32\vmnat.exe [437976 2014-06-12] (VMware, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108448 2015-07-23] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136728 2015-07-23] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37896 2015-05-07] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [37896 2015-03-10] (Avira Operations GmbH & Co. KG)
R1 cFosSpeed; C:\Windows\System32\DRIVERS\cfosspeed6.sys [1284960 2013-05-31] (cFos Software GmbH)
S3 e1dexpress; C:\Windows\System32\DRIVERS\e1d6232.sys [367880 2013-05-30] (Intel Corporation)
S3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [29760 2015-08-03] (FNet Co., Ltd.)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [16136 2014-03-29] (FNet Co., Ltd.)
R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] () [Datei ist nicht signiert]
R1 gwdrv; C:\Windows\System32\DRIVERS\gwdrv.sys [27568 2015-05-29] (SecureMix LLC)
R2 hcmon; C:\Windows\system32\drivers\hcmon.sys [43840 2014-02-27] (VMware, Inc.)
R0 iusb3hcs; C:\Windows\System32\DRIVERS\iusb3hcs.sys [16880 2013-04-26] (Intel Corporation)
R3 iusb3hub; C:\Windows\System32\DRIVERS\iusb3hub.sys [361968 2013-04-26] (Intel Corporation)
R3 iusb3xhc; C:\Windows\System32\DRIVERS\iusb3xhc.sys [793072 2013-04-26] (Intel Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-06-18] (Malwarebytes Corporation)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [56432 2013-01-11] (Intel Corporation)
R1 networx; C:\Windows\System32\drivers\networx.sys [56128 2015-03-17] (NetFilterSDK.com)
S3 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18576 2015-06-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [41648 2015-05-19] (NVIDIA Corporation)
S3 S6U12Scanner; C:\Windows\System32\drivers\usbscan.sys [36352 2013-07-03] (Microsoft Corporation)
R1 SASDIFSV; D:\Programme\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; D:\Programme\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [161888 2014-01-17] (Sandboxie Holdings, LLC)
R0 speedfan; C:\Windows\System32\speedfan.sys [24184 2012-12-29] (Almico Software)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [31848 2015-06-11] (Avira Operations GmbH & Co. KG)
R3 vmkbd2; C:\Windows\system32\drivers\VMkbd.sys [26456 2014-06-12] (VMware, Inc.)
R3 VMnetAdapter; C:\Windows\System32\DRIVERS\vmnetadapter.sys [17104 2014-06-12] (VMware, Inc.)
R2 VMnetBridge; C:\Windows\System32\DRIVERS\vmnetbridge.sys [37456 2014-06-12] (VMware, Inc.)
R2 VMnetuserif; C:\Windows\system32\drivers\vmnetuserif.sys [26968 2014-06-12] (VMware, Inc.)
R2 VMparport; C:\Windows\system32\Drivers\VMparport.sys [24920 2014-06-12] (VMware, Inc.)
R2 vmx86; C:\Windows\system32\Drivers\vmx86.sys [66136 2014-06-12] (VMware, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [63824 2013-10-08] (VMware, Inc.)
S3 AsrSetupDrv; \??\C:\Windows\system32\Drivers\AsrSetupDrv.sys [X]
S3 cpuz135; \??\C:\Users\Bigboss\AppData\Local\Temp\cpuz135\cpuz135_x32.sys [X]
S3 MSICDSetup; \??\Z:\CDriver.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-06 20:21 - 2015-08-06 20:21 - 00000000 ____D C:\FRST
2015-08-04 18:56 - 2015-08-04 18:56 - 00001039 _____ C:\Users\Surfer\Desktop\GlassWire.exe - Verknüpfung.lnk
2015-08-04 18:50 - 2015-08-04 18:50 - 00000000 ____D C:\Users\Surfer\AppData\Roaming\SUPERAntiSpyware.com
2015-08-04 18:28 - 2015-08-04 18:28 - 00000000 ____D C:\Users\Surfer\AppData\Local\GlassWire
2015-08-04 09:08 - 2015-08-04 09:08 - 00098520 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-04 09:08 - 2015-08-04 09:08 - 00000737 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-08-04 09:08 - 2015-08-04 09:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-08-04 09:08 - 2015-08-04 09:08 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-04 09:08 - 2015-06-18 08:41 - 00094936 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-08-04 09:08 - 2015-06-18 08:41 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-08-04 09:08 - 2015-06-18 08:41 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-08-04 09:07 - 2015-08-04 09:07 - 00000000 ____D C:\Users\Bigboss\AppData\Roaming\SUPERAntiSpyware.com
2015-08-04 09:06 - 2015-08-04 09:06 - 00000836 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2015-08-04 09:06 - 2015-08-04 09:06 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2015-08-04 09:06 - 2015-08-04 09:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2015-08-03 20:16 - 2015-08-03 20:16 - 00000750 _____ C:\Users\Bigboss\Desktop\GlassWire.lnk
2015-08-03 20:16 - 2015-08-03 20:16 - 00000000 ____D C:\Users\Bigboss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GlassWire
2015-08-03 20:16 - 2015-08-03 20:16 - 00000000 ____D C:\Users\Bigboss\AppData\Local\GlassWire
2015-08-03 20:15 - 2015-08-03 20:15 - 00000000 ____D C:\ProgramData\GlassWire
2015-08-03 20:15 - 2015-05-29 06:30 - 00008657 _____ C:\Windows\system32\Drivers\gwdrv.cat
2015-08-03 20:15 - 2015-05-29 06:15 - 00027568 _____ (SecureMix LLC) C:\Windows\system32\Drivers\gwdrv.sys
2015-08-02 17:38 - 2015-08-02 17:38 - 00001976 _____ C:\Users\Surfer\Desktop\Avira Antivirus starten.lnk
2015-08-02 13:00 - 2015-08-02 13:40 - 00000000 ____D C:\Users\Bigboss\AppData\Roaming\Wireshark
2015-08-02 12:51 - 2015-08-02 12:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2015-08-02 12:51 - 2015-08-02 12:51 - 00000000 ____D C:\Program Files\WinPcap
2015-08-02 12:50 - 2015-08-02 12:50 - 00000633 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk
2015-08-02 12:09 - 2015-08-02 12:09 - 00000000 ____D C:\ProgramData\SoftPerfect
2015-08-02 12:09 - 2015-08-02 12:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetWorx
2015-08-02 12:09 - 2015-03-17 14:00 - 00056128 _____ (NetFilterSDK.com) C:\Windows\system32\Drivers\networx.sys
2015-07-31 20:50 - 2015-07-31 20:50 - 00000000 ____D C:\Users\Surfer\AppData\Local\CEF
2015-07-28 20:16 - 2015-07-25 19:51 - 00015808 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-28 20:16 - 2015-07-25 19:47 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-28 20:16 - 2015-07-25 19:47 - 00587264 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-28 20:16 - 2015-07-25 19:46 - 00924160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-28 20:16 - 2015-07-25 19:46 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-28 20:16 - 2015-07-25 19:46 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-28 20:16 - 2015-07-25 19:46 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-28 20:16 - 2015-07-25 19:40 - 00932864 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-27 21:52 - 2015-07-27 22:10 - 00000000 ____D C:\Users\Bigboss\dwhelper
2015-07-24 22:34 - 2015-05-09 20:09 - 00715200 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-07-24 22:34 - 2015-03-14 05:04 - 01372160 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-07-24 22:34 - 2015-03-14 05:04 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-07-20 23:18 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-20 23:18 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-20 23:18 - 2015-07-15 04:55 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-20 23:18 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-20 23:18 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-19 12:24 - 2015-07-19 12:25 - 00000000 ____D C:\Users\Surfer\AppData\Local\Adobe
2015-07-18 10:34 - 2015-07-18 10:34 - 00000000 ____D C:\Users\Surfer\Desktop\Old Firefox Data
2015-07-18 00:35 - 2015-07-18 10:40 - 00001151 _____ C:\Users\Surfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2015-07-18 00:35 - 2015-07-18 10:40 - 00001121 _____ C:\Users\Surfer\Desktop\Start Tor Browser.lnk
2015-07-18 00:35 - 2015-07-18 00:35 - 00000000 ____D C:\Users\Surfer\TOR-Browser
2015-07-15 22:04 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 22:04 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-15 22:04 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 22:04 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 22:04 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 22:04 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 22:04 - 2015-06-25 10:46 - 02383872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 22:04 - 2015-06-11 19:57 - 06131200 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-07-15 22:04 - 2015-06-11 19:57 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-07-15 22:04 - 2015-06-11 19:57 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-07-15 22:04 - 2015-06-11 17:20 - 00355840 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-07-15 22:03 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 22:03 - 2015-07-01 22:46 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 22:03 - 2015-07-01 22:46 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-15 22:03 - 2015-07-01 22:30 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 22:03 - 2015-07-01 22:30 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 22:03 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 22:03 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 22:03 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-15 22:03 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-15 22:03 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-15 22:03 - 2015-07-01 22:30 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-15 22:03 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-15 22:03 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-15 22:03 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-15 22:03 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-15 22:03 - 2015-07-01 22:30 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-15 22:03 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-15 22:03 - 2015-07-01 22:29 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-15 22:03 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-15 22:03 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-15 22:03 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-15 22:03 - 2015-07-01 21:18 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 22:03 - 2015-07-01 21:18 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 22:03 - 2015-07-01 21:18 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 22:03 - 2015-06-17 19:39 - 00305664 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 22:03 - 2015-06-15 23:47 - 00101824 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-15 22:03 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 22:03 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 22:03 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-15 22:03 - 2015-06-15 23:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-15 22:03 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 22:03 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-15 22:02 - 2015-07-09 19:43 - 02943488 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 22:02 - 2015-07-09 19:43 - 02057216 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 22:02 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 22:02 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 22:02 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 22:02 - 2015-07-09 19:43 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 22:02 - 2015-07-09 19:43 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 22:02 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 22:02 - 2015-07-09 19:42 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 22:02 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 22:02 - 2015-07-09 19:42 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 22:02 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-15 22:02 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 22:02 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-15 22:02 - 2015-06-19 20:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 22:02 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 22:02 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-15 22:02 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-15 22:02 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-15 22:02 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 22:02 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-15 22:02 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-15 22:02 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 22:02 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-15 22:02 - 2015-06-19 20:13 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-15 22:02 - 2015-06-19 20:06 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 22:02 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-15 22:02 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 22:02 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 22:02 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 22:02 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 22:02 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 22:02 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 22:02 - 2015-06-19 19:40 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-15 22:02 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-15 22:02 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 22:02 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 22:02 - 2015-06-09 21:35 - 02745856 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-07-15 22:02 - 2015-06-09 21:35 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-07-15 22:02 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-15 22:02 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-15 22:02 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-15 22:02 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-15 22:02 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-06 20:18 - 2014-03-30 20:31 - 02015815 _____ C:\Windows\WindowsUpdate.log
2015-08-06 20:14 - 2014-04-08 18:16 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-06 20:14 - 2014-04-02 18:18 - 00000000 ____D C:\ProgramData\VMware
2015-08-06 20:14 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-06 20:14 - 2009-07-14 06:39 - 00183981 _____ C:\Windows\setupact.log
2015-08-05 00:10 - 2014-03-30 23:17 - 00000000 ____D C:\Users\Bigboss\AppData\Roaming\vlc
2015-08-04 23:30 - 2014-03-30 01:15 - 00000000 _____ C:\Users\Bigboss\AppData\Roaming\FileOut.cns
2015-08-04 23:30 - 2014-03-30 01:15 - 00000000 _____ C:\Users\Bigboss\AppData\Roaming\FileIn.cns
2015-08-04 23:28 - 2009-07-14 06:34 - 00026128 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-04 23:28 - 2009-07-14 06:34 - 00026128 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-04 18:23 - 2014-03-30 14:59 - 00002628 _____ C:\Windows\Sandboxie.ini
2015-08-04 18:11 - 2014-03-29 21:16 - 00335940 _____ C:\Windows\PFRO.log
2015-08-04 18:11 - 2009-07-14 06:53 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-08-03 20:14 - 2014-03-29 18:23 - 00029760 _____ (FNet Co., Ltd.) C:\Windows\system32\Drivers\FNETTBOH_305.SYS
2015-08-01 14:50 - 2014-03-30 23:41 - 00000000 ____D C:\Users\Surfer\AppData\Roaming\vlc
2015-07-31 20:51 - 2014-03-30 16:20 - 00000000 ____D C:\Program Files\Steam
2015-07-31 20:50 - 2014-03-30 16:20 - 00000000 ____D C:\Program Files\Common Files\Steam
2015-07-31 00:21 - 2014-04-20 23:49 - 00000000 ____D C:\Users\Surfer\AppData\Local\VMware
2015-07-30 23:41 - 2014-03-29 20:54 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-30 23:41 - 2014-03-29 20:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-07-30 23:03 - 2014-04-20 23:48 - 00000000 ____D C:\Users\Surfer\AppData\Roaming\VMware
2015-07-29 00:22 - 2014-05-08 00:10 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-27 22:44 - 2009-07-14 06:52 - 00000000 ____D C:\Windows\system32\FxsTmp
2015-07-27 21:52 - 2014-03-29 18:04 - 00000000 ____D C:\Users\Bigboss
2015-07-27 00:23 - 2014-03-30 15:12 - 00000000 ____D C:\Program Files\SpeedFan
2015-07-25 10:22 - 2015-06-12 14:31 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-24 22:30 - 2014-04-01 23:06 - 00000000 ____D C:\Users\Bigboss\AppData\Local\Microsoft Games
2015-07-23 20:59 - 2014-03-29 20:55 - 00136728 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-07-23 20:59 - 2014-03-29 20:55 - 00108448 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-07-23 19:59 - 2015-03-21 14:10 - 00000000 ____D C:\Users\Surfer\dwhelper
2015-07-23 19:46 - 2015-05-31 22:57 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-07-21 18:22 - 2009-07-14 06:33 - 00377648 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-19 17:02 - 2014-10-11 17:13 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-07-19 12:28 - 2014-03-29 18:23 - 00001121 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-07-19 12:28 - 2014-03-29 18:23 - 00001109 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-07-19 12:25 - 2014-03-29 23:33 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-07-19 12:25 - 2014-03-29 23:33 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-07-19 12:24 - 2014-10-19 13:01 - 00000000 ____D C:\Users\Bigboss\AppData\Local\Adobe
2015-07-18 00:35 - 2014-03-29 20:08 - 00000000 ____D C:\Users\Surfer
2015-07-17 22:57 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2015-07-17 22:05 - 2014-12-12 16:37 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-17 22:05 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE
2015-07-15 02:10 - 2014-03-29 19:36 - 00000000 ____D C:\Windows\system32\MRT
2015-07-15 02:07 - 2014-03-30 12:53 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-11 13:55 - 2014-12-14 15:41 - 00000000 __SHD C:\Users\Surfer\AppData\Local\EmieBrowserModeList
2015-07-11 13:55 - 2014-05-02 18:26 - 00000000 __SHD C:\Users\Surfer\AppData\Local\EmieUserList
2015-07-11 13:55 - 2014-05-02 18:26 - 00000000 __SHD C:\Users\Surfer\AppData\Local\EmieSiteList
2015-07-07 00:04 - 2014-04-02 18:19 - 00000000 ____D C:\Users\Bigboss\AppData\Roaming\VMware
2015-07-07 00:04 - 2014-04-02 18:19 - 00000000 ____D C:\Users\Bigboss\AppData\Local\VMware
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-03-30 01:15 - 2015-08-04 23:30 - 0000000 _____ () C:\Users\Bigboss\AppData\Roaming\FileIn.cns
2014-03-30 01:15 - 2015-08-04 23:30 - 0000000 _____ () C:\Users\Bigboss\AppData\Roaming\FileOut.cns
2014-04-08 18:04 - 2015-03-05 22:58 - 0007604 _____ () C:\Users\Bigboss\AppData\Local\resmon.resmoncfg
Einige Dateien in TEMP:
====================
C:\Users\Bigboss\AppData\Local\Temp\avgnt.exe
C:\Users\Bigboss\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\Bigboss\AppData\Local\Temp\Foxit Updater.exe
C:\Users\Bigboss\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Bigboss\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Bigboss\AppData\Local\Temp\jre-8u45-windows-au.exe
C:\Users\Bigboss\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\Bigboss\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Bigboss\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Bigboss\AppData\Local\Temp\nvStInst.exe
C:\Users\Bigboss\AppData\Local\Temp\ose00000.exe
C:\Users\Bigboss\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Bigboss\AppData\Local\Temp\sfamcc00002.dll
C:\Users\Surfer\AppData\Local\Temp\avgnt.exe
C:\Users\Surfer\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\Surfer\AppData\Local\Temp\SandboxieInstall.exe
==================== Bamital & volsnap Check =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-08-02 12:02
==================== Ende vom log ============================
Code:
ATTFilter Addition.txt
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:06-08-2015
durchgeführt von Bigboss (2015-08-06 20:21:51)
Gestartet von D:\Downloads\__Hilfe
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2005339768-4040350731-2661024586-500 - Administrator - Disabled)
Bigboss (S-1-5-21-2005339768-4040350731-2661024586-1000 - Administrator - Enabled) => C:\Users\Bigboss
Gast (S-1-5-21-2005339768-4040350731-2661024586-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-2005339768-4040350731-2661024586-1009 - Limited - Enabled)
Surfer (S-1-5-21-2005339768-4040350731-2661024586-1003 - Limited - Enabled) => C:\Users\Surfer
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
2007 Microsoft Office Suite Service Pack 3 (SP3) (Version: - Microsoft) Hidden
AceIt v1.3.1 (HKLM\...\AceIt_is1) (Version: - Scott M. Miller)
Adobe Flash Player 18 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.4.154 - Adobe Systems, Inc.)
Avira (HKLM\...\{a5e00a72-db4a-4f77-8874-d1265b8fcd7e}) (Version: 1.1.42.10415 - Avira Operations GmbH & Co. KG)
Avira (Version: 1.1.42.10415 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.12.408 - Avira Operations GmbH & Co. KG)
calibre (HKLM\...\{8511CE6E-F12F-4539-B19E-62B9C43B5B34}) (Version: 1.47.0 - Kovid Goyal)
ConBuilder (HKLM\...\ConBuilder) (Version: 2.02.0009 - WeiRuan)
D-Fend Reloaded 1.4.1 (deinstallieren) (HKLM\...\D-Fend Reloaded) (Version: 1.4.1 - Alexander Herzog)
Dungeon Keeper 2 (HKLM\...\Dungeon Keeper II) (Version: - )
FlatOut2 (HKLM\...\{7E641E46-81DB-4D1D-906A-48342523051C}) (Version: 1.00.0000 - Ihr Firmenname)
Foxit Cloud (HKLM\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 3.5.116.602 - Foxit Software Inc.)
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 7.0.8.1216 - Foxit Software Inc.)
GameRanger (HKU\S-1-5-21-2005339768-4040350731-2661024586-1000\...\GameRanger) (Version: - GameRanger Technologies)
GlassWire 1.1 (remove only) (HKLM\...\GlassWire 1.1) (Version: 1.1.21 - SecureMix LLC)
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Network Connections 18.5.54.0 (HKLM\...\PROSetDX) (Version: 18.5.54.0 - Intel)
Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4080 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Intel® Driver Update Utility (HKLM\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Java 8 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Legend of Grimrock (HKLM\...\Steam App 207170) (Version: - Almost Human Games)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Train Simulator (HKLM\...\Train Simulator 1.0) (Version: - )
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Mozilla Firefox 39.0 (x86 de) (HKLM\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 39.0 - Mozilla)
MSTS Patch 1.8.0521 EN (HKLM\...\{587A2120-41D3-11DB-3D6C-00E19E4D4AE1}) (Version: 1.8.052113 - George)
MSTS Track Viewer v0.98 (HKLM\...\MSTS Track Viewer v0.98) (Version: - )
MUSTEK 1200 CU v2.0a (HKLM\...\MUSTEK 1200 CU v2.0a) (Version: - )
Nero BurnRights (HKLM\...\Nero BurnRights!UninstallKey) (Version: - )
Nero OEM (HKLM\...\Nero - Burning Rom!UninstallKey) (Version: - )
NetWorx 5.3.5 (HKLM\...\NetWorx_is1) (Version: - Softperfect Research)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.30 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.5.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.57 - NVIDIA Corporation)
NVIDIA Grafiktreiber 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.30 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Pegasus Mail (HKLM\...\Pegasus Mail) (Version: - David Harris)
Pegasus Mail HTML Renderer 2.4.9.2 (HKLM\...\{A9F5E1E1-1281-4862-90B4-6CF8E6AF83CE}_is1) (Version: - Micha's Midnight Manufacture)
Pegasus Mail v4.7 Release 1, Build 546 (Deutsche Komplettversio (HKLM\...\Pegasus Mail, Deutsche Komplettversion_is1) (Version: - Sven Henze)
Phase 5 HTML-Editor (HKLM\...\{20B1B020-DEAE-48D1-9960-D4C3185D758B}) (Version: 5.6.2.3 - Systemberatung Schommer)
PhotoScape (HKLM\...\PhotoScape) (Version: - )
Piraten (HKLM\...\Piraten_is1) (Version: - )
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.)
Return to Castle Wolfenstein (HKLM\...\Return to Castle Wolfenstein) (Version: 1.0 - Activision, Inc.)
Route_Riter v7.5 (HKU\S-1-5-21-2005339768-4040350731-2661024586-1000\...\Route_Riter v7.5) (Version: - )
Sandboxie 4.08 (32-bit) (HKLM\...\Sandboxie) (Version: 4.08 - Sandboxie Holdings, LLC)
Shape Viewer (HKLM\...\{88DA244E-4CEA-49E4-AD6A-301B65131E25}) (Version: 2.2.0.237 - )
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.57 - NVIDIA Corporation) Hidden
Silent Hunter III (HKLM\...\InstallShield_{9720C029-0C2C-4D1E-9DE0-E89971C4C8C7}) (Version: 1.4.0000 - Ubisoft)
Silent Hunter III (Version: 1.4.0000 - Ubisoft) Hidden
Sniper Elite (HKLM\...\{A979B2D8-E3EE-4523-A26C-4AF0A6809280}) (Version: - )
Sniper Elite 3 (HKLM\...\Steam App 238090) (Version: - Rebellion)
Sniper Elite V2 (HKLM\...\Steam App 63380) (Version: - Rebellion)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version: - )
Steam (HKLM\...\Steam) (Version: - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1204 - SUPERAntiSpyware.com)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TGATool2A version 4.00.34 (HKLM\...\TGATool2A_is1) (Version: - Martin Wright)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd) (Version: 8.51a - Ghisler Software GmbH)
Train Store V3.2 (HKLM\...\Train Store V3.2) (Version: - )
TrueCrypt (HKLM\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Ulead Drop Spot 1.0 (HKLM\...\{3BCC5640-5360-11D4-A44A-0000E86D2305}) (Version: - )
Ulead PhotoImpact 7 (HKLM\...\{7B7D1750-582F-11D5-BEAF-0010B5557565}) (Version: - Ulead System)
Unreal Tournament G.O.T.Y. Edition (HKLM\...\UnrealTournament) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISER_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISER_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISER_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISER_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VC_CRT_x86 (Version: 1.02.0000 - Intel Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VMware Player (HKLM\...\VMware_Player) (Version: 6.0.3 - VMware, Inc)
VMware Player (Version: 6.0.3 - VMware, Inc.) Hidden
Vol.14 - Höllentalbahn 2000 - Demoversion (HKLM\...\Vol.14 - Höllentalbahn 2000 - Demoversion) (Version: - )
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Mobile-Gerätecenter (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
Wireshark 1.12.6 (32-bit) (HKLM\...\Wireshark) (Version: 1.12.6 - The Wireshark developer community, hxxp://www.wireshark.org)
XFast LAN v9.05 (HKLM\...\XFast LAN) (Version: 9.05 - cFos Software GmbH, Bonn)
XFastUSB (HKLM\...\XFastUSB) (Version: 3.02.38 - ASRock Inc.)
Zip Motion Block Video codec (Remove Only) (HKLM\...\ZMBV) (Version: - DOSBox Team)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2005339768-4040350731-2661024586-1000_Classes\CLSID\{0002E005-0000-0000-C000-000000000046}\InprocServer32 -> kein dateipfad
CustomCLSID: HKU\S-1-5-21-2005339768-4040350731-2661024586-1000_Classes\CLSID\{1EFB6596-857C-11D1-B16A-00C0F0283628}\InprocServer32 -> kein dateipfad
CustomCLSID: HKU\S-1-5-21-2005339768-4040350731-2661024586-1000_Classes\CLSID\{2C247F23-8591-11D1-B16A-00C0F0283628}\InprocServer32 -> kein dateipfad
CustomCLSID: HKU\S-1-5-21-2005339768-4040350731-2661024586-1000_Classes\CLSID\{35053A22-8589-11D1-B16A-00C0F0283628}\InprocServer32 -> kein dateipfad
CustomCLSID: HKU\S-1-5-21-2005339768-4040350731-2661024586-1000_Classes\CLSID\{66833FE6-8583-11D1-B16A-00C0F0283628}\InprocServer32 -> kein dateipfad
CustomCLSID: HKU\S-1-5-21-2005339768-4040350731-2661024586-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2005339768-4040350731-2661024586-1000_Classes\CLSID\{8E3867A3-8586-11D1-B16A-00C0F0283628}\InprocServer32 -> kein dateipfad
CustomCLSID: HKU\S-1-5-21-2005339768-4040350731-2661024586-1000_Classes\CLSID\{BDD1F04B-858B-11D1-B16A-00C0F0283628}\InprocServer32 -> kein dateipfad
CustomCLSID: HKU\S-1-5-21-2005339768-4040350731-2661024586-1000_Classes\CLSID\{C27CCE32-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> kein dateipfad
CustomCLSID: HKU\S-1-5-21-2005339768-4040350731-2661024586-1000_Classes\CLSID\{C27CCE33-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> kein dateipfad
CustomCLSID: HKU\S-1-5-21-2005339768-4040350731-2661024586-1000_Classes\CLSID\{C27CCE34-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> kein dateipfad
CustomCLSID: HKU\S-1-5-21-2005339768-4040350731-2661024586-1000_Classes\CLSID\{C27CCE35-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> kein dateipfad
CustomCLSID: HKU\S-1-5-21-2005339768-4040350731-2661024586-1000_Classes\CLSID\{C27CCE36-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> kein dateipfad
CustomCLSID: HKU\S-1-5-21-2005339768-4040350731-2661024586-1000_Classes\CLSID\{C27CCE37-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> kein dateipfad
CustomCLSID: HKU\S-1-5-21-2005339768-4040350731-2661024586-1000_Classes\CLSID\{C27CCE38-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> kein dateipfad
CustomCLSID: HKU\S-1-5-21-2005339768-4040350731-2661024586-1000_Classes\CLSID\{C27CCE39-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> kein dateipfad
CustomCLSID: HKU\S-1-5-21-2005339768-4040350731-2661024586-1000_Classes\CLSID\{C27CCE3A-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> kein dateipfad
CustomCLSID: HKU\S-1-5-21-2005339768-4040350731-2661024586-1000_Classes\CLSID\{C27CCE3B-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> kein dateipfad
CustomCLSID: HKU\S-1-5-21-2005339768-4040350731-2661024586-1000_Classes\CLSID\{C27CCE3C-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> kein dateipfad
CustomCLSID: HKU\S-1-5-21-2005339768-4040350731-2661024586-1000_Classes\CLSID\{C27CCE3D-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> kein dateipfad
CustomCLSID: HKU\S-1-5-21-2005339768-4040350731-2661024586-1000_Classes\CLSID\{C27CCE3E-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> kein dateipfad
CustomCLSID: HKU\S-1-5-21-2005339768-4040350731-2661024586-1000_Classes\CLSID\{C27CCE3F-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> kein dateipfad
CustomCLSID: HKU\S-1-5-21-2005339768-4040350731-2661024586-1000_Classes\CLSID\{C27CCE40-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> kein dateipfad
CustomCLSID: HKU\S-1-5-21-2005339768-4040350731-2661024586-1000_Classes\CLSID\{C27CCE41-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> kein dateipfad
CustomCLSID: HKU\S-1-5-21-2005339768-4040350731-2661024586-1000_Classes\CLSID\{C27CCE42-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> kein dateipfad
CustomCLSID: HKU\S-1-5-21-2005339768-4040350731-2661024586-1000_Classes\CLSID\{C74190B6-8589-11D1-B16A-00C0F0283628}\InprocServer32 -> kein dateipfad
CustomCLSID: HKU\S-1-5-21-2005339768-4040350731-2661024586-1000_Classes\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InprocServer32 -> kein dateipfad
CustomCLSID: HKU\S-1-5-21-2005339768-4040350731-2661024586-1000_Classes\CLSID\{DD9DA666-8594-11D1-B16A-00C0F0283628}\InprocServer32 -> kein dateipfad
CustomCLSID: HKU\S-1-5-21-2005339768-4040350731-2661024586-1000_Classes\CLSID\{F08DF954-8592-11D1-B16A-00C0F0283628}\InprocServer32 -> kein dateipfad
==================== Wiederherstellungspunkte =========================
23-07-2015 19:46:30 Installed Windows Media Player Firefox Plugin
24-07-2015 22:34:48 Windows Update
29-07-2015 00:21:53 Windows Update
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {034385E7-47DC-45B3-A314-A03C8301BB0B} - System32\Tasks\{173E2665-4DA2-4654-BF39-CCD0216676DB} => Z:\FrameworkCheck.exe
Task: {2183AC1B-ABEF-4BC9-9448-C7934295666E} - System32\Tasks\{C16EF85F-B21D-47F2-93A5-43DF64FAC64C} => Z:\SH3Autorun.exe
Task: {95F53955-3F93-4CDB-811B-3448A7968E13} - System32\Tasks\{09349E89-F719-4B0F-A66C-E210F0DEFF29} => Z:\FrameworkCheck.exe
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-07-30 08:09 - 2015-07-30 08:09 - 00246304 _____ () D:\Programme\GlassWire\GeoIP.dll
2014-06-12 18:22 - 2014-06-12 18:22 - 01261272 _____ () D:\Programme\VMWarePlayer\libxml2.dll
2014-04-08 18:16 - 2015-06-17 08:51 - 00106128 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2015-03-31 23:22 - 2015-06-24 13:37 - 00011920 _____ () C:\Program Files\NVIDIA Corporation\Update Core\detoured.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer trusted/restricted ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2005339768-4040350731-2661024586-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Bigboss\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Datenträger ist nicht mit dem Internet verbunden.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{5B1220A2-64E5-41CD-B8F1-BBBF9877EF2B}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{C9E89A98-D179-4E73-B905-94BC0CF36DD5}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{DFA6F9EE-B2A0-4A51-AAD3-80C03BF3B400}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{2C804F27-776C-48C3-9CBC-CB7B8C944018}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{59F025C8-1571-4AF6-8FC1-96F7C9C0462F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{814032A3-BF5D-48CD-911E-75DA2A5E8FB0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9BF56D0C-14D9-40F8-8E5B-2871028B3D42}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0E9118AF-EFB2-495E-97FE-D81C062009A5}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{A8F3918C-6687-43AE-8F57-69C4D0DED836}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{92DEEFA7-C2CF-42C8-9D0D-A546503502EF}] => (Allow) D:\Spiele\SteamLibrary\SteamApps\common\Legend of Grimrock\grimrock.exe
FirewallRules: [{71B6E027-B9E1-47E4-9D21-0718B1D5D458}] => (Allow) D:\Spiele\SteamLibrary\SteamApps\common\Legend of Grimrock\grimrock.exe
FirewallRules: [{7AD9FE6E-4306-4550-AB5B-E9A4CED62F0C}] => (Allow) D:\Spiele\SteamLibrary\SteamApps\common\Sniper Elite V2\bin\SniperEliteV2.exe
FirewallRules: [{90BBC4E3-B462-4D69-B136-06EB6E794357}] => (Allow) D:\Spiele\SteamLibrary\SteamApps\common\Sniper Elite V2\bin\SniperEliteV2.exe
FirewallRules: [{834FE060-DE14-4E65-8F4A-3042EE51813B}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{CD7EFDCF-020C-43AF-B976-1819DC4C33E2}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{97BCBDC5-3204-4D7F-8512-6EFFE6D13CCB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{D81E251B-ED67-4CF9-9C0A-E4137CC3501A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{CB8D9B5C-340C-451F-8D21-F659A1187DAC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{DFB2C5CB-C020-469B-BB18-F6857A2B1521}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{59B2F2A2-E462-4F93-93C5-8C365E66DC24}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{E47DF2D3-39E1-44D4-BDF4-AA4045A3E4F6}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{BEB70C11-B4FA-408E-AD09-151FBAD20D0A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{C3D66742-4FF4-4B6D-B9DC-C4050D86F683}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{15D3A598-E281-4BEC-8FAE-FDED3A525983}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4AED9D9B-2BB8-4AE1-AA60-D02A8DE5C5DF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{731B864E-ED32-43E9-9189-F17EAC9B2D96}] => (Allow) D:\Programme\VMWarePlayer\vmware-authd.exe
FirewallRules: [{E85137E0-1E14-4B2D-9DC7-B705E623E2EB}] => (Allow) D:\Programme\VMWarePlayer\vmware-authd.exe
FirewallRules: [{F072EC1D-7774-4A78-AA40-85E014E3F8C7}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{52C09DB2-B3F1-484A-A364-E67484F2526D}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{345BACC3-0C58-4887-A21F-67BEE21F7DD2}] => (Allow) D:\Spiele\SteamLibrary\SteamApps\common\Sniper Elite 3\Launcher\Sniper3Launcher.exe
FirewallRules: [{03EFCC63-7F49-471C-87C7-8C7F6906A7E7}] => (Allow) D:\Spiele\SteamLibrary\SteamApps\common\Sniper Elite 3\Launcher\Sniper3Launcher.exe
FirewallRules: [{82AFF9E3-8621-4593-9E45-BEFACA33D1FA}] => (Allow) D:\Spiele\SteamLibrary\SteamApps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [{CEB68839-1B0F-46FC-8B22-2BD0EC1263EC}] => (Allow) D:\Spiele\SteamLibrary\SteamApps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [{6E0E6B1A-DC15-4286-B130-433E25F1E1D0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{9A9EC5F8-DA0C-4405-9A53-6201E73B0E28}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{169E7FC2-84C6-4625-90D7-A2DCFE129FA6}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{CCDCAFF9-6160-461A-95F4-3B3BC7402448}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{2574320C-639A-4978-B688-B7DB800C54C4}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{DFAF44B3-5F6B-4789-9DBC-3F427118FC7A}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{7DFBF163-D189-4384-AA38-C2F15477B2BC}D:\spiele\dungeon keeper 2\dkii.exe] => (Block) D:\spiele\dungeon keeper 2\dkii.exe
FirewallRules: [UDP Query User{AE5DCE1A-E3B9-4376-BB17-AFFEE25C23AC}D:\spiele\dungeon keeper 2\dkii.exe] => (Block) D:\spiele\dungeon keeper 2\dkii.exe
FirewallRules: [{8D51ECAF-8C91-40D8-A177-62B428542877}] => (Allow) D:\Programme\NetWorx\networx.exe
FirewallRules: [{0FC192F5-AEAC-4C91-87EB-1283EE3B5630}] => (Allow) D:\Programme\GlassWire\GWCtlSrv.exe
FirewallRules: [{FB53B428-845A-477E-B1C6-77E2E52547CD}] => (Allow) D:\Programme\GlassWire\GWCtlSrv.exe
FirewallRules: [{DA8C1988-7278-46A0-AEDC-FD2C3476A26E}] => (Block) c:\program files\windows media player\wmpnetwk.exe
FirewallRules: [{1EE9EF2C-E4BB-4EAE-9DA6-C1690A89C4BB}] => (Block) c:\program files\windows media player\wmpnetwk.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Intel(R) Ethernet Connection I217-V
Description: Intel(R) Ethernet Connection I217-V
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: e1dexpress
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (08/06/2015 08:14:51 PM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2015-08-06T20:14:51.509+02:00| vthread-4| E105: Cannot find perfmon object in array returned by perfDLL, index=0
Error: (08/04/2015 08:24:21 PM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2015-08-04T20:24:21.809+02:00| vthread-4| E105: Cannot find perfmon object in array returned by perfDLL, index=0
Error: (08/04/2015 08:24:03 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description:
Error: (08/04/2015 06:54:09 PM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2015-08-04T18:54:09.543+02:00| vthread-4| E105: Cannot find perfmon object in array returned by perfDLL, index=0
Error: (08/04/2015 06:12:31 PM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2015-08-04T18:12:31.371+02:00| vthread-4| E105: Cannot find perfmon object in array returned by perfDLL, index=0
Error: (08/04/2015 06:12:20 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description:
Error: (08/04/2015 08:35:09 AM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2015-08-04T08:35:09.359+02:00| vthread-4| E105: Cannot find perfmon object in array returned by perfDLL, index=0
Error: (08/03/2015 08:13:53 PM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2015-08-03T20:13:53.909+02:00| vthread-4| E105: Cannot find perfmon object in array returned by perfDLL, index=0
Error: (08/03/2015 06:17:10 PM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2015-08-03T18:17:10.718+02:00| vthread-4| E105: Cannot find perfmon object in array returned by perfDLL, index=0
Error: (08/02/2015 05:31:05 PM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2015-08-02T17:31:05.935+02:00| vthread-4| E105: Cannot find perfmon object in array returned by perfDLL, index=0
Systemfehler:
=============
Error: (08/04/2015 06:53:38 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 04.08.2015 um 18:51:38 unerwartet heruntergefahren.
Error: (08/01/2015 06:47:22 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 20.
Error: (07/31/2015 08:50:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (07/31/2015 08:50:06 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
Error: (07/30/2015 07:31:39 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR3 gefunden.
Error: (07/30/2015 07:31:38 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR3 gefunden.
Error: (07/30/2015 07:31:38 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR3 gefunden.
Error: (07/30/2015 07:31:37 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR3 gefunden.
Error: (07/30/2015 07:31:37 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR3 gefunden.
Error: (07/30/2015 07:31:36 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR3 gefunden.
Microsoft Office:
=========================
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4440 CPU @ 3.10GHz
Percentage of memory in use: 39%
Total physical RAM: 3535.07 MB
Available physical RAM: 2143.44 MB
Total Virtual: 7068.46 MB
Available Virtual: 5156.98 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:100.01 GB) (Free:47.69 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (DGross) (Fixed) (Total:831.5 GB) (Free:501.51 GB) NTFS
Drive e: (Backup) (Fixed) (Total:153.38 GB) (Free:86.19 GB) NTFS
Drive f: (Sicherung) (Fixed) (Total:149.05 GB) (Free:148.65 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 149.1 GB) (Disk ID: 12C67017)
Partition 1: (Not Active) - (Size=149 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 153.4 GB) (Disk ID: 1EA776A2)
Partition 1: (Not Active) - (Size=153.4 GB) - (Type=OF Extended)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: F5A22765)
Partition 1: (Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=831.5 GB) - (Type=07 NTFS)
==================== Ende vom log ============================
Nervbert Zitat:
 Ich verspreche, jetzt aufmerksamer zu sein! (Und hoffe, die Files sind auch so ausreichend.) |
|
08.08.2015, 09:28
| #4 |
| /// the machine /// TB-Ausbilder | Unerwarteter Traffic - up und down FRST einfach auf den Desktop schieben  Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
08.08.2015, 13:24
| #5 |
| | Unerwarteter Traffic - up und down Moin! So, hier ist das mbar-log: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org
Database version:
main: v2015.08.08.01
rootkit: v2015.08.06.01
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.17914
Bigboss :: BIGBOSS-PC [administrator]
08.08.2015 14:02:21
mbar-log-2015-08-08 (14-02-21).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 358601
Time elapsed: 10 minute(s), 38 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 14:18:28.0305 0x04c8 TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
14:18:30.0554 0x04c8 ============================================================
14:18:30.0554 0x04c8 Current date / time: 2015/08/08 14:18:30.0553
14:18:30.0554 0x04c8 SystemInfo:
14:18:30.0554 0x04c8
14:18:30.0554 0x04c8 OS Version: 6.1.7601 ServicePack: 1.0
14:18:30.0554 0x04c8 Product type: Workstation
14:18:30.0554 0x04c8 ComputerName: BIGBOSS-PC
14:18:30.0554 0x04c8 UserName: Bigboss
14:18:30.0554 0x04c8 Windows directory: C:\Windows
14:18:30.0554 0x04c8 System windows directory: C:\Windows
14:18:30.0554 0x04c8 Processor architecture: Intel x86
14:18:30.0554 0x04c8 Number of processors: 4
14:18:30.0554 0x04c8 Page size: 0x1000
14:18:30.0554 0x04c8 Boot type: Normal boot
14:18:30.0554 0x04c8 ============================================================
14:18:32.0345 0x04c8 KLMD registered as C:\Windows\system32\drivers\39921495.sys
14:18:32.0534 0x04c8 System UUID: {9C18F297-FC22-529C-A1BC-2207A1EFAF23}
14:18:32.0855 0x04c8 Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
14:18:32.0864 0x04c8 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 ( 149.05 Gb ), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
14:18:32.0864 0x04c8 Drive \Device\Harddisk1\DR1 - Size: 0x2658AE0000 ( 153.39 Gb ), SectorSize: 0x200, Cylinders: 0x4E37, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
14:18:32.0866 0x04c8 ============================================================
14:18:32.0866 0x04c8 \Device\Harddisk2\DR2:
14:18:32.0866 0x04c8 MBR partitions:
14:18:32.0866 0x04c8 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC803400
14:18:32.0866 0x04c8 \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0xC80343F, BlocksNum 0x67F02582
14:18:32.0866 0x04c8 \Device\Harddisk0\DR0:
14:18:32.0866 0x04c8 MBR partitions:
14:18:32.0866 0x04c8 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x12A18800
14:18:32.0866 0x04c8 \Device\Harddisk1\DR1:
14:18:32.0867 0x04c8 MBR partitions:
14:18:32.0867 0x04c8 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F00, BlocksNum 0x132C0A77
14:18:32.0867 0x04c8 ============================================================
14:18:32.0875 0x04c8 C: <-> \Device\Harddisk2\DR2\Partition1
14:18:32.0900 0x04c8 D: <-> \Device\Harddisk2\DR2\Partition2
14:18:32.0901 0x04c8 E: <-> \Device\Harddisk1\DR1\Partition1
14:18:32.0914 0x04c8 F: <-> \Device\Harddisk0\DR0\Partition1
14:18:32.0914 0x04c8 ============================================================
14:18:32.0914 0x04c8 Initialize success
14:18:32.0914 0x04c8 ============================================================
14:18:55.0258 0x15a0 ============================================================
14:18:55.0258 0x15a0 Scan started
14:18:55.0258 0x15a0 Mode: Manual; SigCheck; TDLFS;
14:18:55.0258 0x15a0 ============================================================
14:18:55.0258 0x15a0 KSN ping started
14:18:57.0650 0x15a0 KSN ping finished: true
14:18:58.0468 0x15a0 ================ Scan system memory ========================
14:18:58.0469 0x15a0 System memory - ok
14:18:58.0469 0x15a0 ================ Scan services =============================
14:18:58.0560 0x15a0 [ 72D6D8E2D4F82C6E829125C7EC2A88F9, F357CFC3D04EB3F8E1A504D531D099698C6E2B29EB6CEDF75C08BF8917C46573 ] !SASCORE D:\Programme\SUPERAntiSpyware\SASCORE.EXE
14:18:58.0649 0x15a0 !SASCORE - ok
14:18:58.0784 0x15a0 [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:18:58.0828 0x15a0 1394ohci - ok
14:18:58.0855 0x15a0 [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:18:58.0874 0x15a0 ACPI - ok
14:18:58.0900 0x15a0 [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:18:58.0940 0x15a0 AcpiPmi - ok
14:18:58.0979 0x15a0 [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
14:18:59.0010 0x15a0 adp94xx - ok
14:18:59.0025 0x15a0 [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
14:18:59.0045 0x15a0 adpahci - ok
14:18:59.0054 0x15a0 [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
14:18:59.0066 0x15a0 adpu320 - ok
14:18:59.0085 0x15a0 [ 12E6A172D72AFC626727B8635DD17E39, 33B3D109C39DF6EA86AFC3C89A93657906E981D3D22FF854401BC7326990CC08 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:18:59.0103 0x15a0 AeLookupSvc - ok
14:18:59.0137 0x15a0 [ D0B388DA1D111A34366E04EB4A5DD156, 60D226F027F4025CC032CAFF73A80FAFB5FA75445654FDCF80CA8C0419C6E938 ] AFD C:\Windows\system32\drivers\afd.sys
14:18:59.0163 0x15a0 AFD - ok
14:18:59.0176 0x15a0 [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\Windows\system32\drivers\agp440.sys
14:18:59.0183 0x15a0 agp440 - ok
14:18:59.0187 0x15a0 [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
14:18:59.0194 0x15a0 aic78xx - ok
14:18:59.0223 0x15a0 [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\Windows\System32\alg.exe
14:18:59.0240 0x15a0 ALG - ok
14:18:59.0253 0x15a0 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\Windows\system32\drivers\aliide.sys
14:18:59.0259 0x15a0 aliide - ok
14:18:59.0272 0x15a0 [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
14:18:59.0279 0x15a0 amdagp - ok
14:18:59.0288 0x15a0 [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\Windows\system32\drivers\amdide.sys
14:18:59.0295 0x15a0 amdide - ok
14:18:59.0304 0x15a0 [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
14:18:59.0327 0x15a0 AmdK8 - ok
14:18:59.0341 0x15a0 [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
14:18:59.0354 0x15a0 AmdPPM - ok
14:18:59.0368 0x15a0 [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:18:59.0376 0x15a0 amdsata - ok
14:18:59.0391 0x15a0 [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
14:18:59.0399 0x15a0 amdsbs - ok
14:18:59.0415 0x15a0 [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:18:59.0421 0x15a0 amdxata - ok
14:18:59.0536 0x15a0 [ 9FE1AC875A7AD7B7FF28FEC8B754968D, EEE04D4073E49332C85028B62E8A035EAA2284526A3F3820133492C8F8CBA3D5 ] AntiVirMailService C:\Program Files\Avira\AntiVir Desktop\avmailc7.exe
14:18:59.0568 0x15a0 AntiVirMailService - ok
14:18:59.0630 0x15a0 [ 58FB167B287CAA05F7DD5AA1018FD52C, D9EB68E1C2B99E5F59A0DA4C9FA46E15C6E470F7445E232C03C82790F546A6AA ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
14:18:59.0669 0x15a0 AntiVirSchedulerService - ok
14:18:59.0698 0x15a0 [ 58FB167B287CAA05F7DD5AA1018FD52C, D9EB68E1C2B99E5F59A0DA4C9FA46E15C6E470F7445E232C03C82790F546A6AA ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
14:18:59.0720 0x15a0 AntiVirService - ok
14:18:59.0758 0x15a0 [ F857D22CEC14854D310C5596C8CE6006, 67448C506D3171D327A6CE3952E41BDC65587FEB45F510160A1DAFCA9491711E ] AntiVirWebService C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe
14:18:59.0787 0x15a0 AntiVirWebService - ok
14:18:59.0819 0x15a0 [ 81F97D8F8B3FB94A451CC6F7CF8B2965, 8DEBA4E47E1016D69740C0BB7CDD23852D86E0D42C1C1EA5A847ECB115C38CB1 ] AppID C:\Windows\system32\drivers\appid.sys
14:18:59.0857 0x15a0 AppID - ok
14:18:59.0866 0x15a0 [ F5090F8FA6757C58E17BAEAA86093636, 5E14CF3032DF5801240F45C59AA93962EA41AA5648A0C6458D16D9B9D95A131F ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:18:59.0901 0x15a0 AppIDSvc - ok
14:18:59.0921 0x15a0 [ 530195DA0D84D9855020F2B80D6B267F, AB36F05991530437C7B3F25441B13BC085000F07579964A4CCA0BF029DD6DE7E ] Appinfo C:\Windows\System32\appinfo.dll
14:18:59.0954 0x15a0 Appinfo - ok
14:18:59.0991 0x15a0 [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt C:\Windows\System32\appmgmts.dll
14:19:00.0036 0x15a0 AppMgmt - ok
14:19:00.0050 0x15a0 [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\Windows\system32\DRIVERS\arc.sys
14:19:00.0068 0x15a0 arc - ok
14:19:00.0075 0x15a0 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
14:19:00.0089 0x15a0 arcsas - ok
14:19:00.0191 0x15a0 [ 537B2948976F5D9B5767B74A63EBB395, 1A14F8B582E74AD15B612EDA5B707AA3CB0B2A107ED14572B4232EAA7383B634 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
14:19:00.0220 0x15a0 aspnet_state - ok
14:19:00.0240 0x15a0 AsrSetupDrv - ok
14:19:00.0261 0x15a0 [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:19:00.0333 0x15a0 AsyncMac - ok
14:19:00.0350 0x15a0 [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\Windows\system32\drivers\atapi.sys
14:19:00.0363 0x15a0 atapi - ok
14:19:00.0412 0x15a0 [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:19:00.0447 0x15a0 AudioEndpointBuilder - ok
14:19:00.0460 0x15a0 [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] Audiosrv C:\Windows\System32\Audiosrv.dll
14:19:00.0480 0x15a0 Audiosrv - ok
14:19:00.0502 0x15a0 [ 0FFC36573D7541155F84AC8F8F9D87A6, 50CE44B544CF365C4E99133C69582154C58DEB263892E3EF02C9886C8D652F60 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
14:19:00.0513 0x15a0 avgntflt - ok
14:19:00.0524 0x15a0 [ B9D3418110A6B4EAADCB2BD1A8CEC617, 2252E518FB0A69699ECF7A940A20E9D77822F7FF7CE14FE5E30E4DDB34546D56 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
14:19:00.0538 0x15a0 avipbb - ok
14:19:00.0593 0x15a0 [ 4B3DBF1CEBE1B2346BF2F8D2251F641A, CDC5BCA35BE658007E29E94E7FBFAA499B50929E738A12904397D16268C6FBAE ] Avira.ServiceHost C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
14:19:00.0609 0x15a0 Avira.ServiceHost - ok
14:19:00.0638 0x15a0 [ F80F5DCA8A5D9D93CC5BE933D20CAF05, 2AFBB2D62127FACBCABBB3E78F3568A6BA016ED4A97A1490BAA29A1EFB7A4408 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
14:19:00.0648 0x15a0 avkmgr - ok
14:19:00.0686 0x15a0 [ 3303FB85532093FC6723632B5947E8C4, F8301069A8EAD7303CAE5B7CAE3F119747E7B7B4402178018EB5254087238A42 ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
14:19:00.0696 0x15a0 avnetflt - ok
14:19:00.0718 0x15a0 [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:19:00.0752 0x15a0 AxInstSV - ok
14:19:00.0792 0x15a0 [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
14:19:00.0823 0x15a0 b06bdrv - ok
14:19:00.0850 0x15a0 [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
14:19:00.0873 0x15a0 b57nd60x - ok
14:19:00.0899 0x15a0 [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\Windows\System32\bdesvc.dll
14:19:00.0927 0x15a0 BDESVC - ok
14:19:00.0936 0x15a0 [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\Windows\system32\drivers\Beep.sys
14:19:00.0966 0x15a0 Beep - ok
14:19:01.0004 0x15a0 [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE C:\Windows\System32\bfe.dll
14:19:01.0035 0x15a0 BFE - ok
14:19:01.0081 0x15a0 [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS C:\Windows\System32\qmgr.dll
14:19:01.0212 0x15a0 BITS - ok
14:19:01.0221 0x15a0 [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:19:01.0239 0x15a0 blbdrive - ok
14:19:01.0268 0x15a0 [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:19:01.0286 0x15a0 bowser - ok
14:19:01.0291 0x15a0 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:19:01.0338 0x15a0 BrFiltLo - ok
14:19:01.0351 0x15a0 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:19:01.0363 0x15a0 BrFiltUp - ok
14:19:01.0380 0x15a0 [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser C:\Windows\System32\browser.dll
14:19:01.0413 0x15a0 Browser - ok
14:19:01.0431 0x15a0 [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:19:01.0477 0x15a0 Brserid - ok
14:19:01.0489 0x15a0 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:19:01.0503 0x15a0 BrSerWdm - ok
14:19:01.0513 0x15a0 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:19:01.0529 0x15a0 BrUsbMdm - ok
14:19:01.0538 0x15a0 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:19:01.0554 0x15a0 BrUsbSer - ok
14:19:01.0563 0x15a0 [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
14:19:01.0588 0x15a0 BTHMODEM - ok
14:19:01.0603 0x15a0 [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\Windows\system32\bthserv.dll
14:19:01.0629 0x15a0 bthserv - ok
14:19:01.0639 0x15a0 [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:19:01.0656 0x15a0 cdfs - ok
14:19:01.0678 0x15a0 [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom C:\Windows\system32\drivers\cdrom.sys
14:19:01.0687 0x15a0 cdrom - ok
14:19:01.0713 0x15a0 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc C:\Windows\System32\certprop.dll
14:19:01.0734 0x15a0 CertPropSvc - ok
14:19:01.0886 0x15a0 [ 10DB71D52DB96E6ED58BB9C0EB076AE4, 2F459496F2AF528EEF6DDD37C6677FEB0F5044F5C0B284A1B95617461902F925 ] cFosSpeed C:\Windows\system32\DRIVERS\cfosspeed6.sys
14:19:01.0917 0x15a0 cFosSpeed - ok
14:19:02.0040 0x15a0 [ 411F3290A5BB70EF696EE7DB22BC89FD, 16FE8426C15B96EDCB94E6DAB1B066C60B9FC75D670509ADD9F7540CD3996703 ] cFosSpeedS C:\Program Files\ASRock\XFast LAN\spd.exe
14:19:02.0059 0x15a0 cFosSpeedS - ok
14:19:02.0090 0x15a0 [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
14:19:02.0101 0x15a0 circlass - ok
14:19:02.0166 0x15a0 [ 33A60554882FDF59CDA3E1806370BBA1, 3DE5451E1CB84AAEBD03F54BEFC670C401447B4881A8B022748B6ECF0F500F01 ] CLFS C:\Windows\system32\CLFS.sys
14:19:02.0226 0x15a0 CLFS - ok
14:19:02.0275 0x15a0 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:19:02.0297 0x15a0 clr_optimization_v2.0.50727_32 - ok
14:19:02.0338 0x15a0 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:19:02.0353 0x15a0 clr_optimization_v4.0.30319_32 - ok
14:19:02.0360 0x15a0 [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:19:02.0369 0x15a0 CmBatt - ok
14:19:02.0387 0x15a0 [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:19:02.0393 0x15a0 cmdide - ok
14:19:02.0427 0x15a0 [ 3051724F223EA48968B19567DE2A81F4, DCC27DE1B2B35866FC6DBDE95A368E7D0D346B6C3F31D0BACA63DD39B0A8874E ] CNG C:\Windows\system32\Drivers\cng.sys
14:19:02.0443 0x15a0 CNG - ok
14:19:02.0462 0x15a0 [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
14:19:02.0468 0x15a0 Compbatt - ok
14:19:02.0489 0x15a0 [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
14:19:02.0498 0x15a0 CompositeBus - ok
14:19:02.0506 0x15a0 COMSysApp - ok
14:19:02.0533 0x15a0 [ B00C3CE5B76ECE5B49E7F517BF575963, FD69DF273D5003415120F8B1D983B7C448D92779E02E4539BE377814DF407656 ] cphs C:\Windows\system32\IntelCpHeciSvc.exe
14:19:02.0560 0x15a0 cphs - ok
14:19:02.0630 0x15a0 cpuz135 - ok
14:19:02.0647 0x15a0 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
14:19:02.0668 0x15a0 crcdisk - ok
14:19:02.0708 0x15a0 [ 33F67BBCC3C0499D3F3382473114CFA8, FDDCC41CE005B7C1BEBB6F4ACA9A3F10E5972792ADFD7D294E70A0B781460981 ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:19:02.0727 0x15a0 CryptSvc - ok
14:19:02.0751 0x15a0 [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC C:\Windows\system32\drivers\csc.sys
14:19:02.0776 0x15a0 CSC - ok
14:19:02.0797 0x15a0 [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService C:\Windows\System32\cscsvc.dll
14:19:02.0818 0x15a0 CscService - ok
14:19:02.0848 0x15a0 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch C:\Windows\system32\rpcss.dll
14:19:02.0882 0x15a0 DcomLaunch - ok
14:19:02.0899 0x15a0 [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\Windows\System32\defragsvc.dll
14:19:02.0919 0x15a0 defragsvc - ok
14:19:02.0938 0x15a0 [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:19:02.0953 0x15a0 DfsC - ok
14:19:02.0978 0x15a0 [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp C:\Windows\system32\dhcpcore.dll
14:19:03.0008 0x15a0 Dhcp - ok
14:19:03.0074 0x15a0 [ 7AB2DE012C88870C9274E966EC88AB61, CE2098B152B9C039C29C0573C813BFBF13B2D2E6BEE83985374160884A817133 ] DiagTrack C:\Windows\system32\diagtrack.dll
14:19:03.0132 0x15a0 DiagTrack - ok
14:19:03.0136 0x15a0 [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\Windows\system32\drivers\discache.sys
14:19:03.0162 0x15a0 discache - ok
14:19:03.0187 0x15a0 [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk C:\Windows\system32\DRIVERS\disk.sys
14:19:03.0195 0x15a0 Disk - ok
14:19:03.0220 0x15a0 [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:19:03.0262 0x15a0 Dnscache - ok
14:19:03.0285 0x15a0 [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc C:\Windows\System32\dot3svc.dll
14:19:03.0318 0x15a0 dot3svc - ok
14:19:03.0342 0x15a0 [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS C:\Windows\system32\dps.dll
14:19:03.0364 0x15a0 DPS - ok
14:19:03.0402 0x15a0 [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:19:03.0435 0x15a0 drmkaud - ok
14:19:03.0483 0x15a0 [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:19:03.0528 0x15a0 DXGKrnl - ok
14:19:03.0561 0x15a0 [ B5C557433835A2FB6604A66D8CAF52EB, F2D09FA3F0D8E25B561CB9553CCE536BA55CFED6FEF7675853A28D677D26EF5A ] e1dexpress C:\Windows\system32\DRIVERS\e1d6232.sys
14:19:03.0584 0x15a0 e1dexpress - ok
14:19:03.0606 0x15a0 [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\Windows\System32\eapsvc.dll
14:19:03.0651 0x15a0 EapHost - ok
14:19:03.0762 0x15a0 [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
14:19:03.0839 0x15a0 ebdrv - ok
14:19:03.0864 0x15a0 [ DC0B4400073A404B53F571126B58F480, 022F1E8431C6299D8DFA287A570B0D24C2FFDCD8BF79420BAA1637E5366B4459 ] EFS C:\Windows\System32\lsass.exe
14:19:03.0883 0x15a0 EFS - ok
14:19:03.0928 0x15a0 [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:19:03.0963 0x15a0 ehRecvr - ok
14:19:03.0981 0x15a0 [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\Windows\ehome\ehsched.exe
14:19:04.0011 0x15a0 ehSched - ok
14:19:04.0028 0x15a0 [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
14:19:04.0043 0x15a0 elxstor - ok
14:19:04.0056 0x15a0 [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:19:04.0063 0x15a0 ErrDev - ok
14:19:04.0076 0x15a0 [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\Windows\system32\es.dll
14:19:04.0097 0x15a0 EventSystem - ok
14:19:04.0118 0x15a0 [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\Windows\system32\drivers\exfat.sys
14:19:04.0137 0x15a0 exfat - ok
14:19:04.0150 0x15a0 [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:19:04.0176 0x15a0 fastfat - ok
14:19:04.0204 0x15a0 [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax C:\Windows\system32\fxssvc.exe
14:19:04.0243 0x15a0 Fax - ok
14:19:04.0255 0x15a0 [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:19:04.0263 0x15a0 fdc - ok
14:19:04.0282 0x15a0 [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\Windows\system32\fdPHost.dll
14:19:04.0314 0x15a0 fdPHost - ok
14:19:04.0330 0x15a0 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\Windows\system32\fdrespub.dll
14:19:04.0353 0x15a0 FDResPub - ok
14:19:04.0362 0x15a0 [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:19:04.0369 0x15a0 FileInfo - ok
14:19:04.0381 0x15a0 [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:19:04.0397 0x15a0 Filetrace - ok
14:19:04.0412 0x15a0 [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
14:19:04.0420 0x15a0 flpydisk - ok
14:19:04.0431 0x15a0 [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:19:04.0441 0x15a0 FltMgr - ok
14:19:04.0460 0x15a0 [ 4BD9964632325802F8DC971F6987CD1B, 6C8B08FACF6B2F5FC02787942D5BF9317697845362A8F048B22B9715410444E1 ] FNETTBOH_305 C:\Windows\system32\drivers\FNETTBOH_305.SYS
14:19:04.0465 0x15a0 FNETTBOH_305 - ok
14:19:04.0486 0x15a0 [ 7EAAD993D52A117EC3D550631BD0FF81, 8BF3C886A28ADDAEEB6BDF5E9DC5D1F12A03C2ADCC7B58BFF858F581B5434E44 ] FNETURPX C:\Windows\system32\drivers\FNETURPX.SYS
14:19:04.0492 0x15a0 FNETURPX - ok
14:19:04.0531 0x15a0 [ 6EC244F102C7F129678E5F7309D1366D, C30DA201AC623DA440B0A0716534557C578218C2A591FA8893CCCBD96B4518F9 ] FontCache C:\Windows\system32\FntCache.dll
14:19:04.0573 0x15a0 FontCache - ok
14:19:04.0634 0x15a0 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
14:19:04.0649 0x15a0 FontCache3.0.0.0 - ok
14:19:04.0717 0x15a0 [ 2944A8AF3D8492CC8D5C1D2017153ABD, E1AB2E7C73295C18C31EE2FB6E2E561090BE23B46DC1438F5AEA2F0E923AE442 ] FoxitCloudUpdateService C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
14:19:04.0753 0x15a0 FoxitCloudUpdateService - ok
14:19:04.0773 0x15a0 [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:19:04.0784 0x15a0 FsDepends - ok
14:19:04.0803 0x15a0 [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:19:04.0813 0x15a0 Fs_Rec - ok
14:19:04.0840 0x15a0 [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:19:04.0857 0x15a0 fvevol - ok
14:19:04.0883 0x15a0 [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
14:19:04.0890 0x15a0 gagp30kx - ok
14:19:04.0951 0x15a0 [ ADFFEF4F2388FA73F425BA623B8BE65C, CA477FB6F3F1D0FE64D0A4B46A73E4D0EB2ED4B07F8C76487E2B4FDD9B95114C ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
14:19:04.0981 0x15a0 GfExperienceService - ok
14:19:05.0015 0x15a0 [ 77EBF3E9386DAA51551AF429052D88D0, 94C3294BB9E14B07448734AE65B37801D3FF15BEC987D182A929A017FEF7B276 ] giveio C:\Windows\system32\giveio.sys
14:19:05.0018 0x15a0 giveio - detected UnsignedFile.Multi.Generic ( 1 )
14:19:07.0444 0x15a0 Detect skipped due to KSN trusted
14:19:07.0444 0x15a0 giveio - ok
14:19:07.0806 0x15a0 [ 75E7CCDA9A215B77100500DB56286F87, F6218D556333D5B0C55DD6E23322D61C3749A7621638FFD0AFF3992569C24494 ] GlassWire D:\Programme\GlassWire\GWCtlSrv.exe
14:19:07.0974 0x15a0 GlassWire - ok
14:19:08.0018 0x15a0 [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc C:\Windows\System32\gpsvc.dll
14:19:08.0045 0x15a0 gpsvc - ok
14:19:08.0088 0x15a0 [ AEB4FE736D76F36AE2A7EB1EAD2344FF, F77280B236B96DEEF80E8F69BA4C591D6F8645C2FB0545C806EC7FF1C12F8A7D ] gwdrv C:\Windows\system32\DRIVERS\gwdrv.sys
14:19:08.0094 0x15a0 gwdrv - ok
14:19:08.0134 0x15a0 [ 3F40FA664309ED1CCC3592636A94DDF4, D241BD7FA97F1DA8E7A781535CCBF004D15DCABA7EFDC09EA97D5E549D85B41A ] hcmon C:\Windows\system32\drivers\hcmon.sys
14:19:08.0155 0x15a0 hcmon - ok
14:19:08.0173 0x15a0 [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:19:08.0202 0x15a0 hcw85cir - ok
14:19:08.0256 0x15a0 [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:19:08.0278 0x15a0 HdAudAddService - ok
14:19:08.0301 0x15a0 [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
14:19:08.0316 0x15a0 HDAudBus - ok
14:19:08.0325 0x15a0 [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
14:19:08.0342 0x15a0 HidBatt - ok
14:19:08.0360 0x15a0 [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
14:19:08.0379 0x15a0 HidBth - ok
14:19:08.0397 0x15a0 [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
14:19:08.0410 0x15a0 HidIr - ok
14:19:08.0433 0x15a0 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\Windows\system32\hidserv.dll
14:19:08.0460 0x15a0 hidserv - ok
14:19:08.0484 0x15a0 [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
14:19:08.0500 0x15a0 HidUsb - ok
14:19:08.0518 0x15a0 [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc C:\Windows\system32\kmsvc.dll
14:19:08.0560 0x15a0 hkmsvc - ok
14:19:08.0582 0x15a0 [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:19:08.0622 0x15a0 HomeGroupListener - ok
14:19:08.0655 0x15a0 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:19:08.0679 0x15a0 HomeGroupProvider - ok
14:19:08.0699 0x15a0 [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:19:08.0708 0x15a0 HpSAMD - ok
14:19:08.0747 0x15a0 [ 487569E5DA56A5A432FF8AF6D3599CF9, 7C974D8379C60B4F69A20B01876C49181B0A63AC318C4BD0A21DABFF27A15C9D ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:19:08.0783 0x15a0 HTTP - ok
14:19:08.0798 0x15a0 [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:19:08.0806 0x15a0 hwpolicy - ok
14:19:08.0832 0x15a0 [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
14:19:08.0854 0x15a0 i8042prt - ok
14:19:08.0882 0x15a0 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:19:08.0897 0x15a0 iaStorV - ok
14:19:08.0943 0x15a0 [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:19:08.0975 0x15a0 idsvc - ok
14:19:08.0978 0x15a0 IEEtwCollectorService - ok
14:19:09.0116 0x15a0 [ 3F4046BC31A4913757C5A58B8F8FB104, 55E6B7FFBD0D97EF29BEC2F790302047E73A8D99813F8984CA35EC12B852FFC2 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
14:19:09.0227 0x15a0 igfx - ok
14:19:09.0280 0x15a0 [ 13BF88F184A2229DA671070027FA1BB7, 100AC58B88BA763E51B626AFD2A8182C147AD412C1072D8F1892C1E9089D6C7D ] igfxCUIService1.0.0.0 C:\Windows\system32\igfxCUIService.exe
14:19:09.0315 0x15a0 igfxCUIService1.0.0.0 - ok
14:19:09.0333 0x15a0 [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
14:19:09.0342 0x15a0 iirsp - ok
14:19:09.0375 0x15a0 [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT C:\Windows\System32\ikeext.dll
14:19:09.0403 0x15a0 IKEEXT - ok
14:19:09.0495 0x15a0 [ DC36560FB4AC03F379836B5F81144E4A, 4D385A01EA339AB692BBBD8B74C6CC1B823C0F077BF47A4ED3F6E93A4B17AB8B ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
14:19:09.0556 0x15a0 IntcAzAudAddService - ok
14:19:09.0585 0x15a0 [ 3EDEBF6DF702C707C472F1F99EC59763, ACCA402022B9E5C2753108F6CECAA8A9EAB47F10CA3978D362E171E47141ABA5 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
14:19:09.0600 0x15a0 IntcDAud - ok
14:19:09.0626 0x15a0 [ 94166D995E0408FD63F98EF8CAD0A204, DB50BED42BCE664799BA7E8E5851FDD34FB5B5E77566C995A60F8A0D84612541 ] Intel(R) PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
14:19:09.0634 0x15a0 Intel(R) PROSet Monitoring Service - ok
14:19:09.0645 0x15a0 [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\Windows\system32\drivers\intelide.sys
14:19:09.0651 0x15a0 intelide - ok
14:19:09.0684 0x15a0 [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:19:09.0710 0x15a0 intelppm - ok
14:19:09.0745 0x15a0 [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:19:09.0783 0x15a0 IPBusEnum - ok
14:19:09.0799 0x15a0 [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:19:09.0821 0x15a0 IpFilterDriver - ok
14:19:09.0849 0x15a0 [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:19:09.0895 0x15a0 iphlpsvc - ok
14:19:09.0913 0x15a0 [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:19:09.0929 0x15a0 IPMIDRV - ok
14:19:09.0946 0x15a0 [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:19:09.0974 0x15a0 IPNAT - ok
14:19:09.0991 0x15a0 [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:19:10.0017 0x15a0 IRENUM - ok
14:19:10.0038 0x15a0 [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:19:10.0045 0x15a0 isapnp - ok
14:19:10.0065 0x15a0 [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:19:10.0076 0x15a0 iScsiPrt - ok
14:19:10.0082 0x15a0 [ 4232E075A2E1C2E01B83666B0885C35F, 6D1CDD5988611B7641985D8854EB352ACADD55D938D91E1C4E9EF08BD664CE1C ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
14:19:10.0088 0x15a0 iusb3hcs - ok
14:19:10.0113 0x15a0 [ 90DCED9D906CFC405D09A21B16EAD0D7, 0CEABF881F898273BD54C470B3F1DADE33B8C261F4CC63DA233A4DBCA59D213A ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
14:19:10.0125 0x15a0 iusb3hub - ok
14:19:10.0158 0x15a0 [ 92A7944E8379F910BEF44858D43FF7C1, 00C610F699FD10C1EB84903DF973C2175686156869F8E7C6E123359B980F5CA3 ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
14:19:10.0178 0x15a0 iusb3xhc - ok
14:19:10.0196 0x15a0 [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
14:19:10.0203 0x15a0 kbdclass - ok
14:19:10.0225 0x15a0 [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
14:19:10.0248 0x15a0 kbdhid - ok
14:19:10.0264 0x15a0 [ DC0B4400073A404B53F571126B58F480, 022F1E8431C6299D8DFA287A570B0D24C2FFDCD8BF79420BAA1637E5366B4459 ] KeyIso C:\Windows\system32\lsass.exe
14:19:10.0272 0x15a0 KeyIso - ok
14:19:10.0290 0x15a0 [ A1F4064171DB9F314BDABA0B43014CA4, DFAB60F6C8D00DC4AC55D32D797095E82C00F71E33F6EE989B03EE0A1D340FEF ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:19:10.0297 0x15a0 KSecDD - ok
14:19:10.0309 0x15a0 [ 8A8BA57DF21630B36B2FAA229AC5B1D1, D6B407D23453E8547B9F64BC8B484A593347E8252A25B9637BA8F8C067B1E057 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:19:10.0318 0x15a0 KSecPkg - ok
14:19:10.0341 0x15a0 [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\Windows\system32\msdtckrm.dll
14:19:10.0364 0x15a0 KtmRm - ok
14:19:10.0384 0x15a0 [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer C:\Windows\system32\srvsvc.dll
14:19:10.0412 0x15a0 LanmanServer - ok
14:19:10.0424 0x15a0 [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:19:10.0442 0x15a0 LanmanWorkstation - ok
14:19:10.0472 0x15a0 [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:19:10.0494 0x15a0 lltdio - ok
14:19:10.0515 0x15a0 [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:19:10.0536 0x15a0 lltdsvc - ok
14:19:10.0546 0x15a0 [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:19:10.0561 0x15a0 lmhosts - ok
14:19:10.0580 0x15a0 [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
14:19:10.0588 0x15a0 LSI_FC - ok
14:19:10.0600 0x15a0 [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
14:19:10.0608 0x15a0 LSI_SAS - ok
14:19:10.0620 0x15a0 [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:19:10.0626 0x15a0 LSI_SAS2 - ok
14:19:10.0638 0x15a0 [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:19:10.0646 0x15a0 LSI_SCSI - ok
14:19:10.0662 0x15a0 [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\Windows\system32\drivers\luafv.sys
14:19:10.0683 0x15a0 luafv - ok
14:19:10.0709 0x15a0 [ B4CD87E78A01562E3DA67FE1C2779204, 536AC01C53A18E7B43F02F345FC3088C189A2D01F5E060714C0534FE7ECA2356 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
14:19:10.0715 0x15a0 MBAMProtector - ok
14:19:10.0803 0x15a0 [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService D:\Programme\ Malwarebytes Anti-Malware \mbamservice.exe
14:19:10.0867 0x15a0 MBAMService - ok
14:19:10.0914 0x15a0 [ 490F0F3ED8A970E2BAA38F719242B8F7, 03F902365372639424AB654AEBF6EB2B6B73363275435ADC2D086EAA7112AC3D ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
14:19:10.0926 0x15a0 MBAMWebAccessControl - ok
14:19:10.0950 0x15a0 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:19:10.0968 0x15a0 Mcx2Svc - ok
14:19:10.0980 0x15a0 [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
14:19:10.0987 0x15a0 megasas - ok
14:19:11.0000 0x15a0 [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
14:19:11.0010 0x15a0 MegaSR - ok
14:19:11.0033 0x15a0 [ F053F1D48C8A92BDFA72654D0DCDF5AB, A9FD181ECCAD08118DA39D59158171C8D1D9BF67285D6766D2DA03B861CAD512 ] MEI C:\Windows\system32\DRIVERS\HECI.sys
14:19:11.0040 0x15a0 MEI - ok
14:19:11.0094 0x15a0 [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
14:19:11.0106 0x15a0 Microsoft Office Groove Audit Service - ok
14:19:11.0119 0x15a0 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\Windows\system32\mmcss.dll
14:19:11.0163 0x15a0 MMCSS - ok
14:19:11.0178 0x15a0 [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\Windows\system32\drivers\modem.sys
14:19:11.0221 0x15a0 Modem - ok
14:19:11.0232 0x15a0 [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:19:11.0246 0x15a0 monitor - ok
14:19:11.0255 0x15a0 [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\Windows\system32\drivers\mouclass.sys
14:19:11.0267 0x15a0 mouclass - ok
14:19:11.0285 0x15a0 [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:19:11.0307 0x15a0 mouhid - ok
14:19:11.0325 0x15a0 [ 644905A19D0F37F2233DFCE53BC4BC19, F52CB40AA0FD1EBF8CBF0F3BFB20C47142C637719840877FB93F10D085EB8C2B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:19:11.0339 0x15a0 mountmgr - ok
14:19:11.0375 0x15a0 [ 22A7042C70F90F8261840740DDBB5176, AD0075C97D2D7C568D5CFB1C3A02DCE3BC01941844A759B29CD4DE4AF2F5FC45 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
14:19:11.0389 0x15a0 MozillaMaintenance - ok
14:19:11.0411 0x15a0 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio C:\Windows\system32\drivers\mpio.sys
14:19:11.0420 0x15a0 mpio - ok
14:19:11.0436 0x15a0 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:19:11.0453 0x15a0 mpsdrv - ok
14:19:11.0479 0x15a0 [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:19:11.0508 0x15a0 MpsSvc - ok
14:19:11.0528 0x15a0 [ 03F899F521D2AAED1C55008F734DF252, 4E56A51476A13F5630719018037B1F63DF9ACEA1CFE782AF04E669BD696954C5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:19:11.0580 0x15a0 MRxDAV - ok
14:19:11.0603 0x15a0 [ 01C5B803F6E1FDF8F16F0763DA9B997D, 721B5C6E8E71453D6494971C14CFD93F1A180098D4EE35572EAACEF6FC6B0442 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:19:11.0627 0x15a0 mrxsmb - ok
14:19:11.0653 0x15a0 [ C48A8284F018BEAAFC7A027A570D9C84, DD29ACC08E9F57ED426D11F8A3E2F0EA53F373200D249225627124F65D1EC1BD ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:19:11.0679 0x15a0 mrxsmb10 - ok
14:19:11.0694 0x15a0 [ C1CC047CE391BB88350379153BC1C8FA, 2DC83A61F871A87CFC6E56BF5F164271E7E72694B33E58D842F5759A3DE8F4C7 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:19:11.0708 0x15a0 mrxsmb20 - ok
14:19:11.0718 0x15a0 [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci C:\Windows\system32\drivers\msahci.sys
14:19:11.0728 0x15a0 msahci - ok
14:19:11.0745 0x15a0 [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:19:11.0754 0x15a0 msdsm - ok
14:19:11.0771 0x15a0 [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\Windows\System32\msdtc.exe
14:19:11.0781 0x15a0 MSDTC - ok
14:19:11.0804 0x15a0 [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:19:11.0832 0x15a0 Msfs - ok
14:19:11.0840 0x15a0 [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:19:11.0862 0x15a0 mshidkmdf - ok
14:19:11.0872 0x15a0 MSICDSetup - ok
14:19:11.0889 0x15a0 [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:19:11.0895 0x15a0 msisadrv - ok
14:19:11.0927 0x15a0 [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:19:11.0952 0x15a0 MSiSCSI - ok
14:19:11.0955 0x15a0 msiserver - ok
14:19:11.0979 0x15a0 [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:19:11.0995 0x15a0 MSKSSRV - ok
14:19:11.0998 0x15a0 [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:19:12.0025 0x15a0 MSPCLOCK - ok
14:19:12.0027 0x15a0 [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:19:12.0053 0x15a0 MSPQM - ok
14:19:12.0068 0x15a0 [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:19:12.0077 0x15a0 MsRPC - ok
14:19:12.0086 0x15a0 [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
14:19:12.0093 0x15a0 mssmbios - ok
14:19:12.0102 0x15a0 [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:19:12.0124 0x15a0 MSTEE - ok
14:19:12.0135 0x15a0 [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
14:19:12.0152 0x15a0 MTConfig - ok
14:19:12.0162 0x15a0 [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\Windows\system32\Drivers\mup.sys
14:19:12.0169 0x15a0 Mup - ok
14:19:12.0198 0x15a0 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent C:\Windows\system32\qagentRT.dll
14:19:12.0221 0x15a0 napagent - ok
14:19:12.0244 0x15a0 [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:19:12.0259 0x15a0 NativeWifiP - ok
14:19:12.0344 0x15a0 [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS C:\Windows\system32\drivers\ndis.sys
14:19:12.0374 0x15a0 NDIS - ok
14:19:12.0389 0x15a0 [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:19:12.0418 0x15a0 NdisCap - ok
14:19:12.0434 0x15a0 [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:19:12.0458 0x15a0 NdisTapi - ok
14:19:12.0474 0x15a0 [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:19:12.0497 0x15a0 Ndisuio - ok
14:19:12.0518 0x15a0 [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:19:12.0538 0x15a0 NdisWan - ok
14:19:12.0561 0x15a0 [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:19:12.0585 0x15a0 NDProxy - ok
14:19:12.0593 0x15a0 [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:19:12.0612 0x15a0 NetBIOS - ok
14:19:12.0631 0x15a0 [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:19:12.0652 0x15a0 NetBT - ok
14:19:12.0657 0x15a0 [ DC0B4400073A404B53F571126B58F480, 022F1E8431C6299D8DFA287A570B0D24C2FFDCD8BF79420BAA1637E5366B4459 ] Netlogon C:\Windows\system32\lsass.exe
14:19:12.0676 0x15a0 Netlogon - ok
14:19:12.0703 0x15a0 [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\Windows\System32\netman.dll
14:19:12.0740 0x15a0 Netman - ok
14:19:12.0766 0x15a0 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:19:12.0777 0x15a0 NetMsmqActivator - ok
14:19:12.0781 0x15a0 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:19:12.0791 0x15a0 NetPipeActivator - ok
14:19:12.0807 0x15a0 [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\Windows\System32\netprofm.dll
14:19:12.0845 0x15a0 netprofm - ok
14:19:12.0850 0x15a0 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:19:12.0860 0x15a0 NetTcpActivator - ok
14:19:12.0864 0x15a0 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:19:12.0875 0x15a0 NetTcpPortSharing - ok
14:19:12.0915 0x15a0 [ 1E58838F11FADC77559D45FCCA49FDF5, 63E88559F5B95C06272DA2B67C0CBFAA2B0294DDA38460529E90A58B734EA13B ] networx C:\Windows\system32\drivers\networx.sys
14:19:12.0922 0x15a0 networx - ok
14:19:12.0943 0x15a0 [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
14:19:12.0950 0x15a0 nfrd960 - ok
14:19:12.0968 0x15a0 [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:19:13.0009 0x15a0 NlaSvc - ok
14:19:13.0048 0x15a0 [ 25401B0C9576C8456B3E0BBD74FF0771, BB569C99360A631850537DC2EDA0BF85D091CC30BD98B3FD2AC9DABDFB7741DA ] NPF C:\Windows\system32\drivers\npf.sys
14:19:13.0061 0x15a0 NPF - ok
14:19:13.0073 0x15a0 [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:19:13.0097 0x15a0 Npfs - ok
14:19:13.0114 0x15a0 [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\Windows\system32\nsisvc.dll
14:19:13.0143 0x15a0 nsi - ok
14:19:13.0152 0x15a0 [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:19:13.0185 0x15a0 nsiproxy - ok
14:19:13.0240 0x15a0 [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:19:13.0272 0x15a0 Ntfs - ok
14:19:13.0283 0x15a0 [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\Windows\system32\drivers\Null.sys
14:19:13.0299 0x15a0 Null - ok
14:19:13.0327 0x15a0 [ 7F17CB0F4AD4B30703BBC0529D35D1F0, 8770D52C92901B4223783A47A3ACA9D3B47CB1D15920450E102E310D189BDD0C ] NVHDA C:\Windows\system32\drivers\nvhda32v.sys
14:19:13.0338 0x15a0 NVHDA - ok
14:19:13.0559 0x15a0 [ B273F4665DF9B49458080506A30BFB62, 470195FB689DB5390FA825EAB9FB950417F8C42D2979AAB9ECD978BE8EB2A0BC ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:19:13.0750 0x15a0 nvlddmkm - ok
14:19:13.0841 0x15a0 [ 4EBEE69A8FE7DC85FD3C122821C617A0, 7193C14DEB4C5B0D86C5C6841C80879C28E1FDA8F77879EB18A3D2685C67B986 ] NvNetworkService C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
14:19:13.0879 0x15a0 NvNetworkService - ok
14:19:13.0903 0x15a0 [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:19:13.0911 0x15a0 nvraid - ok
14:19:13.0928 0x15a0 [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:19:13.0936 0x15a0 nvstor - ok
14:19:14.0012 0x15a0 [ CD57ED01BB943B9534AC1EE856AF43B6, 668763ED8FF88B6267AB9F8AEB3819178081D3B295E8623FAAD2C5F357868584 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
14:19:14.0032 0x15a0 NvStreamKms - ok
14:19:14.0171 0x15a0 [ 6DB5CA837F0465D2032F9D4EEF0F15A6, 9F7C6A86FED8BF7C407CC61257B802193DAC49DFE0B6866373F7394107BBC38D ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
14:19:14.0245 0x15a0 NvStreamSvc - ok
14:19:14.0304 0x15a0 [ 82D84244506BE6EA6C3576CA7CEF9D01, 370B214753F9EA6C8D24EE5C06360423EC2E7C3EC102C25DE3F925E1E367109E ] nvsvc C:\Windows\system32\nvvsvc.exe
14:19:14.0337 0x15a0 nvsvc - ok
14:19:14.0350 0x15a0 [ BB636B3D5B3D47C3E9C3F541D7C05A89, AEE860D43CAA08DFC63BE2B98C689E681C27ABEB0C551812034455232D834EAB ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad32v.sys
14:19:14.0357 0x15a0 nvvad_WaveExtensible - ok
14:19:14.0366 0x15a0 [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:19:14.0373 0x15a0 nv_agp - ok
14:19:14.0427 0x15a0 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:19:14.0440 0x15a0 odserv - ok
14:19:14.0462 0x15a0 [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:19:14.0475 0x15a0 ohci1394 - ok
14:19:14.0504 0x15a0 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:19:14.0511 0x15a0 ose - ok
14:19:14.0538 0x15a0 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:19:14.0594 0x15a0 p2pimsvc - ok
14:19:14.0624 0x15a0 [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\Windows\system32\p2psvc.dll
14:19:14.0648 0x15a0 p2psvc - ok
14:19:14.0670 0x15a0 [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\Windows\system32\DRIVERS\parport.sys
14:19:14.0687 0x15a0 Parport - ok
14:19:14.0704 0x15a0 [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:19:14.0713 0x15a0 partmgr - ok
14:19:14.0724 0x15a0 [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
14:19:14.0742 0x15a0 Parvdm - ok
14:19:14.0769 0x15a0 [ 52954BE460EC6C54C0ACB2B3B126FFC6, 9F9878EC5ABC74C5A8EE8E1D940F0934F081895B07D844F42F80A638FE713F7B ] PcaSvc C:\Windows\System32\pcasvc.dll
14:19:14.0791 0x15a0 PcaSvc - ok
14:19:14.0810 0x15a0 [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci C:\Windows\system32\drivers\pci.sys
14:19:14.0822 0x15a0 pci - ok
14:19:14.0855 0x15a0 [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\Windows\system32\drivers\pciide.sys
14:19:14.0863 0x15a0 pciide - ok
14:19:14.0889 0x15a0 [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
14:19:14.0901 0x15a0 pcmcia - ok
14:19:14.0916 0x15a0 [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\Windows\system32\drivers\pcw.sys
14:19:14.0925 0x15a0 pcw - ok
14:19:14.0955 0x15a0 [ AEBC369F7DC72AB3F5B9BDF34FA0D43F, 2A819154AC6C23E97C583D90B4D0C112188B7AE9D8D9B3F88811BFCED124E551 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:19:14.0976 0x15a0 PEAUTH - ok
14:19:15.0023 0x15a0 [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
14:19:15.0065 0x15a0 PeerDistSvc - ok
14:19:15.0124 0x15a0 [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla C:\Windows\system32\pla.dll
14:19:15.0181 0x15a0 pla - ok
14:19:15.0218 0x15a0 [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:19:15.0238 0x15a0 PlugPlay - ok
14:19:15.0240 0x15a0 [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:19:15.0259 0x15a0 PNRPAutoReg - ok
14:19:15.0266 0x15a0 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:19:15.0277 0x15a0 PNRPsvc - ok
14:19:15.0297 0x15a0 [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:19:15.0326 0x15a0 PolicyAgent - ok
14:19:15.0354 0x15a0 [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power C:\Windows\system32\umpo.dll
14:19:15.0372 0x15a0 Power - ok
14:19:15.0391 0x15a0 [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:19:15.0414 0x15a0 PptpMiniport - ok
14:19:15.0426 0x15a0 [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\Windows\system32\DRIVERS\processr.sys
14:19:15.0434 0x15a0 Processor - ok
14:19:15.0449 0x15a0 [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc C:\Windows\system32\profsvc.dll
14:19:15.0475 0x15a0 ProfSvc - ok
14:19:15.0488 0x15a0 [ DC0B4400073A404B53F571126B58F480, 022F1E8431C6299D8DFA287A570B0D24C2FFDCD8BF79420BAA1637E5366B4459 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:19:15.0496 0x15a0 ProtectedStorage - ok
14:19:15.0513 0x15a0 [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:19:15.0534 0x15a0 Psched - ok
14:19:15.0580 0x15a0 [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
14:19:15.0614 0x15a0 ql2300 - ok
14:19:15.0631 0x15a0 [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
14:19:15.0639 0x15a0 ql40xx - ok
14:19:15.0660 0x15a0 [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\Windows\system32\qwave.dll
14:19:15.0678 0x15a0 QWAVE - ok
14:19:15.0687 0x15a0 [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:19:15.0697 0x15a0 QWAVEdrv - ok
14:19:15.0747 0x15a0 [ 8F97D374AD1857E1EED85A79F29A1D3D, 4B2D1DBB60C0890E3CB497F534D8DE74952AF8774579B62B0F4ED14912CA583C ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
14:19:15.0768 0x15a0 RapiMgr - ok
14:19:15.0785 0x15a0 [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:19:15.0807 0x15a0 RasAcd - ok
14:19:15.0834 0x15a0 [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:19:15.0874 0x15a0 RasAgileVpn - ok
14:19:15.0890 0x15a0 [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\Windows\System32\rasauto.dll
14:19:15.0916 0x15a0 RasAuto - ok
14:19:15.0931 0x15a0 [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:19:15.0956 0x15a0 Rasl2tp - ok
14:19:15.0983 0x15a0 [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan C:\Windows\System32\rasmans.dll
14:19:16.0027 0x15a0 RasMan - ok
14:19:16.0045 0x15a0 [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:19:16.0104 0x15a0 RasPppoe - ok
14:19:16.0124 0x15a0 [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:19:16.0171 0x15a0 RasSstp - ok
14:19:16.0190 0x15a0 [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:19:16.0219 0x15a0 rdbss - ok
14:19:16.0231 0x15a0 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
14:19:16.0242 0x15a0 rdpbus - ok
14:19:16.0258 0x15a0 [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:19:16.0287 0x15a0 RDPCDD - ok
14:19:16.0306 0x15a0 [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
14:19:16.0326 0x15a0 RDPDR - ok
14:19:16.0341 0x15a0 [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:19:16.0355 0x15a0 RDPENCDD - ok
14:19:16.0359 0x15a0 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:19:16.0379 0x15a0 RDPREFMP - ok
14:19:16.0420 0x15a0 [ 65375DF758CA1872AB7EBBBA457FD5E6, 8AC7681F51277E799C22FF95FA0B833E9E260D37C0416319FF05B66FB3948005 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
14:19:16.0452 0x15a0 RdpVideoMiniport - ok
14:19:16.0480 0x15a0 [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:19:16.0520 0x15a0 RDPWD - ok
14:19:16.0551 0x15a0 [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:19:16.0570 0x15a0 rdyboost - ok
14:19:16.0595 0x15a0 [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:19:16.0635 0x15a0 RemoteAccess - ok
14:19:16.0648 0x15a0 [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:19:16.0677 0x15a0 RemoteRegistry - ok
14:19:16.0717 0x15a0 [ 83A6C2CAFE236652D1559640594A0EA8, 52360F17C9C70C9CEA3316560B40C4D89FD705ED7E6B6088C99FC54D4CC35EB5 ] rpcapd C:\Program Files\WinPcap\rpcapd.exe
14:19:16.0725 0x15a0 rpcapd - ok
14:19:16.0745 0x15a0 [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:19:16.0779 0x15a0 RpcEptMapper - ok
14:19:16.0789 0x15a0 [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\Windows\system32\locator.exe
14:19:16.0808 0x15a0 RpcLocator - ok
14:19:16.0823 0x15a0 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs C:\Windows\system32\rpcss.dll
14:19:16.0845 0x15a0 RpcSs - ok
14:19:16.0873 0x15a0 [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:19:16.0891 0x15a0 rspndr - ok
14:19:16.0941 0x15a0 [ 4813ABBDF20D5C43B8A054FAF2F4FB05, 51D5996B0B69D226EF77B897228BCC12A7928AB0927DA01F67D4DEBB567579B2 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe
14:19:16.0949 0x15a0 RtkAudioService - ok
14:19:16.0960 0x15a0 [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap C:\Windows\system32\drivers\vms3cap.sys
14:19:16.0987 0x15a0 s3cap - ok
14:19:17.0018 0x15a0 [ FC6B21DB4B5B398AB93DBE59CBF11036, A94094C208F376405C07822A6143001EF1B12AE93205CD8002E87F6EB45F6374 ] S6U12Scanner C:\Windows\system32\drivers\usbscan.sys
14:19:17.0037 0x15a0 S6U12Scanner - ok
14:19:17.0045 0x15a0 [ DC0B4400073A404B53F571126B58F480, 022F1E8431C6299D8DFA287A570B0D24C2FFDCD8BF79420BAA1637E5366B4459 ] SamSs C:\Windows\system32\lsass.exe
14:19:17.0064 0x15a0 SamSs - ok
14:19:17.0084 0x15a0 [ 39763504067962108505BFF25F024345, 73C9710B61EDC7FBEDE1D7A767AA3D3A169E7AD012494D05CB5EE7E5C5752BB9 ] SASDIFSV D:\Programme\SUPERAntiSpyware\SASDIFSV.SYS
14:19:17.0090 0x15a0 SASDIFSV - ok
14:19:17.0146 0x15a0 [ 77B9FC20084B48408AD3E87570EB4A85, B5BC5FEC1356DECB66A7A671DB67112BDAC8F942BF1C4B986B1805B41EF362B1 ] SASKUTIL D:\Programme\SUPERAntiSpyware\SASKUTIL.SYS
14:19:17.0166 0x15a0 SASKUTIL - ok
14:19:17.0227 0x15a0 [ D952F04F46365802DCA6591DAF92ED54, 4F32364B31F6FBB0CBD48A6643EE0D8DBA9603AB46993A49A854A869F904BBBF ] SbieDrv C:\Program Files\Sandboxie\SbieDrv.sys
14:19:17.0254 0x15a0 SbieDrv - ok
14:19:17.0271 0x15a0 [ BAA52B6DBBA27BC0E7D772A638511C3C, E1C86FA1CF53946CDEA8FE1C23CC3CDF2BBE39D760538B8CBCA54487D16F619F ] SbieSvc C:\Program Files\Sandboxie\SbieSvc.exe
14:19:17.0286 0x15a0 SbieSvc - ok
14:19:17.0312 0x15a0 [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:19:17.0328 0x15a0 sbp2port - ok
14:19:17.0361 0x15a0 [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:19:17.0405 0x15a0 SCardSvr - ok
14:19:17.0415 0x15a0 [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:19:17.0450 0x15a0 scfilter - ok
14:19:17.0485 0x15a0 [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule C:\Windows\system32\schedsvc.dll
14:19:17.0526 0x15a0 Schedule - ok
14:19:17.0552 0x15a0 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc C:\Windows\System32\certprop.dll
14:19:17.0568 0x15a0 SCPolicySvc - ok
14:19:17.0592 0x15a0 [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:19:17.0626 0x15a0 SDRSVC - ok
14:19:17.0647 0x15a0 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:19:17.0674 0x15a0 secdrv - ok
14:19:17.0697 0x15a0 [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon C:\Windows\system32\seclogon.dll
14:19:17.0719 0x15a0 seclogon - ok
14:19:17.0737 0x15a0 [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\Windows\System32\sens.dll
14:19:17.0759 0x15a0 SENS - ok
14:19:17.0793 0x15a0 [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:19:17.0837 0x15a0 SensrSvc - ok
14:19:17.0844 0x15a0 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:19:17.0864 0x15a0 Serenum - ok
14:19:17.0878 0x15a0 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:19:17.0901 0x15a0 Serial - ok
14:19:17.0933 0x15a0 [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
14:19:17.0942 0x15a0 sermouse - ok
14:19:17.0967 0x15a0 [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv C:\Windows\system32\sessenv.dll
14:19:17.0990 0x15a0 SessionEnv - ok
14:19:18.0005 0x15a0 [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:19:18.0019 0x15a0 sffdisk - ok
14:19:18.0026 0x15a0 [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:19:18.0036 0x15a0 sffp_mmc - ok
14:19:18.0042 0x15a0 [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:19:18.0061 0x15a0 sffp_sd - ok
14:19:18.0073 0x15a0 [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
14:19:18.0082 0x15a0 sfloppy - ok
14:19:18.0108 0x15a0 [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:19:18.0137 0x15a0 SharedAccess - ok
14:19:18.0153 0x15a0 [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:19:18.0176 0x15a0 ShellHWDetection - ok
14:19:18.0189 0x15a0 [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\Windows\system32\drivers\sisagp.sys
14:19:18.0196 0x15a0 sisagp - ok
14:19:18.0202 0x15a0 [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:19:18.0209 0x15a0 SiSRaid2 - ok
14:19:18.0227 0x15a0 [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
14:19:18.0234 0x15a0 SiSRaid4 - ok
14:19:18.0251 0x15a0 [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:19:18.0276 0x15a0 Smb - ok
14:19:18.0293 0x15a0 [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:19:18.0302 0x15a0 SNMPTRAP - ok
14:19:18.0320 0x15a0 [ DC8D2952FB6FFBAEC67BD1B93A34DF11, 0BD1523A68900B80ED1BCCB967643525CCA55D4FF4622D0128913690E6BB619E ] speedfan C:\Windows\system32\speedfan.sys
14:19:18.0328 0x15a0 speedfan - ok
14:19:18.0336 0x15a0 [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\Windows\system32\drivers\spldr.sys
14:19:18.0343 0x15a0 spldr - ok
14:19:18.0357 0x15a0 [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler C:\Windows\System32\spoolsv.exe
14:19:18.0389 0x15a0 Spooler - ok
14:19:18.0466 0x15a0 [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc C:\Windows\system32\sppsvc.exe
14:19:18.0545 0x15a0 sppsvc - ok
14:19:18.0568 0x15a0 [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:19:18.0599 0x15a0 sppuinotify - ok
14:19:18.0628 0x15a0 [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv C:\Windows\system32\DRIVERS\srv.sys
14:19:18.0644 0x15a0 srv - ok
14:19:18.0662 0x15a0 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:19:18.0684 0x15a0 srv2 - ok
14:19:18.0705 0x15a0 [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:19:18.0715 0x15a0 srvnet - ok
14:19:18.0726 0x15a0 [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:19:18.0746 0x15a0 SSDPSRV - ok
14:19:18.0766 0x15a0 [ 424566865D82AA4BD8D6546C1F2065FA, 37B4C04C7C0EE0F3347A9E9F35B095478299F7324CA87AAE487BF989B0E6AE03 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
14:19:18.0773 0x15a0 ssmdrv - ok
14:19:18.0780 0x15a0 [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:19:18.0798 0x15a0 SstpSvc - ok
14:19:18.0839 0x15a0 [ 7AE700179C4839F657D245319E234A06, 6EAEFE4A8CAF1A70F1BAD4DD457C6AEC080839542D4E5582376489800BE52E89 ] Steam Client Service C:\Program Files\Common Files\Steam\SteamService.exe
14:19:23.0528 0x15a0 Steam Client Service - ok
14:19:23.0607 0x15a0 [ 6A3142AF09A5091C66056C84D8859AA4, A838DDAD8BC585793F5FBCD915765B8245F831936D6CDBD42642D3474D19DBD5 ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
14:19:23.0643 0x15a0 Stereo Service - ok
14:19:23.0658 0x15a0 [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
14:19:23.0667 0x15a0 stexstor - ok
14:19:23.0702 0x15a0 [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc C:\Windows\System32\wiaservc.dll
14:19:23.0745 0x15a0 StiSvc - ok
14:19:23.0774 0x15a0 [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt C:\Windows\system32\drivers\vmstorfl.sys
14:19:23.0783 0x15a0 storflt - ok
14:19:23.0813 0x15a0 [ 0BF669F0A910BEDA4A32258D363AF2A5, 83EEBACDE4F69A2866B69CAA633F5C8B3CB01D88CEDB01B6EA5988E0A25CEE47 ] StorSvc C:\Windows\system32\storsvc.dll
14:19:23.0863 0x15a0 StorSvc - ok
14:19:23.0888 0x15a0 [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc C:\Windows\system32\drivers\storvsc.sys
14:19:23.0909 0x15a0 storvsc - ok
14:19:23.0931 0x15a0 [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\Windows\system32\drivers\swenum.sys
14:19:23.0942 0x15a0 swenum - ok
14:19:23.0974 0x15a0 [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\Windows\System32\swprv.dll
14:19:24.0023 0x15a0 swprv - ok
14:19:24.0106 0x15a0 [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain C:\Windows\system32\sysmain.dll
14:19:24.0147 0x15a0 SysMain - ok
14:19:24.0156 0x15a0 [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
14:19:24.0173 0x15a0 TabletInputService - ok
14:19:24.0199 0x15a0 [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv C:\Windows\System32\tapisrv.dll
14:19:24.0232 0x15a0 TapiSrv - ok
14:19:24.0244 0x15a0 [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS C:\Windows\System32\tbssvc.dll
14:19:24.0262 0x15a0 TBS - ok
14:19:24.0304 0x15a0 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:19:24.0337 0x15a0 Tcpip - ok
14:19:24.0367 0x15a0 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:19:24.0398 0x15a0 TCPIP6 - ok
14:19:24.0414 0x15a0 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:19:24.0422 0x15a0 tcpipreg - ok
14:19:24.0440 0x15a0 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:19:24.0452 0x15a0 TDPIPE - ok
14:19:24.0459 0x15a0 [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:19:24.0466 0x15a0 TDTCP - ok
14:19:24.0491 0x15a0 [ 7FE680A3DFA421C4A8E4879AE4C5AAB0, A4C64E155AB2843823CD3586756BA7681CFDEA50812095468221503BBAD30DCD ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:19:24.0506 0x15a0 tdx - ok
14:19:24.0519 0x15a0 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD C:\Windows\system32\drivers\termdd.sys
14:19:24.0527 0x15a0 TermDD - ok
14:19:24.0556 0x15a0 [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService C:\Windows\System32\termsrv.dll
14:19:24.0590 0x15a0 TermService - ok
14:19:24.0594 0x15a0 [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\Windows\system32\themeservice.dll
14:19:24.0615 0x15a0 Themes - ok
14:19:24.0631 0x15a0 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\Windows\system32\mmcss.dll
14:19:24.0649 0x15a0 THREADORDER - ok
14:19:24.0674 0x15a0 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\Windows\System32\trkwks.dll
14:19:24.0692 0x15a0 TrkWks - ok
14:19:24.0725 0x15a0 [ ED5E4CE36C54F55E7698642E94D32EC7, 07BD324083D1784F8F716C528D530003369E6D87EFC7B79BCAA1767F80DA4FDC ] truecrypt C:\Windows\system32\drivers\truecrypt.sys
14:19:24.0735 0x15a0 truecrypt - ok
14:19:24.0774 0x15a0 [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:19:24.0793 0x15a0 TrustedInstaller - ok
14:19:24.0817 0x15a0 [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:19:24.0825 0x15a0 tssecsrv - ok
14:19:24.0858 0x15a0 [ C6A5FBD4977305E1FA23E02C042DB463, A6EB5E4B8051A258D40A385609E930318EAA3494C8466F48542B806FE6A7C47A ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:19:24.0887 0x15a0 TsUsbFlt - ok
14:19:24.0908 0x15a0 [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:19:24.0935 0x15a0 tunnel - ok
14:19:24.0956 0x15a0 [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
14:19:24.0963 0x15a0 uagp35 - ok
14:19:24.0982 0x15a0 [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:19:25.0019 0x15a0 udfs - ok
14:19:25.0034 0x15a0 [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:19:25.0044 0x15a0 UI0Detect - ok
14:19:25.0054 0x15a0 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:19:25.0061 0x15a0 uliagpkx - ok
14:19:25.0082 0x15a0 [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:19:25.0091 0x15a0 umbus - ok
14:19:25.0107 0x15a0 [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
14:19:25.0121 0x15a0 UmPass - ok
14:19:25.0145 0x15a0 [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService C:\Windows\System32\umrdp.dll
14:19:25.0156 0x15a0 UmRdpService - ok
14:19:25.0179 0x15a0 [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\Windows\System32\upnphost.dll
14:19:25.0209 0x15a0 upnphost - ok
14:19:25.0241 0x15a0 [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
14:19:25.0263 0x15a0 usbccgp - ok
14:19:25.0286 0x15a0 [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:19:25.0311 0x15a0 usbcir - ok
14:19:25.0333 0x15a0 [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:19:25.0358 0x15a0 usbehci - ok
14:19:25.0393 0x15a0 [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:19:25.0413 0x15a0 usbhub - ok
14:19:25.0419 0x15a0 [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci C:\Windows\system32\drivers\usbohci.sys
14:19:25.0434 0x15a0 usbohci - ok
14:19:25.0456 0x15a0 [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:19:25.0465 0x15a0 usbprint - ok
14:19:25.0473 0x15a0 [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:19:25.0512 0x15a0 USBSTOR - ok
14:19:25.0521 0x15a0 [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
14:19:25.0534 0x15a0 usbuhci - ok
14:19:25.0542 0x15a0 [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\Windows\System32\uxsms.dll
14:19:25.0559 0x15a0 UxSms - ok
14:19:25.0565 0x15a0 [ DC0B4400073A404B53F571126B58F480, 022F1E8431C6299D8DFA287A570B0D24C2FFDCD8BF79420BAA1637E5366B4459 ] VaultSvc C:\Windows\system32\lsass.exe
14:19:25.0572 0x15a0 VaultSvc - ok
14:19:25.0581 0x15a0 [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:19:25.0588 0x15a0 vdrvroot - ok
14:19:25.0616 0x15a0 [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds C:\Windows\System32\vds.exe
14:19:25.0653 0x15a0 vds - ok
14:19:25.0677 0x15a0 [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:19:25.0691 0x15a0 vga - ok
14:19:25.0702 0x15a0 [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave C:\Windows\System32\drivers\vga.sys
14:19:25.0718 0x15a0 VgaSave - ok
14:19:25.0732 0x15a0 [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:19:25.0741 0x15a0 vhdmp - ok
14:19:25.0757 0x15a0 [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp C:\Windows\system32\drivers\viaagp.sys
14:19:25.0763 0x15a0 viaagp - ok
14:19:25.0772 0x15a0 [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
14:19:25.0790 0x15a0 ViaC7 - ok
14:19:25.0809 0x15a0 [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide C:\Windows\system32\drivers\viaide.sys
14:19:25.0815 0x15a0 viaide - ok
14:19:25.0876 0x15a0 [ 2562943B90AFA9829097FB4274276D1D, EE003EF7A3EC49CFEF2EED841482721D7A89368967BFC44CE8DD9D3BDAF0572F ] VMAuthdService D:\Programme\VMWarePlayer\vmware-authd.exe
14:19:25.0892 0x15a0 VMAuthdService - ok
14:19:25.0909 0x15a0 [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus C:\Windows\system32\drivers\vmbus.sys
14:19:25.0920 0x15a0 vmbus - ok
14:19:25.0933 0x15a0 [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
14:19:25.0940 0x15a0 VMBusHID - ok
14:19:25.0983 0x15a0 [ D644FFEA14778DDA59BDA8492BCED4B6, 5146A0181AEED5727C729DE451B3F2070FF8DD4A0B32AD6BD3DEB42232B5FAE1 ] vmci C:\Windows\system32\DRIVERS\vmci.sys
14:19:26.0001 0x15a0 vmci - ok
14:19:26.0011 0x15a0 [ 5BADB72A9A880660BC966DC97237207B, 254BF9B4CCF70133F340E752018A4C2C139226E6ECF931962811780DD55F2841 ] vmkbd2 C:\Windows\system32\drivers\VMkbd.sys
14:19:26.0029 0x15a0 vmkbd2 - ok
14:19:26.0040 0x15a0 [ 872DE8E16A2821804D8E4EC76A1E38B4, 346C2EDE1A0AEA3A1B2D4C3066B1AF94FFC00B5D3401E323C0FD46D8D824C563 ] VMnetAdapter C:\Windows\system32\DRIVERS\vmnetadapter.sys
14:19:26.0047 0x15a0 VMnetAdapter - ok
14:19:26.0070 0x15a0 [ 2ECECADD1F5AE56F297B81F2AC464B03, 6EA6EDE53AE420EF750A14045399AAD77D07C80324C0C60E74127E350C7E7090 ] VMnetBridge C:\Windows\system32\DRIVERS\vmnetbridge.sys
14:19:26.0077 0x15a0 VMnetBridge - ok
14:19:26.0095 0x15a0 [ 05A869D1B12B08B5601487CA534B5021, 07A4BE681C0C0B23CBD5C05715DAA887D4DDE6D99251BC5D748F321940C23315 ] VMnetDHCP C:\Windows\system32\vmnetdhcp.exe
14:19:26.0110 0x15a0 VMnetDHCP - ok
14:19:26.0123 0x15a0 [ 448788D4D9C6E7F20BA7C6487B52D44E, 8643B237262099998049D23B5BE1F65C224500E8947B2FAC798B5A00132082A4 ] VMnetuserif C:\Windows\system32\drivers\vmnetuserif.sys
14:19:26.0129 0x15a0 VMnetuserif - ok
14:19:26.0155 0x15a0 [ C5C0DFA9D921639B73C3E59A8AA1FBEF, 221BEA7B23288113F1791FC91CB5F216B5836F0BF2F8507B5DB83243778E16DA ] VMparport C:\Windows\system32\Drivers\VMparport.sys
14:19:26.0160 0x15a0 VMparport - ok
14:19:26.0208 0x15a0 [ F3922FB27510E28FAC82A0DC442A900E, 11D42F62460647EADFABC29873D20CC77B117B676D30655B7919A1C0EBBFA86F ] VMUSBArbService C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
14:19:26.0241 0x15a0 VMUSBArbService - ok
14:19:26.0262 0x15a0 [ F13B73E932CACDDE5ED825BDF7AA9637, 4B6C8D82324314294AE439ACDE933E6C8E77635ADE933BC52A0CD9A68927702D ] VMware NAT Service C:\Windows\system32\vmnat.exe
14:19:26.0276 0x15a0 VMware NAT Service - ok
14:19:26.0280 0x15a0 [ E80257E1A4B5A905857705FF5C4787AE, AA354C4A46A0B7D13584FACB9EBF699820E24D18B3EFD830E5E811C7F16BD1B4 ] vmx86 C:\Windows\system32\Drivers\vmx86.sys
14:19:26.0287 0x15a0 vmx86 - ok
14:19:26.0298 0x15a0 [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:19:26.0321 0x15a0 volmgr - ok
14:19:26.0343 0x15a0 [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:19:26.0356 0x15a0 volmgrx - ok
14:19:26.0382 0x15a0 [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:19:26.0395 0x15a0 volsnap - ok
14:19:26.0415 0x15a0 [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
14:19:26.0425 0x15a0 vsmraid - ok
14:19:26.0438 0x15a0 [ 843081D296F617DDFAE4D70F2564C852, A2F0A31AE740850996E1595E0C21E3365387B049480999ACA8DE2AE5394232E2 ] vsock C:\Windows\system32\drivers\vsock.sys
14:19:26.0445 0x15a0 vsock - ok
14:19:26.0487 0x15a0 [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS C:\Windows\system32\vssvc.exe
14:19:26.0527 0x15a0 VSS - ok
14:19:26.0530 0x15a0 [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
14:19:26.0544 0x15a0 vwifibus - ok
14:19:26.0574 0x15a0 [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\Windows\system32\w32time.dll
14:19:26.0596 0x15a0 W32Time - ok
14:19:26.0612 0x15a0 [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
14:19:26.0620 0x15a0 WacomPen - ok
14:19:26.0647 0x15a0 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:19:26.0702 0x15a0 WANARP - ok
14:19:26.0705 0x15a0 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:19:26.0728 0x15a0 Wanarpv6 - ok
14:19:26.0760 0x15a0 [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine C:\Windows\system32\wbengine.exe
14:19:26.0807 0x15a0 wbengine - ok
14:19:26.0822 0x15a0 [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:19:26.0835 0x15a0 WbioSrvc - ok
14:19:26.0860 0x15a0 [ 59E19BD13C3BDB857646B9E436BA27F7, CC84C607E15F5F29D93510387D5486BAF320BDAF79026A0BECE0D242F7B1DF3E ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
14:19:26.0874 0x15a0 WcesComm - ok
14:19:26.0902 0x15a0 [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:19:26.0918 0x15a0 wcncsvc - ok
14:19:26.0932 0x15a0 [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:19:26.0973 0x15a0 WcsPlugInService - ok
14:19:26.0984 0x15a0 [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\Windows\system32\DRIVERS\wd.sys
14:19:27.0000 0x15a0 Wd - ok
14:19:27.0044 0x15a0 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:19:27.0080 0x15a0 Wdf01000 - ok
14:19:27.0102 0x15a0 [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:19:27.0128 0x15a0 WdiServiceHost - ok
14:19:27.0131 0x15a0 [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:19:27.0144 0x15a0 WdiSystemHost - ok
14:19:27.0176 0x15a0 [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient C:\Windows\System32\webclnt.dll
14:19:27.0215 0x15a0 WebClient - ok
14:19:27.0226 0x15a0 [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:19:27.0256 0x15a0 Wecsvc - ok
14:19:27.0263 0x15a0 [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:19:27.0280 0x15a0 wercplsupport - ok
14:19:27.0296 0x15a0 [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\Windows\System32\WerSvc.dll
14:19:27.0314 0x15a0 WerSvc - ok
14:19:27.0330 0x15a0 [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:19:27.0345 0x15a0 WfpLwf - ok
14:19:27.0352 0x15a0 [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:19:27.0358 0x15a0 WIMMount - ok
14:19:27.0488 0x15a0 [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
14:19:27.0532 0x15a0 WinDefend - ok
14:19:27.0540 0x15a0 WinHttpAutoProxySvc - ok
14:19:27.0585 0x15a0 [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:19:27.0633 0x15a0 Winmgmt - ok
14:19:27.0725 0x15a0 [ 1DE9BD23AFA36150586C732D876D9B74, 32CF2C8EC18CFDA677AB72A182EB4B839DCC72BFCD6CA309BE2F434991CAE973 ] WinRM C:\Windows\system32\WsmSvc.dll
14:19:27.0792 0x15a0 WinRM - ok
14:19:27.0817 0x15a0 [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WINUSB C:\Windows\system32\DRIVERS\WinUSB.SYS
14:19:27.0831 0x15a0 WINUSB - ok
14:19:27.0869 0x15a0 [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\Windows\System32\wlansvc.dll
14:19:27.0899 0x15a0 Wlansvc - ok
14:19:27.0917 0x15a0 [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:19:27.0933 0x15a0 WmiAcpi - ok
14:19:27.0947 0x15a0 [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:19:27.0964 0x15a0 wmiApSrv - ok
14:19:28.0014 0x15a0 [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
14:19:28.0055 0x15a0 WMPNetworkSvc - ok
14:19:28.0067 0x15a0 [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:19:28.0097 0x15a0 WPCSvc - ok
14:19:28.0119 0x15a0 [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:19:28.0142 0x15a0 WPDBusEnum - ok
14:19:28.0146 0x15a0 [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:19:28.0162 0x15a0 ws2ifsl - ok
14:19:28.0172 0x15a0 [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc C:\Windows\System32\wscsvc.dll
14:19:28.0184 0x15a0 wscsvc - ok
14:19:28.0185 0x15a0 WSearch - ok
14:19:28.0235 0x15a0 [ B5DCDEF119A729CB493E9070BF9A7E9D, D7706CFE8521206B38F5F1B57EA2F046E14DB4C893868862BEAFC2A83E2E9098 ] wuauserv C:\Windows\system32\wuaueng.dll
14:19:28.0294 0x15a0 wuauserv - ok
14:19:28.0310 0x15a0 [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:19:28.0339 0x15a0 WudfPf - ok
14:19:28.0366 0x15a0 [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:19:28.0386 0x15a0 WUDFRd - ok
14:19:28.0408 0x15a0 [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:19:28.0423 0x15a0 wudfsvc - ok
14:19:28.0450 0x15a0 [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc C:\Windows\System32\wwansvc.dll
14:19:28.0487 0x15a0 WwanSvc - ok
14:19:28.0505 0x15a0 ================ Scan global ===============================
14:19:28.0527 0x15a0 [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
14:19:28.0551 0x15a0 [ A83DD77AC941A8B1B2652035EA589149, 8F879178E154B3F9F367FB3D6F9A21B129F36796CD3B6A76A9E7CFDD0F63332C ] C:\Windows\system32\winsrv.dll
14:19:28.0565 0x15a0 [ A83DD77AC941A8B1B2652035EA589149, 8F879178E154B3F9F367FB3D6F9A21B129F36796CD3B6A76A9E7CFDD0F63332C ] C:\Windows\system32\winsrv.dll
14:19:28.0593 0x15a0 [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
14:19:28.0621 0x15a0 [ 0780A42DBD7D9969F9BF4A19AA4285B5, 8EA41124A4E97732C5DAA616457FBA7111CB38986F3427FA776ED00BC1407171 ] C:\Windows\system32\services.exe
14:19:28.0631 0x15a0 [ Global ] - ok
14:19:28.0631 0x15a0 ================ Scan MBR ==================================
14:19:28.0643 0x15a0 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
14:19:28.0853 0x15a0 \Device\Harddisk2\DR2 - ok
14:19:28.0866 0x15a0 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
14:19:28.0936 0x15a0 \Device\Harddisk0\DR0 - ok
14:19:28.0937 0x15a0 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
14:19:28.0990 0x15a0 \Device\Harddisk1\DR1 - ok
14:19:28.0990 0x15a0 ================ Scan VBR ==================================
14:19:28.0991 0x15a0 [ 287FEA8104C78CE02A500D5FF719FD94 ] \Device\Harddisk2\DR2\Partition1
14:19:29.0036 0x15a0 \Device\Harddisk2\DR2\Partition1 - ok
14:19:29.0039 0x15a0 [ 788E3FC992BBF1CF6D5E8C9415BA0C29 ] \Device\Harddisk2\DR2\Partition2
14:19:29.0053 0x15a0 \Device\Harddisk2\DR2\Partition2 - ok
14:19:29.0057 0x15a0 [ 63EB3E07311F6CFA050E4AA2FD39FA0F ] \Device\Harddisk0\DR0\Partition1
14:19:29.0060 0x15a0 \Device\Harddisk0\DR0\Partition1 - ok
14:19:29.0065 0x15a0 [ C9DEF892E33CC2B018EE6260ABC6C296 ] \Device\Harddisk1\DR1\Partition1
14:19:29.0067 0x15a0 \Device\Harddisk1\DR1\Partition1 - ok
14:19:29.0067 0x15a0 ================ Scan generic autorun ======================
14:19:29.0149 0x15a0 [ 094E4E76FB9AB960A73F841BC6733F42, 01C1BFF17BEC6588E192EC4D7ACB74FC9B95ECA7CB8BB9585B04FC8EA73C3B43 ] C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
14:19:29.0192 0x15a0 USB3MON - ok
14:19:29.0536 0x15a0 [ 4B6FB7DE94D91974950976108D2B837E, 8F6FD897DA2DE048020679AE1309922EC41DDA87FB57FB195292A2B8A73665A4 ] C:\Program Files\XFastUSB\XFastUsb.exe
14:19:29.0638 0x15a0 XFastUSB - ok
14:19:29.0701 0x15a0 [ 631699AFF7492E43617198FDA82B5E6D, 382A4FB56AC22DBD006E3A05EB626DC181574420B93CC07F3AC51107F0E97AAD ] C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe
14:19:29.0732 0x15a0 XFast LAN - ok
14:19:29.0801 0x15a0 [ 28DEF0EFB36D172EAA5A08EB09CF75DF, 62D07A28167AEBFB9511830BFBBEAAB17CC24D57FF8D07F1414D921135BC9024 ] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
14:19:29.0819 0x15a0 avgnt - ok
14:19:30.0084 0x15a0 [ C0A97DA46F83E47B35C24E4F1B977836, B0D99DBFC16DF5C531B74D2CE078BE1EF9E3F3C1D23A1EC09C043C4BBE66B453 ] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
14:19:30.0285 0x15a0 RtHDVCpl - ok
14:19:30.0308 0x15a0 [ 3E4C03CEFAD8DE135263236B61A49C90, 243201B64F4B60D55CDB1A3BF4B9AA60BC22EB8ACA88E95042EE48AC5DF5F397 ] C:\Windows\system32\NeroCheck.exe
14:19:30.0331 0x15a0 NeroFilterCheck - detected UnsignedFile.Multi.Generic ( 1 )
14:19:32.0779 0x15a0 Detect skipped due to KSN trusted
14:19:32.0779 0x15a0 NeroFilterCheck - ok
14:19:32.0874 0x15a0 [ 8F82FFC6CD0F4C83F4565E1A40332CCD, 45D17603664CBE2C4236AEDB3C21D585C8225A3D3B1118365EE2C6BFDB8A7890 ] C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
14:19:32.0934 0x15a0 NvBackend - ok
14:19:32.0953 0x15a0 [ 51138BEEA3E2C21EC44D0932C71762A8, 5AD3C37E6F2B9DB3EE8B5AEEDC474645DE90C66E3D95F8620C48102F1EBA4124 ] C:\Windows\system32\rundll32.exe
14:19:32.0962 0x15a0 ShadowPlay - ok
14:19:32.0989 0x15a0 [ 20D09D91308097B0892607EE2EE31975, 823D2A25BCAA1F3336CD682C81981306A75B9B49572E7F5673C69AAC6DA7C3CB ] C:\Windows\system32\igfxtray.exe
14:19:33.0013 0x15a0 IgfxTray - ok
14:19:33.0015 0x15a0 HotKeysCmds - ok
14:19:33.0016 0x15a0 Persistence - ok
14:19:33.0044 0x15a0 [ 96B3C4E20F02CA16AA1E3E425BFFCC8B, F94A548244071D406BDD6F770D4705B92F5485CA509B699A33472DFE7563BA39 ] C:\Windows\WindowsMobile\wmdc.exe
14:19:33.0060 0x15a0 Windows Mobile Device Center - ok
14:19:33.0099 0x15a0 [ F2BC40E35AB242AA27BCD8FBA9D0B5CB, 4F89E1F57E8E4897D1614DAA852B0CBF7C1FD705641895E874C52377DC3F3403 ] C:\Program Files\Avira\Launcher\Avira.Systray.exe
14:19:33.0116 0x15a0 Avira Systray - ok
14:19:33.0163 0x15a0 [ 4F9DD96AECDC12373D4203253D665C6D, 871FF2367ACD5F9A378FED53574BF28A8129224C4B7C4AF074809ED7CF870904 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
14:19:33.0185 0x15a0 SunJavaUpdateSched - ok
14:19:33.0278 0x15a0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
14:19:33.0347 0x15a0 Sidebar - ok
14:19:33.0367 0x15a0 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
14:19:33.0382 0x15a0 mctadmin - ok
14:19:33.0405 0x15a0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
14:19:33.0434 0x15a0 Sidebar - ok
14:19:33.0438 0x15a0 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
14:19:33.0448 0x15a0 mctadmin - ok
14:19:33.0476 0x15a0 [ 56636904DC083363FEEDF93591950CCD, 117A369A2CDD7ED9EE0DF8F195C511230574353ADEADA4AD3B9C4B0A88EB67A1 ] C:\Program Files\Sandboxie\SbieCtrl.exe
14:19:33.0489 0x15a0 SandboxieControl - ok
14:19:33.0490 0x15a0 Waiting for KSN requests completion. In queue: 125
14:19:34.0490 0x15a0 Waiting for KSN requests completion. In queue: 125
14:19:35.0491 0x15a0 Waiting for KSN requests completion. In queue: 11
14:19:36.0498 0x15a0 AV detected via SS2: Avira Antivirus, C:\Program Files\Avira\AntiVir Desktop\wsctool.exe ( 15.0.12.402 ), 0x41000 ( enabled : updated )
14:19:36.0500 0x15a0 Win FW state via NFP2: enabled ( trusted )
14:19:38.0893 0x15a0 ============================================================
14:19:38.0893 0x15a0 Scan finished
14:19:38.0893 0x15a0 ============================================================
14:19:38.0897 0x1090 Detected object count: 0
14:19:38.0897 0x1090 Actual detected object count: 0
grüßt Nervbert |
|
09.08.2015, 07:14
| #6 |
| /// the machine /// TB-Ausbilder | Unerwarteter Traffic - up und down Ich seh jetzt so nix. Ausserdem telefoniert jedes Program was im Background läuft nach Hause. ESET Online Scanner
__________________ --> Unerwarteter Traffic - up und down |
|
09.08.2015, 17:14
| #7 |
| | Unerwarteter Traffic - up und down So, hier das Log von ESET: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=c320f767281b3442b37ea0da4b7ce13e
# end=init
# utc_time=2015-08-09 10:52:03
# local_time=2015-08-09 12:52:03 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 25193
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=c320f767281b3442b37ea0da4b7ce13e
# end=updated
# utc_time=2015-08-09 10:59:50
# local_time=2015-08-09 12:59:50 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=c320f767281b3442b37ea0da4b7ce13e
# engine=25193
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-08-09 02:39:23
# local_time=2015-08-09 04:39:23 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 42676416 190762354 0 0
# scanned=1863699
# found=3
# cleaned=0
# scan_time=13172
sh=08F652054ABD86C203B7B8A35F502D292F98C09F ft=0 fh=0000000000000000 vn="Variante von Win32/Packed.VMProtect.ABD Trojaner" ac=I fn="D:\Downloads\Crack (THEGFW).rar"
sh=F92626BBF3186E615B23065AD692AC43137618F6 ft=1 fh=9615cc2a897c87e7 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="D:\DTemp\pc-mag\freevideodub.exe"
sh=CB9BAA3041FBA26C89B6B4F84AF1E090D26A55B5 ft=1 fh=ba9e6a90503509b3 vn="Variante von Win32/HotSpotShield evtl. unerwünschte Anwendung" ac=I fn="D:\_alles von backup\d\## übertragen\DTemp#\resy-stick\Hotspot-Shield\HSS-1.37-install-anchorfree-76-conduit.exe"
Crack (THEGFW) habe ich mal runtergeladen, aber nie benutzt, weil nicht nötig - ich habe das Spiel im Original. freevideodub.exe habe ich auch nicht installiert, nur mal runtergeladen, als ich mich für Videobearbeitungen interessiert hab. Bei dieser conduit.exe, die ich 2011 mal im Rahmen des Interesses an Hotspots runtergeladen habe, hat jetzt eben Avira Anitivir nichts bemängelt. Kann ich aber, genau wie die anderen, unbesehen löschen (habe ich aber noch nicht, erst auf Anweisung! )Schönen Gruß, Nervbert |
|
10.08.2015, 12:27
| #8 |
| /// the machine /// TB-Ausbilder | Unerwarteter Traffic - up und down Kannste alles löschen, aber wie gesagt, ist alles halb so wild
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
10.08.2015, 12:40
| #9 |
| | Unerwarteter Traffic - up und down Jo, mach ich dann! Ich interpretiere meine Kiste dann jetzt auch als sauberes System (soweit das nach den gelieferten Kenntnissen gesagt werden kann) und nehme die normale Arbeit wieder auf. Uff! Danke für's Stein von der Seele rollen!  grüßt Nervbert |
|
11.08.2015, 08:23
| #10 |
| /// the machine /// TB-Ausbilder | Unerwarteter Traffic - up und down genau Cleanup: (Die Reihenfolge ist hier entscheidend) Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken. Falls Combofix verwendet wurde:  Combofix deinstallieren .
Alle Logs gepostet? Dann lade Dir bitte  DelFix herunter.
Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen. Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst... und/oder das Forum mit einer kleinen Spende  unterstützen.   Absicherung:Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Browser Java Flash-Player PDF-Reader Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank. Meine Empfehlung:  Emsisoft Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen. Optional:  NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.Lade Software von einem sauberen Portal wie  .Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwarecleaner . Abschließend noch ein paar grundsätzliche Bemerkungen: Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems. Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
11.08.2015, 10:35
| #11 | |
| | Unerwarteter Traffic - up und downZitat:
 2: Wird gemacht!  dankt Nervbert |
|
12.08.2015, 08:43
| #12 |
| /// the machine /// TB-Ausbilder | Unerwarteter Traffic - up und down Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Unerwarteter Traffic - up und down |
| aktiv, antimalware, automatisch, browser, down, einfach, einstellungen, festgestellt, free, guten, hilfreiche, jahre, kaspersky, keine updates, löschen, malwarebytes, nichts, online, programme, schule, superantispyware, system, traffic, updates, verbindungen |
+ R Taste und schreibe Combofix /Uninstall in das 
Linear-Darstellung
